last executing test programs:

2m1.867157419s ago: executing program 1 (id=249):
syz_usb_connect$printer(0x3, 0x2d, &(0x7f0000000040)=ANY=[@ANYBLOB="1201012207000110b804020240000102030109021b00010106c0010904"], &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0})

2m0.41564703s ago: executing program 1 (id=275):
syz_mount_image$msdos(&(0x7f00000008c0), &(0x7f0000001200)='./file0\x00', 0x4000, &(0x7f00000000c0)=ANY=[@ANYBLOB="646973636172642c646f74732c646f74732c6e6f646f74732c636865636b3d7374726963742c646f74732c0080fcdc5c3dd34a5bee25f099008bade73ed878442a18112f260a6de8f9de23ca03128aff6e01"], 0x3, 0x11ca, &(0x7f0000001240)="$eJzs2z9rq1UcB/Bfc1tvzbW1/rt67+JBF10evB2cXIq0IA0obSO0gvCUphoSk5AnQ1IcCm5Ovg5xdBPEN9B34VYE0aWTkTa1taVCK7TP0M9nyQ++5yTnRziBE55z+MF3X7V2i2w3H0RlaiqmezORjlKkqMSDmNiPd79Z+fPb9c2t1aVabXktpZWljWfvp5Tm3/z5s69/eOuXwaNPf5z/6WEcLHx++PvirwePD54c/rXxZbNIzSJ1uoOUp+1ud5Bvtxtpp1m0spQ+aTfyopGanaLRv5Dvtru93ijlnZ25aq/fKIqUd0ap1RilQTcN+qOUf5E3OynLsjRXDS4bj8fj646tf390Mno8nonnTmY+H9V4FC/EXMzHi7EQL8XL8Uq8Gq/F43g93ognN3p/AAAAAAAAAAAAAAAAAAAA4Drc/wcAAAAAAAAAAAAAAAAAAIDyuf8PAAAAAAAAAAAAAAAAAAAA5XP/HwAAAAAAAAAAAAAAAAAAAMq3vrm1ulSrLa+lNBvx2/6wPqxPXif5yke15ffSiYXzWX8Mh/UHZ/mzSZ4u5g+jepovXpnPxjtvT/Lj7MOPa5fyp7Fz++0DAADAvZClM1ee77Psv/JJ9a//By6d36fj6fRVnzh7W63wPxSjvVbebjf6xWjmn2KvtGLqdFUlL0Nxj4rKxV1w20WltE6PN9YNZpX7u8TdOP/Sy14JAAAAAAAAAAAAN3EXzx6W3SMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwNztwLAAAAAAgzN86jY4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4KgAA//99GZKW")
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
openat(0xffffffffffffff9c, &(0x7f0000000100)='./bus\x00', 0x42, 0x58)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0)

2m0.298099628s ago: executing program 1 (id=276):
syz_usb_connect(0x3, 0x5e, &(0x7f0000000440)=ANY=[@ANYBLOB="12010000cb62fc40a728ab7139df0102030109024c0001000000000904f6000002098e00052406e40005240006000d240f0105000000ffffd809ff06241a0e0000052406000105240900000d240f"], 0x0)

1m58.957580684s ago: executing program 1 (id=285):
r0 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r0, 0x10f, 0x87, &(0x7f0000000180)={0x42}, 0x10)
r1 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000000)={0x40000042}, 0x10)
r2 = socket$tipc(0x1e, 0x5, 0x0)
sendmsg$tipc(r2, &(0x7f0000000380)={&(0x7f0000000140)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x4, 0x4}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4000884}, 0x8)

1m58.755496194s ago: executing program 1 (id=286):
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f00000000c0)={0x0, 0xffffffffffffffff, 0x0, 0x1c, &(0x7f0000000000)='//sys\x00\x00\x00\x00\x00\x00\x80\x004\x00\x00s/\x92ync_\x93\x96\xff\x92\xaf\x00Se\xf44.\x00'/49}, 0x30)
mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0)
mount$bpf(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x84000, 0x0)

1m58.607854394s ago: executing program 1 (id=287):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
connect$pppl2tp(r0, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x0, r1, {0x2, 0x4e24, @local}, 0x3ff, 0x0, 0x2}}, 0x2e)

1m43.538147489s ago: executing program 32 (id=287):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
connect$pppl2tp(r0, &(0x7f0000000040)=@pppol2tpv3={0x18, 0x1, {0x0, r1, {0x2, 0x4e24, @local}, 0x3ff, 0x0, 0x2}}, 0x2e)

1m27.761897059s ago: executing program 3 (id=577):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000f80)={[{@grpquota}, {}, {@nombcache}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@nodelalloc}, {@noblock_validity}, {@noauto_da_alloc}]}, 0xfe, 0x54c, &(0x7f0000000400)="$eJzs3d9rW1UcAPDvTdv91nUwhvoghT04mUvX1h8TfJiPosOBvs/Q3pXRZBlNOtY6cHtwL77IEEQciH+A7z4O/wH/ioEOhoyiD75EbnrTZWvSZm22Zubzgduec+9Nzz0593t6Tk5CAhhaE9mPQsSrEfFtEnG47dho5Acn1s5bfXh9NtuSaDQ++yuJJN/XOj/Jfx/MM69ExG9fR5wsbCy3tryyUCqX08U8P1mvXJmsLa+culQpzafz6eXpmZkz78xMv//eu32r65vn//nh07sfnfnm+Or3v9w/cjuJs3EoP9Zejx240Z6ZiIn8ORmLs0+cONWHwgZJstsXwLaM5HE+FlkfcDhG8qgH/v++iogGMKQS8Q9DqjUOaM3t+zQPfmE8+HBtArSx/qNrr43Evubc6MBq8tjMKJvvjveh/KyMX/+8czvbon+vQwBs6cbNiDg9Orqx/0vy/m/7TvdwzpNl6P/g+bmbjX/e6jT+KayPf6LD+Odgh9jdjq3jv3C/D8V0lY3/Pug4/l1ftBofyXMvNcd8Y8nFS+U069tejogTMbY3y2+2nnNm9V6j27H28V+2ZeW3xoL5ddwf3fv4Y+ZK9dJO6tzuwc2I1zqOf5P19k86tH/2fJzvsYxj6Z3Xux3buv7PVuPniDc6tv+jFa1k8/XJyeb9MNm6Kzb6+9ax37uVv9v1z9r/wOb1H0/a12trT1/GT/v+Tbsd2+79vyf5vJnek++7VqrXF6ci9iSfbNw//eixrXzr/Kz+J45v3v91uv/3R8QXPdb/1tFbXU8dhPafe6r2f/rEvY+//LFb+b21/9vN1Il8Ty/9X68XuJPnDgAAAAAAAAZNISIORVIorqcLhWJx7f0dR+NAoVyt1U9erC5dnovmZ2XHY6zQWuk+3PZ+iKn8/bCt/PQT+ZmIOBIR343sb+aLs9Xy3G5XHgAAAAAAAAAAAAAAAAAAAAbEwS6f/8/8MbLbVwc8c77yG4bXlvHfj296AgaS//8wvMQ/DC/xD8NL/MPwEv8wvMQ/DC/xD8NL/AMAAAAAAAAAAAAAAAAAAAAAAAAAAEBfnT93Ltsaqw+vz2b5uavLSwvVq6fm0tpCsbI0W5ytLl4pzler8+W0OFutbPX3ytXqlanpWLo2WU9r9cna8sqFSnXpcv3CpUppPr2Qjj2XWgEAAAAAAAAAAAAAAAAAAMCLpba8slAql9NFCYltJUYH4zIk+pzY7Z4JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB75LwAA///MUDi3")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
ioctl$FS_IOC_FIEMAP(r0, 0xc020660b, &(0x7f0000002000)=ANY=[@ANYBLOB="00a95ba9c900030000001e"])

1m27.658077753s ago: executing program 3 (id=578):
r0 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000000), 0x42080, 0x0)
ioctl$SNDCTL_DSP_SUBDIVIDE(r0, 0xc0045009, &(0x7f0000000040)=0x4)
ioctl$SNDCTL_DSP_SUBDIVIDE(r0, 0xc0045009, &(0x7f0000000080)=0x6c23)

1m27.546345763s ago: executing program 3 (id=580):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={0x24, 0x2, 0x3, 0x101, 0x0, 0x0, {0xa}, [@NFQA_CFG_MASK={0x8, 0x4, 0x1, 0x0, 0x3}, @NFQA_CFG_FLAGS={0x8, 0x5, 0x1, 0x0, 0x3}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)

