last executing test programs:

3m7.766439472s ago: executing program 2 (id=38):
unshare(0x60040200)
syz_usb_connect(0x2, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000755f3220dd1700555ef3010203010902"], 0x0)
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0x3)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r1, 0xffffffffffffffff, 0x0)

3m6.396913366s ago: executing program 2 (id=47):
r0 = syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x0, &(0x7f00000002c0), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
ioctl$EXT4_IOC_GROUP_EXTEND(r0, 0x40086607, &(0x7f0000000040))

3m6.152646428s ago: executing program 2 (id=51):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000100)='./file5\x00', 0x800000, &(0x7f0000000580)={[{@nodiscard}, {@noinline_xattr}, {@memory_low}, {@errors_remount}, {@jqfmt_vfsv0}, {@disable_roll_forward}, {}, {@adaptive_mode}, {@disable_roll_forward}, {@noinline_data}, {@nocheckpoint_merge}, {@age_extent_cache}, {@inline_xattr_size={'inline_xattr_size', 0x3d, 0x8f8}}, {@gc_merge}, {@disable_ext_identify}]}, 0x1, 0x551f, &(0x7f000000e0c0)="$eJzs3M1rI/UbAPAnfdnX/vZXxIO3HViEFjah6cuit6q7+IJdyqoHT5omachukilNmtaePHgUD/4nouDJo3+DB8/exIPiTVAyM9WtL7jQtLHbzwcmz8w33zzzfIdSeGZCAriw5pOffyzFjbgaEdMRMReR7ZeKLbOeh+ci4mZETD22lYrx3wcuRcS1iLgxSp7nLBVvfXp7eGvthzd++uqbyzPXP/vy28mtGpi05yOiu5Pv73fzmLby+LAYrw3bWeyuDouYv9F9VBynedxvbmUZ9mtH82pZXGnl89Odvf4obndq9VFstbez8Z1efsL+sHWUJ/vAw9pudtxobmWx3U+z2DrM6zo4zP+3HfYHeZ5Gke+DLH0MBkcxH28eNPP17DzKYr03KMbzvGmjeTCKwyIWp4t62mlkdWyd5Er/t73Z7u0dJMPmbr+d9pK1SvWFSvVOubqbNpqD5mq51m3cWU0WWp3RtPKgWeuut9K01WlW6ml3MVlo1evlajVZuNvcatd6SbVaWaksldcWi73byav330k6jWRhFF9u9/YG7U4/2U53k/wTi8lyZeXFxeRWNXlrYzPZfHDv3sbm2+/dfff+Sxuvv1JM+ktZycLy0vJyubpUXq4uXqD1f1QU/S/rnzvZJYEnV5p0AQDnj/4fmITT6/93H0Scfv8f+v+xOFf970Xv/09h/XAi+n8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAvru9nPX8t25vPj68X4/4qhZ4rjUkRMRcSvf2M6Lh3LOV3kmf2H+bN/quHrUmQZRue4XGzXImK92H75/2lfBQAAAHh6ffHhzU/ybj1/mZ90QZyl/KbN1Nz7Y8pXiojZ+e/HlG1q9PLsmJJlf98zcTCmbNkNrCtjSpbfcpsZV7YnMn0sXHkslPIwdablAAAAZ+J4J3C2XQgAAABn6eNJF8BklOLoUebRs+Dsm/d/PBC8euwIAAAAOIdKky4AAAAAOHVZ/+/3/wAAAODplv/+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwG/s3E1u2kAUAOBngwv9U1HVfa/SHRyjR+iyy5YD5BIcIAtyhVyAM5BdjhBBhMcQiAhRZBuL6PskM4wZPz8jWMyM9AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGjTXTGf3Pz7eVU3zmpdTzNPAwAAAByzLOaT8s0o9T9X579Wp75X/Swi8og4NnfvxYeDmL0qTvE0/np/fPEsh9uIMsLmHoPq+BQRv6rj4Vvb3wIAAAC8X4vpbJxm6+ll1HVCnFNatMm//G4oXhYRxei+oWj5Jt6Pt13z/8VPNr/vfvytn1apXMAaNhQsLbn1T41o7FZb5d99t2o33Guy1ORHL+u3lhAAAHAGvYPm5CwEAACAi/an6wToRhbbrczdVuAgNdX23seDHgAAAHCBsq4TAAAAAFpXzv/PVP9v/Wr9v4H6fwAAANCGVP8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACANi2L+WQxnY3rxlmt62nmaQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgkf15R4EQCIMw2Lu+M5n7H1YaNDU1qQLh428MBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADe/O4v/yemxplk7rWx9DySrJ0aW6fG3rlx9Ifx9WsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu9uUuBUIYCMJg7/oX38T7H1Ya4iGEKgh8zGQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAL/rNl/8bS+NKsnba2Dq+k+xdNY6uGqMHjXPMPwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPO/fzGkcVBwD8uzs7GxsVY5QcIqLgQS823dbWehIPSvDgnyCEdFtjt/5oc7CliLl4k5x7ET2KCEq89X/ouYVe6q2HHCp4VmZ2JjttA45aZ6bJ5wNv3neH4b3vm4WQ77xJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6YfedWZxkh4Vp3C/O3bx3dT3rbz3QZ65v317OWhb3mkz68fBi9UNvqb1EAAAAODySsr6PiDvpzmrW9xfy+j8tr8lq/u+ensZlPf9g3V/2Ze2ftV9/ufv83kQL03myQc9uTMbHHk5l8P+tstue+dsrBvmdz5+9JPkX0n9/67ndNL+fvW9u3Hh3mIdzTWQLAPwbR8u+CMrfh7J+1GZiABwag0rhXdb/yUK7OQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0YXcrnizjXkQsD2Zx5ta9q+v79de3by+X7dS1a9vx1WzMbIg0Is5uTMbHGl1Nt126fOX82mQyvvjogvm3Iupc/FJEPPrZ6wVvF8s//2GNi+stR9DVoF982V3Jp0YwFxEtp9HiDyUAAA6ktGhZXX8n3VnNzvUWI/78/v76/9VKHDXr/7sfnbpZnata/48aW2H3rWxe+Gzl0uUrr29cWDs3Pjf+5I3jozdHJ06fPHl6JX9WsuKJCQAAAP/NsGjV+r+/+PD+/3wljpr1/+ffjr6szpWo//c12/RrOxMAAIDD7dmX//i9t8/53nAYX6xtbl4cTY97n49Pjy2k+o/NFa1a/yeLbWcFAAAANGF3q3ff/v+ZShw19/+f+uGFn6pjJhFxpNj/P7r+6eRMc8vptCb+nLjtNQIAANCuI0Wr7v+nixGDrf7eKw/9iHjtlWlc/BvAWvV/8t7XP1bnqr7/f6K5JXZSf2l6P/J+KWKw1HZGAAAAHGRPFC0r9n9Ld1Y//nn+g6H3/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACa9lcAAAD///P1OyI=")

3m5.287900245s ago: executing program 2 (id=54):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./file1\x00', 0x0, &(0x7f0000000140), 0x3, 0x4cd, &(0x7f0000000c80)="$eJzs3M9vFGUfAPDvbHdpgZfXioiCKAU0Nia2UFA4eMHExIMmRjzIsWkrQRYwtAchREpi8Ezi3Xg03jTxqkfjyT8ADx5MDAkxXABPa2Z3pt3ur+7CtqXs55Ns+zwzz8zzPDPzzD77PDsbwMAaS/8kEf+LiFsR8VQtujLBWO3f/btXZx7cvToTi5XKqX+Sarp7aTyTb7c9i4wXIgpfJg07rJm/fOXcdLk8dymLTy6c/2xy/vKV18+enz4zd2buwtSJE8eOHjn+5tQbvVeqRX5pve7t/eLivj3vnr75/kwxXz6S/a+vR1vF3oox1mHdK73t6rG3oy6cNB+na+taGLo2kl3WpbT9Xy0fPL3RBQLWTaVSqQy3X71YaXS9aQmwaSWx0SUANkb+Rp9+/s1f69T1eCzcOVn7AJTW+372qq0pRiFLU2r4fNtPYxHx8eK/36Sv6DQO8ecaFQAAGDi/nMx7go39v0Lsrkv3/2wOZTQino6InRHxTETsiohnI6ppn4uI5xszSCIqHfLf1RBfzv/HbBahcPuRK9lB2v97K5vbWtn/y3t/MTqUxXZE5B3mucPZMRmP0vAnZ8tzR9rsf8sq+df3/9JXmn/eF8zKcbvYMEA3O70w/XC1bXbnesTeYmP9k2J64vJpnCQi9kTE3h72O1oXPvvad/uWIqWV6Vavf1WlxZRez/NxrVS+jXi1dv4XY8X5X84x6Tw/OTkS5bnDk+lVcLhlHr/9fuODdvmvWv+f/mrc5J3jP5961GovSc//trrrP/L52+X6jyYRydJ87XxEZai3PG788VV1v2OHmtc97PW/JfmoGs7b1+fTCwuXjkRsSd5rXj61vG0ez9On9R8/1Lr978y2SY/ECxGRXsQvRsRLEbE/K/uBiDgYES2qtuTXt1/+tN26Lq//NZPWf7bl/W/F+V+er+8ykG+cLhk6d+DWgzY3j+7O/7FqaDxb0vr+l6y4RXRb0kc7egAAALA5FKL63f/CxFK4UJiYqI0B7YpthfLF+YX9EXFhtvaMwGiUCvlIV208uJTk45+jdfGphvjRbNz466Gt1fjEzMXy7EZXHgbc9mqbT5raf+rvHsd5gU2oD/NowCa1WvvffXOdCgKsO+//MLjq2v9imySLvikDTybv/zC4WrX/a/F9x2cX3DNg86toyzDQtH8YXMX4cClcfey55dO2wJPI+z8MpF6f6+8tUBluvWokWvxiwMjaFGNri7w2JJD2rPq4w1JEdJd468NkkXcB2//CQ6G3HQ5H86qh6LRV0sPvOOSB9KismvjM7r5f/PlvovT7svlhuZ2WujzdfQpsyO0IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg7/4LAAD///QJ1ng=")
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='configfs\x00', 0x0, 0x0)
chroot(&(0x7f0000000000)='./file0/../file0\x00')
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x60)
getdents64(r0, 0x0, 0x22)

3m5.125736149s ago: executing program 2 (id=57):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000f8ffffff000000008e000000850000007b000000180100006f68177600000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000fcffffff850000007100000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x40}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

3m4.642891822s ago: executing program 2 (id=62):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x43, 0x0, 0x0)

3m3.818992441s ago: executing program 32 (id=62):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x43, 0x0, 0x0)

2m40.013703354s ago: executing program 1 (id=263):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000008c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000980)={&(0x7f00000002c0)={0x44, r1, 0x1, 0x4, 0x0, {{}, {@val={0x8, 0x1, 0x200004}, @val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFNAME={0x14, 0x4, 'pim6reg0\x00'}, @NL80211_ATTR_IFTYPE={0x8, 0x5, 0xa}, @mon_options=[@NL80211_ATTR_MNTR_FLAGS={0x4}]]}, 0x44}}, 0x0)

2m39.953040873s ago: executing program 1 (id=266):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'sha256\x00'}, 0x58)
r1 = accept(r0, 0x0, 0x0)
recvmmsg$unix(r1, &(0x7f0000000ec0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x40000000, 0x0)

2m39.885463754s ago: executing program 1 (id=267):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@newlink={0x20, 0x10, 0x40d, 0x70bd2a, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x40}}, 0x20}}, 0x8000)
r1 = socket(0x1, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@newlinkprop={0x20, 0x6c, 0x1, 0x70bd2c, 0x25dfdbfb, {0x0, 0x0, 0x0, r2, 0x10000, 0x40000}}, 0x20}}, 0x0)

2m39.535297343s ago: executing program 1 (id=268):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000003c0), 0x3, 0x572, &(0x7f00000006c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwIF6kCCIWxD/Au8fiH6B/RUELRUrQg5fIbGbbbZLNJunWbJ3PB6Z9b2ayb96++b79zs4uG0BhjWT/lCJejoivk4iDbdsGI984srLf0sNrk9mSxPLyJ38mkeTrWvsn+f/788pLEfHLFxHHS2vbrS8szlSq1XQur482Zi+P1hcWT1ycrUyn0+ml8YmJU29NjL/7zts96+vr5/7+7uO7H5z66ujStz/dP3Q7iTNxIN/W3o+ncKO9MhIj+XMyFGdW7TjWg8b6SbLTB8C2DORxPhTZHHAwBvKoB/7/rkfEMlBQifiHgmrlAa1r+x5dBz83Hry/cgG0tv+DK++NxJ7mtdG+peSJK6Psene4B+1nbfz8x53b2RJd3oe43oP2AFpu3IyIk4ODa+e/JJ//tu9k883jja1uo2ivP7CT7mb5zxvr5T+lR/lPrJP/7F8ndreje/yX7vegmY6y/O+9dfPfR1PX8EBee6GZ8w0lFy5W05MR8WJEHIuh3Vl9o/s5p5buLXfa1p7/ZUvWfisXzI/j/uDuJ/9mqtKoPE2f2z24GfHK4/w3iTXz/55mrrt6/LPn41xW+PXLrm0cSe+82mlb9/63630GvPxjxGvrjv/jO1rJxvcnR5vnw2jrrFjrr1tHfuvU/tb633vZ+O/buP/DSfv92vrW2/hhzz9pp23bPf93JZ82y7vydVcrjcbcWMSu5KO168cf/22r3to/6/+xoxvPf+ud/3sj4rNN9v/W4Vsdd+2H8Z/a0vhvvXDvw8+/79T+5sb/zWbpWL5mM/PfZg/waZ47AAAAAAAA6DeliDgQSan8qFwqlcsrn+84HPtK1Vq9cfxCbf7SVDS/KzscQ6XWne6DbZ+HGMs/D9uqj6+qT0TEoYj4ZmBvs16erFWndrrzAAAAAAAAAAAAAAAAAAAA0Cf2d/j+f+b3gZ0+OuCZ85PfUFxd478Xv/QE9CWv/1Bc4h+KS/xDcYl/KC7xD8Ul/qG4xD8Ul/gHAAAAAAAAAAAAAAAAAAAAAAAAAACAnjp39my2LC89vDaZ1aeuLMzP1K6cmErrM+XZ+cnyZG3ucnm6VpuupuXJ2my3x6vWapfHxmP+6mgjrTdG6wuL52dr85ca5y/OVqbT8+nQf9IrAAAAAAAAAAAAAAAAAAAAeL7UFxZnKtVqOqfQsXA6+uIwtl1Iuo3y6fxk2NIjR14Y3PkOKjyDwg5PTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ5t8AAAD//8nLNLM=")
setxattr$trusted_overlay_upper(0x0, &(0x7f00000001c0), &(0x7f0000001400)=ANY=[], 0x835, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000000e00000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x31)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000680)={&(0x7f0000000000)='tlb_flush\x00', r0}, 0x10)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = open(&(0x7f00000003c0)='.\x00', 0x100, 0x97)
getdents(r1, &(0x7f0000001fc0)=""/184, 0xb8)

2m39.395539945s ago: executing program 1 (id=269):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x0, &(0x7f0000000140)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@init_itable_val={'init_itable', 0x3d, 0xb5}}, {@resuid}, {@lazytime}]}, 0x1, 0x445, &(0x7f0000000200)="$eJzs28tvG0UYAPBv105KX8RU5dEHECiIikfSpKX0wAEQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJX4IwqVSiXFk5Ga+82jmunSbDrEP9+0tYzu+POfJ4de3YnG8DAGs3+SSJ2RMRvETHSyC4vMNp4ubF4cfrvxYvTSdRqb/6V1MtdX7w4XRQt3re9yJQj0k+T2Nem3vnzF05PVauz5/L8+MKZ98bnz1945tSZqZOzJ2fPTh47duTwxHNHJ5/tSpxZXNf3fji3f8+rb195ffr4lXd++iYp4m+Jo0tG2+4tN14er9W6XF1/7WxKJ+U+NoQ1KeWn5FB9/I9EKZY6byRe+aSvjQN6qlar1e7rfPhSDdjEkuh3C4D+KH7os+vfYrtDU48N4dqLjQugLO4b+dY4Uo40LzPUcn3bTaMRcfzSP19mW7Teh9jao0oBgIH2XTb/ebrd/C+N5vtCd+drKJWIuCcidkXE0YjYHRH3RtTL3h8RD6yx/tZFklvnn+nVdQW2Stn87/l8bWv5/K+Y/UWllOd21uMfSk6cqs4eyj+TgzG0JctPrFDH9y//+nmnY83zv2zL6i/mgnk7rpa3LH/PzNTC1H+Judm1jyP2ltvFn9xcCUgiYk9EvLDOOk49+fX+Tsc6xD+8qv+4C+tMta8inmj0/6Voib+QrLw+OX5XVGcPjRdnxa1+/uXyG53qv33/91bW/9vanv9F/H9Ukub12vm113H59886XlOu9/wfTt5atu+DqYWFcxMRw8lr9Xylef9kS7nJpfJZ/AcPtB//u2Lpk9gXEdlJ/GBEPBQRD+dtfyQiHo2IAyvE/+NLj727/vh7K4t/ZsX+j5b+X0oMR+ue9onS6R++XVZpZS3xZ/1/pJ46mO9Zzfffatq1vrMZAAAA/n/SiNgRSTp2M52mY2ONv+HfHdvS6tz8wlMn5t4/O9N4RqASQ2lxp2uk6X7oRH5ZX+QnW/KH8/vGX5S21vNj03PVmX4HDwNue4fxn/mz1O/WAT3neS0YXMY/DC7jHwaX8Q+Dq8349+gZDIh2v/8f9aEdwJ3XMv5XXPYzMYDNxfU/DC7jHwaX8Q8DaX5r3P4h+c2RSCNiAzRjsyQi3RDNkOhRot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//ynflmQ==")
statx(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x2000, 0x2dd8806920477201, &(0x7f00000003c0))

2m38.988233006s ago: executing program 1 (id=275):
r0 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5)
ioctl$SG_GET_ACCESS_COUNT(r0, 0x2289, &(0x7f00000000c0))

2m38.258504173s ago: executing program 33 (id=275):
r0 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5)
ioctl$SG_GET_ACCESS_COUNT(r0, 0x2289, &(0x7f00000000c0))

32.422934523s ago: executing program 3 (id=1571):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r0, 0x0, 0xd}, 0x18)
add_key(&(0x7f0000001580)='cifs.idmap\x00', &(0x7f00000015c0)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffd)

32.342283793s ago: executing program 3 (id=1572):
mkdir(&(0x7f0000000040)='./file0\x00', 0x80)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x80, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f0000000440)='./bus\x00')
open(0x0, 0x80242, 0x1df2a23c5997fa5f)
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x1)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$qrtrtun(r0, &(0x7f0000000380)="ca091cc2e088", 0xffe3)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r1, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=[0x7, 0x5], 0x0, 0x0, 0x2}}, 0x40)

32.240221638s ago: executing program 3 (id=1574):
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='stat\x00')
preadv(r0, &(0x7f0000000080)=[{0x0}, {&(0x7f00000001c0)=""/186, 0xba}], 0x2, 0x0, 0x4000000)