1m27.458899702s ago: executing program 3 (id=583):
syz_mount_image$exfat(&(0x7f0000000040), &(0x7f0000000100)='./file0\x00', 0x8, &(0x7f00000003c0)={[{}, {@time_offset={'time_offset', 0x3d, 0x5}}, {@dmask={'dmask', 0x3d, 0x3}}, {@iocharset={'iocharset', 0x3d, 'iso8859-14'}}, {@errors_remount}, {@discard}, {@allow_utime={'allow_utime', 0x3d, 0x4}}, {@gid}, {@keep_last_dots}, {@gid}]}, 0x1, 0x153b, &(0x7f0000001f80)="$eJzs3AucTlXXAPC19t5nDImnSS7D3nsdnuSyTZLkkiSXJEmSJLeEpEleSUgMIUlDEpLLkMQQksvEpHG/3y8JSdIkSUhuyf5+E37qrb73/b73/fL+vln/3+/87DXnrH3WedZznuecg/m269BaTWpXb0RE8C/BC38kAUAsAAwEgLwAEABA+bjycYAB5JSY9K/thP17PZh6pStgVxL3P3vj/mdv3P/sjfufvXH/szfuf/bG/c/euP+MZWebphW6hpfsu/x1z/+Bn///x+Hv//9HMsuM/XJNmeu6AcT8sync/+yN+///VvDPbMT9z964/9lV7JUugP0H4PM/O8jxp2u4/9kb95+x7OxKP3++0gtE/sNegyM5LzTmrzp+xhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGPsL3DaX6YA4NL4StfFGGOMMcYYY4yxfx+f40pXwBhjjDHGGGOMsf97CAIkKAggBnJALOSEXCAA4GrIA3khAtdAHFwL+eA6yA8FoCAUgngoDEVAgwELBCEUhWIQheuhONwAJaAklILS4KAMJMCNUBZugnJwM5SHW6AC3AoVoRJUhipwG1SF26Ea3AHV4U6oATWhFtSGu6AO3A114R6oB/dCfbgPGsD90BAegEbwIDSGh6AJPAxN4RFoBs2hBbSEVv+r/OehJ7wAvaA3JEEf6AsvQj/oDwPgJRgIL8MgeAUGw6uQDENgKLwGw+B1GA5vwAgYCaPgTRgNb8EYGAvjYDykwASYCG/DJHgHJsO7MAWmQipMg+nwHsyAmTAL3ofZ8AHMgbkwD+ZDGnwIC2AhpMNHsAg+hgxYDEtgKSyD5bACVsIqWA1rYC2sg/WwATbCJtgMW2ArbIPtsAM+gZ3wKeyC3bAHPoO98Pmv8gGSfunnf5d/6u/yuyEgoECBChXGYAzGYizmwlyYG3NjHsyDEYxgHMZhPsyH+TE/FsSCGI/xWASLoEGDhIRFsShGMYrFsTiWwBJYCkuhQ4cJmIBl8SYsh+WwPJbHClgBK2IlrIRVsApWxapYDathdayONbAG1sJaeBfehX2wLtbFelgP62P9S4+nsBE2wsbYGJtgE2yKTbEZNsMW2AJbYStsja2xDbbBdtgO22N77IAdMBETsSN2xE7YCTtjZ+yCXbArdsVu2B27Zz6fA/AFfAF7Yw3RB/tiX+yHyTkG4Ev4Er6Mg/AVfAVfxWQcgkPxNXwNX8fheBJH4EgchaOwqngLx+BYJDEeUzAFJ+JEnISTMKvQd3EqpuI0nI7TcQbOxJn4Ps7GD/ADnItzcT6mYRouwIWYjum4CE9hBi7GJbgUl+FyXIYrcRWuxDW4FtfgelyPG3EjbsbNuBW34nbcjp+gAsBPcTfuxmTci3txH+7D/bgfD+ABzMRMPIgH8RAewsN4GI/gETyKx/A4HsMTeAJP4ik8jafxLJ7Fc/hs/NeNPym5OhlEFiWUiBExIlbEilwil8gtcos8Io+IiIiIE3Ein8gn8ov8oqAoKOJFvCgiiggjjCARxgCAiIqoKC6KixKihCglSgknnEgQCaKsKCvKiXKivLhFVBC3ioqikmjrqogqoqpo56qJO0R1UV3UEDVFLVFb1BZ1RB1RV9QV9UQ9UV/UFw3E/aKh6IMD8EGR1ZkmYgg2FUOxmWgu5MVPsNZiOLYRbUU78bgYiSOwg2jtEsVToqMYg53E38RYfEZ0EeOxq3hOdBPdRQ/xvOgp2rheoreYjH1EXzEV+4n+YoB4SczAmuJ9nJ2zlnhVJIshYqh4TczH18Vw8YYYIUaKUeJNMVq8JcaIsWKcGC9SxAQxUbwtJol3xGTxrpgipopUMU1MF++JGWKmmCXeF7PFB2KOmCvmifkiTXwoFoiFIl18JBaJj0WGWCyWiKVimVguVoiVYpVYLdaItWKdWC82iI1ik9gstoitYpvYLnaIT8RO8anYJXaLPeIzsVd8LvaJL8R+8aU4IL4SmeJrcVB8Iw6Jb8Vh8Z04Ir4XR8UxcVz8IE6IH8VJcUqcFmfEWfGTOCd+FueFFyBRCimlkoGMkTlkrMwpc8mrZG4ZXHx1r5Fx8lqZT14n88sCsqAsJONlYVlEammklSRDWVQWk1F5vSwub5AlZElZSpaWTpaRCfJGWVbeJMvJm2V5eYusIG+VFWUlWVlWkbfJqvJ2CZEL+6gha8pasra8SybB3bKuvEfWk/fK+vI+2UDeLxvKB2Qj+aBsLB+STeTDsql8RDaTzWUL2VK2ko/K1vIx2Ua2le3k47K9fEJ2kE/KRPmU7Cj9xbfIM7KLfFZ2lc/JbrK77CF/luell71kbwl9QPaVL8p+sr8cEAsA8mU5SL4iB8tXZbIcIofK1+Qw+bocLt+QI+RIOUq+KUfLt+QYOVaOk+NlipwgJ8q35ST5jpws35VT5FSZKqfJAXLgLzPNkvIf5r/9B/mDf9n7RrlJbpZb5Fa5TW6XO+QncqfcKXfJXXKP3CP3yr1yn9wn98v98oA8IDNlpjwoD8pD8pA8LA/LI/KIPCqPyTPyB3lC/ihPylPylDwjz8qz8tzF1wAUKqGkUipQMSqHilU5VS51lcqtrlZ5VF4VUdeoOHWtyqeuU/lVAVVQFVLxqrAqorQyyipSoSqqiqmouh4vvmFUKVVaOVVGJagb/yf5qri6QZVQJX+Tf6m+pD+pr5VqpVqr1qqNaqPaqXaqvWqvOqgOKlElqo6qo+qkOqnOqrPqorqorqqr6qa6qR6qh+qpeqpeqpdKUkmqr3pR9VP91QD1khqoXlaD1CA1WA1WySpZDVVD1TA1TA1Xw9UINUKNUqPUaDVajVFj1Dg1TqWoFDVRTVST1CQ1WU1WU9QUlapS1XQ1Xc1QM9QsNUvNVrPVHDVHzVPzVJpKUwvUApWu0tUitUhlqMVqsVqqlqrlarlaqVaq1Wq1WqvWqvVqvcpQm9QmtUVtUdvUNrVD7VA71U61S+1Se9QetVftVfvUPrVf7VcH1AGVqTLVQXVQHVKH1GF1WB1RR9RRdVQdV8fVCXVCnVQn1Wl1Wp1VZ9U5dU6dV+ezLvsCEYhABSqICWKC2CA2yBXkCnIHuYM8QZ4gEkSCuCAuyBdcF+QPCgQFg0JBfFA4KBLowAQ2EBebHg2uD4oHNwQlgpJBqaB04IIyQUJwY1A2uCkoF9wclA9uCSoEtwYVg0pB5aBKcFtQNbg9qBbcEVQP7gxqBDWDWkHt4K6gTnB3UDe4J6gX3BvUD+4LGgT3Bw2DB4JGwYNB4+ChoEnwcNA0eCRoFjQPWgQtg1b/4vxZp/zl+b0/WeAx10v31km6j+6rX9T9dH89QL+kB+qX9SD9ih6sX9XJeogeql/Tw/Trerh+Q4/QI/Uo/aYerd/SY/RYPU6P1yl6gp6o39aT9Dt6sn5XT9FTdaqepqfr9/QMPVPP0u/r2