32.109742785s ago: executing program 3 (id=1578):
syz_mount_image$udf(&(0x7f00000000c0), &(0x7f0000000180)='./file0\x00', 0x3810082, &(0x7f0000001880)={[{@noadinicb}, {@gid}, {@dmode={'dmode', 0x3d, 0x4}}, {@rootdir={'rootdir', 0x3d, 0x400}}, {@iocharset={'iocharset', 0x3d, 'cp1251'}}, {@gid_forget}, {@gid_ignore}, {@iocharset={'iocharset', 0x3d, 'cp850'}}, {@longad}]}, 0xfd, 0xc32, &(0x7f0000001a40)="$eJzs3U1sXNd9N+D/uRyKI/l9KyZ2FCeNi0lbpLJiufqKqViFO6pptgFkWQjF7AJwJI7UgSmSIKlGNtKC6aaLLgIURRdZEWiNAikaGE0RdMm0LpBsvCiy6opoYSMoumCLAFkFLO6dM9KQIm1GFCVKeh6b+s3ce86dc+4Z3ysLOvcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABDxe6+dP3EyPexWAAAP0sXxr5445f4PAE+Uy/7/HwAAAAAAAAAAAAAA9rsURTwdKeYurqXJ6n1X/UJn8OatidGxrasdTFXNgap8+VM/eer0mS+9NHK2lxc6Mx9R/377bLwxfvl849XZG3Pz7YWF9lRjYqZzdXaqveMj7Lb+ZseqE9C48ebNqWvXFhqnXjy9Yfet4Q+HnjoyfG7k+ePP9cpOjI6Njd8pUu8vX7vnhnRtN8PjQBRxPFK88L2fplZEFLH7c1F/sGO/2cGqE8eqTkyMjlUdme60ZhbLnZd6J6KIaPRVavbO0dZjEbXBB9qH7TUjlsrmlw0+VnZvfK4137oy3W5cas0vdhY7szOXUre1ZX8aUcTZFLEcEatDdx9uMIqoRYrvHF5LVyJioHcevlhNDN6+HcUe9nEHynY2BiOWi0dgzPaxoSji9Ujxs/eOxtV8namuNV+IeL3MH0S8U+YrEan8YpyJ+GCL7xGPploU8efl+J9bS1PV9aB3XbnwtcZXZq7N9pXtXVd+yfvDXVeKh3R/OLgpH4x9fm2qRxGt6oq/lu79NzsAAAAAAAAAAAAAAAAA3G8Ho4jPRIrX/u2PqnnFUc1LP3xu5PeH/3//nPFnP+Y4ZdkXI2Kp2Nmc3AN5YuCldCmlhzyX+ElWjyL+OM//+9bDbgwAAAAAAAAAAAAAAAAAAMATrYifRIqX3z+alqN/TfHOzPXG5daV6e6qsL21f3trpq+vr683UjebOSdzLuVczrmSczVnFLl+zmbOyZxLOZdzruRczRkDuX7OZs7JnEs5l3Ou5FzNGbVcP2cz52TOpZzLOVdyruaMfbJ2LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46SIIn4RKb79jbUUKSKaEZPRzZWhh906AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA0lIr4fqRo/EHz9rZaRKTq366j5S9nonmgzE9Gc6TMV6J5PmerylrzWw+h/ezOYCrix5FiqP7u7QHP4z/YfXf7axDvfPPOu8/WujnQ2zn84dBTRw6fGxn7tWe3e522asCxC52Zm7caE6NjY+N9m2v50z/Zt204f25xf7pORCy89fabrenp9vy9vyi/Aruo/gi9SLUnpadeVC+iti+a8XD6zhOgvP9/ECl++/1/793wu/f/evy/7rvbd/j4+Z/cuf+/vPlAO7z/1zbXy/f/8p6+1f3/6b5tL+ffjQzWIuqLN+YGj0TUF956+3jnRut6+3p75syJE18eGfny6RODByLq1zrT7b5X9+V0AQAAAAAAAAAAAAAAADw4qYjfjRStH6+lRkTcquZrDZ8bef74cwMxUM232jBv+43xy+cbr87emJtvLyy0pxoTM52rs1PtnX5cvZruNTE6tied+VgH97j9B+uvzs69Nd+5/oeLW+4/VD9/ZWFxvnV1691xMIqIZv+WY1WDJ0bHqkZPd1ozVdVLW06m/+UNpiL+I1JcPdNIn8/b8vz/zTP8N8z/X9p8oD2a//+Jvm3lZ6ZUxM8jxW/9xbPx+aqdh+Kuc5bL/U2kOHb2c7lcHCjL9drQfa5Ad2ZgWfZ/IsU//GJj2d58yKfvlD254xP7iCjH/3Ck+P6ffTd+PW/b+PyHrcf/0OYD7dH4P9O37dCG5xXsuuvk8T8eKV55+t34jbzto57/0Xv2xtFc+PbzOfZo/D/Vt204f+5v3p+uAwAAAAAAAAAAPNIGUxF/Gyl+OFZLL+VtO/n7f1ObD7RHf//r033bpu7PekUf+2LXJxUAAAAA9onBVMRPIsX1xXdvz6HeOP+7b/7n79yZ/zmaNu2t/pzvV6rnBtzPP//rN5w/d3L33QYAAAAAAAAAAAAAAAAAAIB9JaUiXsrrqU9W8/mntl1PfSVSvPZfL+Ry6UhZrrcO/HD1a/3i7Mzx89PTs1dbi60r0+3G+Fzrarus+0ykWPvrz+W6RbW+em+9+e4a73fWYp+PFGN/1yvbXYu9tzb5M72yS+2TZdlPRIr//PuNZXvrWH/qznFPlWX/KlJ8/Z+2LnvkTtnTZdnvRooffb3RK3uoLNt7Puqn75R98epssQejAgAAAAAAAAAAAAAAAAAAwJNmMBXxp5Hiv28s357Ln9f/H+x7W3nnm33r/W9yq1rnf7ha/3+71/ey/n/1XIGl7T4VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTymKeDtSzF1cSytD5fuu+oXOzM1bE6NjW1c7mKqaA1X58qd+8tTpM196aeRsLz+6/v32mXhj/PL5xquzN+bm2wsL7anGxEzn6uxUe8dH2G39zY5VJ6Bx482bU9euLTROvXh6w+5bwx8OPXVk+NzI88ef65WdGB0bG+8rUxu850+/S9pm+4Eo4i8jxQvf+2n64VBEEbs/Fx/z3dlrB6tOHKs6MTE6VnVkutOaWSx3XuqdiCKi0Vep2TtHD2AsdqUZsVQ2v2zwsbJ743Ot+daV6XbjUmt+sbPYmZ25lLqtLfvTiCLOpojliFgduvtwg1HEm5HiO4fX0j8PRQz0zsMXL45/9cSp7dtR7GEfd6BsZ2MwYrn4qDHbosNsMBRF/GOk+Nl7R+NfhiJq0f2JL0S8XuYPIt6J7nin8otxJuIDp/WxUYsi/rcc/3Nr6b2h8nrQu65c+FrjKzPXZvvK9q4rj/z94UHa5/eTehTxo+qKv5b+1X/XAAAAAAAAAAAAAAAAAPtIEb8aKV5+/2iq5gffnlPcmbneuNy6Mt2d1teb+9ebM72+vr7eSN1s5pzMuZRzOedKztWcUeT6OZtl1tfXJ/P7pZzLOVdyruaMgVw/ZzPnZM6lnMs5V3Ku5oxarp+zmXMy51LO5ZwrOVdzxj6ZuwcAAAAAAAAAAAAAAAAAADxeiuqfFN/+xlpaH6rWlx7o7VuxHuhj7/8CAAD//0pa+Ck=")
syz_mount_image$fuse(0x0, &(0x7f0000000200)='./file1\x00', 0x4000, 0x0, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000ac0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@uuid_off}]})

31.984674425s ago: executing program 3 (id=1581):
syz_emit_ethernet(0x72, &(0x7f0000000440)=ANY=[@ANYBLOB="0180c2000000aaaaaaaaaabb86dd60004000003c3c01207fdd25ef0000000000000040000000ff0200000000000000000000000000010004000000000000c91000000000000000000000ffff"], 0x0)

31.671915601s ago: executing program 3 (id=1583):
syz_usb_connect$uac1(0x0, 0xad, &(0x7f0000000300)=ANY=[@ANYBLOB="12010000000000106b1d010140000102030109029b0003010000000904000000010100000a2401000000020102092408000000004c58062404000052072405000053f10b24050000133b9bda531c092405fc0596efc359090401000001020000090401010101020000090501090000000000072501000600000904020000010200000904020101010200000b2402017f0200018b7e8e072401000000000905820910000000000725"], 0x0)

31.459061672s ago: executing program 34 (id=1583):
syz_usb_connect$uac1(0x0, 0xad, &(0x7f0000000300)=ANY=[@ANYBLOB="12010000000000106b1d010140000102030109029b0003010000000904000000010100000a2401000000020102092408000000004c58062404000052072405000053f10b24050000133b9bda531c092405fc0596efc359090401000001020000090401010101020000090501090000000000072501000600000904020000010200000904020101010200000b2402017f0200018b7e8e072401000000000905820910000000000725"], 0x0)

3.535581344s ago: executing program 5 (id=1829):
syz_usb_connect$cdc_ecm(0x6, 0x0, 0x0, &(0x7f0000000300)={0xa, &(0x7f0000000000)={0xa, 0x6, 0x300, 0x9, 0x4, 0x3, 0x8, 0x4}, 0x0, 0x0})
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="043e"], 0xf8)

2.980021899s ago: executing program 5 (id=1834):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f00000016c0), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_GET(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000001740)={&(0x7f0000000100)={0x34, r1, 0xf1aad47e89fb43b5, 0x70bd2c, 0x25dfdbff, {}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}}, 0x40)

2.880140979s ago: executing program 5 (id=1835):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
getrandom(&(0x7f0000000000)=""/64, 0x40, 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
execveat(0xffffffffffffff9c, 0x0, 0x0, 0x0, 0x0)
symlink(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', &(0x7f0000000000)='./file1\x00')
symlink(0x0, &(0x7f0000000240)='./file0\x00')
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x2, 0x2172, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000002000/0x1000)=nil, 0x1000, 0x2000, 0x3, &(0x7f0000ffb000/0x2000)=nil)
syz_open_procfs(0x0, &(0x7f0000000440)='net/route\x00')
process_vm_writev(r0, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = socket(0x10, 0x3, 0x0)
write(r3, &(0x7f0000000180)="2000000012005f0214f9f4070000fbe40a0000000000", 0x41d)

2.310335013s ago: executing program 4 (id=1836):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
add_key$keyring(&(0x7f0000000000), &(0x7f0000000380)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffe)

1.938760566s ago: executing program 5 (id=1839):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa407, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
r0 = syz_open_dev$vim2m(0x0, 0x0, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000000)={0x6, 0x1, 0x1, 0x0, 0x3})
ioctl$vim2m_VIDIOC_STREAMOFF(r0, 0x40045612, &(0x7f0000000040)=0x1)
ioctl$vim2m_VIDIOC_DQBUF(r0, 0xc0585611, &(0x7f0000000580)=@multiplanar_overlay={0x7, 0x1, 0x4, 0x4, 0x1, {0x77359400}, {0x4, 0x1, 0x65, 0x0, 0x3, 0x5, "9d874313"}, 0x9, 0x3, {0x0}, 0x2, 0x0, <r1=>0xffffffffffffffff})
ioctl$vim2m_VIDIOC_QBUF(r0, 0xc058560f, &(0x7f0000000180)=@multiplanar_fd={0x9, 0x2, 0x4, 0x0, 0x401, {0x77359400}, {0x5, 0x8, 0x1, 0x8, 0x9, 0xff, "39dd9e73"}, 0xfffffc01, 0x4, {&(0x7f0000000480)=[{0x10, 0xffffffff, {}, 0x401}, {0x48a, 0x8, {}, 0x4}]}, 0x2, 0x0, r1})
syz_emit_ethernet(0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
recvmmsg$unix(r2, &(0x7f0000004a40)=[{{0x0, 0x0, 0x0}}], 0x1, 0x10021, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x1000008, 0x4000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(r4, 0x6, 0xe, &(0x7f0000000300)={@in6={{0xa, 0x4e24, 0x20002, @local, 0x8}}, 0x0, 0x0, 0x3f, 0x0, "ee8b0e650926a96ecc136e7fb980e989db9e8bf9b93129488f651a8de213eb94cd46e19d9c65a018444a131f4da58ae36556dd38ea6c029607462029add09240005c6776267517308a3d40aa1c788df6"}, 0xd8)
bpf$PROG_LOAD(0x5, &(0x7f0000001080)={0x6, 0x3, &(0x7f00000006c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
connect$inet6(r4, &(0x7f0000000100)={0xa, 0x0, 0x0, @loopback}, 0x1c)
r5 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r5, &(0x7f0000000040)={0x0, 0x20, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0)

1.659278658s ago: executing program 4 (id=1842):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
futex(&(0x7f000000cffc)=0x1, 0xd, 0x0, &(0x7f0000000000)={0x77359400}, 0x0, 0x0)

1.389942433s ago: executing program 0 (id=1844):
r0 = socket$pptp(0x18, 0x1, 0x2)
connect$pptp(r0, &(0x7f0000000080)={0x18, 0x2, {0x0, @rand_addr=0x64010102}}, 0x1e)

1.299004043s ago: executing program 0 (id=1845):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)=@bridge_setlink={0x2c, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r1}, [@IFLA_AF_SPEC={0xc, 0x1a, 0x0, 0x1, [@AF_INET={0x8, 0x3, 0x0, 0x1, {0x4, 0x5}}]}]}, 0x2c}}, 0x0)

1.216004318s ago: executing program 0 (id=1846):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x3000004, 0x3032, 0xffffffffffffffff, 0x0)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_opts(r0, 0x29, 0x4d, &(0x7f0000000140)=ANY=[@ANYRESDEC], 0x8)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0xffff, 0x0, @mcast2, 0x9}, 0x1c)
sendto$inet6(r1, &(0x7f0000000300), 0x5aa, 0x0, 0x0, 0xfffffffffffffdfd)
socket$inet6_sctp(0xa, 0x5, 0x84)
recvmmsg(r0, &(0x7f00000009c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000003ac0)=""/4096, 0x1000}, 0x4}], 0x1, 0x40000120, 0x0)

630.413983ms ago: executing program 4 (id=1847):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000100)={0x20000014})
epoll_wait(r1, &(0x7f0000000280)=[{}], 0x1, 0x4000005)

508.463587ms ago: executing program 4 (id=1848):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000004c0)='bic\x00', 0x1)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f00000000c0)=0x201001, 0x4)

476.864816ms ago: executing program 5 (id=1849):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f00000004c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x24, 0x24, 0xb, [@struct={0x7, 0x2, 0x0, 0x4, 0x0, 0xffffffff, [{0x0, 0x5}, {0x8}]}]}, {0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2e, 0x2e, 0x2e]}}, &(0x7f0000000340)=""/129, 0x47, 0x81, 0x1}, 0x20)

389.979053ms ago: executing program 4 (id=1850):
r0 = landlock_create_ruleset(&(0x7f0000000500)={0x21c1, 0x3, 0x3}, 0x18, 0x0)
landlock_restrict_self(r0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = landlock_create_ruleset(&(0x7f0000000080)={0x12}, 0x18, 0x0)
landlock_restrict_self(r3, 0x0)
bind$unix(r2, &(0x7f0000003000)=@file={0x1}, 0x6e)
r4 = landlock_create_ruleset(&(0x7f0000000080)={0x8000}, 0x18, 0x0)
landlock_restrict_self(r4, 0x0)
listen(r2, 0x0)
connect$unix(r1, &(0x7f0000000640)=@file={0x1}, 0x6e)

389.610246ms ago: executing program 5 (id=1851):
sendmsg$WG_CMD_SET_DEVICE(0xffffffffffffffff, &(0x7f0000001000)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f0000000000)=ANY=[@ANYBLOB="ec000000", @ANYRES16, @ANYBLOB="01000000000000000000010000000800050001000000140002007767310000000000000000000000000024000300a0cb879a47f5bc644c0e693fa6d031c74a1553b6e901b9ff2f518c78042fb5420800050000000000900008808c00008024000100975c9d81c983c8209ee781254b899f8ed925ae9f0923c23c62f53c57cdbf691c640009801c000080060001000200000008000200ffffffff050003"], 0xec}, 0x1, 0x0, 0x0, 0x4084}, 0x20000010)
syz_usb_connect$cdc_ncm(0x4, 0xd1, &(0x7f0000000040)=ANY=[], 0x0)
semget$private(0x0, 0x5, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101842, 0x11)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000380)={0x18, 0x7, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000e50003000000000085100000fcffffff250000001000000006000300faff"], &(0x7f0000000140)='GPL\x00', 0x1, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x80000}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}, {@redirect_dir_nofollow}], [], 0x2c})
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x8800, 0x8)
syz_mount_image$fuse(0x0, &(0x7f0000000580)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
renameat2(r2, &(0x7f0000000380)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', r3, &(0x7f0000000040)='./file1\x00', 0x2)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60005f, 0x3)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
syz_usb_connect(0x3, 0xf5, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000772aed408680070bb96c010203010902e30003dc2000000904003f000e01000505a40600010524007f000d240f0104000000080000000006241a03000a05240101070424020a1524120009a317a88b045e4f01a607c0ffcb7e392a09044c03003a92a2010a240109000102010205240401050c2402"], 0x0)

339.988292ms ago: executing program 4 (id=1852):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000100)='./file1\x00', 0x8c0, &(0x7f0000000600)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6469725f726573765f6c6576656c3d30303030303030303030303030303030303030332c726573765f6c6576656c3d30303030303030303030303030303030303030362c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c636f686572656e63793d66756c6c2c6e6f61636c2c004c98065b85e5b137d63b2211c62c402045083da9bddc3b0d88d44ecd24ba5288d428197284f332858b83349af2c7646f1e07e91120d7f23ce20389bbc031d81d654f1ca08f61c92d90e6ea478843c1ad942c7c257f9ff5348dd038e947775991ad90f8861dada21d5fa2de7042b5e2cbbcd1ada2b568e375812eb0bc448e68eda4c70cf1d5adf566142ed45924fe72a1eb1a914faf754b9d94bf0fdc1f98c708bd89940b5ef96e328240c39559b35bc83c15c15104f3b3fe1945f0278c34e2399dadcd9776ac659afcbb239569140ab408ad87f15b353941"], 0x1, 0x4423, &(0x7f0000004480)="$eJzs3c9PHGUfAPBnBt630LdvX+jbQ01M3MQmGjUEelJpIqW0FFqsqbYxXrYLbFt0YRtYjIce8NbEk4kH46HRxBunhoPX+id48VjPTfTgxcSkEbO7s8DMsmVFFmzz+SRlmOc3+5159pnD9IkTlVtzS7m5pVxhIVeeubF0KvdxubQ8XwzxPjno/mlPJ+Ik9gfn8tnz7147FcL3sz8+Wl8/FJ5kaMvvv/16Z2brsSHO1Km2+8RG/7YPQgjHm8ZV1RVCeP+7EKIQwpkkbTQ59oYQjoZ63rU7n13P7dFo7j8sns4/nrq7NnxycvXeWuu/PQrhq9Jzr92c//nFruGfXtmj7gEAAAAAAAAAAAAAAAAAeMqNX7l89Z3BofAgCt2rUfP7uuPJsdX7set75oXO/7EAAAAAAAAAAAAAAAAAAADwD7X5/n8uOrbN+/9jyXGkRf31tzo/Rjpn4u3LY+cGh5L936Om/NeTpF/OdIX+bfZ9z+7/fiZTf/v935v72a3G+Br99oUoHkidx/HAQAjfJBu/n4gOx6XyUuXVG+Xlhdk9G8ZTKx3/+u79qegkG/q3G//RTPud3////01XU/X8+t5dYs+0dPy7Wpb79tOorfifzdTbj/ize+n4d9fSercWGKlPANX4f969c/zHMu13Kv5HQwi5qDrW3OYM0Lh8o9brFdLS8f9XLS3anPY3PshW9//vmfify7R/UPP/SvaLiG2l4//vWlpPqsTm/d8f73z/n8+0fxDxr45/xfd/W9LxP1RP7E4VqX2S7c7/45n2OxX/q3EyzqNR6gpYjerprf6/OtLS8e9pyt98/ovbWv9dyNTfr+e/Rr+N57/G9P9yVH/+Y3vp+Pe2LNfu/T+Rqdfp+X+ktv5jt9LxP1xLS6+d+2o/243/ZKb9TsW/tirpacR/cz7541A9/Wvrv7ak4/+femK8tcRK7Wdt/RftvP6/mGn/INZ/1fGvxJ3t9VmRjv+RluWq8f+hje//S5l6nY9/CIPW+ruWjn9oedfU7v+eneM/lanX6fi/1MnGAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ4Co8mxL0TxQOo8jgcGQjibnJ8Ih6Ppwmx+ulSe+WgphLEkPReORTdL5elCKT+3UJ4t5gulUnkmhHNJ/vHQEy2VypX8fOH2+Y22eqNbxcJiZbpYqIQQxpP058N/G21Nz1XmC7dDCBc28v4Xlxdv3yos5GfnFt8cHBwcDBMbY+iPip9UiguVeu/13BAmN+r2RVsGV8u+uDGWI9GH5eXFhUKpln5pS51SeaZQ2lJnKsn7IvRHlcXlhZlCpZgvlW82+jtII8lxbOLKe1cuDTXlX4/qx9H9HRYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAf9GD4Te+DCF018/iEEIuSn6Jkn8p9x8WT+cfT91dGz45uXpv7dF2ZQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAP9mBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCLh2jRAxEYQB+MyJaegyrkHS2EUW0MCJ4Aj2Gh9GjeAnvYGFha7EsbCYQkg2k2a2+r3kkPzPvwTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFjv7rl7eaqbiBTnm7OIr7fvn3H+UOrH9f7zJ0eYkcO5f+xubuumvHua5Vfl12+bd+n/3/tr9PU0Rt+Dz8meTPepN+8ztbRvS/MNfS8i5Soi2pJfppyrat1dAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCWHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzAsQAAAACAMH/rKPo2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+BUAAP//G68cwA==")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0)
setxattr$security_ima(&(0x7f0000000100)='./file1\x00', &(0x7f0000000140), &(0x7f00000013c0)=ANY=[], 0x700, 0x0)
lsetxattr$security_ima(&(0x7f00000002c0)='./file1\x00', &(0x7f0000000300), &(0x7f0000000340)=@ng={0x4, 0x12}, 0x2, 0x1)