foDPUfP1fP0fJ2mP9QL9EKdrj/Si/THOkMv1kv0Ur1ML9cr9Eq9Sq/Wa/RavU6v1xv0Rr1Jb9Zb9Fa9TW/XO/Qneqf+VO/Su/Ue/Zneqz/X+/QXer/+Uh/QX+lM/bU+qL/Rh/S3+rD+Th/R3+uj+pg+rn/QJ/SP+qQ+pU/rM/qs/kmf0z/r89pnXdxnfb0bZZSJMTEm1sSaXCaXyW1ymzwmj4mYiIkzcSafyWfym/ymoClo4k28KWKKmCxkyBQ1RU3URE1xU9yUMCVMKVPKOONMgkkwZU1ZU86UM+VNeVPBVDAVTUVT2VQ2t5nbzO3mdnOHucPcae40NU1NU9vUNnVMHVPX1DX1TD1T39Q3DUwD09A0NI1MI9PYNDZNTBPT1DQ1zUwz08K0MK1MK9PatDZtTBvTzrQz7U1708F0MIkm0XQ0HU0n08l0Np1NF9PFdDVdTTfTzfQwPUxP09P0Mr1MkkkyfU1f08/0MwPMADPQDDSDzCAz2Aw2ySbZDDVDzTAzzAw3w80IM9KMyrpQNW+ZMWasGWfGmxSTYiaaiWaSmWQmm8lmipliUk2qmW6mmxlmhpllZpnZZraZY+aYeWaeSTNpZoFZYNJNullkFpkMk2GWmCVmmVlmVpgVZpVZZdaYNWYdrDMbzAazyWwyW8wWs81sMzvMDrPT7DS7zC6zx+wxe81es8/sM/vNfnPAHDCZJtMcNAfNIXPIHDaHzRFzxBw1R81xc9ycMCfMSXPSnDanzVlT4OL3pTexNqfNZa+yue3VNo/Na/8+LmgL2Xhb2Bax2ua3BX4TG2ttCVvSlrKlrbNlbIK98XdxRVvJVrZV7G22qr3dVvtdXMfebevae2w9e6+tbe/6TVzf3mcb2IdtQ0QA29w2ti1tE/uwbWofsc1sc9vCtrTt7RO2g33SJtqnbEf79O/iBXahXWVX2zV2rd1ld9vT9ow9ZL+1Z+1PtpftbQfal+0g+4odbF+1yXbI7+JR9k072r5lx9ixdpwd/7t4ip1qU+00O92+Z2fYmb+L0+yHdrZNt3PsXDvPzv8lzqop3X5kF9mPbYYNYIldapfZ5XaFXXmpVp/Xrrcb7Ea7035qt9itdpvdbndcuhC2u+0e+5ndaz+3B+03dr/90h6wh22m/fqXOOv4Dtvv7BH7vT1qj9nj9gd7wv6oLmVnHfsP9md73noLhAQkSVFAMZSDYikn5aKrKDddTXkoL0XoGoqjaykfXUf5qQAVpEIUT4WpCGkyZIkopKJUjKJ0PV0qrxSVJkdlKIFupLJ0E5Wjm6k83UIV6FaqSJWoMlWh26gq3U7V6A6qTndSDapJtag23UV16G6qS/dQPbqX6tN91IDup4b0ADWiB6kxPURN6GFqSo9QM2pOLagltaJHqTU9Rm2oLbWjx6k9PUEd6ElKpKeoIz1Nnehv1JmeoS70LHWl56gbdace9Dz1pBeoF/WmJOpDfelF6kf9aQC9RAPpZRpEr9BgepWSaQgNpddoGL1Ow+kNGkEjaRS9SaPpLRpDY2kcjacUmkAT6W2aRO/QZHqXptBUSqVpNJ3eoxk0k2bR+zSbPqA5NJfm0XxKow9pAS2kdPqIFtHHlEGLaQktpWW0nFbQSlpFq2kNraV1tJ420EbaRJtpC22lbbSddtAntJM+pV20m/bQZ7SXPqd99AXtpy/pAH1FmfQ1HaRv6BB9S4fpO9+bvqejdIyO0w90gn6kk3SKTtMZOks/0Tn6mc6TJwgxFKEMVRiEMWGOMDbMGeYKrwpzh1eHecK8YSS8JowLrw3zhdeF+cMCYcGwUBgfFg6LhDo0oQ0pDMOiYbEwGl4fFg9vCEuEJcNSYenQhWXChPDGsGx4U1guvDksH94SVghvDSuGlcKH760S3hZWDW8Pq4V3hNXDO8MaYc2wVlg7vCusE94d1g3vCeuF94blwvvCBuH9YcPwgbBR+GDYOHwobBI+HDYNHwmbhc3DFmHLsFX4aNg6fCxsE7YN24WPh+3DJ8IO4ZNhYvhU2DF8+pf19y388/VJYZ+wb/hi+GLo/T1yXnR+NC36YXRBdGE0PfpRdFH042hGdHF0SXRpdFl0eXRFdGV0VXR1dE10bXRddH10Q3Rj1PvaOcChE0465QIX43K4WJfT5XJXudzuapfH5XURd42Lc9e6fO46l98VcAVdIRfvCrsiTjvjrCMXuqKumIu6611xd4Mr4Uq6Uq60c66MS3AtXSvXyrV2j7k2rq1r5x53j7sn3BPuSfeke8p1dE+7Tu5vrrN7xnVxz7pn3XOum+vuerjnXU83Ic+FczLJ9XV9XT/Xzw1wA9xAN9ANcoPcYDfYJbtkN9QNdcPcMDfcDXcj3Ag3yo1yo91oN8aNcePcOJfiUtxEN9FNcpPcZDfZTXFTXKpLddPddDfDzXBVZ17Yyxw3x81z81yaS3MLXNY1Y7pb5Ba5DJfhlrglbplb5la4FW6VW+XWuDVunVvnNrgNbpPb5La4LW6b2+Z2uB1up9vpdvm8FyZ1e90+t8/td/vdAfeVy3Rfu4PuG3fIfesOu+/cEfe9O+qOuePuB3fC/ehOulPutDvjzrqf3Dn3szvvvEuJTIhMjLwdmRR5JzI58m5kSmRqJDUyLTI98l5kRmRmZFbk/cjsyAeROZG5kXmR+ZG0yIeRBZGFkfTIR5FFkY8jGZHFkSWRpZFlkeUR7wtvCX1RX8xH/fW+uL/Bl/AlfSlf2jtfxif4G31Zf5Mv52/25f0tvoK/1Vf0lXxl/4hv5pv7Fr6lb+Uf9a39Y76Nb+vb+cd9e/+E7+Cf9In+Kd/RP+07+b/5zv4Z38U/67v653w339338M/7nv4F38v39km+j+/rX/T9fH8/wL/kB/qX/SD/ih/sX/XJfogf6l/zw/zrfrh/w4/wI/2omDf96Eu3yDDep/gJfqJ/20/y7/jJ/l0/xU/1qX6an+7f8zP8TD/Lv+9n+w/8HD/Xz/PzfZr/0C/wC326/8gv8h/7DL/40kNlv8Kv9Kv8ar/Gr/Xr/Hq/wW/0m/xmv8Vv9dv8dr/Df+J3+k/9Lr/b7/Gf+b3+c7/Pf+H3+y/9Af+Vz/Rf+4P+G3/If+sP++/8Ef+9P+qP+eP+B3/C/+hP+lP+tD/jz/qf/Dn/sz/P/2eNMcYYY+yfMuHyUPx2zYXH+X3+IEf8auO+AHD11kKZv16fdUW5Lv+FcX8R3z4CAE/17vrgpaVGjaSkpIvbZkgIis0FuPQ3QVli4HK8GNrBE5AIbaHsH9bfX3Q/S/9g/ugtALl+lRMLl+PL838BgEl/MP+jj49aUCE8HfffzD8XoESxyzk54XK8GNr98nylLZT7k/oLtP6T+vHi/Dm/TAFo86uc3HA5vlx/AjwGT0Pib7ZkjDHGGGOMMcYu6C8qd750/3npX3z+0f15vLqckwMux//o/pwxxhhjjDHGGGNX3jPdezz5aGJi287/80G1/1XWPz1oCv9XM/PgDwfeA1z6iQKAf3FCgKyB/CuPYvNfsq/ki6fO369adsYH8J/Ryn/H4Ap/MDHGGGOMMcb+7S5f9P/25+pKFcQYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjGVDf8WvE7vSx8gYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4xdaf8VAAD//3aq+3A=")
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f00000001c0)='devpts\x00', 0x1010401, 0x0)
mount$bind(0x0, &(0x7f0000000500)='./file0\x00', 0x0, 0x20f6, 0x0)

1m27.377418675s ago: executing program 3 (id=587):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_MCAST_JOIN_GROUP(r0, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88)
setsockopt$inet_group_source_req(r0, 0x0, 0x2e, &(0x7f00000004c0)={0x3, {{0x2, 0xfffd, @multicast2}}, {{0x2, 0x4e20, @local}}}, 0x108)
setsockopt$inet_group_source_req(r0, 0x0, 0x2c, &(0x7f0000000000)={0x2, {{0x2, 0x4e26, @multicast1}}, {{0x2, 0x2, @multicast1}}}, 0x108)

1m27.075516868s ago: executing program 3 (id=591):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wlan0\x00'})
fsopen(0x0, 0x0)
getpid()
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x18, 0x0, 0x41000, 0x24, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0xa, 0x8000000000002})
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
dup3(r2, r1, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)

1m26.838107174s ago: executing program 33 (id=591):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xc, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002000)=""/102400, 0x19000)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000180)={'wlan0\x00'})
fsopen(0x0, 0x0)
getpid()
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x18, 0x0, 0x41000, 0x24, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0xa, 0x8000000000002})
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
dup3(r2, r1, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)

1.397452207s ago: executing program 4 (id=1515):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000400)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
r1 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
bind$bt_hci(r1, &(0x7f0000000000)={0x27}, 0x74)
sendmmsg$unix(r1, &(0x7f0000000b00)=[{{&(0x7f00000000c0)=@file={0x0, './file0\x00'}, 0x6e, 0x0}}, {{&(0x7f0000000e80)=@file={0x0, './file0\x00'}, 0x6e, &(0x7f0000000740)=[{&(0x7f0000001dc0)="bb", 0xfdef}, {0x0}]}}, {{&(0x7f0000000580)=@file={0x0, './file0/file0\x00'}, 0x6e, &(0x7f00000006c0)=[{&(0x7f0000000600)='z', 0xfdef}], 0x1}}], 0x3, 0x0)

1.338495677s ago: executing program 4 (id=1517):
r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
ioctl$VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f00000002c0)={0x9, 0xa, 0x1, "b50493ce3d0401f11be6ca7bc70500000000007275000000000000000400", 0x3432564e})

1.338129006s ago: executing program 4 (id=1519):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=@mpls_delroute={0x30, 0x18, 0x9, 0x0, 0xfffffffd, {0x1c, 0x14, 0x0, 0x0, 0xfe, 0x2, 0x0, 0x1}, [@RTA_VIA={0x14, 0x12, {0x21, "cfbc6ac116946cf4a5b2ff7fffff"}}]}, 0x30}}, 0x4)

1.278207426s ago: executing program 4 (id=1521):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xd, 0x6, &(0x7f0000000300)=ANY=[@ANYBLOB="05000000000000007111b100000000008510000002000000850000000000000095000000000000009500a505000000008f503939fb0119f42db1f5f18810c14518b7adef75d8b31e05e5dbb0b612713ed9554f1d9dd8628d7b658a6f480a86a7ea02c5a23a18c68a89ac9c8e01be09d1a26bf397ef2e8ded6fe231a99c0687917aee675ce22109eb137632dd3d152d49a7787fa19e288cd23d99c6ab67a15f399bc57faef38804abd4f86f50da14fe2caad1a94f241013d312b93d2a7ec11145b19d3f381b2ad269a09605007bfdbd9172eb440f1f19b3e89f4ced19e24b945f47abbefd9d5d76d0b636b4f222b60215ca95693a89faf0c87599fb96eaf7c3dfdd0b50cac2889cf3569218662ebf4a4f90f34a1ebfbb369523006bf1a6c8"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x6}, 0x70)

1.246917584s ago: executing program 4 (id=1523):
syz_usb_connect$hid(0x5, 0x36, &(0x7f00000003c0)=ANY=[@ANYBLOB="1201000000000020ac050f022200018283010902240001010000000904000002030102000921000500012200000905", @ANYRES32], 0x0)
syz_open_dev$evdev(&(0x7f0000000000), 0x4, 0x0)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r0, 0xffffffffffffffff, 0x0)

1.246724456s ago: executing program 0 (id=1524):
syz_usb_connect(0x0, 0x24, &(0x7f0000000100)={{0x12, 0x1, 0x0, 0x8a, 0x31, 0x7c, 0x40, 0x545, 0x800d, 0x30a, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xb3, 0x8e, 0xd1}}]}}]}}, 0x0)

677.030154ms ago: executing program 0 (id=1528):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001240)=@base={0x12, 0xb, 0x8, 0x2}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000280)={r0, &(0x7f0000000200), 0x0}, 0x20)