228.7015ms ago: executing program 0 (id=1853):
syz_mount_image$vfat(&(0x7f00000001c0), &(0x7f0000000340)='./file1\x00', 0x800442, &(0x7f0000000040)={[{@uni_xlate}, {@shortname_mixed}, {@fat=@sys_immutable}]}, 0xfc, 0x396, &(0x7f0000000540)="$eJzs3b9vG1UcAPBv3DTpD6XOgJBAQjzBAouVhn+ACLUSIqgoNKgwIF2JU6w4ceSzglwhpRsrf0fFBhsSYmTJwsDGxpYFMWWoMIp9SRPjpqlV143y+UiJv8m7773v3bs7veX8du98v762mldWs1aU3k9RiojSXsRsN+qZKD5L3XgqjnoQ75bv/PnGp1fjo4XFxRtLKd1cuP3efErp2pu/fPPtD2/92rr62U/Xfp6Ondkvd/+e/2vn1Z3Xdv+9/XUtT7U8bTRaKUt3G41WdrdeTSu1fK2S0if1apZXU20jrzaPta/WG5ub7ZRtrMxc2WxW8zxlG+20Vm2nViO1mu2U3ctqG6lSqaSZK3G+DHO8yw+XlrKFERTDS6TZXMj27+Hpw/9cjujex8sPx1oYADAWz2v+//kXp5///1PsesD8/6CrZ5z/X4iI8z7/H8Yp5/8PXkgxjMj+/H+quH+PM/8HAAAAAAAAAAAAAICzYK/TKXc6nfLBized4u+DnzGXx4gdjP9e37g/dfz//zIJZ9DjF/f2x7r+3dby1nLvs9e+sBq1qEc15qIcj7rPh0Ivvvnh4o251DUbM+vbvfz17a3SheP516Mcs335l6Kbfz2l1NlO6Vj+8sXuN1oc5s9HOV4Z3P98r/++/Kl45+0j+ZUox+9fRSPqsdJ9zkX88WPExeI8fHBrsS9/ursdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOdDJR06tn7/YXtlcPv+7zi6Pv9clOPR4PX55wauzz8Zr0+O8cABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Ii8fX8tq9erzSGCiYgY0BSliOF2WASdwtCF9QUTJ2wz+dRSS/GcyjghiBh5F88S7F8YA5omimvmJahw1MHHt367N6IuLkWccEVdLs7x+E/C+J5JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMC6PF/0edyUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACMU96+v5bV69XmkMHkKfbzpL5LL+4wAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAzoz/AgAA//+vJAeT")

47.370438ms ago: executing program 0 (id=1854):
syz_open_dev$MSR(0x0, 0x100000001, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x0)

0s ago: executing program 0 (id=1855):
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r0 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000080), 0x800, 0x0)
ioctl$PTP_SYS_OFFSET(r4, 0x43403d05, &(0x7f00000002c0)={0x12})
connect$bt_rfcomm(r0, &(0x7f00000001c0)={0x1f, @any, 0xb}, 0xa)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r6=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
r7 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)={0x10, 0x140f, 0x1, 0x1}, 0x10}, 0x1, 0x0, 0x0, 0x4040011}, 0x4000810)

kernel console output (not intermixed with test programs):