676.252915ms ago: executing program 0 (id=1530):
syz_mount_image$btrfs(&(0x7f0000000100), &(0x7f00000000c0)='./file1\x00', 0x810, &(0x7f00000001c0)={[{@metadata_ratio={'metadata_ratio', 0x3d, 0x2}}, {}, {@compress_force}, {@nodiscard}, {@compress_algo={'compress', 0x3d, 'zstd'}}, {@clear_cache}, {@flushoncommit}, {@usebackuproot}]}, 0x1, 0x50f3, &(0x7f000000f3c0)="$eJzs3U+IVWUfB/Dnzp1x5lVw7isEtsoikGrh4CYioqtMUFF0y8VgBE4tgnThJEi0EMQW/Vt4S4paSK6kFsksjKA2LqQwArehYS7cKAaSi3Yac8957pz7HO+5d0ZtTD8fmTnnOb/zPOe5l7O43+uccwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEEF74/bNDVfVT16bPnJtp7jywZebyvul1p0OodbbX8vqOrc++8ua2HS9OxA6zL2fLRqPfkFnX81ljVc/GhX69P6+HEMaSAer58pk1pVGLq3vKA1a6fnH30U17mxuPH27Xr146e7L80lkwsdITWCn5eXVh8Vxqdn6PJHt024VTr9Zzimb90xPuX3kRAMCSTLU6i+7H0fwjbre9P60n7WbSbift+AmhXWwsRzbuqn7z3JDWV2iezSwqjPedZ1LP3/9uu5X2T9pJ1FjCPHt3zSPNRL95ziX1lZonAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ3kkbdHH6qqn7o2febcTHPngS0zl/dNrzsdQqOzvZaVa6vfP9z869utxw78uPmr4xeef6ye94vL0cLO4be48sRkCG8UKhfisBfXhtDqLXSa4cty4a3OynOxAAAAwN3k/s7vkW47i4NjPe1aJ03WOv+iLCxev7j76Ka9zY3HD7frVy+dPbn88Vp9xmvecLxuu7H4UysE4xh/0/EW63HXPaVxqqUjpnn+8fNTf1f1L+X/RnX+j++c/A8AAMDNkP/TcaoNyv/fvfbHJ1X9S/l/Q88hS/k/zjjm/5GwvPwPAAAAd7Lbnf+bpXGqDcr/4y+NfV3Vv5T/p4bL/6PFaceNv8YJ75oMYWrQ1AEAAIA+4v+7L361EPN69s1BmtefevTguarxSvm/OVz+H7ulrwoAAAC4GUe+2P5wVb2U/1vD5f/x2zprAAAAYCne+XDig6p6Kf/PDpf/V+fL/MqHrNNP8a8QDk2GMLGwMpcVfg7tp7sFAAAA4BaJOf3PT3f+ULVfKf/PVd//P97pIF7/33P/v9L1/4VCdte/J90YAAAAgHtR+Xr+eHv87MkF/Z6/P+z1/w/87+CrVccv5f/9w+X/enF5K5//BwAAAMvwX3v+3/bSONUG3f//vo/e/aWqfyn/t4fL/3G5pvjyTtRq2fvz3mQI6xdW8rsJfhMPtyspzI8VCh2tpMe22CMvzI8XCh1zSY/NkyE8uLCyPyn8PxbaSeHK2rxwJCmcjoX8fOgWjiWFE/FM+3xtPt208H0s5BdYzMcrKNZ0L4lIelzt12OhcMMeZ7sHBwAAuKfE8Jxn2bHeZkij7Hxt0A6rB+0wMmiH+qAdRpMd0h37bQ+zvYW4vX1m49Ke/39kuPwf34pV2aLf9f8hXv+fP9ewe/3/bCw0ksJ8LLTSOwa04jGysPtxPEajlfe4sr5bAAAAgLta/F6gvsLzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5h715j5KruA4CffY734fVCUoXQKNkkNY6beL22gUQtVdaUqhEpzbqhoCqi2NhrsnjBjm1KjEJkbCIaIShtkJIPRRhFUc0HqBWISAoIFymOUHlEVEUBBAqtIQoipSQRaYIUqtl7z+ydc3cefqzx0t9P8s6Z+Z/nnYfn3HvnXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/h4Feu+dtm8Ud/e96zL1w8fsWetRe/et15pz4ZwsTM4x1ZuKP/xtvHf373uffseWD1HfcdPv+jvXm5PB4Gqn868zs3xFoPLw7h/o4QutPAisEs0JPfH4z1vW8whFPCbKBWYrI/K5E2HL7fF8K+MBuoVfW9vhAGC4ELn3rk4Zuridv6QlgaQqikbTxfydroSwNn9GaB/jSwtTsL/OqtTC3w3c4sAMcsvhlqL/oDE/UZhucu1+D113PcOvb2SofXFRPDjfP9bO08d6qgN31g4pietlJ1zIvS2+Ogd9sCeLeVtvOtnrbiF6n8G8pbs6FK6Nw0uXnD1dM74yOdYXS0q1FN8/Q8P/P6lzYeSXrBvA5jB4aPy+vwlieW3t21/ILH71ux9OX9H9v7yrF280eFTVpMz7dKyF9zC+Z5jMZ9niyAt1/pW9KIL10hhM2f/73PNIuX5v/Dzef/8eUcbzvrcsda3xzK5ubxkcGYeG0om5sDAADAgrEQ9ppuHX3oE83qK83/R9o7/h8P+eeT+Wy0B0MYn0nsXRLCaTOPZ4G7YnOXLQnhgzOpifrA2iRwMIT3ziSW16pKSiyKJUaSwE+G8sB4EjgUAxNJ4FsxcGsSuCEGDiSBjTFwMAmcGwNhqn4cvz+Uj6PtQF8MrM824oF4FsIvhmJrybZ6rlYVAADAcZLPDnvq7xbOdTjWDHF6eaCvVYZ4BnbDDJWkhnQGW5tWNayhu1UNna1qqI17d/Phl2ruaFVz6TSMjvoMt//ybz4bmijN/8eaz/8rc3Sko3T8P4R1M39j7s48Ml2Lr5+oywAAAAAcg4H/ffGbzeKl+f94e+f/x30iXYXM4bG4G2LLkhDG6gNZtX9YDmRHvQfyAAAAACwEtePxtWPhU/ltdop2Op8u5584wvzxwP/4nPl7Dz64vll/S/P/ifbO/++vv806cSj24mtLQlhUCPwg9rIamDESAz/+ZH0gH/+huAFuilXlJybUqropllgfA2NJYF+jEj+slTitPpA/WbXG99bGMZWXKAQAAADghIu7A+Jx+Xj+/4d+s/qaZuVK8//1R3b+/8w8uHR6//RACCu7Q+hKfxjwWH+2MGAMDHbkiYf6s7q60qqu7w/hnOrA0qpezNf/707XGHyqL6sqBk770P7Xz6gmvtkXwspi4OnP3XlWNbEzCdQa/8u+ED5QHW3a+HcWZY33pI1/fVEI7y8EalVdtiiEamO9aVWPVPLrGKRV/XMlhHcVArWqzq6EsCsAsEDF/0o3FR/csevaLRumpye3z2Mi7sPvC5unpidHN26d3lRp0KdNSZ/rljG6vjymdq9881y+RNFF964bbCdd+53gWLGtfD9+6cTB/H78LtQzM87VPXV316RD/siHy02EwjepRkPunOch9xcrmX0SS/XH/L1hICy6esfk9tEvbti5c/uq7G+72Vdnf+NhpmxbrUq3Vf9cfWvj5dFwtazE0W6rZcVKVu68ctvKHbuuXTF15YbLJy+fvGrV2avHzhxbM/bxM1dWRzWW/W0x1GVzVZ0M9a072xzXcRzq6d2FSk7Ep4aEhMRCS2wdWNb0/+TS/H9b8/l//NSJn/z5+gyNjv8Px8P82eOzh/nXx8C+do//Dzc6ml87MWAkCeyOgd0O8wMAAPDOECf5cW9m3Cv90+XfeblZudL8f3d7v/8/Tuv/15auP7/RMv/LY4mxRuv/p8v819b/391o/f90mf/a+v/73ob1/6+uBZJN8gvr/wMAAO8EJ279/5bL+6cXCChlaLm8f3qBgFKGlsv4t3uBgCNe///5//yr/w5NlOb/t7Y3/7dwPwAAAJw8vvxn1/xOs3hp/r+vvfn/iV//LzQ6/3+kUWCi0cKA1v8DAABggWq0/t/wjf2XNitXmv8faG/+H0+76KzLHWt9cyhb0y6ka9q9NlT7yQAAAAAsDJ1hdLSnzbx1K6OuPfo2n8mXAm2WLnrxTw4f2fn/B9ub/9f9LuOWJ5be3bX8gsffvG/F0pf3f2zvK7PH/wEAAID50+5+CQAAAAAAAAAAAAAA4O334n/sWdMsXvr9f1g383ij3//H6/7F3xe8uy53rLX1+n/5/Qs/fc+umSULHxsK4cPFwJY9W04J+bX5lxUDD1+y/D3VxJ60xIMvnPtSNXFpGvjUilPfqCbOSQLr4yKJ700D8aqKbyxOAnF5xX9PA3F7HEgDvXngq4uzcXSk2+qng9m26ki31bODISwpBGrb6v7BrI2OdIC3JYHaAL+QBuIA/zwPdKa9umcg61UMDMaidwxkvQIA4KQVvwX2hM1T05Nj8St8vD29u/42qluy7PpytR1tNv9cvjTZRfeuG2wn3ZV+F5291nhPqFSHsKr0dbWYpWNmlMenlhab7t0NhtxqtbfOBuVSR7rpehuPqC8b0ejGrdObeloOfE3rLKu7W2ZZVZrsFLN0zmzSNmppoy9tjKjNbdNGl+P9zjA62pXk+oMYHA51Wr0i2v29fnGdv0avgmKeqw7v/VWz+krz/+H25v+V4rjeyC8GsDteWe/vlljmHwAAAObXV9f++hvx32dvfPTpZnlL8/+R9ub/cQ9Wfig429txMF7/f++SEGYurT+cBe6KzV22JIQPzqQmYonsgvrnxxJjWeCuuMNkeSyxfqK+qkUxcCAJ/GQoDxxMAodiIN9LsT/ku3L+fiiEs2ZS6+pLbIslhpPAZ2JgJAmMxsBYElgcA+NJ4NXFeWAiCfxbDISp+m117+J8WwEAAByJfJ7VU383pPO8A92tMnS0ytDfKkNnqwyVVhkajSLe/3bM0JOcvNJRyNST1tqX1FLKEC+Gf8T9KmUIP6zPmRYsNR3PP6idb9BRn+GBT3RXQhOl+f9Ye/P//vrbrPVDcf4/e/2/LPCD2L2vxVPHR2Lgx5+sD+Q7Bg7Fye5Ntaom8hL5pP2mWGI8BkaSwLYYGE8C69flgX3vqQ/kM+1a43trjU/lJQoBAAAAOOHiDoK4mybO/+/Y8ZWBZuVK8//x9ub/sb2BYmM3xFoPLw7h/o7Z3tQCKwazQNyPMRh/Hv++wRBOKezgqJWY7M9K9CYNh+/3Zb9Q702r+l5f9uODeP/Cpx55+OZq4ra+EJYW9r7U2ni+krXRlwbO6M0C/Wlga3cWiHt+aoHvdmYBOGa1vYLxBZWf6lIzPHe5Bq+/d8o1QdPhlfaBzpFvrt9czZfSDtd8n2rNkT1tTfffctyU3h4HvdsW4rtt2Lut+EUq/4by1myoEjo3TW7ecPX0zvhI8ZesJfP0PBd/pdpO+ji8DncffW9bq6QdGEs+PsbmLjf367AjVnfLE0vv7lp+weP3rVj68v6P7X2l7W40EH8o/Mh1/zr4o8LmnW+VkL/mFtznyYTPk4X438CIpy2EsO7Vr9/ULF6a/0+0N//vTm5n/DpuzB1LQvhIYeM+Fjf/Hy/JPgcLgexT8l3lQHbI/b+GGn5yAgAAwPFW291R218wld9mJ4Sn8+Ry/okjzB/3V4zPmb/dfvf/9SVLm8VL8//1zef/i5JuOv7v+D/zxPH/OZ3su6IXpQ/sPqZd0aXqmBeO/8/pZH+3Of4/J8f/Hf+fi+P/LTj+P6eT/WkrfUva5ktXCOHlP3ro2Wbx0vx/W3vzf+v/zb1oX239v/WN1v/b1mj9v93W/wMAAOZVg4Xm0nleafW+UoZ09b5ShpYLBLZcYtD6f0e8/t9Lpz//m9BEaf6/u735f3w5DBRbXyjr/42sa1DVrTGwzcKAAAAAnIwa7SAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg7fXAP/zPpmbxR3973rMvXDx+xZ61F7963XmnPhnC1MzjHVm4o//G28d/fve59+x5YPUd9x0+/6OVvFxPfvu7dbljrW8OhbCv8MhgTLw2VL0zG7jw0/fs6q4mHhsK4cPFwJY9W06pJr41FMKyYuDhS5a/p5rYk5Z48IVzX6omLk0Dn1px6hvVxDl5oCPt7j8uzrrbkXb35sUhLCkEat29YnF9VbU2/jQPdKZt/NNg1kYMDMai3xjM2oiB6VhialEIK7tD6EqrerSSVdWVVvUvlayqrrSqL1dCOCeE0J1W9UJvVlV3OvIne7OqYuC0D+1//YxqYl9vCCuLgac/d+dZ1cQXkkCt8b/oDeED1ZdM2vi3e7LGe9LGb+sJ4f0hhN60xC+7sxK9aYkXu0N4VyFQa/zz3SHsCrwjxA+fuk+0Hbuu3bJhenpy+zwmevO2+sLmqenJ0Y1bpzdVkj410lFIv3X90Y/9ude/tLF6e9G96wbbSXfn5Xpmury6p+7umpO997Ff/cVKZp+PUv0xf28YCIuu3jG5ffSLG3bu3L4q+9tu9tXZ3648mm2rVQtlWy0rVrJy55XbVu7Yde2KqSs3XD55+eRVq85ePXbm2Jqxj5+5sjqqsezv8RjqnSd+qKd3Fyo5ER8AEhISCy3RWffpNnayf5CXvujPdrQnVGY+oEvTimKWjplRHo9Brz3KER/N95SWI1pVmjiUsqyeI8v19VnWlCYTs7X0ZVlmvteVJofFxjpnNmm83xlGR7sabYfh+rvFzfuzY9i8z+Sbrt00AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP/HDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwA8cCAAAAAML8rcPo2QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEsBAAD//+erI4o=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0x40305829, &(0x7f0000000240)={0x17c04, 0xffffffffffffffff, 0x89d9, 0x100000001, 0x20000000002, 0x2})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x40)
fallocate(r1, 0x1, 0x8e13, 0x8ffff)