d
[  117.336014][ T7358] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm
[  117.338931][ T7358] BTRFS info (device loop4): using free-space-tree
[  117.588538][ T6903] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  118.086033][ T7395] loop3: detected capacity change from 0 to 32768
[  118.189870][ T7395] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,metadata_target=invalid label 246,noinodes_use_key_cache,journal_flush_delay=3,journal_reclaim_delay=1000,read_only,nocow
[  118.189897][ T7395]   allowing incompatible features above 1.28: inode_has_case_insensitive
[  118.189907][ T7395]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  118.207769][ T7395] bcachefs (loop3): Using encoding defined by superblock: utf8-12.1.0
[  118.210734][ T7395] bcachefs (loop3): initializing new filesystem
[  118.223413][ T7395] bcachefs (loop3): going read-write
[  118.238981][ T7395] bcachefs (loop3): marking superblocks
[  118.247586][ T7395] bcachefs (loop3): initializing freespace
[  118.251117][ T7395] bcachefs (loop3): done initializing freespace
[  118.255129][ T7395] bcachefs (loop3): reading snapshots table
[  118.257133][ T7395] bcachefs (loop3): reading snapshots done
[  118.278827][ T7395] bcachefs (loop3): going read-only
[  118.298911][ T7395] bcachefs (loop3): finished waiting for writes to stop
[  118.307303][ T7395] bcachefs (loop3): flushing journal and stopping allocators, journal seq 3
[  118.335341][ T7395] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 4
[  118.342515][ T7395] bcachefs (loop3): clean shutdown complete, journal seq 5
[  118.346128][ T7395] bcachefs (loop3): marking filesystem clean
[  118.351693][ T7395] bcachefs (loop3): done starting filesystem
[  118.386419][ T7425] loop4: detected capacity change from 0 to 256
[  118.389456][ T7425] exfat: Deprecated parameter 'namecase'
[  118.417935][ T7425] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  118.514496][ T6121] bcachefs (loop3): shutting down
[  118.564983][ T6121] bcachefs (loop3): shutdown complete
[  119.285959][ T7476] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  119.287932][   T47] IPVS: starting estimator thread 0...
[  119.376974][ T7482] IPVS: using max 49 ests per chain, 117600 per kthread
[  119.718971][ T7503] netlink: 4 bytes leftover after parsing attributes in process `syz.4.459'.
[  120.588404][ T7530] netlink: 65039 bytes leftover after parsing attributes in process `syz.3.468'.
[  121.007789][ T7553] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  121.114712][ T7563] loop4: detected capacity change from 0 to 1764
[  121.185669][ T7568] loop3: detected capacity change from 0 to 2048
[  121.210785][ T7568] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  121.212883][ T7575] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  121.266773][ T7568] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  121.289807][ T7568] EXT4-fs (loop3): Remounting filesystem read-only
[  121.338618][ T6121] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.819838][ T7594] loop3: detected capacity change from 0 to 32768
[  121.860909][ T7594] ocfs2: Slot 0 on device (7,3) was already allocated to this node!
[  121.899333][ T7594] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  121.966899][ T7612] Bluetooth: MGMT ver 1.23
[  122.006976][ T6121] ocfs2: Unmounting device (7,3) on (node local)
[  122.183900][ T7627] netlink: 666 bytes leftover after parsing attributes in process `syz.3.503'.
[  122.367836][ T7629] loop4: detected capacity change from 0 to 32768
[  122.395735][ T7629] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  122.425526][ T7629] XFS (loop4): Metadata corruption detected at xfs_agf_verify+0x1af/0x8f0, xfs_agf block 0x1 
[  122.429540][ T7629] XFS (loop4): Unmount and run xfs_repair
[  122.431859][ T7629] XFS (loop4): First 128 bytes of corrupted metadata buffer:
[  122.435553][ T7629] 00000000: 58 41 47 46 00 00 00 00 00 00 00 00 00 00 20 00  XAGF.......... .
[  122.439097][ T7629] 00000010: 00 00 00 01 00 00 00 02 00 00 00 05 00 00 00 01  ................
[  122.442569][ T7629] 00000020: 00 00 00 01 00 00 00 01 00 00 00 01 00 00 00 06  ................
[  122.446861][ T7629] 00000030: 00 00 00 06 00 00 0d cb 00 00 0d b8 00 00 00 00  ................
[  122.451432][ T7629] 00000040: bf dc 47 fc 10 d8 4e ed a5 62 11 a8 31 b3 f7 91  ..G...N..b..1...
[  122.456865][ T7629] 00000050: 00 00 00 01 00 00 00 01 00 00 00 06 00 00 00 01  ................
[  122.460362][ T7629] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  122.464242][ T7629] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  122.467609][ T7629] XFS (loop4): metadata I/O error in "xfs_read_agf+0x281/0x5c0" at daddr 0x1 len 1 error 117
[  122.471565][ T7629] XFS (loop4): Error -117 reserving per-AG metadata reserve pool.
[  122.475609][ T7629] XFS (loop4): Corruption of in-memory data (0x8) detected at xfs_fs_reserve_ag_blocks+0x1f0/0x240 (fs/xfs/xfs_fsops.c:566).  Shutting down filesystem.
[  122.481407][ T7629] XFS (loop4): Please unmount the filesystem and rectify the problem(s)
[  122.485004][ T7629] XFS (loop4): Ending clean mount
[  122.511479][ T6903] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  122.531337][ T7642] loop3: detected capacity change from 0 to 64
[  122.881980][ T7657] loop3: detected capacity change from 0 to 8192
[  123.995420][ T7689] process 'syz.3.530' launched './file1' with NULL argv: empty string added
[  124.160750][ T7695] loop3: detected capacity change from 0 to 2048
[  124.170809][ T7695] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  124.471956][ T7704] 9pnet_fd: Insufficient options for proto=fd
[  124.604225][ T7710] loop3: detected capacity change from 0 to 64
[  124.680886][ T7710] Trying to free block not in datazone
[  124.691093][ T7712] netlink: 8 bytes leftover after parsing attributes in process `syz.4.540'.
[  124.702556][ T7712] netlink: 40 bytes leftover after parsing attributes in process `syz.4.540'.
[  124.825266][ T7716] loop3: detected capacity change from 0 to 1024
[  124.829286][ T7716] EXT4-fs: Ignoring removed orlov option
[  124.874693][ T7716] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  124.902177][   T33] audit: type=1800 audit(1755689275.978:11): pid=7716 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.542" name="file1" dev="loop3" ino=15 res=0 errno=0
[  124.976069][ T6121] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  125.086312][   T54] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  125.091165][   T54] Bluetooth: hci0: Injecting HCI hardware error event
[  125.095393][   T54] Bluetooth: hci0: hardware error 0x00
[  125.234948][ T7729] netlink: 4 bytes leftover after parsing attributes in process `syz.3.546'.
[  125.339897][ T7729] bond0: (slave bond_slave_1): Releasing backup interface
[  125.613018][ T7739] loop3: detected capacity change from 0 to 164
[  125.996227][ T7757] ceph: No source
[  126.061894][ T7763] loop3: detected capacity change from 0 to 128
[  126.092192][ T7763] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  126.104227][ T7763] ext4 filesystem being mounted at /156/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  126.129985][ T7763] EXT4-fs error (device loop3): dx_make_map:1296: inode #2: block 20: comm syz.3.562: bad entry in directory: inode out of bounds - offset=988, inode=128, rec_len=36, size=1024 fake=1
[  126.146567][ T7763] EXT4-fs (loop3): Remounting filesystem read-only
[  126.173298][ T6121] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  126.675640][ T7806] Bluetooth: MGMT ver 1.23
[  126.860801][ T7808] loop3: detected capacity change from 0 to 32768
[  126.864494][ T7808] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.584 (7808)
[  126.883545][ T7808] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  126.887091][ T7808] BTRFS info (device loop3): using crc32c (crc32c-lib) checksum algorithm
[  126.889706][ T7808] BTRFS info (device loop3): using free-space-tree
[  127.006118][ T7825] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  127.034639][ T7808] BTRFS info (device loop3): rebuilding free space tree
[  127.149904][ T6121] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  127.153817][   T54] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  127.474352][ T7830] loop4: detected capacity change from 0 to 32768
[  127.574406][ T5855]  loop4: p9 p11 p16
[  127.604663][ T7830]  loop4: p9 p11 p16
[  127.896287][ T7847] netlink: 432 bytes leftover after parsing attributes in process `syz.4.593'.
[  128.017918][ T5846] udevd[5846]: inotify_add_watch(7, /dev/loop4p9, 10) failed: No such file or directory
[  128.026357][ T5855] udevd[5855]: inotify_add_watch(7, /dev/loop4p11, 10) failed: No such file or directory
[  128.026631][ T5940] udevd[5940]: inotify_add_watch(7, /dev/loop4p16, 10) failed: No such file or directory
[  128.078365][ T5846] udevd[5846]: inotify_add_watch(7, /dev/loop4p9, 10) failed: No such file or directory
[  128.091031][ T5855] udevd[5855]: inotify_add_watch(7, /dev/loop4p11, 10) failed: No such file or directory
[  128.095816][ T5940] udevd[5940]: inotify_add_watch(7, /dev/loop4p16, 10) failed: No such file or directory
[  128.377286][ T7868] overlayfs: failed to clone upperpath
[  128.615366][ T2357] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  128.773771][ T2357] usb 4-1: Using ep0 maxpacket: 32
[  128.786734][ T2357] usb 4-1: config 0 has an invalid interface number: 67 but max is 0
[  128.789796][ T2357] usb 4-1: config 0 has no interface number 0
[  128.795126][ T2357] usb 4-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  128.798715][ T2357] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  128.813686][ T2357] usb 4-1: Product: syz
[  128.815363][ T2357] usb 4-1: Manufacturer: syz
[  128.817253][ T2357] usb 4-1: SerialNumber: syz
[  128.821736][ T2357] usb 4-1: config 0 descriptor??
[  128.827545][ T2357] smsc95xx v2.0.0
[  129.645501][ T2357] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  129.649597][ T2357] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  129.798256][ T7877] loop4: detected capacity change from 0 to 32768
[  129.841457][ T7877] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  129.974439][   T33] audit: type=1800 audit(1755689281.058:12): pid=7877 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.608" name="file1" dev="loop4" ino=17058 res=0 errno=0
[  130.038541][ T6903] ocfs2: Unmounting device (7,4) on (node local)
[  130.188120][   T33] audit: type=1326 audit(1755689281.278:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7890 comm="syz.0.613" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d1058ebe9 code=0x7ffc0000
[  130.200314][   T33] audit: type=1326 audit(1755689281.288:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7890 comm="syz.0.613" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d1058ebe9 code=0x7ffc0000
[  130.209916][   T33] audit: type=1326 audit(1755689281.288:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7890 comm="syz.0.613" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f2d1058ebe9 code=0x7ffc0000
[  130.221882][   T33] audit: type=1326 audit(1755689281.288:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7890 comm="syz.0.613" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d1058ebe9 code=0x7ffc0000
[  130.232031][   T33] audit: type=1326 audit(1755689281.288:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7890 comm="syz.0.613" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d1058ebe9 code=0x7ffc0000
[  130.252818][   T33] audit: type=1326 audit(1755689281.288:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7890 comm="syz.0.613" exe="/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2d1058ebe9 code=0x7ffc0000
[  130.263016][   T33] audit: type=1326 audit(1755689281.288:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7890 comm="syz.0.613" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d1058ebe9 code=0x7ffc0000
[  130.289358][   T33] audit: type=1326 audit(1755689281.288:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7890 comm="syz.0.613" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2d1058ebe9 code=0x7ffc0000
[  130.314891][   T33] audit: type=1326 audit(1755689281.288:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7890 comm="syz.0.613" exe="/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f2d1058ebe9 code=0x7ffc0000
[  130.545002][ T7904] netlink: 12 bytes leftover after parsing attributes in process `syz.4.618'.
[  130.584420][ T2357] smsc95xx 4-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[  130.594120][ T2357] smsc95xx 4-1:0.67: probe with driver smsc95xx failed with error -71
[  130.613825][ T2357] usb 4-1: USB disconnect, device number 7
[  130.762768][ T7912] comedi comedi0: Minor 3 could not be opened
[  131.101691][ T7926] loop4: detected capacity change from 0 to 32768
[  131.111089][ T7926] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.629 (7926)
[  131.209965][ T7926] BTRFS info (device loop4): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  131.214448][ T7926] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm
[  131.217801][ T7926] BTRFS info (device loop4): using free-space-tree
[  131.651817][ T6903] BTRFS info (device loop4): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  132.131286][ T7962] io-wq is not configured for unbound workers
[  132.390844][   T47] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  132.554227][ T5911] usb 4-1: new full-speed USB device number 8 using dummy_hcd
[  132.595738][   T47] usb 5-1: Using ep0 maxpacket: 32
[  132.634589][   T47] usb 5-1: config 0 has an invalid interface number: 89 but max is 0
[  132.637328][   T47] usb 5-1: config 0 has no interface number 0
[  132.639315][   T47] usb 5-1: config 0 interface 89 has no altsetting 0
[  132.645598][   T47] usb 5-1: New USB device found, idVendor=0ccd, idProduct=10af, bcdDevice=38.4e
[  132.648800][   T47] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  132.651398][   T47] usb 5-1: Product: syz
[  132.652915][   T47] usb 5-1: Manufacturer: syz
[  132.655436][   T47] usb 5-1: SerialNumber: syz
[  132.658909][   T47] usb 5-1: config 0 descriptor??
[  132.668973][   T47] em28xx 5-1:0.89: New device syz syz @ 480 Mbps (0ccd:10af, interface 89, class 89)
[  132.672835][   T47] em28xx 5-1:0.89: Video interface 89 found: bulk
[  132.716717][ T5911] usb 4-1: not running at top speed; connect to a high speed hub
[  132.721396][ T5911] usb 4-1: config 95 has an invalid interface number: 1 but max is 0
[  132.725538][ T5911] usb 4-1: config 95 has no interface number 0
[  132.727676][ T5911] usb 4-1: config 95 interface 1 has no altsetting 0
[  132.736673][ T5911] usb 4-1: New USB device found, idVendor=0763, idProduct=2030, bcdDevice=79.79
[  132.740238][ T5911] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  132.743442][ T5911] usb 4-1: Product: syz
[  132.745217][ T5911] usb 4-1: Manufacturer: syz
[  132.746935][ T5911] usb 4-1: SerialNumber: syz
[  132.757872][ T1364] ieee802154 phy0 wpan0: encryption failed: -22
[  132.760688][ T1364] ieee802154 phy1 wpan1: encryption failed: -22
[  133.031897][ T5911] usb 4-1: USB disconnect, device number 8
[  133.088371][ T5855] udevd[5855]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:95.1/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  133.275626][   T47] em28xx 5-1:0.89: unknown em28xx chip ID (0)
[  133.537934][ T7975] netlink: 8 bytes leftover after parsing attributes in process `syz.3.642'.
[  133.856143][ T7985] loop3: detected capacity change from 0 to 4096
[  134.090031][   T47] em28xx 5-1:0.89: reading from i2c device at 0xa0 failed (error=-5)
[  134.093114][   T47] em28xx 5-1:0.89: board has no eeprom
[  134.273177][   T47] em28xx 5-1:0.89: Identified as Terratec Grabby (card=67)
[  134.276222][   T47] em28xx 5-1:0.89: analog set to bulk mode.
[  134.279430][   T24] em28xx 5-1:0.89: Registering V4L2 extension
[  134.283711][   T47] usb 5-1: USB disconnect, device number 4
[  134.286258][   T47] em28xx 5-1:0.89: Disconnecting em28xx
[  134.326301][   T24] em28xx 5-1:0.89: Config register raw data: 0xffffffed
[  134.328504][   T24] em28xx 5-1:0.89: AC97 chip type couldn't be determined
[  134.333959][   T24] em28xx 5-1:0.89: No AC97 audio processor
[  134.351537][   T24] usb 5-1: Decoder not found
[  134.353448][   T24] em28xx 5-1:0.89: failed to create media graph
[  134.356774][   T24] em28xx 5-1:0.89: V4L2 device video103 deregistered
[  134.360104][   T24] em28xx 5-1:0.89: Registering snapshot button...
[  134.366492][   T24] input: em28xx snapshot button as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.89/input/input7
[  134.375492][   T24] em28xx 5-1:0.89: Remote control support is not available for this card.
[  134.378292][   T47] em28xx 5-1:0.89: Closing input extension
[  134.380125][   T47] em28xx 5-1:0.89: Deregistering snapshot button
[  134.397451][   T47] em28xx 5-1:0.89: Freeing device
[  135.056746][ T8014] loop3: detected capacity change from 0 to 256
[  135.070744][ T8014] exFAT-fs (loop3): failed to load upcase table (idx : 0x0001034b, chksum : 0x6322ccb6, utbl_chksum : 0xe619d30d)
[  135.301449][ T8022] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  135.751305][ T8043] tmpfs: Cannot enable swap on remount if it was disabled on first mount
[  135.793941][    T9] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  135.948014][    T9] usb 4-1: config 220 has an invalid interface number: 76 but max is 2
[  135.951210][    T9] usb 4-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  135.956585][    T9] usb 4-1: config 220 has no interface number 2
[  135.959020][    T9] usb 4-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  135.966023][    T9] usb 4-1: config 220 interface 0 has no altsetting 0
[  135.973755][    T9] usb 4-1: config 220 interface 76 has no altsetting 0
[  135.976836][    T9] usb 4-1: config 220 interface 1 has no altsetting 0
[  135.981923][    T9] usb 4-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  135.986846][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  135.989870][    T9] usb 4-1: Product: syz
[  135.991494][    T9] usb 4-1: Manufacturer: syz
[  135.993316][    T9] usb 4-1: SerialNumber: syz
[  136.231340][    T9] usb 4-1: selecting invalid altsetting 0
[  136.248554][    T9] usb 4-1: selecting invalid altsetting 0
[  136.253158][    T9] usb 4-1: Found UVC 7.01 device syz (8086:0b07)
[  136.256052][    T9] usb 4-1: No valid video chain found.
[  136.276430][    T9] usb 4-1: selecting invalid altsetting 0
[  136.284317][    T9] usbtest 4-1:220.1: probe with driver usbtest failed with error -22
[  136.295367][    T9] usb 4-1: USB disconnect, device number 9
[  136.911854][ T8065] loop3: detected capacity change from 0 to 8
[  136.918868][ T8067] netlink: 'syz.0.684': attribute type 21 has an invalid length.
[  136.921482][ T8065] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  136.935021][ T8067] netlink: 128 bytes leftover after parsing attributes in process `syz.0.684'.
[  136.938714][ T8067] netlink: 'syz.0.684': attribute type 4 has an invalid length.
[  136.957993][ T8067] netlink: 'syz.0.684': attribute type 5 has an invalid length.
[  136.961101][ T8067] netlink: 3 bytes leftover after parsing attributes in process `syz.0.684'.
[  137.424624][ T8060] loop4: detected capacity change from 0 to 32768
[  137.464540][ T8060] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  137.573963][ T8060] XFS (loop4): Ending clean mount
[  137.585291][ T8060] XFS (loop4): Quotacheck needed: Please wait.
[  137.684302][ T8060] XFS (loop4): Quotacheck: Done.
[  137.773574][   T33] kauditd_printk_skb: 30 callbacks suppressed
[  137.784201][   T33] audit: type=1800 audit(1755689288.858:52): pid=8060 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.680" name="file2" dev="loop4" ino=9287 res=0 errno=0
[  137.958757][ T6903] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  138.318720][ T8084] nfs4: Bad value for 'source'
[  138.458638][ T8086] loop4: detected capacity change from 0 to 1024
[  138.666739][ T8086] syz.4.689: attempt to access beyond end of device
[  138.666739][ T8086] loop4: rw=2049, sector=5778, nr_sectors = 2 limit=1024
[  138.677969][ T8086] buffer_io_error: 5 callbacks suppressed
[  138.677986][ T8086] Buffer I/O error on dev loop4, logical block 2889, lost async page write
[  138.963806][   T24] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  139.117968][   T24] usb 4-1: config 0 has an invalid interface number: 117 but max is 0
[  139.121157][   T24] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  139.126832][   T24] usb 4-1: config 0 has no interface number 0
[  139.129316][   T24] usb 4-1: config 0 interface 117 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[  139.133059][   T24] usb 4-1: config 0 interface 117 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  139.142839][   T24] usb 4-1: New USB device found, idVendor=0afa, idProduct=03e8, bcdDevice=99.d0
[  139.148599][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  139.151689][   T24] usb 4-1: Product: syz
[  139.153420][   T24] usb 4-1: Manufacturer: syz
[  139.160199][   T24] usb 4-1: SerialNumber: syz
[  139.171305][   T24] usb 4-1: config 0 descriptor??
[  139.811125][    T9] usb 4-1: USB disconnect, device number 10
[  141.244153][   T47] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  141.395022][   T47] usb 4-1: Using ep0 maxpacket: 32
[  141.401736][   T47] usb 4-1: config 0 has an invalid interface number: 85 but max is 0
[  141.405712][   T47] usb 4-1: config 0 has no interface number 0
[  141.408010][   T47] usb 4-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  141.411860][   T47] usb 4-1: config 0 interface 85 has no altsetting 0
[  141.418190][   T47] usb 4-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  141.421212][   T47] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  141.425569][   T47] usb 4-1: Product: syz
[  141.427438][   T47] usb 4-1: Manufacturer: syz
[  141.429226][   T47] usb 4-1: SerialNumber: syz
[  141.433530][   T47] usb 4-1: config 0 descriptor??
[  141.454502][ T2357] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  141.603737][ T2357] usb 5-1: Using ep0 maxpacket: 16
[  141.607888][ T2357] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 92, changing to 10
[  141.612222][ T2357] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 17487, setting to 1024
[  141.618403][ T2357] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  141.623330][ T2357] usb 5-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.00
[  141.626872][ T2357] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  141.632398][ T2357] usb 5-1: config 0 descriptor??
[  141.637982][ T8140] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  141.647926][ T2357] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input10
[  141.856605][ T2357] usb 5-1: USB disconnect, device number 5
[  142.060652][   T47] appletouch 4-1:0.85: Geyser mode initialized.
[  142.071405][   T47] input: appletouch as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.85/input/input9
[  142.273191][   T47] usb 4-1: USB disconnect, device number 11
[  142.290513][   T47] appletouch 4-1:0.85: input: appletouch disconnected
[  143.221370][ T8170] loop3: detected capacity change from 0 to 256
[  143.273772][ T8170] exFAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  143.278193][ T8170] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  143.302981][ T8170] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  144.797813][ T8197] netlink: 36 bytes leftover after parsing attributes in process `syz.0.732'.
[  144.808648][ T8197] netlink: 16 bytes leftover after parsing attributes in process `syz.0.732'.
[  144.811429][ T8197] netlink: 36 bytes leftover after parsing attributes in process `syz.0.732'.
[  144.824947][ T8197] netlink: 36 bytes leftover after parsing attributes in process `syz.0.732'.
[  144.970253][ T8210] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  144.975306][ T8212] netlink: 8 bytes leftover after parsing attributes in process `syz.0.738'.
[  145.223824][   T24] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  145.375264][   T24] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  145.382027][   T24] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  145.385770][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  145.388996][   T24] usb 4-1: Product: syz
[  145.390635][   T24] usb 4-1: Manufacturer: syz
[  145.392591][   T24] usb 4-1: SerialNumber: syz
[  146.216778][   T24] cdc_ncm 4-1:1.0: SET_CRC_MODE failed
[  146.219931][   T24] cdc_ncm 4-1:1.0: SET_NTB_FORMAT failed
[  146.239015][   T24] cdc_ncm 4-1:1.0: bind() failure
[  146.263083][   T24] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found
[  146.271310][   T24] cdc_ncm 4-1:1.1: bind() failure
[  146.287427][   T24] usb 4-1: USB disconnect, device number 12
[  146.669893][ T8316] loop4: detected capacity change from 0 to 2048
[  146.699735][ T8316] NILFS (loop4): Invalid checkpoint (checkpoint number=2)
[  146.720406][ T8316] NILFS (loop4): error -22 while loading last checkpoint (checkpoint number=2)
[  146.883912][   T33] audit: type=1326 audit(1755689297.958:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8319 comm="syz.4.754" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8eee78ebe9 code=0x7ffc0000
[  146.898764][   T33] audit: type=1326 audit(1755689297.958:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8319 comm="syz.4.754" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8eee78ebe9 code=0x7ffc0000
[  146.907015][ T8323] loop3: detected capacity change from 0 to 128
[  146.924819][   T33] audit: type=1326 audit(1755689297.968:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8319 comm="syz.4.754" exe="/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f8eee78ebe9 code=0x7ffc0000
[  146.933090][   T33] audit: type=1326 audit(1755689297.978:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8319 comm="syz.4.754" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8eee78ebe9 code=0x7ffc0000
[  146.942424][   T33] audit: type=1326 audit(1755689297.978:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8319 comm="syz.4.754" exe="/syz-executor" sig=0 arch=c000003e syscall=427 compat=0 ip=0x7f8eee78ebe9 code=0x7ffc0000
[  146.946328][ T8323] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  146.973875][   T33] audit: type=1326 audit(1755689297.978:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8319 comm="syz.4.754" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8eee78ebe9 code=0x7ffc0000
[  146.987370][ T8323] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  147.819181][ T8351] input: syz1 as /devices/virtual/input/input11
[  147.958607][ T8355] netlink: 12 bytes leftover after parsing attributes in process `syz.0.769'.
[  147.961920][ T8355] netlink: 12 bytes leftover after parsing attributes in process `syz.0.769'.
[  147.966524][ T8355] netlink: 68 bytes leftover after parsing attributes in process `syz.0.769'.
[  148.162224][ T8353] loop4: detected capacity change from 0 to 32768
[  148.372876][ T8375] evm: overlay not supported
[  148.747918][ T8389] loop3: detected capacity change from 0 to 32768
[  148.839117][   T33] audit: type=1326 audit(1755689299.928:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8398 comm="syz.4.791" exe="/syz-executor" sig=9 arch=c000003e syscall=39 compat=0 ip=0x7f8eee785ba7 code=0x0
[  148.884895][ T8389] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names
[  148.884919][ T8389]   allowing incompatible features above 0.0: (unknown version)
[  148.884929][ T8389]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  148.936268][ T8389] bcachefs (loop3): Using encoding defined by superblock: utf8-12.1.0
[  148.954206][ T8389] bcachefs (loop3): initializing new filesystem
[  148.962504][ T8389] bcachefs (loop3): going read-write
[  148.988033][ T8389] bcachefs (loop3): marking superblocks
[  149.050388][ T8389] bcachefs (loop3): initializing freespace
[  149.062808][ T8417] netlink: 56 bytes leftover after parsing attributes in process `syz.0.794'.
[  149.077813][ T8389] bcachefs (loop3): done initializing freespace
[  149.099065][ T8389] bcachefs (loop3): reading snapshots table
[  149.113006][ T8389] bcachefs (loop3): reading snapshots done
[  149.187939][ T8389] bcachefs (loop3): done starting filesystem
[  149.378638][ T6121] bcachefs (loop3): shutting down
[  149.380585][ T6121] bcachefs (loop3): going read-only
[  149.384399][ T6121] bcachefs (loop3): finished waiting for writes to stop
[  149.397556][ T6121] bcachefs (loop3): flushing journal and stopping allocators, journal seq 3
[  149.428730][ T6121] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 4
[  149.433546][ T6121] bcachefs (loop3): clean shutdown complete, journal seq 5
[  149.437724][ T6121] bcachefs (loop3): marking filesystem clean
[  149.463443][ T6121] bcachefs (loop3): shutdown complete
[  149.995265][ T8439] sctp: [Deprecated]: syz.0.805 (pid 8439) Use of struct sctp_assoc_value in delayed_ack socket option.
[  149.995265][ T8439] Use struct sctp_sack_info instead
[  150.523777][ T2357] usb 5-1: new full-speed USB device number 6 using dummy_hcd
[  150.696250][ T2357] usb 5-1: unable to get BOS descriptor or descriptor too short
[  150.701213][ T2357] usb 5-1: not running at top speed; connect to a high speed hub
[  150.706411][ T2357] usb 5-1: config 1 has an invalid interface number: 138 but max is 0
[  150.709715][ T2357] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  150.717141][ T2357] usb 5-1: config 1 has no interface number 0
[  150.719670][ T2357] usb 5-1: config 1 interface 138 altsetting 252 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  150.725424][ T2357] usb 5-1: config 1 interface 138 has no altsetting 0
[  150.730559][ T2357] usb 5-1: New USB device found, idVendor=0cb8, idProduct=c90b, bcdDevice= d.ae
[  150.736179][ T2357] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  150.739584][ T2357] usb 5-1: Product: syz
[  150.741246][ T2357] usb 5-1: Manufacturer: syz
[  150.743060][ T2357] usb 5-1: SerialNumber: syz
[  150.869418][ T8452] loop3: detected capacity change from 0 to 32768
[  150.901943][ T8452] JBD2: Ignoring recovery information on journal
[  150.949469][ T8452] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  150.982662][ T2357] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  151.035177][ T2357] usb 5-1: USB disconnect, device number 6
[  151.092251][ T6121] ocfs2: Unmounting device (7,3) on (node local)
[  151.136754][ T8456] udevd[8456]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.138/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  151.552911][ T8470] loop3: detected capacity change from 0 to 4096
[  151.593877][ T8472] loop4: detected capacity change from 0 to 128
[  151.622819][ T8473] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  152.175230][ T8481] loop4: detected capacity change from 0 to 40427
[  152.179842][ T8481] F2FS-fs (loop4): build fault injection rate: 14
[  152.182333][ T8481] F2FS-fs (loop4): build fault injection type: 0x3bfe8c
[  152.209761][ T8481] F2FS-fs (loop4): invalid crc value
[  152.224746][    C1] F2FS-fs (loop4): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60
[  152.234733][    C1] F2FS-fs (loop4): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60
[  152.283230][ T8481] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  152.287150][ T8481] F2FS-fs (loop4): inject page alloc in f2fs_grab_cache_folio of __get_meta_folio+0x157/0x4f0