500.798095ms ago: executing program 2 (id=1533):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
r1 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r1, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
sendmsg$TIPC_NL_PEER_REMOVE(r0, &(0x7f0000000440)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f00000003c0)={&(0x7f0000000380)={0x14, 0x0, 0x400, 0x70bd2d, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x4000000}, 0x20000840)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000300), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r1, 0x10e, 0x4, &(0x7f0000000640)=0x1800, 0x4)
r2 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000700)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848430000005e140602000000000e000a00100000000280", 0x2a}, {&(0x7f0000000400)="6a6f8e5e", 0x4}], 0x2}, 0x0)

424.416373ms ago: executing program 0 (id=1534):
syz_mount_image$iso9660(&(0x7f0000000240), &(0x7f0000000080)='./file2\x00', 0x1808004, &(0x7f0000000000)=ANY=[@ANYRES16=0x0, @ANYRES64], 0x4, 0x7cc, &(0x7f0000002200)="$eJzs3U1sHOUZAOB3HJsEI6WIVimKQpgEKgUJzHoNpi4HWNZje2C9a+2uq0RVRSNwkBUHKBS15AJRJWirVlVPPVKu3HqjqtRKPbQ9VSqHXnpD4lRRqX+iqpBczew6/v9JcEIgz2PF3+zsO9/3zmY978za+20AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJHUJyuV0SQa+bfnT6fbq0+2W7M73L/S32/XNes8vm7ciKT4F4cOxUf/6q370urdR4pvJ+NY79axOFQ0h+LibUduf/SLgwMr2++Q0NU6sce4JOL1IqnzZ5eWFl66BolcRz/69RVv8t/l4vt01sw7rXy2Np2leaeVToyPVx6cmeqkU3kj65zpdLPZtN7Oat1WOz1Vvy8dnZgYS7ORM6355vRkrZGtrHzkgWqlMp4+OTKX1dqdVvPBJ6NTn8kbjbw5XcZUK9+NIuaR4on4VN5Nu1ltNk3PLS4tjK3JKtkq1SJodKs7DvSeP8fuvf2DV97/5+JC8YTcbn+T/hOzOjparY6OPzzx8COVymC1Ul2/orJBXI6IgYgi4po8afkM2d8DOHwCA/36H43IoxnzcTrSDV9DETEU9ZiMdrRitlj3l6FNUX0r9f8rD/79TzuNu7b+r1T5O1fvPhpl/T/eu3V8u/q/KYsdv4auKHpPXy/Hq3ExzsfZWIqlWIiX9rf/g/ue8cAn7SFZd2s6smhGHp1oRR6zUSvXpP01aUzEeIxHJZ6OmZiKTqQxFXk0IotOnIlOdCMrn1H1aEcWtehGK9qRxqmox32RxmhMxESMRRpZjMSZaMV8NGM6Hoha2cu5WCwf97ENWR65NX713J8/eKtYvhw0utNuFSdzRdA/dgjaVO53rP/Ly8X5wsYI9f9mdw2O4nB1llfqPwAAAPC5lZSvviflS/x3lUtTeSP7xh627A5eh/QAAACAfVD+5v9Y0QwVS3dFUlz/V7aIfO+65wYAAADsj6R8j10SEcNxd2/pXCzG67EQW70IAAAAAHwGlb//P140wxGvlStWpktx/Q8AAACfEz/Ybo7991fm2O3MHUx+U84BnFyaO31vcqFWxNUuHOht12++frnH7tTR5HC/k7IZH7x4WxIRg/XsWLIy++XHB3vth+X3o6tzCWw313/Sbu+YQOycQHkrfhwnejEnnu21z/bvSXqjDE/ljWyk3mo8Wk6JWPzrvvL84vciitF/2Jw9nMS5xaWFkWdeWHq2zOVS0culC/0JFNfNo7j8hR1zWe4/AnHX1ns8VL4Roz/ucG/cytr9Hyi3/t9yOc/stvufrB3zjTjZizk53GuHV+7pjXmoGHN05NHRqNUOD3Sz091XltfsfT+L0d32fJf/hTfinl7MPafu6TVbZFFdl8Xzm7Oors2i91jEwD5l8daJ107/5/etJBvbLYuxK8hi+UDExiwAPi3nyll/VqvQrWUVKopKoaj/G+rurStb7uFY++/VUXpnGR/3u42INbVuMDZW99W+91bdl6N3RD/ViznVO58YPLpFXalscUR/cfHFP/SP6A+98/NffPP4H39ZjntV1e2duK8X02/ijt9tU2OLff7Jhqr6drHF21uOW5yDdRrVJC5FHPjOhRfjyMuvXnxg8cLZ5xaeW3i+Wh0brzxUqTxcjaHyVKHf7JApADev3T9jZ9uIW/pdJA9td1Xdr3h3XP6TgpF4Jl6IpSjOAO7uxd69edx3iyvxNX+GcP8uV63Daz7h5f5dri1XY6ubY5PYJnZszSP25Z+VzUfX5L8DAK6LkzvU4V3q/+VX5u/f5bp7fS3fcHUc29fyrXz1mj4aAHBzyNofJsPdN5N2O597enRiYrTWncnSdqv+VNrOJ6ezNG92s3Z9ptacztK5dqvbqq+8cDyZddLO/Nxcq91Np1rtNAY6+enyk9/T/ke/d7LZWrOb1ztzjazWydJ6q9mt1bvpZN6pp3PzTzTyzkzWLjfuzGX1fCqv17p5q5l2WvPtejaSpp0sWxOYT2bNbj6VF4vNdK6dz9balyKiMT+bpZNZp97O57qtXocrY+XNqVZ7tux2ZPPu/+16P94AcCN4+dWL588uLS28dHULf91L8Ke9jwDAeqo0AAAAAAAAAAAAAADc+Da/Xa9Y+wneEXhlCwfjmg9xEy18rT8lY29NsXSDJPbpLXzrscfObxfzxGt3zuytn61/UrZ6q+ubhyNuefenvTWPbx/8/f7P3/7s6XsRcRWbLyc7xKw7TNxynQ9LAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALCl/wcAAP//ez9qPw==")
open_by_handle_at(0xffffffffffffff9c, &(0x7f0000000640)=ANY=[@ANYBLOB="20000000020003001d"], 0x202400)

423.134831ms ago: executing program 2 (id=1535):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='kfree\x00', r0, 0x0, 0x101}, 0x18)
munmap(&(0x7f0000002000/0x2000)=nil, 0x2000)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x78, 0x6}, 0x4)
setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000100)={0x1, &(0x7f0000002040)=[{0x4, 0x8, 0x8, 0x6}]}, 0x10)

328.207962ms ago: executing program 0 (id=1536):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x80240, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r0, 0x400455c8, 0x4)
ioctl$TCFLSH(r0, 0x400455cb, 0x2)