[  152.297275][ T8481] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  152.306154][ T8481] F2FS-fs (loop4): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x1d9/0xa40
[  152.312244][ T8481] F2FS-fs (loop4): inject page alloc in f2fs_grab_cache_folio of f2fs_convert_inline_inode+0x6bd/0x880
[  152.364418][ T6903] syz-executor: attempt to access beyond end of device
[  152.364418][ T6903] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  152.378900][ T6903] CPU: 1 UID: 0 PID: 6903 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  152.378920][ T6903] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  152.378928][ T6903] Call Trace:
[  152.378935][ T6903]  <TASK>
[  152.378941][ T6903]  dump_stack_lvl+0x189/0x250
[  152.378976][ T6903]  ? __pfx_dump_stack_lvl+0x10/0x10
[  152.378993][ T6903]  ? __pfx_queue_work_on+0x10/0x10
[  152.379007][ T6903]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  152.379026][ T6903]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  152.379052][ T6903]  f2fs_handle_critical_error+0x37c/0x540
[  152.379080][ T6903]  f2fs_write_end_io+0x886/0xb60
[  152.379109][ T6903]  __submit_merged_bio+0x27a/0x6a0
[  152.379133][ T6903]  __submit_merged_write_cond+0x255/0x530
[  152.379158][ T6903]  f2fs_write_data_pages+0x261d/0x3000
[  152.379204][ T6903]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  152.379234][ T6903]  ? arch_stack_walk+0xfc/0x150
[  152.379272][ T6903]  ? __mod_zone_page_state+0xd7/0x140
[  152.379328][ T6903]  ? folios_put_refs+0x560/0x640
[  152.379353][ T6903]  ? __pfx_folios_put_refs+0x10/0x10
[  152.379367][ T6903]  ? rcu_is_watching+0x15/0xb0
[  152.379389][ T6903]  ? __lock_acquire+0xab9/0xd20
[  152.379423][ T6903]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  152.379445][ T6903]  do_writepages+0x32e/0x550
[  152.379472][ T6903]  ? do_raw_spin_unlock+0x4d/0x240
[  152.379494][ T6903]  filemap_fdatawrite+0x199/0x240
[  152.379513][ T6903]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  152.379568][ T6903]  ? do_raw_spin_unlock+0x4d/0x240
[  152.379589][ T6903]  f2fs_sync_dirty_inodes+0x31f/0x830
[  152.379616][ T6903]  f2fs_write_checkpoint+0x95a/0x1df0
[  152.379649][ T6903]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  152.379700][ T6903]  ? kill_f2fs_super+0x298/0x6c0
[  152.379718][ T6903]  kill_f2fs_super+0x2c3/0x6c0
[  152.379738][ T6903]  ? __pfx_kill_f2fs_super+0x10/0x10
[  152.379751][ T6903]  ? radix_tree_delete_item+0x2b6/0x400
[  152.379774][ T6903]  ? shrinker_free+0x2ce/0x3e0
[  152.379792][ T6903]  deactivate_locked_super+0xbc/0x130
[  152.379812][ T6903]  cleanup_mnt+0x425/0x4c0
[  152.379828][ T6903]  ? lockdep_hardirqs_on+0x9c/0x150
[  152.379850][ T6903]  task_work_run+0x1d4/0x260
[  152.379872][ T6903]  ? __pfx_task_work_run+0x10/0x10
[  152.379889][ T6903]  ? __x64_sys_umount+0x122/0x160
[  152.379911][ T6903]  ? exit_to_user_mode_loop+0x40/0x110
[  152.379935][ T6903]  exit_to_user_mode_loop+0xec/0x110
[  152.379954][ T6903]  do_syscall_64+0x2bd/0x3b0
[  152.379979][ T6903]  ? lockdep_hardirqs_on+0x9c/0x150
[  152.379997][ T6903]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.380012][ T6903]  ? exc_page_fault+0x9f/0xf0
[  152.380030][ T6903]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.380045][ T6903] RIP: 0033:0x7f8eee78ff17
[  152.380059][ T6903] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  152.380071][ T6903] RSP: 002b:00007ffe6e76fe08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  152.380086][ T6903] RAX: 0000000000000000 RBX: 00007f8eee811c05 RCX: 00007f8eee78ff17
[  152.380096][ T6903] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe6e76fec0
[  152.380105][ T6903] RBP: 00007ffe6e76fec0 R08: 0000000000000000 R09: 0000000000000000
[  152.380114][ T6903] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe6e770f50
[  152.380122][ T6903] R13: 00007f8eee811c05 R14: 0000000000025294 R15: 00007ffe6e770f90
[  152.380146][ T6903]  </TASK>
[  152.380152][ T6903] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  152.988996][ T8504] openvswitch: netlink: IPv4 tunnel dst address is zero
[  154.268439][ T8524] loop4: detected capacity change from 0 to 2048
[  154.279405][ T8524] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  155.193407][ T8536] loop4: detected capacity change from 0 to 8
[  155.281802][ T8536] unable to read id index table
[  155.478549][ T8540] netlink: 4 bytes leftover after parsing attributes in process `syz.0.842'.
[  155.491753][ T8540] bridge0: entered promiscuous mode
[  155.495077][ T8540] macvlan0: entered allmulticast mode
[  155.497437][ T8540] bridge0: entered allmulticast mode
[  155.504835][ T8540] bridge0: port 3(macvlan0) entered blocking state
[  155.507718][ T8540] bridge0: port 3(macvlan0) entered disabled state
[  155.546781][ T8540] bridge0: left allmulticast mode
[  155.548913][ T8540] bridge0: left promiscuous mode
[  155.568882][ T8542] loop3: detected capacity change from 0 to 128
[  155.613178][ T8542] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  155.629314][ T8542] ext4 filesystem being mounted at /245/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  156.491569][ T8556] loop4: detected capacity change from 0 to 32768
[  156.498006][ T6121] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  156.561777][ T8556] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  156.587908][ T8566] gretap0: entered promiscuous mode
[  156.592618][ T8566] batman_adv: batadv0: Adding interface: macvlan3
[  156.619201][ T8566] batman_adv: batadv0: The MTU of interface macvlan3 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  156.632990][ T8566] batman_adv: batadv0: Interface activated: macvlan3
[  156.642901][ T6903] ocfs2: Unmounting device (7,4) on (node local)
[  156.717804][ T8568] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  156.733274][ T8568] CIFS mount error: No usable UNC path provided in device string!
[  156.733274][ T8568] 
[  156.749554][ T8568] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  156.851164][ T8575] Mount JFS Failure: -22
[  157.198945][ T8605] dvmrp0: entered allmulticast mode
[  157.285572][ T8611] loop4: detected capacity change from 0 to 1024
[  157.313283][ T8611] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  157.350076][ T8611] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2848: Unable to expand inode 13. Delete some EAs or run e2fsck.
[  157.426772][ T6903] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  157.578140][   T32] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  157.581016][   T32] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  158.137067][ T8630] loop3: detected capacity change from 0 to 32768
[  158.226261][ T8630] JBD2: Ignoring recovery information on journal
[  158.266535][ T8630] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  158.285075][ T8630] OCFS2: ERROR (device loop3): int ocfs2_xattr_find_entry(struct inode *, int, const char *, struct ocfs2_xattr_search *): corrupted xattr entries
[  158.285712][ T8630] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  158.298092][ T8630] OCFS2: File system is now read-only.
[  158.318352][ T6121] ocfs2: Unmounting device (7,3) on (node local)
[  158.624977][ T8644] loop3: detected capacity change from 0 to 32768
[  158.635897][ T8644] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  158.930384][ T8644] XFS (loop3): Ending clean mount
[  158.936431][ T8644] XFS (loop3): Quotacheck needed: Please wait.
[  158.964496][ T8644] XFS (loop3): Quotacheck: Done.
[  159.057189][ T6121] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  159.532512][ T8666] netlink: 40 bytes leftover after parsing attributes in process `syz.4.892'.
[  160.426514][ T8684] netlink: 'syz.3.900': attribute type 12 has an invalid length.
[  160.517696][    T9] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  160.793385][    T9] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  160.802750][    T9] usb 5-1: New USB device found, idVendor=054c, idProduct=0ba0, bcdDevice= 0.00
[  160.807663][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  160.821587][    T9] usb 5-1: config 0 descriptor??
[  161.530536][    T9] playstation 0003:054C:0BA0.0003: unknown main item tag 0x0
[  161.545542][    T9] playstation 0003:054C:0BA0.0003: hidraw0: USB HID v0.00 Device [HID 054c:0ba0] on usb-dummy_hcd.4-1/input0
[  161.709350][    T9] playstation 0003:054C:0BA0.0003: Invalid reportID received, expected 18 got 158
[  161.713184][    T9] playstation 0003:054C:0BA0.0003: Failed to retrieve DualShock4 pairing info: -22
[  161.726269][    T9] playstation 0003:054C:0BA0.0003: Failed to get MAC address from DualShock4
[  161.729893][    T9] playstation 0003:054C:0BA0.0003: Failed to create dualshock4.
[  161.735551][    T9] playstation 0003:054C:0BA0.0003: probe with driver playstation failed with error -22
[  161.949183][    T9] usb 5-1: USB disconnect, device number 7
[  162.571305][ T8703] loop4: detected capacity change from 0 to 512
[  162.578119][ T8703] EXT4-fs: Ignoring removed bh option
[  162.605605][ T8703] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  162.609177][ T8703] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  162.619602][ T8703] EXT4-fs (loop4): warning: mounting unchecked fs, running e2fsck is recommended
[  162.654492][ T8703] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  162.670931][ T8703] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  162.743267][ T8703] EXT4-fs error (device loop4): ext4_find_dest_de:2052: inode #2: block 3: comm syz.4.907: bad entry in directory: inode out of bounds - offset=24, inode=134217739, rec_len=20, size=2048 fake=0
[  163.000507][ T6903] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  164.121401][ T8728] binder: 8721:8728 ioctl c0306201 2000000003c0 returned -14
[  165.100666][ T8747] loop4: detected capacity change from 0 to 1024
[  165.256010][ T8755] loop3: detected capacity change from 0 to 2048
[  165.272671][ T8755] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  165.320282][   T33] audit: type=1800 audit(1755689316.408:60): pid=8755 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.928" name="file1" dev="loop3" ino=1346 res=0 errno=0
[  165.470899][ T8767] 9pnet: p9_errstr2errno: server reported unknown error 00000
[  165.628247][   T10] IPVS: starting estimator thread 0...
[  165.713894][ T8777] IPVS: using max 61 ests per chain, 146400 per kthread
[  165.930151][ T5915] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  166.157301][ T5915] usb 5-1: Using ep0 maxpacket: 32
[  166.165854][ T5915] usb 5-1: config 0 has an invalid interface number: 31 but max is 0
[  166.169156][ T5915] usb 5-1: config 0 has no interface number 0
[  166.171168][ T5915] usb 5-1: config 0 interface 31 has no altsetting 0
[  166.177707][ T5915] usb 5-1: New USB device found, idVendor=054c, idProduct=06c1, bcdDevice=34.16
[  166.181599][ T5915] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  166.187408][ T5915] usb 5-1: Product: syz
[  166.188858][ T5915] usb 5-1: Manufacturer: syz
[  166.190765][ T5915] usb 5-1: SerialNumber: syz
[  166.197561][ T5915] usb 5-1: config 0 descriptor??
[  166.208334][ T5915] port100 5-1:0.31: NFC: Could not find bulk-in or bulk-out endpoint
[  166.409213][   T10] usb 5-1: USB disconnect, device number 8
[  166.580403][ T8790] netlink: 'syz.3.942': attribute type 24 has an invalid length.
[  166.659181][ T8795] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  167.104305][ T8807] netlink: 'syz.0.951': attribute type 29 has an invalid length.
[  167.116272][ T8807] netlink: 'syz.0.951': attribute type 29 has an invalid length.
[  167.466709][ T8811] bridge0: port 2(bridge_slave_1) entered disabled state
[  167.472827][ T8811] bridge0: port 1(bridge_slave_0) entered disabled state
[  167.878426][ T8811] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  167.907362][ T8811] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  168.257678][ T8816] loop4: detected capacity change from 0 to 32768
[  168.260593][ T8816] btrfs: Deprecated parameter 'usebackuproot'
[  168.263051][ T8816] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  168.270008][ T8816] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.954 (8816)
[  168.282405][ T8816] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  168.287434][ T8816] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm
[  168.290238][ T8816] BTRFS info (device loop4): using free-space-tree
[  168.324630][ T5876] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  168.330113][ T5876] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  168.363103][ T5876] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  168.370533][ T5876] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  168.376598][ T8816] BTRFS info (device loop4): rebuilding free space tree
[  168.400554][ T8816] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  168.695910][ T8849] loop4: detected capacity change from 0 to 4096
[  168.700587][ T8849] ntfs3(loop4): ino=3, Correct links count -> 2.
[  168.739609][ T8849] ntfs3(loop4): ino=1a, mi_enum_attr
[  168.742075][ T8849] ntfs3(loop4): Mark volume as dirty due to NTFS errors
[  168.764681][ T8849] ntfs3(loop4): Failed to load root (-22).
[  169.220469][ T8853] loop4: detected capacity change from 0 to 32768
[  169.224109][ T8853] bcachefs: bch2_fs_parse_param() Error parsing option sb: option_value
[  169.402407][ T8859] loop3: detected capacity change from 0 to 32768
[  169.410689][ T8859] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.966 (8859)
[  169.433959][ T8859] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  169.440369][ T8859] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm
[  169.443058][ T8859] BTRFS info (device loop3): using free-space-tree
[  169.567400][ T6121] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  169.567574][ T8867] loop4: detected capacity change from 0 to 40427
[  169.684191][ T8867] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  169.697737][ T8867] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  169.980357][ T8899] loop3: detected capacity change from 0 to 128
[  170.308979][ T8905] loop4: detected capacity change from 0 to 128
[  171.666084][ T8270] kworker/u9:10: attempt to access beyond end of device
[  171.666084][ T8270] loop4: rw=1, sector=145, nr_sectors = 56 limit=128
[  171.715245][ T8925] netdevsim netdevsim4 netdevsim0: entered allmulticast mode
[  171.718890][ T8925] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  171.830358][ T8929] netlink: 12 bytes leftover after parsing attributes in process `syz.4.986'.
[  171.971579][ T8933] loop4: detected capacity change from 0 to 1764
[  172.022892][ T8933] iso9660: Corrupted directory entry in block 2 of inode 1920
[  172.658338][ T8944] netlink: 201916 bytes leftover after parsing attributes in process `syz.0.992'.
[  172.743154][ T8948] netlink: 48 bytes leftover after parsing attributes in process `syz.3.994'.
[  172.861945][ T8953] loop3: detected capacity change from 0 to 8192
[  172.926061][ T8959] loop3: detected capacity change from 0 to 2048
[  172.937009][ T8959] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  175.033809][   T24] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  175.183733][   T24] usb 5-1: Using ep0 maxpacket: 8
[  175.188083][   T24] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  175.195019][   T24] usb 5-1: New USB device found, idVendor=0421, idProduct=798f, bcdDevice=86.54
[  175.198605][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  175.201841][   T24] usb 5-1: Product: syz
[  175.203555][   T24] usb 5-1: Manufacturer: syz
[  175.205557][   T24] usb 5-1: SerialNumber: syz
[  175.213387][   T24] usb 5-1: config 0 descriptor??
[  175.221231][   T24] cdc_phonet 5-1:0.0: skipping garbage
[  175.223499][   T24] cdc_phonet 5-1:0.0: probe with driver cdc_phonet failed with error -22
[  175.429880][   T10] usb 5-1: USB disconnect, device number 9
[  176.049045][ T9025] sctp: [Deprecated]: syz.0.1026 (pid 9025) Use of struct sctp_assoc_value in delayed_ack socket option.
[  176.049045][ T9025] Use struct sctp_sack_info instead
[  176.067711][ T9023] netlink: 'syz.4.1025': attribute type 4 has an invalid length.
[  176.070377][ T9023] netlink: 'syz.4.1025': attribute type 1 has an invalid length.
[  176.073222][ T9023] netlink: 3577 bytes leftover after parsing attributes in process `syz.4.1025'.
[  176.310719][ T9040] loop4: detected capacity change from 0 to 256
[  176.321922][ T9040] exfat: Deprecated parameter 'namecase'
[  176.343253][ T9040] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e0d861, utbl_chksum : 0xe619d30d)
[  176.476790][ T9050] loop4: detected capacity change from 0 to 512
[  176.479423][ T9050] EXT4-fs: Ignoring removed nomblk_io_submit option
[  176.482486][ T9050] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  176.494951][ T9050] EXT4-fs (loop4): 1 truncate cleaned up
[  176.499229][ T9050] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  176.537484][ T6903] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.779715][ T9061] loop4: detected capacity change from 0 to 1764
[  176.807839][ T9061] iso9660: Corrupted directory entry in block 2 of inode 1920
[  176.980947][ T9067] loop4: detected capacity change from 0 to 4096
[  176.995390][ T9067] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512).
[  177.115697][   T33] audit: type=1800 audit(1755689328.208:61): pid=9067 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1045" name="file1" dev="overlay" ino=30 res=0 errno=0
[  177.182504][ T9073] netlink: 15 bytes leftover after parsing attributes in process `syz.3.1048'.
[  177.194955][ T9073] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1048'.
[  177.425311][ T9090] loop4: detected capacity change from 0 to 2048
[  177.504279][ T9090] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  177.508934][ T9090] ext4 filesystem being mounted at /232/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  178.441409][ T9090] tty tty4: ldisc open failed (-12), clearing slot 3
[  178.610645][ T6903] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  178.713239][ T9104] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1061'.
[  178.731796][ T9104] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1061'.
[  179.375139][ T9146] netlink: 'syz.3.1072': attribute type 3 has an invalid length.
[  179.378334][ T9146] netlink: 'syz.3.1072': attribute type 3 has an invalid length.
[  179.416466][ T9146] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1072'.
[  179.428572][ T9147] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1072'.
[  179.955226][ T9159] loop4: detected capacity change from 0 to 128
[  179.963957][ T9159] EXT4-fs: Ignoring removed nobh option
[  179.997583][ T9159] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  180.016993][ T9159] ext4 filesystem being mounted at /239/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  181.473870][ T9200] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1094'.
[  181.794182][ T6903] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  182.278538][ T5915] kernel write not supported for file /register (pid: 5915 comm: kworker/1:6)
[  182.339670][ T9239] loop3: detected capacity change from 0 to 2048
[  182.347173][ T9239] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  182.352336][ T9239] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  182.429033][ T9243] loop3: detected capacity change from 0 to 512
[  182.472011][ T9243] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  182.491146][ T9243] ext4 filesystem being mounted at /324/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  182.521785][ T9248] netlink: 212408 bytes leftover after parsing attributes in process `syz.0.1114'.
[  182.525885][ T9248] netlink: zone id is out of range
[  182.527879][ T9248] netlink: get zone limit has 8 unknown bytes
[  182.556537][ T6121] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  182.882728][ T9267] tmpfs: Bad value for 'mpol'
[  184.708082][ T9298] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1136'.
[  184.806265][ T9302] overlayfs: failed to clone upperpath
[  184.942191][ T9306] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1140'.
[  185.414355][ T9308] loop4: detected capacity change from 0 to 40427
[  185.436187][ T9308] F2FS-fs (loop4): invalid crc value
[  185.531033][ T9308] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  185.550942][ T9308] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  185.598308][ T9308] F2FS-fs (loop4): inconsistent node block, node_type:1, nid:11, node_footer[nid:11,ino:3,ofs:2041,cpver:0,blkaddr:0]
[  185.617681][ T9308] syz.4.1141: attempt to access beyond end of device
[  185.617681][ T9308] loop4: rw=2049, sector=53248, nr_sectors = 8 limit=40427
[  185.633403][ T9308] syz.4.1141: attempt to access beyond end of device
[  185.633403][ T9308] loop4: rw=2049, sector=53256, nr_sectors = 136 limit=40427
[  185.700481][ T6903] syz-executor: attempt to access beyond end of device
[  185.700481][ T6903] loop4: rw=2049, sector=40960, nr_sectors = 32 limit=40427
[  185.719651][ T6903] CPU: 0 UID: 0 PID: 6903 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  185.719673][ T6903] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  185.719698][ T6903] Call Trace:
[  185.719706][ T6903]  <TASK>
[  185.719712][ T6903]  dump_stack_lvl+0x189/0x250
[  185.719738][ T6903]  ? __pfx_dump_stack_lvl+0x10/0x10
[  185.719756][ T6903]  ? __pfx_queue_work_on+0x10/0x10
[  185.719770][ T6903]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  185.719789][ T6903]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  185.719817][ T6903]  f2fs_handle_critical_error+0x37c/0x540
[  185.719842][ T6903]  f2fs_write_end_io+0x886/0xb60
[  185.719872][ T6903]  __submit_merged_bio+0x27a/0x6a0
[  185.719889][ T6903]  ? up_write+0x1c4/0x420
[  185.719908][ T6903]  __submit_merged_write_cond+0x44c/0x530
[  185.719939][ T6903]  f2fs_sync_node_pages+0x1479/0x15e0
[  185.719975][ T6903]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[  185.720018][ T6903]  ? f2fs_write_checkpoint+0xe43/0x1df0
[  185.720037][ T6903]  ? up_write+0x1c4/0x420
[  185.720051][ T6903]  ? do_raw_spin_unlock+0x4d/0x240
[  185.720072][ T6903]  f2fs_write_checkpoint+0xe6f/0x1df0
[  185.720108][ T6903]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  185.720164][ T6903]  ? kill_f2fs_super+0x298/0x6c0
[  185.720183][ T6903]  kill_f2fs_super+0x2c3/0x6c0
[  185.720203][ T6903]  ? __pfx_kill_f2fs_super+0x10/0x10
[  185.720215][ T6903]  ? radix_tree_delete_item+0x2b6/0x400
[  185.720238][ T6903]  ? shrinker_free+0x2ce/0x3e0
[  185.720254][ T6903]  deactivate_locked_super+0xbc/0x130
[  185.720271][ T6903]  cleanup_mnt+0x425/0x4c0
[  185.720286][ T6903]  ? lockdep_hardirqs_on+0x9c/0x150
[  185.720330][ T6903]  task_work_run+0x1d4/0x260
[  185.720351][ T6903]  ? __pfx_task_work_run+0x10/0x10
[  185.720366][ T6903]  ? __x64_sys_umount+0x122/0x160
[  185.720387][ T6903]  ? exit_to_user_mode_loop+0x40/0x110
[  185.720408][ T6903]  exit_to_user_mode_loop+0xec/0x110
[  185.720427][ T6903]  do_syscall_64+0x2bd/0x3b0
[  185.720445][ T6903]  ? lockdep_hardirqs_on+0x9c/0x150
[  185.720463][ T6903]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  185.720477][ T6903]  ? exc_page_fault+0x9f/0xf0
[  185.720497][ T6903]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  185.720510][ T6903] RIP: 0033:0x7f8eee78ff17
[  185.720525][ T6903] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  185.720537][ T6903] RSP: 002b:00007ffe6e76fe08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  185.720553][ T6903] RAX: 0000000000000000 RBX: 00007f8eee811c05 RCX: 00007f8eee78ff17
[  185.720562][ T6903] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe6e76fec0
[  185.720571][ T6903] RBP: 00007ffe6e76fec0 R08: 0000000000000000 R09: 0000000000000000
[  185.720580][ T6903] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe6e770f50
[  185.720589][ T6903] R13: 00007f8eee811c05 R14: 000000000002d4c1 R15: 00007ffe6e770f90
[  185.720613][ T6903]  </TASK>
[  185.720672][ T6903] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  185.845675][ T6903] CPU: 0 UID: 0 PID: 6903 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  185.845692][ T6903] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  185.845699][ T6903] Call Trace:
[  185.845705][ T6903]  <TASK>
[  185.845711][ T6903]  dump_stack_lvl+0x189/0x250
[  185.845732][ T6903]  ? __pfx_dump_stack_lvl+0x10/0x10
[  185.845745][ T6903]  ? __pfx_queue_work_on+0x10/0x10
[  185.845756][ T6903]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  185.845770][ T6903]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  185.845793][ T6903]  f2fs_handle_critical_error+0x37c/0x540
[  185.845816][ T6903]  f2fs_write_end_io+0x886/0xb60
[  185.845840][ T6903]  __submit_merged_bio+0x27a/0x6a0
[  185.845854][ T6903]  ? up_write+0x1c4/0x420
[  185.845871][ T6903]  __submit_merged_write_cond+0x44c/0x530
[  185.845915][ T6903]  f2fs_sync_node_pages+0x1479/0x15e0
[  185.845945][ T6903]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[  185.845989][ T6903]  ? f2fs_write_checkpoint+0xe43/0x1df0
[  185.846004][ T6903]  ? up_write+0x1c4/0x420
[  185.846015][ T6903]  ? do_raw_spin_unlock+0x4d/0x240
[  185.846032][ T6903]  f2fs_write_checkpoint+0xe6f/0x1df0
[  185.846062][ T6903]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  185.846112][ T6903]  ? kill_f2fs_super+0x298/0x6c0
[  185.846127][ T6903]  kill_f2fs_super+0x2c3/0x6c0
[  185.846144][ T6903]  ? __pfx_kill_f2fs_super+0x10/0x10
[  185.846153][ T6903]  ? radix_tree_delete_item+0x2b6/0x400
[  185.846174][ T6903]  ? shrinker_free+0x2ce/0x3e0
[  185.846189][ T6903]  deactivate_locked_super+0xbc/0x130
[  185.846204][ T6903]  cleanup_mnt+0x425/0x4c0
[  185.846218][ T6903]  ? lockdep_hardirqs_on+0x9c/0x150
[  185.846235][ T6903]  task_work_run+0x1d4/0x260
[  185.846252][ T6903]  ? __pfx_task_work_run+0x10/0x10
[  185.846265][ T6903]  ? __x64_sys_umount+0x122/0x160
[  185.846285][ T6903]  ? exit_to_user_mode_loop+0x40/0x110
[  185.846335][ T6903]  exit_to_user_mode_loop+0xec/0x110
[  185.846352][ T6903]  do_syscall_64+0x2bd/0x3b0
[  185.846368][ T6903]  ? lockdep_hardirqs_on+0x9c/0x150
[  185.846381][ T6903]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  185.846393][ T6903]  ? exc_page_fault+0x9f/0xf0
[  185.846409][ T6903]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  185.846419][ T6903] RIP: 0033:0x7f8eee78ff17
[  185.846432][ T6903] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  185.846442][ T6903] RSP: 002b:00007ffe6e76fe08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  185.846455][ T6903] RAX: 0000000000000000 RBX: 00007f8eee811c05 RCX: 00007f8eee78ff17
[  185.846463][ T6903] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe6e76fec0
[  185.846469][ T6903] RBP: 00007ffe6e76fec0 R08: 0000000000000000 R09: 0000000000000000
[  185.846475][ T6903] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe6e770f50
[  185.846482][ T6903] R13: 00007f8eee811c05 R14: 000000000002d4c1 R15: 00007ffe6e770f90
[  185.846504][ T6903]  </TASK>
[  185.847490][ T6903] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  185.967120][ T6903] CPU: 0 UID: 0 PID: 6903 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  185.967135][ T6903] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  185.967141][ T6903] Call Trace:
[  185.967144][ T6903]  <TASK>
[  185.967148][ T6903]  dump_stack_lvl+0x189/0x250
[  185.967165][ T6903]  ? __pfx_dump_stack_lvl+0x10/0x10
[  185.967176][ T6903]  ? __pfx_queue_work_on+0x10/0x10
[  185.967184][ T6903]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  185.967195][ T6903]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  185.967212][ T6903]  f2fs_handle_critical_error+0x37c/0x540
[  185.967228][ T6903]  f2fs_write_end_io+0x886/0xb60
[  185.967246][ T6903]  __submit_merged_bio+0x27a/0x6a0
[  185.967257][ T6903]  ? up_write+0x1c4/0x420
[  185.967270][ T6903]  __submit_merged_write_cond+0x44c/0x530
[  185.967309][ T6903]  f2fs_sync_node_pages+0x1479/0x15e0
[  185.967333][ T6903]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[  185.967360][ T6903]  ? f2fs_write_checkpoint+0xe43/0x1df0
[  185.967372][ T6903]  ? up_write+0x1c4/0x420
[  185.967379][ T6903]  ? do_raw_spin_unlock+0x4d/0x240
[  185.967392][ T6903]  f2fs_write_checkpoint+0xe6f/0x1df0
[  185.967414][ T6903]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  185.967449][ T6903]  ? kill_f2fs_super+0x298/0x6c0
[  185.967460][ T6903]  kill_f2fs_super+0x2c3/0x6c0
[  185.967472][ T6903]  ? __pfx_kill_f2fs_super+0x10/0x10
[  185.967479][ T6903]  ? radix_tree_delete_item+0x2b6/0x400
[  185.967493][ T6903]  ? shrinker_free+0x2ce/0x3e0
[  185.967505][ T6903]  deactivate_locked_super+0xbc/0x130
[  185.967517][ T6903]  cleanup_mnt+0x425/0x4c0
[  185.967527][ T6903]  ? lockdep_hardirqs_on+0x9c/0x150
[  185.967539][ T6903]  task_work_run+0x1d4/0x260
[  185.967552][ T6903]  ? __pfx_task_work_run+0x10/0x10
[  185.967561][ T6903]  ? __x64_sys_umount+0x122/0x160
[  185.967574][ T6903]  ? exit_to_user_mode_loop+0x40/0x110
[  185.967589][ T6903]  exit_to_user_mode_loop+0xec/0x110
[  185.967600][ T6903]  do_syscall_64+0x2bd/0x3b0
[  185.967611][ T6903]  ? lockdep_hardirqs_on+0x9c/0x150
[  185.967621][ T6903]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  185.967629][ T6903]  ? exc_page_fault+0x9f/0xf0
[  185.967640][ T6903]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  185.967648][ T6903] RIP: 0033:0x7f8eee78ff17
[  185.967657][ T6903] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  185.967665][ T6903] RSP: 002b:00007ffe6e76fe08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  185.967674][ T6903] RAX: 0000000000000000 RBX: 00007f8eee811c05 RCX: 00007f8eee78ff17
[  185.967680][ T6903] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe6e76fec0
[  185.967685][ T6903] RBP: 00007ffe6e76fec0 R08: 0000000000000000 R09: 0000000000000000
[  185.967690][ T6903] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe6e770f50
[  185.967695][ T6903] R13: 00007f8eee811c05 R14: 000000000002d4c1 R15: 00007ffe6e770f90
[  185.967710][ T6903]  </TASK>
[  185.967714][ T6903] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  186.079764][ T6903] CPU: 1 UID: 0 PID: 6903 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  186.079783][ T6903] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  186.079791][ T6903] Call Trace:
[  186.079797][ T6903]  <TASK>
[  186.079802][ T6903]  dump_stack_lvl+0x189/0x250
[  186.079826][ T6903]  ? __pfx_dump_stack_lvl+0x10/0x10
[  186.079842][ T6903]  ? __pfx_queue_work_on+0x10/0x10
[  186.079854][ T6903]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  186.079870][ T6903]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  186.079893][ T6903]  f2fs_handle_critical_error+0x37c/0x540
[  186.079915][ T6903]  f2fs_write_end_io+0x886/0xb60
[  186.079938][ T6903]  __submit_merged_bio+0x27a/0x6a0
[  186.079963][ T6903]  ? up_write+0x1c4/0x420
[  186.079982][ T6903]  __submit_merged_write_cond+0x44c/0x530
[  186.080005][ T6903]  f2fs_sync_node_pages+0x1479/0x15e0
[  186.080037][ T6903]  ? __pfx_f2fs_sync_node_pages+0x10/0x10
[  186.080075][ T6903]  ? f2fs_write_checkpoint+0xe43/0x1df0
[  186.080091][ T6903]  ? up_write+0x1c4/0x420
[  186.080101][ T6903]  ? do_raw_spin_unlock+0x4d/0x240
[  186.080117][ T6903]  f2fs_write_checkpoint+0xe6f/0x1df0
[  186.080143][ T6903]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  186.080186][ T6903]  ? kill_f2fs_super+0x298/0x6c0
[  186.080203][ T6903]  kill_f2fs_super+0x2c3/0x6c0
[  186.080220][ T6903]  ? __pfx_kill_f2fs_super+0x10/0x10
[  186.080229][ T6903]  ? radix_tree_delete_item+0x2b6/0x400