327.713891ms ago: executing program 2 (id=1537):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000100)={0x1, "ff0f000000000000f5a72d866b0000000000f0ffdefe00"})
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r2 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r2, 0xc0184800, &(0x7f0000000100)={0x4, <r3=>r1})
ioctl$DMA_BUF_SET_NAME_A(r3, 0x40086203, &(0x7f00000001c0)='\x02\x00\x00\x00\x05\x00\x00\x00-control\x00')
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0xf, 0x8, 0x80, 0x2, 0x7, 0x7f, 0xa9, 0x4d, 0x6, 0x5f, 0x9, 0x15, 0xffff2d37, 0xff7fff01, 0x6, 0x5, 0x7, 0x5, 0x6, 0x0, 0x7, 0x3c5b, 0x1, 0x24, 0xd, 0x1, 0x0, 0xffffffff, 0xe661, 0x4, 0x7, 0x5, 0x8, 0x80004c74, 0x10000, 0x242, 0x3, 0xe, 0x0, 0x80008071, 0x7, 0x17, 0x1, 0x7, 0x5, 0x3e, 0x18e, 0x6, 0x6, 0x0, 0x6, 0x4, 0x8, 0x3ff, 0x80, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0x9, 0x8000012f, 0x8004, 0x5, 0xfffffff3, 0x129432f6, 0xc8, 0xf1, 0xe, 0x2bf, 0x6c7, 0x9, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2f, 0xe, 0x312, 0x66abcbd2, 0xea4, 0x0, 0x4, 0x7, 0x7fff, 0x6, 0x400, 0x401, 0x6, 0x1, 0xff, 0x5, 0x1000005, 0x5f31, 0xd, 0x4e0, 0x381, 0x4, 0xb, 0x4, 0x9, 0x8, 0x40, 0x6, 0x47, 0x8000, 0x1, 0xfe000000, 0xffff, 0x2, 0x4, 0x9, 0x8000003, 0x3, 0x4000009, 0x6, 0x0, 0x3, 0xbc45, 0x48c93690, 0x42, 0x3], [0x7, 0x408, 0x3ff, 0x5, 0xfffffffd, 0x100, 0x4, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x9, 0x86, 0x3, 0x303c, 0x3e3, 0xb, 0x5, 0x2, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x38, 0x200, 0x200, 0x80, 0x3, 0x5, 0x2950bfaf, 0x1000, 0xa2, 0x4, 0xa9, 0x5, 0x6, 0xac8, 0xbf, 0x2, 0x3, 0x7ff, 0x12b, 0x4, 0x1, 0xa, 0xffffffff, 0x5, 0x1c, 0x120000, 0x7ff, 0x2006, 0x80a2ed, 0x4, 0x25], [0x9, 0xbb33, 0x7, 0xb, 0x5, 0x938, 0x6, 0x6, 0x0, 0xb9, 0xce4, 0x1ff, 0x2, 0x57, 0x5, 0x3, 0x2, 0x10000, 0x4, 0x7fff, 0xffff, 0xa620, 0x1, 0x5, 0x1, 0x2000002, 0x150, 0x60a7, 0x6, 0x16, 0xffffffff, 0x80000000, 0x5, 0x5, 0xc8, 0x1, 0xfffff000, 0x10000, 0x3, 0x7e, 0x100, 0x9622, 0x7, 0xaf, 0x20000008, 0x5, 0x226, 0x2, 0x5, 0x0, 0x30b1d693, 0xa1f, 0xf40, 0x7, 0x530e, 0x6c1b, 0x0, 0x4, 0x5, 0x7ff, 0xd7, 0x200, 0xb, 0xfffffff8]}, 0x45c)
socket$tipc(0x1e, 0x5, 0x0)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
close_range(r4, 0xffffffffffffffff, 0x0)

327.566098ms ago: executing program 0 (id=1538):
creat(&(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1f8)
ppoll(&(0x7f00000001c0)=[{0xffffffffffffffff, 0x100}, {0xffffffffffffffff, 0x100}], 0x2, 0x0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000180)=ANY=[@ANYBLOB="043e110b07"], 0xec)
syz_usb_ep_write$ath9k_ep2(0xffffffffffffffff, 0x83, 0x8, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)

246.479155ms ago: executing program 2 (id=1539):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x2080, 0x0)
ioctl$BLKROSET(r0, 0x125d, &(0x7f0000000140))

246.228688ms ago: executing program 2 (id=1540):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="020a00030700000000000000fcdbdf2505001a0064010100000000000000000000000000ac1414aa000000000000000500000080ffffff"], 0x38}}, 0x44040)

167.017796ms ago: executing program 2 (id=1541):
syz_mount_image$ocfs2(&(0x7f0000004740), &(0x7f0000004780)='./file0\x00', 0x100000a, &(0x7f00000002c0)={[{@journal_async_commit}, {@heartbeat_none}, {@usrquota}, {@grpquota}, {@heartbeat_none}, {@intr}]}, 0x1, 0x4703, &(0x7f0000004800)="$eJzs212IXFcBB/BzJ6vZpMl2P9ImafoxSQQXLcumT9X6ENeqjabNh7bVVFlnN9vN6uzMujujBYPUIIiCoARBxQ+qQulLLYiBvtQiFPxAWoVSUbS+iBSq4INBG+jKzNybnXtntneyk7S0/f2gnb3n3nPumf3vPXfOPZNCrHZqYaW4sFIsVYrV2ftXbil+rlquL86FwqvktT4/vbkSOcn+tXPkfR/4yD23hPCHY1/70Orq6mpoGA5dHWj7+fy/T8+2vyYKmTqNdru31vLH+iMv/fwtr3REnhMhhB0d/WrYFEL42C9C2BxCGInLRuPXLSGEbSGEKITw6G/+9ePBfrrQ5uy9Lzx37MzhfWemHn/smQvzR9c9MArhu+XdN88vvrh/023Pv+MynR4AAF7RB48fufvo5IHwZBSGzg10fl7fGb8mn4/vfNun7np4YG3/Kr3Z9CqGCgAAABlr8//h6OUu63XJylqyJPjEAyfufipa229i+/p26K4jt79/8kC8/ht17L81Lvrnezc111Cz677Z9d+RTP3u679r53n4q8/+svLWjfc/6V9y3uEQFSZS24XCxEQIx6Za27uirYVydaX2zvur9crJjZ/3jSKdf3b1fm1Bv9f8RzPV89b/d3/i8z/bMtDPOxgL2b/axnax80+ZLtL5rz+W/+RLUU/5j2Xq5eV/x9Pbz/9qcz/vIHtGLkU6/9aFuK/9gGJrAGjk/82B/Px3ZNrPy//7U+cePbGB7/80xpnhqNHXwdQI8HJcvs5XmMhI598KIjV0xr/I9a7//2XyvybTfl7+d1b/8bu/9XH/X2/8H5/qp803j3T+rSCKqSPWrv+RQv71f22m/bz8f3vqz89+sq97dWf+jf6Pu//3JJ1/fCNOD57N32Sv4//OTPt5+e8au++hhQ30+8Nb4n4ORWGs7Vun5xq3sKG19ermlKaxe2kDJ3kTSOff+q2lLp2h1kvz+h/OH/93ZdrPy/+hPV9/z+m+vv/bffyfNP73JJ3/lmbZpeT/Uib/3Zn28/L/4em//+W+yzz+N7YPyr8n6fy3duxfe/5T6Gn+d12mft7zn32jTz3y1z7m/0n/kvMmz3+S5xDjUev5D92l879q3eN6vf/vydTLu/6/9Z/nn97fz/gfDXoC0Id0/ttahV0mgL3mf32m/bz8v3DPlz/+pw3M/5qf+AaT/Nvm/5tb5UeN/z1J57+9VZj6x1APNv/fvP9Hnbn/N5P/DZn28/K/cGhi4CuX+f7f6P94l0fZdErnP7TucY38f9/D/f/GTL28/L+496cv3tzX5/8QJs31Nyyd/9XrHte8/gfz878pUy8v/+9849dPPNhH/9/eR12y+bfu9anLKf5s3uv8v5hpPy//H42fP7v/Csz/bnX/70k6/9aq+aXkn53/7820n5f/9478YHngCjz/uUP+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGzIavw6HqDCR2i4UJiZCGIu3d4Wt0Uzp5PRMuTr7mZUQdsTlxTAazZerM6Xy9EKlenJuulQuV2dDuCbevyMMRivlam16sbR07cW2tkSn5krLtZm5Ui2EsDMuvz5sT9qaWagtlpaaxyZ1ropKn61Xa6WJ+srccth9sXxbUj6/XK0vXXexrasL1eWlU6XK9MmF5XdPTk5Ohj0X+zwSzT1Qm6vUWr1t7W3USeoOR21vprn7hrbzfbpaX66Uys3yG9vqlKuzpXJbnZvazldbrldmS7W56XJ1Pjlfsa1u23tr7t4b7xsPI6n3l9TNOhi/3n7o+EePHz7Qsb8YpfOu1BfnJrd3/5sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4I3rydve9e0QwkBrqxBCOJj8EMX/pZy994Xnjp05vO/M1OOPPXNh/mi3YwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4PztwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYuZ+XKro4DsBnxve+FkgpbYRcBoaI6E7Cgn4RSeU1smWb1kGtEjIoCgwjWhYEQVC7qCBoFVT+BVELl62qTS1aGERQMTqTlzvCDS90zHkeGM4Mc++ZLwzcO3M+hwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALB+nN2x2JW1l3ZtXtq6+0PozM/9H0IYTZb3P+/tCD0hhK9fZk6HVdpCT1P/bybnxstXTX7v7R9/eH00WXv9xXeL63aHJB1qON6ZpOnQ0Nr736juDD6bHkxCSGMXQhQLY0/O1EIIHbELIYqfH+cvZr/v/8UuhCj6P9ztyu5/LXYhRLF196e+Wv6MR/Wcr18YbPzvb/UI3sYjOuvQ25NX3qVuauW9zN//k3zzPlgNsyeOvH8euwiimZ2bOhq7BgAA4O861yL/D1uW9+9fTkJPdzn3/9aU//c29b96/r/i3vYbYzNthRDbSmOT2fHwvnb63PhODVy9/bpmvKeq5P/VJv+vNvl/tcn/q03+X23yfzKv5P+V9PjmnsUXsYsgGvk/AABUz6HjE1P14ZHs5X/Tj85yXt+Xt/U8T39wa3rgUcO4kfzw33b42MSBg8Mj+X0vDwiurP+QLp39ns/3aG4Lk03zLlqt/9D7dGH+Wmf5E/U/nL9R1Fdc1/oPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAvdueehkEwCsPod1sRtdGqaMLCT4IPNDAiACnMaEAHEwZgIAQUMJBzlnuTZ3kBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA5/tXeV18f2mM9Foj0lR22bV/jqfZz9y3w/I+e9y4FQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADZ24EAGAAAAQJi/dR7tBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4KkAAAD//8Oayzs=")
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f00000000c0)='./bus\x00', 0x2c600, 0x0, 0xbe, 0x0, &(0x7f00000007c0))
chdir(&(0x7f0000000140)='./bus\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
symlink(&(0x7f0000000b00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000940)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