[  186.080248][ T6903]  ? shrinker_free+0x2ce/0x3e0
[  186.080263][ T6903]  deactivate_locked_super+0xbc/0x130
[  186.080313][ T6903]  cleanup_mnt+0x425/0x4c0
[  186.080328][ T6903]  ? lockdep_hardirqs_on+0x9c/0x150
[  186.080346][ T6903]  task_work_run+0x1d4/0x260
[  186.080364][ T6903]  ? __pfx_task_work_run+0x10/0x10
[  186.080378][ T6903]  ? __x64_sys_umount+0x122/0x160
[  186.080397][ T6903]  ? exit_to_user_mode_loop+0x40/0x110
[  186.080415][ T6903]  exit_to_user_mode_loop+0xec/0x110
[  186.080432][ T6903]  do_syscall_64+0x2bd/0x3b0
[  186.080447][ T6903]  ? lockdep_hardirqs_on+0x9c/0x150
[  186.080462][ T6903]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.080474][ T6903]  ? exc_page_fault+0x9f/0xf0
[  186.080489][ T6903]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  186.080500][ T6903] RIP: 0033:0x7f8eee78ff17
[  186.080513][ T6903] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  186.080524][ T6903] RSP: 002b:00007ffe6e76fe08 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  186.080538][ T6903] RAX: 0000000000000000 RBX: 00007f8eee811c05 RCX: 00007f8eee78ff17
[  186.080546][ T6903] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe6e76fec0
[  186.080555][ T6903] RBP: 00007ffe6e76fec0 R08: 0000000000000000 R09: 0000000000000000
[  186.080562][ T6903] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe6e770f50
[  186.080571][ T6903] R13: 00007f8eee811c05 R14: 000000000002d4c1 R15: 00007ffe6e770f90
[  186.080591][ T6903]  </TASK>
[  186.080597][ T6903] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  187.135899][ T9347] loop4: detected capacity change from 0 to 32768
[  187.168010][ T9347] bcachefs (/dev/loop4): error validating superblock: Invalid superblock layout: superblocks overlap
[  187.168010][ T9347]   (sb 1 ends at 25769809920 next starts at 30720
[  187.175054][ T9347] bcachefs: bch2_fs_get_tree() error: invalid_sb_layout_superblocks_overlap
[  187.304596][   T64] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  187.321140][   T64] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  187.345658][ T9367] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  187.607741][ T9369] loop3: detected capacity change from 0 to 32768
[  187.633237][ T9369] JBD2: Ignoring recovery information on journal
[  187.644290][   T10] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  187.661940][ T9369] ocfs2: Mounting device (7,3) on (node local, slot 0) with writeback data mode.
[  187.711472][ T6121] (syz-executor,6121,1):ocfs2_inode_is_valid_to_delete:948 ERROR: Skipping delete of system file 22
[  187.719498][ T6121] ocfs2: Unmounting device (7,3) on (node local)
[  187.803958][   T10] usb 5-1: Using ep0 maxpacket: 32
[  187.808953][   T10] usb 5-1: config 0 interface 0 has no altsetting 0
[  187.813511][   T10] usb 5-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  187.816749][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  187.819870][   T10] usb 5-1: Product: syz
[  187.821648][   T10] usb 5-1: Manufacturer: syz
[  187.823354][   T10] usb 5-1: SerialNumber: syz
[  187.828543][   T10] usb 5-1: config 0 descriptor??
[  187.841392][ T9375] loop3: detected capacity change from 0 to 512
[  187.855006][ T9375] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[  187.887319][ T9375] EXT4-fs (loop3): 1 truncate cleaned up
[  187.890963][ T9375] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  188.065268][   T10] gs_usb 5-1:0.0: Couldn't send data format (err=-71)
[  188.068221][   T10] gs_usb 5-1:0.0: probe with driver gs_usb failed with error -71
[  188.097182][   T10] usb 5-1: USB disconnect, device number 10
[  188.761734][ T6121] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  189.029055][ T9398] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1177'.
[  189.043939][   T47] usb 4-1: new full-speed USB device number 13 using dummy_hcd
[  189.207038][   T47] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  189.210021][   T47] usb 4-1: config 0 has no interface number 0
[  189.212233][   T47] usb 4-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e
[  189.216394][   T47] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  189.221742][   T47] usb 4-1: config 0 descriptor??
[  189.229383][   T47] usb 4-1: selecting invalid altsetting 1
[  189.232422][   T47] dvb_ttusb_budget: ttusb_init_controller: error
[  189.236270][   T47] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[  189.277092][   T47] DVB: Unable to find symbol cx22700_attach()
[  189.307498][   T47] DVB: Unable to find symbol tda10046_attach()
[  189.309876][   T47] dvb_ttusb_budget: no frontend driver found for device [0b48:1005]
[  189.438385][   T47] usb 4-1: USB disconnect, device number 13
[  190.104157][ T9431] loop3: detected capacity change from 0 to 1024
[  190.130475][ T9431] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  190.140530][ T9431] ext4 filesystem being mounted at /339/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  190.153410][ T9431] EXT4-fs error (device loop3): ext4_map_blocks:814: inode #15: comm syz.3.1191: lblock 0 mapped to illegal pblock 0 (length 1)
[  190.162619][ T9431] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[  190.168777][ T9431] EXT4-fs (loop3): This should not happen!! Data will be lost
[  190.168777][ T9431] 
[  190.183100][ T9431] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #15: comm syz.3.1191: lblock 0 mapped to illegal pblock 0 (length 1)
[  190.199832][ T9431] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #15: comm syz.3.1191: lblock 0 mapped to illegal pblock 0 (length 1)
[  190.209347][ T9431] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #15: comm syz.3.1191: lblock 0 mapped to illegal pblock 0 (length 1)
[  190.216311][ T9431] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #15: comm syz.3.1191: lblock 0 mapped to illegal pblock 0 (length 1)
[  190.221596][ T9431] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #15: comm syz.3.1191: lblock 0 mapped to illegal pblock 0 (length 1)
[  190.238896][ T9431] EXT4-fs error (device loop3): ext4_ext_remove_space:2955: inode #15: comm syz.3.1191: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  190.269327][ T6121] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  190.660164][ T9461] loop3: detected capacity change from 0 to 128
[  190.668151][ T9461] befs: (loop3): No write support. Marking filesystem read-only
[  190.689720][ T9461] befs: (loop3): invalid magic header
[  190.765435][ T9465] loop3: detected capacity change from 0 to 2048
[  190.779851][ T9465] EXT4-fs: Ignoring removed orlov option
[  190.809669][ T9465] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  190.815842][ T9465] ext4 filesystem being mounted at /347/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  190.879627][ T6121] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.186945][ T9480] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  192.786962][ T9508] loop4: detected capacity change from 0 to 32768
[  192.840932][ T9508] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  192.955480][ T6903] ocfs2: Unmounting device (7,4) on (node local)
[  193.052576][ T9518] loop4: detected capacity change from 0 to 512
[  193.084370][ T9518] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  193.113192][ T9518] EXT4-fs (loop4): orphan cleanup on readonly fs
[  193.120195][ T9518] EXT4-fs error (device loop4): ext4_orphan_get:1418: comm syz.4.1227: bad orphan inode 15
[  193.134622][ T9518] ext4_test_bit(bit=14, block=18) = 1
[  193.137193][ T9518] is_bad_inode(inode)=0
[  193.139230][ T9518] NEXT_ORPHAN(inode)=1023
[  193.141447][ T9518] max_ino=32
[  193.142923][ T9518] i_nlink=0
[  193.161375][ T9518] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2962: inode #15: comm syz.4.1227: corrupted xattr block 19: e_value size too large
[  193.173534][ T9518] EXT4-fs warning (device loop4): ext4_evict_inode:274: xattr delete (err -117)
[  193.188789][ T9518] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  193.745458][ T9523] sd 0:0:0:0: PR command failed: 1026
[  193.748083][ T9523] sd 0:0:0:0: Sense Key : Illegal Request [current] 
[  193.751181][ T9523] sd 0:0:0:0: Add. Sense: Invalid command operation code
[  193.937221][ T6903] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.086446][ T9532] A link change request failed with some changes committed already. Interface sit0 may have been left with an inconsistent configuration, please check.
[  194.198028][ T1364] ieee802154 phy0 wpan0: encryption failed: -22
[  194.200644][ T1364] ieee802154 phy1 wpan1: encryption failed: -22
[  195.741815][ T9549] loop4: detected capacity change from 0 to 32768
[  195.745383][ T9549] BTRFS warning: excessive commit interval 2147483647, use with care
[  195.756334][ T9552] loop3: detected capacity change from 0 to 32768
[  195.760729][ T9549] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1238 (9549)
[  195.806061][ T9549] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  195.810453][ T9549] BTRFS info (device loop4): using crc32c (crc32c-lib) checksum algorithm
[  195.945166][ T9549] BTRFS info (device loop4): rebuilding free space tree
[  195.976881][ T9549] BTRFS info (device loop4): disabling free space tree
[  195.981172][ T9549] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  195.988019][ T9549] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  196.060120][ T6903] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  196.591425][ T9595] loop3: detected capacity change from 0 to 4096
[  196.600756][ T9595] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512).
[  198.405128][ T9649] loop3: detected capacity change from 0 to 32768
[  198.447666][ T9649] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  198.465250][ T9649] XFS (loop3): Ending clean mount
[  198.476091][ T9649] XFS (loop3): Quotacheck needed: Please wait.
[  198.534185][ T9649] XFS (loop3): Quotacheck: Done.
[  198.570924][ T6121] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  198.859593][ T9668] ptrace attach of "/syz-executor exec"[6121] was attempted by "\x09                                        0                                           "[9668]
[  199.099194][ T9680] netlink: 'syz.0.1286': attribute type 3 has an invalid length.
[  200.161630][ T9693] loop3: detected capacity change from 0 to 32768
[  200.184950][ T9693] ocfs2: Mounting device (7,3) on (node local, slot 0) with writeback data mode.
[  200.685963][ T9705] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  200.824606][ T6121] ocfs2: Unmounting device (7,3) on (node local)
[  201.750996][ T9721] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1302'.
[  201.814549][ T9723] loop3: detected capacity change from 0 to 1024
[  201.844176][ T9723] hfsplus: failed to load extents file
[  202.320486][ T9740] loop3: detected capacity change from 0 to 764
[  202.350631][ T9740] rock: directory entry would overflow storage
[  202.353154][ T9740] rock: sig=0x4f50, size=4, remaining=3
[  202.357357][ T9740] iso9660: Corrupted directory entry in block 6 of inode 1792
[  203.094123][ T9772] netlink: 168 bytes leftover after parsing attributes in process `syz.0.1326'.
[  204.493946][   T47] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  204.664567][   T47] usb 4-1: Using ep0 maxpacket: 16
[  204.670716][   T47] usb 4-1: too many configurations: 97, using maximum allowed: 8
[  204.710425][   T47] usb 4-1: string descriptor 0 read error: -71
[  204.712940][   T47] usb 4-1: New USB device found, idVendor=2304, idProduct=023b, bcdDevice=7b.5c
[  204.717937][   T47] usb 4-1: New USB device strings: Mfr=249, Product=204, SerialNumber=224
[  204.727739][   T47] usb 4-1: rejected 8 configurations due to insufficient available bus power
[  204.730662][   T47] usb 4-1: no configuration chosen from 8 choices
[  204.744875][   T47] usb 4-1: USB disconnect, device number 14
[  204.990332][ T9792] loop4: detected capacity change from 0 to 40427
[  205.005790][ T9792] F2FS-fs (loop4): invalid crc value
[  205.073366][ T9792] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  205.091184][ T9792] F2FS-fs (loop4): Start checkpoint disabled!
[  205.122793][ T9792] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  205.308515][ T1091] kworker/u10:5: attempt to access beyond end of device
[  205.308515][ T1091] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  205.320729][ T1091] CPU: 1 UID: 0 PID: 1091 Comm: kworker/u10:5 Not tainted syzkaller #0 PREEMPT(full) 
[  205.320747][ T1091] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  205.320754][ T1091] Workqueue: writeback wb_workfn (flush-7:4)
[  205.320773][ T1091] Call Trace:
[  205.320779][ T1091]  <TASK>
[  205.320785][ T1091]  dump_stack_lvl+0x189/0x250
[  205.320801][ T1091]  ? __pfx_dump_stack_lvl+0x10/0x10
[  205.320813][ T1091]  ? __pfx_queue_work_on+0x10/0x10
[  205.320823][ T1091]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  205.320837][ T1091]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  205.320853][ T1091]  f2fs_handle_critical_error+0x37c/0x540
[  205.320872][ T1091]  f2fs_write_end_io+0x886/0xb60
[  205.320890][ T1091]  __submit_merged_bio+0x27a/0x6a0
[  205.320906][ T1091]  __submit_merged_write_cond+0x255/0x530
[  205.320921][ T1091]  f2fs_write_data_pages+0x261d/0x3000
[  205.320952][ T1091]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  205.320971][ T1091]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  205.320998][ T1091]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  205.321017][ T1091]  ? trace_f2fs_writepages+0x7f/0x200
[  205.321029][ T1091]  ? f2fs_write_node_pages+0x478/0x6e0
[  205.321043][ T1091]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  205.321067][ T1091]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  205.321086][ T1091]  do_writepages+0x32e/0x550
[  205.321104][ T1091]  ? reacquire_held_locks+0x127/0x1d0
[  205.321117][ T1091]  ? writeback_sb_inodes+0x384/0x1010
[  205.321137][ T1091]  __writeback_single_inode+0x145/0xff0
[  205.321148][ T1091]  ? do_raw_spin_unlock+0x4d/0x240
[  205.321161][ T1091]  writeback_sb_inodes+0x6c7/0x1010
[  205.321187][ T1091]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  205.321224][ T1091]  ? rcu_is_watching+0x15/0xb0
[  205.321248][ T1091]  wb_writeback+0x43b/0xaf0
[  205.321265][ T1091]  ? queue_io+0x321/0x590
[  205.321277][ T1091]  ? __pfx_wb_writeback+0x10/0x10
[  205.321292][ T1091]  ? _raw_spin_unlock_irq+0x23/0x50
[  205.321305][ T1091]  wb_workfn+0x409/0xef0
[  205.321322][ T1091]  ? __pfx_wb_workfn+0x10/0x10
[  205.321334][ T1091]  ? __lock_acquire+0xab9/0xd20
[  205.321353][ T1091]  ? process_scheduled_works+0x9ef/0x17b0
[  205.321365][ T1091]  ? _raw_spin_unlock_irq+0x23/0x50
[  205.321374][ T1091]  ? process_scheduled_works+0x9ef/0x17b0
[  205.321382][ T1091]  ? process_scheduled_works+0x9ef/0x17b0
[  205.321391][ T1091]  process_scheduled_works+0xae1/0x17b0
[  205.321415][ T1091]  ? __pfx_process_scheduled_works+0x10/0x10
[  205.321433][ T1091]  worker_thread+0x8a0/0xda0
[  205.321450][ T1091]  ? __kthread_parkme+0x7b/0x200
[  205.321465][ T1091]  kthread+0x711/0x8a0
[  205.321476][ T1091]  ? __pfx_worker_thread+0x10/0x10
[  205.321485][ T1091]  ? __pfx_kthread+0x10/0x10
[  205.321496][ T1091]  ? _raw_spin_unlock_irq+0x23/0x50
[  205.321505][ T1091]  ? lockdep_hardirqs_on+0x9c/0x150
[  205.321516][ T1091]  ? __pfx_kthread+0x10/0x10
[  205.321527][ T1091]  ret_from_fork+0x3fc/0x770
[  205.321538][ T1091]  ? __pfx_ret_from_fork+0x10/0x10
[  205.321581][ T1091]  ? __switch_to_asm+0x39/0x70
[  205.321594][ T1091]  ? __switch_to_asm+0x33/0x70
[  205.321603][ T1091]  ? __pfx_kthread+0x10/0x10
[  205.321613][ T1091]  ret_from_fork_asm+0x1a/0x30
[  205.321632][ T1091]  </TASK>
[  205.321637][ T1091] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  205.926654][ T9819] netlink: 'syz.0.1348': attribute type 1 has an invalid length.
[  205.951566][ T9819] gretap1: entered promiscuous mode
[  205.965258][ T9819] bond1: (slave gretap1): making interface the new active one
[  205.969352][ T9819] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  205.979165][ T9819] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1348'.
[  205.992343][ T9819] 8021q: adding VLAN 0 to HW filter on device bond1
[  205.992593][ T9806] loop3: detected capacity change from 0 to 131072
[  206.003819][ T9806] F2FS-fs (loop3): Test dummy encryption mode enabled
[  206.014319][ T9806] F2FS-fs (loop3): invalid crc value
[  206.102596][ T9806] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  206.110192][ T9806] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  206.613845][ T5915] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  206.766770][ T5915] usb 5-1: config 0 has an invalid interface number: 102 but max is 0
[  206.770101][ T5915] usb 5-1: config 0 has no interface number 0
[  206.772646][ T5915] usb 5-1: New USB device found, idVendor=2001, idProduct=1a00, bcdDevice=38.f5
[  206.785233][ T5915] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  206.791157][ T5915] usb 5-1: config 0 descriptor??
[  207.073887][   T10] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  207.082896][ T9841] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1355'.
[  207.233840][   T10] usb 4-1: Using ep0 maxpacket: 8
[  207.248110][   T10] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  207.252145][   T10] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2
[  207.256132][   T10] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  207.260510][   T10] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  207.265631][   T10] usb 4-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  207.269605][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  207.282226][   T10] hub 4-1:1.0: bad descriptor, ignoring hub
[  207.288442][   T10] hub 4-1:1.0: probe with driver hub failed with error -5
[  207.291631][   T10] cdc_wdm 4-1:1.0: skipping garbage
[  207.296996][   T10] cdc_wdm 4-1:1.0: skipping garbage
[  207.310611][   T10] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device
[  207.313023][   T10] cdc_wdm 4-1:1.0: Unknown control protocol
[  207.605251][   T47] usb 4-1: USB disconnect, device number 15
[  207.810455][ T5915] asix 5-1:0.102 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  207.816761][ T5915] asix 5-1:0.102: probe with driver asix failed with error -71
[  207.823254][ T5915] usb 5-1: USB disconnect, device number 11
[  208.307388][ T9861] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  208.787944][ T9871] netlink: 'syz.0.1367': attribute type 4 has an invalid length.
[  208.791337][ T9871] netlink: 17 bytes leftover after parsing attributes in process `syz.0.1367'.
[  209.869993][ T9915] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1387'.
[  210.541243][ T9928] tipc: Started in network mode
[  210.543471][ T9928] tipc: Node identity 00000000000040000000000000000001, cluster identity 4711
[  210.552358][ T9928] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  210.723489][ T9926] loop3: detected capacity change from 0 to 32768
[  210.908093][ T9926] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,str_hash=crc32c,noacl,usrquota,grpquota,nojournal_transaction_names,allocator_stuck_timeout=256
[  210.908110][ T9926]   allowing incompatible features above 0.0: (unknown version)
[  210.908167][ T9926]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  210.929685][ T9926] bcachefs (loop3): Using encoding defined by superblock: utf8-12.1.0
[  210.935007][ T9926] bcachefs (loop3): initializing new filesystem
[  210.952383][ T9926] bcachefs (loop3): going read-write
[  210.973008][ T9926] bcachefs (loop3): marking superblocks
[  211.056111][ T9926] bcachefs (loop3): initializing freespace
[  211.077981][ T9926] bcachefs (loop3): done initializing freespace
[  211.117257][ T9926] bcachefs (loop3): reading snapshots table
[  211.119187][ T9926] bcachefs (loop3): reading snapshots done
[  211.180481][ T9926] bcachefs (loop3): done starting filesystem
[  211.331950][ T9948] netlink: 165 bytes leftover after parsing attributes in process `syz.4.1399'.
[  211.336622][ T9926] syz.3.1393 (9926) used greatest stack depth: 15656 bytes left
[  211.343872][ T9946] overlayfs: failed to clone lowerpath
[  211.359325][ T6121] bcachefs (loop3): shutting down
[  211.361434][ T6121] bcachefs (loop3): going read-only
[  211.363470][ T6121] bcachefs (loop3): finished waiting for writes to stop
[  211.383540][ T6121] bcachefs (loop3): flushing journal and stopping allocators, journal seq 2
[  211.447153][ T6121] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 3
[  211.453457][ T6121] bcachefs (loop3): clean shutdown complete, journal seq 4
[  211.457433][ T6121] bcachefs (loop3): marking filesystem clean
[  211.502470][ T6121] bcachefs (loop3): shutdown complete
[  212.031581][ T9974] RDS: rds_bind could not find a transport for fe80::bb, load rds_tcp or rds_rdma?
[  212.173928][ T9986] can0: slcan on ttyS3.
[  212.305875][ T9985] can0 (unregistered): slcan off ttyS3.
[  212.417049][ T9994] loop4: detected capacity change from 0 to 1024
[  212.466337][ T9994] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  212.475971][ T9994] EXT4-fs warning (device loop4): ext4_empty_dir:3103: inode #11: comm syz.4.1421: directory missing '..'
[  212.517816][ T6903] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  213.761951][T10008] batadv1: entered promiscuous mode
[  213.777849][T10008] 8021q: adding VLAN 0 to HW filter on device batadv1
[  214.456935][T10024] loop4: detected capacity change from 0 to 1024
[  214.506815][T10026] loop3: detected capacity change from 0 to 512
[  214.546611][T10026] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2
[  214.558140][T10026] EXT4-fs error (device loop3): ext4_free_branches:1023: inode #13: comm syz.3.1433: invalid indirect mapped block 2683928664 (level 1)
[  214.582312][T10026] EXT4-fs (loop3): Remounting filesystem read-only
[  214.585950][T10026] EXT4-fs (loop3): 1 truncate cleaned up
[  214.605065][T10026] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  214.651386][T10026] EXT4-fs (loop3): shut down requested (2)
[  214.905058][ T6121] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  215.768704][T10059] loop3: detected capacity change from 0 to 32768
[  215.806968][T10059] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  215.832991][T10059] XFS (loop3): Corruption warning: Metadata has LSN (1:384) ahead of current LSN (1:128). Please unmount and run xfs_repair (>= v4.3) to resolve.
[  215.840723][T10059] XFS (loop3): log mount/recovery failed: error -22
[  215.865260][T10059] XFS (loop3): log mount failed
[  216.107176][T10062] overlay: ./file0 is not a directory
[  216.298220][T10084] loop4: detected capacity change from 0 to 1024
[  216.340280][   T36] hfsplus: b-tree write err: -5, ino 4
[  216.952442][T10114] sctp: [Deprecated]: syz.3.1466 (pid 10114) Use of struct sctp_assoc_value in delayed_ack socket option.
[  216.952442][T10114] Use struct sctp_sack_info instead
[  217.341515][T10123] netlink: 'syz.0.1470': attribute type 10 has an invalid length.
[  217.350516][T10123] 8021q: adding VLAN 0 to HW filter on device bond0
[  217.355693][T10123] team0: Port device bond0 added
[  217.606490][T10134] loop4: detected capacity change from 0 to 512
[  217.617145][T10134] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  217.620038][T10134] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842e018, mo2=0002]
[  217.622970][T10134] System zones: 0-1, 15-15, 18-18, 34-34
[  217.630580][T10134] EXT4-fs (loop4): orphan cleanup on readonly fs
[  217.634048][T10134] EXT4-fs error (device loop4): ext4_orphan_get:1392: inode #16: comm syz.4.1475: casefold flag without casefold feature
[  217.638853][T10134] EXT4-fs error (device loop4): ext4_orphan_get:1397: comm syz.4.1475: couldn't read orphan inode 16 (err -117)
[  217.645682][T10134] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  217.655842][T10134] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  217.658748][T10134] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a842e018, mo2=0002]
[  217.682861][ T6903] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  218.181188][T10142] kernel profiling enabled (shift: 17)
[  218.459758][T10138] loop4: detected capacity change from 0 to 32768
[  218.467916][T10138] bcachefs (/dev/loop4): error validating superblock: Invalid superblock section journal_seq_blacklist: entry 1 out of order with next entry (56 > 0)
[  218.467916][T10138] journal_seq_blacklist (size 640):
[  218.467916][T10138] 0-56 0-0 0-34 0-0 0-0 45-0 45-26 6-11 0-0 0-11 33-11 5-0 0-0 0-4 4-8 0-0 0-0 0-0 0-0 0-0 0-2 0-0 0-0 0-0 0-0 0-0 0-0 1-12 0-2 0-0 0-0 0-0 0-0 0-1 0-0 2-17 182-41 0-0 0-0
[  218.467916][T10138] 
[  218.496869][T10138] bcachefs: bch2_fs_get_tree() error: invalid_sb_journal_seq_blacklist
[  219.073968][   T24] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  219.224835][   T24] usb 5-1: Using ep0 maxpacket: 16
[  219.230223][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  219.234944][   T24] usb 5-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[  219.238521][   T24] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  219.246282][   T24] usb 5-1: config 0 descriptor??
[  219.376403][T10169] loop3: detected capacity change from 0 to 32768
[  219.473349][T10169] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,metadata_target=invalid label 246,noinodes_use_key_cache,journal_flush_delay=3,journal_reclaim_delay=1000,nocow
[  219.473375][T10169]   allowing incompatible features above 0.0: (unknown version)
[  219.473385][T10169]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  219.492782][T10169] bcachefs (loop3): Using encoding defined by superblock: utf8-12.1.0
[  219.496457][T10169] bcachefs (loop3): initializing new filesystem
[  219.506378][T10169] bcachefs (loop3): going read-write
[  219.514466][T10169] bcachefs (loop3): marking superblocks
[  219.562484][T10169] bcachefs (loop3): initializing freespace
[  219.599521][T10169] bcachefs (loop3): done initializing freespace
[  219.611563][T10169] bcachefs (loop3): reading snapshots table
[  219.627013][T10169] bcachefs (loop3): reading snapshots done
[  219.652307][T10169] bcachefs (loop3): done starting filesystem
[  219.667357][   T24] hid-multitouch 0003:1FD2:6007.0004: hidraw0: USB HID v0.00 Device [HID 1fd2:6007] on usb-dummy_hcd.4-1/input0
[  219.884485][   T47] usb 5-1: USB disconnect, device number 12
[  219.888534][ T6121] bcachefs (loop3): shutting down
[  219.890546][ T6121] bcachefs (loop3): going read-only
[  219.916794][ T6121] bcachefs (loop3): finished waiting for writes to stop
[  219.936528][ T6121] bcachefs (loop3): flushing journal and stopping allocators, journal seq 11
[  220.005680][ T6121] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 13
[  220.010839][ T6121] bcachefs (loop3): clean shutdown complete, journal seq 14
[  220.015595][ T6121] bcachefs (loop3): marking filesystem clean
[  220.046479][ T6121] bcachefs (loop3): shutdown complete
[  220.717642][T10210] loop4: detected capacity change from 0 to 32768
[  220.726017][T10210] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1506 (10210)
[  220.765466][T10210] BTRFS info (device loop4): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  220.769733][T10210] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm
[  220.776817][T10210] BTRFS info (device loop4): using free-space-tree
[  220.829113][T10236] netlink: 'syz.0.1512': attribute type 21 has an invalid length.
[  220.898666][ T6903] BTRFS info (device loop4): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  221.454492][T10244] loop4: detected capacity change from 0 to 32768
[  221.457847][T10244] XFS: noikeep mount option is deprecated.
[  221.482038][T10244] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  221.525959][T10244] XFS (loop4): Ending clean mount
[  221.532475][T10244] XFS (loop4): Quotacheck needed: Please wait.
[  221.567371][T10244] XFS (loop4): Quotacheck: Done.
[  221.622373][ T6903] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  221.877547][ T5237] Bluetooth: hci1: command 0x0406 tx timeout
[  221.949137][T10256] loop3: detected capacity change from 0 to 32768
[  222.127289][T10256] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  222.127311][T10256]   allowing incompatible features above 0.0: (unknown version)
[  222.127320][T10256]   features: 
[  222.151286][T10256] bcachefs (loop3): Using encoding defined by superblock: utf8-12.1.0
[  222.191727][T10256] bcachefs (loop3): initializing new filesystem
[  222.201226][T10256] bcachefs (loop3): going read-write
[  222.341480][T10256] bcachefs (loop3): marking superblocks
[  222.362430][T10256] bcachefs (loop3): initializing freespace
[  222.374137][T10256] bcachefs (loop3): done initializing freespace
[  222.388452][T10256] bcachefs (loop3): reading snapshots table
[  222.392787][T10256] bcachefs (loop3): reading snapshots done
[  222.447263][T10256] bcachefs (loop3): done starting filesystem
[  222.527247][T10290] netlink: 'syz.4.1526': attribute type 1 has an invalid length.
[  222.530253][T10290] netlink: 1 bytes leftover after parsing attributes in process `syz.4.1526'.
[  222.648530][T10277] fuse: Bad value for 'fd'
[  222.757744][ T6121] bcachefs (loop3): shutting down
[  222.759748][ T6121] bcachefs (loop3): going read-only
[  222.761775][ T6121] bcachefs (loop3): finished waiting for writes to stop
[  222.773084][ T6121] bcachefs (loop3): flushing journal and stopping allocators, journal seq 4
[  222.834922][ T6121] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 5
[  222.846391][ T6121] bcachefs (loop3): clean shutdown complete, journal seq 6
[  222.849098][ T6121] bcachefs (loop3): marking filesystem clean
[  222.869422][ T6121] bcachefs (loop3): shutdown complete
[  223.213307][T10300] loop4: detected capacity change from 0 to 40427
[  223.232660][T10300] F2FS-fs (loop4): invalid crc value
[  223.292057][T10300] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  223.299243][T10300] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  224.077239][T10328] netlink: 'syz.0.1543': attribute type 3 has an invalid length.
[  224.383132][T10329] loop4: detected capacity change from 0 to 40427
[  224.422802][T10329] F2FS-fs (loop4): invalid crc value
[  224.698217][T10329] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  224.709771][T10329] F2FS-fs (loop4): Start checkpoint disabled!
[  224.739247][T10329] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  224.821107][T10329] F2FS-fs (loop4): Stopped filesystem due to reason: 0
[  226.398201][T10394] loop4: detected capacity change from 0 to 32768
[  226.402648][T10394] XFS: noikeep mount option is deprecated.
[  226.415146][T10394] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  226.447238][T10394] XFS (loop4): Ending clean mount
[  226.451785][T10394] XFS (loop4): Quotacheck needed: Please wait.
[  226.482055][T10394] XFS (loop4): Quotacheck: Done.
[  226.546454][ T6903] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  226.689110][   T33] audit: type=1800 audit(1755689377.778:62): pid=10379 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1562" name="/" dev="fuse" ino=0 res=0 errno=0
[  226.876895][T10412] netlink: 'syz.4.1573': attribute type 29 has an invalid length.
[  226.881145][T10412] netlink: 'syz.4.1573': attribute type 29 has an invalid length.
[  226.934715][T10414] netlink: 16402 bytes leftover after parsing attributes in process `syz.4.1575'.
[  226.996984][   T54] Bluetooth: hci2: command 0x0406 tx timeout
[  227.109748][T10424] loop3: detected capacity change from 0 to 2048
[  227.115500][T10424] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  227.146501][T10424] overlayfs: upper fs needs to support d_type.
[  227.150944][T10424] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  227.153053][T10424] overlayfs: failed to set xattr on upper
[  227.164886][T10424] overlayfs: ...falling back to redirect_dir=nofollow.
[  227.167356][T10424] overlayfs: ...falling back to index=off.
[  227.204743][ T6121] UDF-fs: error (device loop3): udf_read_inode: (ino 1317) failed !bh
[  227.214479][ T6121] UDF-fs: error (device loop3): udf_read_inode: (ino 1317) failed !bh
[  227.569284][ T5877] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  227.667375][ T5877] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  227.756010][ T5877] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  227.880138][ T5877] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  228.567512][   T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  228.573362][ T5877] bridge_slave_1: left allmulticast mode
[  228.577050][   T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  228.579971][ T5877] bridge_slave_1: left promiscuous mode
[  228.583224][   T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  228.588452][ T5877] bridge0: port 2(bridge_slave_1) entered disabled state
[  228.597843][   T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  228.602264][   T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  228.611938][ T5877] bridge_slave_0: left allmulticast mode
[  228.625749][ T5877] bridge_slave_0: left promiscuous mode
[  228.632720][ T5877] bridge0: port 1(bridge_slave_0) entered disabled state
[  228.646593][T10437] loop4: detected capacity change from 0 to 40427
[  228.650558][T10437] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  228.653988][T10437] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  228.663445][T10437] F2FS-fs (loop4): invalid crc value
[  228.720921][T10437] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  228.732169][T10437] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  228.735235][T10437] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  228.864204][T10437] F2FS-fs (loop4): Stopped filesystem due to reason: 0
[  229.016856][ T5877] batman_adv: batadv0: Interface deactivated: macvlan3
[  229.031764][ T5877] batman_adv: batadv0: Removing interface: macvlan3
[  229.398563][ T5877] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  229.402520][ T5877] bond0 (unregistering): Released all slaves
[  229.503682][   T47] usb 5-1: new full-speed USB device number 13 using dummy_hcd
[  229.521846][T10462] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1594'.
[  229.628248][T10469] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1595'.
[  229.657797][   T47] usb 5-1: config 54 has an invalid interface number: 154 but max is 0
[  229.660870][   T47] usb 5-1: config 54 has no interface number 0
[  229.669675][   T47] usb 5-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice= 0.ec
[  229.672495][   T47] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  229.682109][   T47] usb 5-1: Product: syz
[  229.687679][   T47] usb 5-1: Manufacturer: syz
[  229.698806][   T47] usb 5-1: SerialNumber: syz
[  229.921515][ T5877] hsr_slave_0: left promiscuous mode
[  229.927079][ T5877] hsr_slave_1: left promiscuous mode
[  229.930246][ T5877] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  229.933391][ T5877] batman_adv: batadv0: Removing interface: batadv_slave_0
[  229.941870][ T5877] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  229.945144][ T5877] batman_adv: batadv0: Removing interface: batadv_slave_1
[  229.977128][   T47] usb 5-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  229.982004][ T5877] veth1_macvtap: left promiscuous mode
[  229.988185][   T12] usb 5-1: Failed to submit usb control message: -71
[  229.991000][   T12] usb 5-1: unable to send the bmi data to the device: -71
[  229.994845][ T5877] veth0_macvtap: left promiscuous mode
[  229.997139][ T5877] veth1_vlan: left promiscuous mode
[  229.999216][ T5877] veth0_vlan: left promiscuous mode
[  230.000957][   T47] usb 5-1: USB disconnect, device number 13
[  230.001790][   T12] usb 5-1: unable to get target info from device
[  230.011405][   T12] usb 5-1: could not get target info (-71)
[  230.021609][   T12] usb 5-1: could not probe fw (-71)
[  230.692035][ T5237] Bluetooth: hci1: command tx timeout
[  230.718570][ T5877] team0 (unregistering): Port device team_slave_1 removed
[  230.784860][ T5877] team0 (unregistering): Port device team_slave_0 removed
[  232.265798][T10445] chnl_net:caif_netlink_parms(): no params data found
[  232.657766][T10445] bridge0: port 1(bridge_slave_0) entered blocking state
[  232.662882][T10445] bridge0: port 1(bridge_slave_0) entered disabled state
[  232.680348][T10445] bridge_slave_0: entered allmulticast mode
[  232.688709][T10445] bridge_slave_0: entered promiscuous mode
[  232.704762][T10531] loop4: detected capacity change from 0 to 512
[  232.713464][T10445] bridge0: port 2(bridge_slave_1) entered blocking state
[  232.750643][T10445] bridge0: port 2(bridge_slave_1) entered disabled state
[  232.758650][T10445] bridge_slave_1: entered allmulticast mode
[  232.765521][ T5237] Bluetooth: hci1: command tx timeout
[  232.782995][T10445] bridge_slave_1: entered promiscuous mode
[  232.825508][ T5877] IPVS: stop unused estimator thread 0...
[  232.910172][T10445] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  232.927923][T10445] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  233.009644][T10445] team0: Port device team_slave_0 added
[  233.013963][ T2357] usb 5-1: new full-speed USB device number 14 using dummy_hcd
[  233.052747][T10546] trusted_key: syz.0.1618 sent an empty control message without MSG_MORE.
[  233.113028][T10445] team0: Port device team_slave_1 added
[  233.190758][T10445] batman_adv: batadv0: Adding interface: batadv_slave_0
[  233.195864][T10445] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  233.207245][ T2357] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  233.211513][ T2357] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64
[  233.225290][ T2357] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 1024, setting to 64
[  233.229568][T10445] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  233.236084][ T2357] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 28865, setting to 64
[  233.258697][ T2357] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  233.262320][ T2357] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  233.269332][ T2357] usb 5-1: Product: syz
[  233.275992][ T2357] usb 5-1: Manufacturer: syz
[  233.284019][ T2357] usb 5-1: SerialNumber: syz
[  233.288795][T10445] batman_adv: batadv0: Adding interface: batadv_slave_1
[  233.291756][T10445] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  233.303760][T10445] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  233.316407][T10531] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  233.320723][ T2357] cdc_mbim 5-1:1.0: skipping garbage
[  233.450307][T10445] hsr_slave_0: entered promiscuous mode
[  233.457381][T10445] hsr_slave_1: entered promiscuous mode
[  233.527205][T10531] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  233.529960][T10531] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  233.540719][T10560] netlink: 'syz.0.1622': attribute type 21 has an invalid length.
[  233.554567][T10560] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1622'.
[  233.572563][T10560] netlink: 'syz.0.1622': attribute type 21 has an invalid length.
[  233.575997][T10560] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1622'.
[  233.583781][ T5877] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  233.587336][ T5877] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  233.616838][ T5877] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  233.668733][ T5877] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  233.683042][T10566] futex_wake_op: syz.0.1623 tries to shift op by -1; fix this program
[  233.837986][T10445] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  233.856222][T10445] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  233.870249][T10445] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  233.895100][T10445] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  234.037232][T10445] 8021q: adding VLAN 0 to HW filter on device bond0
[  234.059005][T10445] 8021q: adding VLAN 0 to HW filter on device team0
[  234.081309][ T8270] bridge0: port 1(bridge_slave_0) entered blocking state
[  234.083814][ T8270] bridge0: port 1(bridge_slave_0) entered forwarding state
[  234.099680][ T8270] bridge0: port 2(bridge_slave_1) entered blocking state
[  234.102231][ T8270] bridge0: port 2(bridge_slave_1) entered forwarding state
[  234.146187][T10531] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  234.151226][T10531] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  234.365251][ T2357] cdc_mbim 5-1:1.0: bind() failure
[  234.377042][ T2357] cdc_ncm 5-1:1.1: probe with driver cdc_ncm failed with error -71
[  234.387727][ T2357] cdc_mbim 5-1:1.1: probe with driver cdc_mbim failed with error -71
[  234.391749][ T2357] usbtest 5-1:1.1: probe with driver usbtest failed with error -71
[  234.402202][ T2357] usb 5-1: USB disconnect, device number 14
[  234.417151][T10445] 8021q: adding VLAN 0 to HW filter on device batadv0
[  234.572420][T10615] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1632'.
[  234.586308][T10615] netlink: 'syz.0.1632': attribute type 15 has an invalid length.
[  234.589152][T10615] netlink: 'syz.0.1632': attribute type 18 has an invalid length.
[  234.646771][T10445] veth0_vlan: entered promiscuous mode
[  234.655668][T10445] veth1_vlan: entered promiscuous mode
[  234.689124][T10445] veth0_macvtap: entered promiscuous mode
[  234.695090][T10445] veth1_macvtap: entered promiscuous mode
[  234.707110][T10445] batman_adv: batadv0: Interface activated: batadv_slave_0
[  234.719568][T10445] batman_adv: batadv0: Interface activated: batadv_slave_1
[  234.730485][ T5858] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  234.736099][ T5858] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  234.742488][ T5858] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  234.747500][ T5858] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  234.822330][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  234.830945][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  234.844929][ T5237] Bluetooth: hci1: command tx timeout
[  234.856068][ T1091] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  234.858742][ T1091] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  235.000357][T10626] loop5: detected capacity change from 0 to 8192
[  235.194700][ T2357] usb 5-1: new low-speed USB device number 15 using dummy_hcd
[  235.356986][ T2357] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  235.366315][ T2357] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8D has invalid maxpacket 32200, setting to 8
[  235.377703][ T2357] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x5 is Bulk; changing to Interrupt
[  235.390092][ T2357] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  235.404742][ T2357] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  235.413698][ T2357] usb 5-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8d.58
[  235.425799][ T2357] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  235.431767][ T2357] usb 5-1: config 0 descriptor??
[  235.439250][T10628] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  235.688101][  T794] usb 5-1: USB disconnect, device number 15
[  236.505310][ T5915] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  236.655931][ T5915] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 183, changing to 11
[  236.660168][ T5915] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 50680, setting to 1024
[  236.666029][ T5915] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  236.673017][ T5915] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40
[  236.677138][ T5915] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  236.680168][ T5915] usb 5-1: SerialNumber: syz
[  236.690914][T10682] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  236.904980][ T5915] usbtest 5-1:1.0: couldn't get endpoints, -22
[  236.908869][ T5915] usbtest 5-1:1.0: probe with driver usbtest failed with error -22
[  236.913834][ T5237] Bluetooth: hci1: command tx timeout
[  236.918473][ T5915] usb 5-1: USB disconnect, device number 16
[  238.077088][T10719] IPVS: nq: UDP 224.0.0.2:0 - no destination available
[  238.618690][T10728] 9pnet_fd: Insufficient options for proto=fd
[  238.745250][T10724] loop5: detected capacity change from 0 to 32768
[  238.753540][T10724] btrfs: Bad value for 'max_inline'
[  239.100572][T10740] loop4: detected capacity change from 0 to 1024
[  239.202784][T10742] RDS: rds_bind could not find a transport for fe80::bb, load rds_tcp or rds_rdma?
[  239.214759][   T33] audit: type=1800 audit(1755689390.294:63): pid=10742 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1673" name="file1" dev="loop4" ino=20 res=0 errno=0
[  239.469338][   T33] audit: type=1800 audit(1755689390.554:64): pid=10745 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1675" name="bus" dev="overlay" ino=119 res=0 errno=0
[  241.044483][T10766] netlink: 96 bytes leftover after parsing attributes in process `syz.5.1685'.
[  241.671482][T10781] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  241.671482][T10781] The task syz.0.1686 (10781) triggered the difference, watch for misbehavior.
[  242.175236][    T9] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  242.327890][    T9] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  242.332052][    T9] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  242.346738][    T9] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  242.350453][    T9] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  242.413088][    T9] usb 5-1: SerialNumber: syz
[  242.655770][    T9] usb 5-1: 0:2 : does not exist
[  242.669629][    T9] usb 5-1: USB disconnect, device number 17
[  242.692838][ T8457] udevd[8457]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  243.391012][T10809] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1698'.
[  243.932509][T10814] loop4: detected capacity change from 0 to 512
[  243.935786][T10814] EXT4-fs (loop4): Invalid default hash set in the superblock
[  245.082968][T10836] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd
[  245.623875][ T5911] usb 6-1: new full-speed USB device number 2 using dummy_hcd
[  245.779150][ T5911] usb 6-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[  245.783145][ T5911] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  245.788481][ T5911] usb 6-1: Product: syz
[  245.791417][ T5911] usb 6-1: Manufacturer: syz
[  245.793451][ T5911] usb 6-1: SerialNumber: syz
[  245.814401][ T5911] usb 6-1: config 0 descriptor??
[  245.825189][ T5911] gspca_main: sq930x-2.14.0 probing 2770:930c
[  246.386348][ T5237] Bluetooth: hci2: unexpected Set CIG Parameters response data
[  246.397495][ T5237] Bluetooth: hci2: unexpected event for opcode 0x2062
[  246.538776][T10861] netlink: 208 bytes leftover after parsing attributes in process `syz.0.1716'.
[  246.827480][ T5911] gspca_sq930x: ucbus_write failed -71
[  247.053724][ T5911] gspca_sq930x: Sensor ov9630 not yet treated
[  247.056286][ T5911] sq930x 6-1:0.0: probe with driver sq930x failed with error -22
[  247.078468][ T5911] usb 6-1: USB disconnect, device number 2
[  247.397408][T10896] sit0: entered promiscuous mode
[  247.408076][T10896] netlink: 21 bytes leftover after parsing attributes in process `syz.5.1724'.
[  247.591693][T10904] loop5: detected capacity change from 0 to 512
[  247.655666][T10904] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  247.670975][T10904] ext4 filesystem being mounted at /38/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  247.729563][T10904] netlink: 324 bytes leftover after parsing attributes in process `syz.5.1726'.
[  248.812925][T10445] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  248.991076][T10915] loop4: detected capacity change from 0 to 32768
[  249.109180][T10915] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names
[  249.109201][T10915]   allowing incompatible features above 0.0: (unknown version)
[  249.109211][T10915]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  249.132147][T10915] bcachefs (loop4): Using encoding defined by superblock: utf8-12.1.0
[  249.136929][T10915] bcachefs (loop4): initializing new filesystem
[  249.148486][T10963] netlink: 2028 bytes leftover after parsing attributes in process `syz.0.1738'.
[  249.152064][T10963] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1738'.
[  249.178213][T10915] bcachefs (loop4): going read-write
[  249.183243][T10915] bcachefs (loop4): marking superblocks
[  249.240348][T10915] bcachefs (loop4): initializing freespace
[  249.252820][T10915] bcachefs (loop4): done initializing freespace
[  249.258493][T10915] bcachefs (loop4): reading snapshots table
[  249.260429][T10915] bcachefs (loop4): reading snapshots done
[  249.292543][T10915] bcachefs (loop4): done starting filesystem
[  249.621505][ T6903] bcachefs (loop4): shutting down
[  249.623478][ T6903] bcachefs (loop4): going read-only
[  249.623889][ T2357] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  249.626346][ T6903] bcachefs (loop4): finished waiting for writes to stop
[  249.634384][ T6903] bcachefs (loop4): flushing journal and stopping allocators, journal seq 3
[  249.675185][ T6903] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 4
[  249.679914][ T6903] bcachefs (loop4): clean shutdown complete, journal seq 5
[  249.683397][ T6903] bcachefs (loop4): marking filesystem clean
[  249.716412][ T6903] bcachefs (loop4): shutdown complete
[  249.773912][ T2357] usb 6-1: Using ep0 maxpacket: 32
[  249.780988][ T2357] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  249.787128][ T2357] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  249.791218][ T2357] usb 6-1: New USB device found, idVendor=258a, idProduct=0033, bcdDevice= 0.00
[  249.797216][ T2357] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  249.803506][ T2357] usb 6-1: config 0 descriptor??
[  250.229758][ T2357] glorious 0003:258A:0033.0005: unknown main item tag 0x1
[  250.232076][ T2357] glorious 0003:258A:0033.0005: item fetching failed at offset 2/3
[  250.240675][ T2357] glorious 0003:258A:0033.0005: probe with driver glorious failed with error -22
[  250.475936][ T5237] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  250.482777][ T5237] Bluetooth: hci2: Injecting HCI hardware error event
[  250.487273][ T5237] Bluetooth: hci2: hardware error 0x00
[  250.516288][ T5911] usb 6-1: USB disconnect, device number 3
[  251.260396][T10998] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1754'.
[  251.282899][T10998] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1754'.
[  251.471413][T11009] loop4: detected capacity change from 0 to 2048
[  251.505395][T11012] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  252.178632][T11046] tmpfs: Bad value for 'mpol'
[  252.513666][ T5237] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  252.755974][T11079] loop5: detected capacity change from 0 to 2048
[  252.760490][T11079] UDF-fs: error (device loop5): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  252.764148][T11079] UDF-fs: error (device loop5): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4
[  252.768338][T11079] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  252.891056][T11086] usb usb1: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  253.130389][T11089] loop4: detected capacity change from 0 to 2048
[  253.152846][T11089] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  253.164251][T11094] Dead loop on virtual device ip6_vti0, fix it urgently!
[  253.379934][ T6903] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  253.474125][ T5911] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  253.500123][T11101] loop4: detected capacity change from 0 to 1024
[  253.654999][ T5911] usb 6-1: Using ep0 maxpacket: 32
[  253.670870][ T5911] usb 6-1: config 0 has an invalid interface number: 74 but max is 1
[  253.684000][ T5911] usb 6-1: config 0 has no interface number 1
[  253.702808][ T5911] usb 6-1: New USB device found, idVendor=07fd, idProduct=0004, bcdDevice=8e.fa
[  253.710198][ T5911] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  253.712657][ T5911] usb 6-1: Product: syz
[  253.717465][ T5911] usb 6-1: Manufacturer: syz
[  253.719934][ T5911] usb 6-1: SerialNumber: syz
[  253.730662][ T5911] usb 6-1: config 0 descriptor??
[  253.767575][T11109] loop4: detected capacity change from 0 to 512
[  253.770288][ T5911] snd-usb-audio 6-1:0.74: probe with driver snd-usb-audio failed with error -22
[  253.784322][T11109] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  253.822782][ T8457] udevd[8457]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.74/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  253.830458][T11109] EXT4-fs (loop4): 1 truncate cleaned up
[  253.837137][T11109] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  253.938619][ T5911] usb 6-1: USB disconnect, device number 4
[  254.000612][ T6903] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  254.161545][T11120] veth0: entered promiscuous mode
[  254.164538][T11120] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1806'.
[  254.814827][T11140] loop5: detected capacity change from 0 to 8
[  254.864319][T11140] unable to read id index table
[  255.120339][T11142] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1815'.
[  255.123256][T11142] netlink: 'syz.0.1815': attribute type 7 has an invalid length.
[  255.126062][T11142] netlink: 'syz.0.1815': attribute type 8 has an invalid length.
[  255.128653][T11142] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1815'.
[  255.524081][T11162] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  255.637973][ T1364] ieee802154 phy0 wpan0: encryption failed: -22
[  255.640501][ T1364] ieee802154 phy1 wpan1: encryption failed: -22
[  255.648718][ T5237] Bluetooth: hci1: unexpected subevent 0x03 length: 244 > 9
[  259.258625][T11225] loop4: detected capacity change from 0 to 32768
[  259.314750][T11225] JBD2: Ignoring recovery information on journal
[  259.544418][T11225] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  259.627346][T11225] 
[  259.628214][T11225] ======================================================
[  259.630479][T11225] WARNING: possible circular locking dependency detected
[  259.632755][T11225] syzkaller #0 Not tainted
[  259.634227][T11225] ------------------------------------------------------
[  259.636872][T11225] syz.4.1852/11225 is trying to acquire lock:
[  259.639088][T11225] ffff8880126ca6c0 (&ocfs2_sysfile_lock_key[TRUNCATE_LOG_SYSTEM_INODE]){+.+.}-{4:4}, at: ocfs2_xattr_set+0xadd/0x11f0
[  259.642875][T11225] 
[  259.642875][T11225] but task is already holding lock:
[  259.645158][T11225] ffff8880126ccf78 (&oi->ip_xattr_sem){++++}-{4:4}, at: ocfs2_xattr_set+0x40f/0x11f0
[  259.648085][T11225] 
[  259.648085][T11225] which lock already depends on the new lock.
[  259.648085][T11225] 
[  259.651244][T11225] 
[  259.651244][T11225] the existing dependency chain (in reverse order) is:
[  259.653993][T11225] 
[  259.653993][T11225] -> #2 (&oi->ip_xattr_sem){++++}-{4:4}:
[  259.656387][T11225]        lock_acquire+0x120/0x360
[  259.657964][T11225]        down_read+0x46/0x2e0
[  259.659437][T11225]        ocfs2_init_acl+0x2f9/0x720
[  259.661051][T11225]        ocfs2_mknod+0x1321/0x2050
[  259.662632][T11225]        ocfs2_create+0x1a5/0x440
[  259.664202][T11225]        path_openat+0x14f4/0x3830
[  259.665791][T11225]        do_filp_open+0x1fa/0x410
[  259.667368][T11225]        do_sys_openat2+0x121/0x1c0
[  259.668991][T11225]        __x64_sys_openat+0x138/0x170
[  259.670657][T11225]        do_syscall_64+0xfa/0x3b0
[  259.672221][T11225]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.674286][T11225] 
[  259.674286][T11225] -> #1 (jbd2_handle){++++}-{0:0}:
[  259.676534][T11225]        lock_acquire+0x120/0x360
[  259.678051][T11225]        jbd2_journal_lock_updates+0xaa/0x360
[  259.679920][T11225]        __ocfs2_flush_truncate_log+0x2ba/0x10e0
[  259.681888][T11225]        ocfs2_truncate_log_shutdown+0x141/0x2f0
[  259.683859][T11225]        ocfs2_dismount_volume+0x209/0x8d0
[  259.685674][T11225]        generic_shutdown_super+0x135/0x2c0
[  259.687536][T11225]        kill_block_super+0x44/0x90
[  259.689172][T11225]        deactivate_locked_super+0xbc/0x130
[  259.691022][T11225]        cleanup_mnt+0x425/0x4c0
[  259.692594][T11225]        task_work_run+0x1d4/0x260
[  259.694251][T11225]        exit_to_user_mode_loop+0xec/0x110
[  259.696076][T11225]        do_syscall_64+0x2bd/0x3b0
[  259.697657][T11225]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.699591][T11225] 
[  259.699591][T11225] -> #0 (&ocfs2_sysfile_lock_key[TRUNCATE_LOG_SYSTEM_INODE]){+.+.}-{4:4}:
[  259.702763][T11225]        validate_chain+0xb9b/0x2140
[  259.704403][T11225]        __lock_acquire+0xab9/0xd20
[  259.706050][T11225]        lock_acquire+0x120/0x360
[  259.707612][T11225]        down_write+0x96/0x1f0
[  259.709070][T11225]        ocfs2_xattr_set+0xadd/0x11f0
[  259.710742][T11225]        __vfs_setxattr+0x43c/0x480
[  259.712285][T11225]        __vfs_setxattr_noperm+0x12d/0x660
[  259.714010][T11225]        vfs_setxattr+0x16b/0x2f0
[  259.715514][T11225]        filename_setxattr+0x274/0x600
[  259.717145][T11225]        path_setxattrat+0x364/0x3a0
[  259.718839][T11225]        __x64_sys_setxattr+0xbc/0xe0
[  259.720518][T11225]        do_syscall_64+0xfa/0x3b0
[  259.722115][T11225]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.724111][T11225] 
[  259.724111][T11225] other info that might help us debug this:
[  259.724111][T11225] 
[  259.727311][T11225] Chain exists of:
[  259.727311][T11225]   &ocfs2_sysfile_lock_key[TRUNCATE_LOG_SYSTEM_INODE] --> jbd2_handle --> &oi->ip_xattr_sem
[  259.727311][T11225] 
[  259.732578][T11225]  Possible unsafe locking scenario:
[  259.732578][T11225] 
[  259.735387][T11225]        CPU0                    CPU1
[  259.737069][T11225]        ----                    ----
[  259.738725][T11225]   lock(&oi->ip_xattr_sem);
[  259.740243][T11225]                                lock(jbd2_handle);
[  259.742270][T11225]                                lock(&oi->ip_xattr_sem);
[  259.744733][T11225]   lock(&ocfs2_sysfile_lock_key[TRUNCATE_LOG_SYSTEM_INODE]);
[  259.747361][T11225] 
[  259.747361][T11225]  *** DEADLOCK ***
[  259.747361][T11225] 
[  259.750138][T11225] 3 locks held by syz.4.1852/11225:
[  259.752041][T11225]  #0: ffff888030f5c428 (sb_writers#29){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90
[  259.755359][T11225]  #1: ffff8880126cd240 (&sb->s_type->i_mutex_key#35){+.+.}-{4:4}, at: vfs_setxattr+0x144/0x2f0
[  259.758631][T11225]  #2: ffff8880126ccf78 (&oi->ip_xattr_sem){++++}-{4:4}, at: ocfs2_xattr_set+0x40f/0x11f0
[  259.762058][T11225] 
[  259.762058][T11225] stack backtrace:
[  259.764023][T11225] CPU: 1 UID: 0 PID: 11225 Comm: syz.4.1852 Not tainted syzkaller #0 PREEMPT(full) 
[  259.764042][T11225] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  259.764054][T11225] Call Trace:
[  259.764063][T11225]  <TASK>
[  259.764075][T11225]  dump_stack_lvl+0x189/0x250
[  259.764099][T11225]  ? __pfx_dump_stack_lvl+0x10/0x10
[  259.764116][T11225]  ? __pfx__printk+0x10/0x10
[  259.764137][T11225]  ? print_lock_name+0xde/0x100
[  259.764158][T11225]  print_circular_bug+0x2ee/0x310
[  259.764177][T11225]  check_noncircular+0x134/0x160
[  259.764194][T11225]  validate_chain+0xb9b/0x2140
[  259.764213][T11225]  ? look_up_lock_class+0x74/0x170
[  259.764234][T11225]  ? register_lock_class+0x51/0x320
[  259.764259][T11225]  __lock_acquire+0xab9/0xd20
[  259.764281][T11225]  ? ocfs2_xattr_set+0xadd/0x11f0
[  259.764299][T11225]  lock_acquire+0x120/0x360
[  259.764320][T11225]  ? ocfs2_xattr_set+0xadd/0x11f0
[  259.764340][T11225]  ? ocfs2_xattr_block_find+0x153/0x4c0
[  259.764359][T11225]  down_write+0x96/0x1f0
[  259.764382][T11225]  ? ocfs2_xattr_set+0xadd/0x11f0
[  259.764400][T11225]  ? __pfx_down_write+0x10/0x10
[  259.764420][T11225]  ? ocfs2_xattr_ibody_find+0xcb/0x7c0
[  259.764438][T11225]  ? ocfs2_xattr_set+0x334/0x11f0
[  259.764456][T11225]  ocfs2_xattr_set+0xadd/0x11f0
[  259.764482][T11225]  ? __pfx_ocfs2_xattr_set+0x10/0x10
[  259.764500][T11225]  ? dput+0x37/0x2b0
[  259.764523][T11225]  ? dput+0x37/0x2b0
[  259.764544][T11225]  ? step_into+0x435/0xf30
[  259.764559][T11225]  ? step_into+0x435/0xf30
[  259.764578][T11225]  ? evm_protected_xattr_common+0x170/0x190
[  259.764597][T11225]  ? evm_protect_xattr+0x71d/0xa90
[  259.764614][T11225]  ? __pfx_ima_get_hash_algo+0x10/0x10
[  259.764629][T11225]  ? __pfx_evm_protect_xattr+0x10/0x10
[  259.764644][T11225]  ? __pfx_ocfs2_xattr_security_set+0x10/0x10
[  259.764663][T11225]  __vfs_setxattr+0x43c/0x480
[  259.764720][T11225]  __vfs_setxattr_noperm+0x12d/0x660
[  259.764744][T11225]  vfs_setxattr+0x16b/0x2f0
[  259.764767][T11225]  ? __pfx_vfs_setxattr+0x10/0x10
[  259.764787][T11225]  ? mnt_get_write_access+0x223/0x2a0
[  259.764806][T11225]  filename_setxattr+0x274/0x600
[  259.764831][T11225]  ? __pfx_filename_setxattr+0x10/0x10
[  259.764853][T11225]  ? getname_flags+0x1e5/0x540
[  259.764868][T11225]  path_setxattrat+0x364/0x3a0
[  259.764888][T11225]  ? __pfx_path_setxattrat+0x10/0x10
[  259.764903][T11225]  ? do_futex+0x333/0x420
[  259.764933][T11225]  ? rcu_is_watching+0x15/0xb0
[  259.764956][T11225]  __x64_sys_setxattr+0xbc/0xe0
[  259.764971][T11225]  do_syscall_64+0xfa/0x3b0
[  259.764993][T11225]  ? lockdep_hardirqs_on+0x9c/0x150
[  259.765012][T11225]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.765028][T11225]  ? exc_page_fault+0x9f/0xf0
[  259.765046][T11225]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  259.765061][T11225] RIP: 0033:0x7f8eee78ebe9
[  259.765078][T11225] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  259.765092][T11225] RSP: 002b:00007f8eef52c038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[  259.765109][T11225] RAX: ffffffffffffffda RBX: 00007f8eee9b5fa0 RCX: 00007f8eee78ebe9
[  259.765120][T11225] RDX: 00002000000013c0 RSI: 0000200000000140 RDI: 0000200000000100
[  259.765130][T11225] RBP: 00007f8eee811e19 R08: 0000000000000000 R09: 0000000000000000
[  259.765140][T11225] R10: 0000000000000700 R11: 0000000000000246 R12: 0000000000000000
[  259.765149][T11225] R13: 00007f8eee9b6038 R14: 00007f8eee9b5fa0 R15: 00007ffe6e770b78
[  259.765166][T11225]  </TASK>
[  259.765289][    C1] vkms_vblank_simulate: vblank timer overrun
[  259.877018][    C1] vkms_vblank_simulate: vblank timer overrun
[  259.949212][ T6903] ocfs2: Unmounting device (7,4) on (node local)
[  260.153699][    T9] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  260.283707][    T9] usb 6-1: device descriptor read/64, error -71
[  260.553792][    T9] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  260.683787][    T9] usb 6-1: device descriptor read/64, error -71
[  260.794499][    T9] usb usb6-port1: attempt power cycle
[  261.133709][    T9] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  261.154266][    T9] usb 6-1: device descriptor read/8, error -71
[  261.394120][    T9] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  261.414462][    T9] usb 6-1: device descriptor read/8, error -71
[  261.525168][    T9] usb usb6-port1: unable to enumerate USB device

VM DIAGNOSIS:
11:30:10  Registers:
info registers vcpu 0

CPU#0
RAX=08b95f72c7176500 RBX=ffffffff819683a8 RCX=08b95f72c7176500 RDX=0000000000000001
RSI=ffffffff8be332e0 RDI=ffffffff819683a8 RBP=ffffffff8de07eb8 RSP=ffffffff8de07d80
R8 =ffff88804b032f9b R9 =1ffff110096065f3 R10=dffffc0000000000 R11=ffffed10096065f4
R12=ffffffff8fa37e30 R13=0000000000000000 R14=0000000000000000 R15=1ffffffff1bd2a20
RIP=ffffffff8b7943f3 RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880b861c000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000001b31305ff8 CR3=00000001239e6000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=ffffffff8167991b ffffffff8167991b
XMM02=ffffffff818c58a9 ffffffff8167991b XMM03=ffffffff818c578e ffffffff818c5732
XMM04=ffffffff895776ad ffffffff8957731c XMM05=ffffffff895772b8 ffffffff823c7c14
XMM06=ffffffff823c7aad ffffffff823c714c XMM07=ffffffff823c70c4 ffffffff823c6e02
XMM08=0000000000000000 0000000000000000 XMM09=0000000000000000 00007f2d10612fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000020 RBX=0000000000000020 RCX=0000000000000000 RDX=00000000000003f8
RSI=00000000000015da RDI=00000000000015db RBP=00000000000003f8 RSP=ffffc90002e7ec10
R8 =ffff8880203b8237 R9 =1ffff11004077046 R10=dffffc0000000000 R11=ffffffff854eff70
R12=dffffc0000000000 R13=ffffffff99af98c3 R14=ffffffff99dee3a0 R15=0000000000000000
RIP=ffffffff854effec RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f8eef52c6c0 ffffffff 00c00000
GS =0000 ffff8881a3c1c000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00002000000013c0 CR3=0000000026bae000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=ffffffffffffffff ffffff0000000000 XMM01=0101010101010101 0101010000000000
XMM02=695f746e756f6d5f 7a79730032736667 XMM03=0000000000000000 ff00000000000000
XMM04=37b1e5855b06984c 002c6c63616f6e2c XMM05=0d3bdcbda93d0845 20402cc611223bd6
XMM06=8532f384721928d4 8852ba24cd4ed488 XMM07=3cf2d72011e9071e 6f64c7f29a34838b
XMM08=0000000000000000 000036fa28eb7f30 XMM09=0000000000000000 00007f8eee812fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