0s ago: executing program 4 (id=1542):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x8ad01, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f00000000c0)={'pcmmio\x00', [0xf27, 0xd7b, 0x1, 0x4, 0x5, 0x5, 0x4, 0x7, 0x54c6cff3, 0xfd, 0x2, 0x1, 0x1, 0x1, 0x6, 0x6a, 0x0, 0xc7c, 0x3, 0x40000003, 0x89, 0xcaa3, 0x0, 0x20001e57, 0x3, 0x2000e66, 0x3, 0x1, 0x10004083, 0x0, 0xfffffff8]})
write(r0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

eing deprecated and will be removed in a future release, please use -o space_cache=v2
[  112.620035][ T6946] BTRFS info (device loop3): rebuilding free space tree
[  112.629022][ T6971] netlink: 212368 bytes leftover after parsing attributes in process `syz.2.469'.
[  112.654008][ T6946] BTRFS info (device loop3): disabling free space tree
[  112.657087][ T6946] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  112.663007][ T6946] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  112.673493][ T6946] BTRFS info (device loop3): checking UUID tree
[  112.677868][ T6946] BTRFS info (device loop3): enabling ssd optimizations
[  112.708764][ T6946] BTRFS info (device loop3): turning off barriers
[  112.719185][ T6946] BTRFS info (device loop3): disabling tree log
[  112.725767][ T6946] BTRFS info (device loop3): enabling disk space caching
[  112.728926][ T6946] BTRFS info (device loop3): force clearing of disk cache
[  112.736796][ T6946] BTRFS info (device loop3): force lzo compression, level 1
[  112.743819][ T6946] BTRFS info (device loop3): max_inline set to 0
[  112.859487][ T6742] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  113.661389][   T55] Bluetooth: hci3: command tx timeout
[  113.897719][ T6998] loop3: detected capacity change from 0 to 512
[  113.933545][ T6998] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.480: inode has both inline data and extents flags
[  113.943877][ T6998] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.480: couldn't read orphan inode 15 (err -117)
[  113.951466][ T6998] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  113.982289][   T34] kauditd_printk_skb: 8 callbacks suppressed
[  113.982303][   T34] audit: type=1800 audit(1764021144.127:75): pid=6998 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.480" name="file1" dev="overlay" ino=21 res=0 errno=0
[  114.049450][ T6742] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.188734][ T7008] netlink: 104 bytes leftover after parsing attributes in process `syz.3.484'.
[  114.369356][ T7016] loop2: detected capacity change from 0 to 512
[  114.381282][ T7016] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  114.408031][ T7016] EXT4-fs warning (device loop2): ext4_update_dynamic_rev:1137: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  114.433985][ T7016] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.488: bg 0: block 248: padding at end of block bitmap is not set
[  114.462525][ T7016] Quota error (device loop2): write_blk: dquota write failed
[  114.466366][ T7016] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  114.471764][ T7016] EXT4-fs error (device loop2): ext4_acquire_dquot:6945: comm syz.2.488: Failed to acquire dquot type 1
[  114.480280][ T7016] EXT4-fs (loop2): 1 truncate cleaned up
[  114.483703][ T7016] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback.
[  114.601178][ T7020] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  114.611123][   T52] Quota error (device loop2): do_check_range: Getting block 0 out of range 1-5
[  114.615056][   T52] EXT4-fs error (device loop2): ext4_release_dquot:6981: comm kworker/u9:2: Failed to release dquot type 1
[  114.628832][ T5929] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0008-000000000000.
[  115.208250][ T7027] netlink: 4 bytes leftover after parsing attributes in process `syz.3.491'.
[  115.518910][ T7025] overlayfs: statfs failed on './file0'
[  115.776360][ T7034] loop0: detected capacity change from 0 to 256
[  115.782950][ T7034] exfat: Deprecated parameter 'namecase'
[  115.792959][ T7034] exfat: Deprecated parameter 'namecase'
[  115.794902][ T7034] exfat: Deprecated parameter 'utf8'
[  115.800754][ T7034] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  115.872735][ T7039] loop2: detected capacity change from 0 to 256
[  116.005097][ T7047] tmpfs: Bad value for 'mpol'
[  116.110989][ T7053] loop0: detected capacity change from 0 to 128
[  116.117801][ T7053] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  116.125926][ T7053] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  116.299309][ T7061] loop0: detected capacity change from 0 to 512
[  116.314761][ T7061] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843c198, mo2=0002]
[  116.317853][ T7061] System zones: 1-12
[  116.324587][ T7061] EXT4-fs error (device loop0): ext4_iget_extra_inode:5075: inode #15: comm syz.0.507: corrupted in-inode xattr: e_value size too large
[  116.333601][ T7061] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.507: couldn't read orphan inode 15 (err -117)
[  116.339033][ T7061] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  116.415850][ T5919] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.452948][ T5925] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  116.469662][ T7055] loop2: detected capacity change from 0 to 32768
[  116.484914][ T7055] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.504 (7055)
[  116.509928][ T7055] BTRFS info (device loop2): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  116.514818][ T7055] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[  116.599960][ T5925] usb 4-1: Using ep0 maxpacket: 32
[  116.604390][ T5925] usb 4-1: config 252 has an invalid interface number: 97 but max is 0
[  116.608172][ T5925] usb 4-1: config 252 has no interface number 0
[  116.614261][ T5925] usb 4-1: config 252 interface 97 has no altsetting 0
[  116.641487][ T5925] usb 4-1: New USB device found, idVendor=0a5c, idProduct=2033, bcdDevice=16.6d
[  116.781261][ T7055] BTRFS info (device loop2): enabling ssd optimizations
[  116.785351][ T7055] BTRFS info (device loop2): turning on async discard
[  116.787978][ T7055] BTRFS info (device loop2): enabling free space tree
[  116.806968][ T5929] BTRFS info (device loop2): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  116.844645][ T5925] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  116.869309][ T5925] usb 4-1: Product: syz
[  116.876181][ T5925] usb 4-1: Manufacturer: syz
[  116.878646][ T5925] usb 4-1: SerialNumber: syz
[  117.031856][ T7086] loop2: detected capacity change from 0 to 256
[  117.069328][ T7086] FAT-fs (loop2): Directory bread(block 64) failed
[  117.075425][ T7086] FAT-fs (loop2): Directory bread(block 65) failed
[  117.077602][ T7086] FAT-fs (loop2): Directory bread(block 66) failed
[  117.086458][ T7086] FAT-fs (loop2): Directory bread(block 67) failed
[  117.088869][ T7086] FAT-fs (loop2): Directory bread(block 68) failed
[  117.099119][ T7086] FAT-fs (loop2): Directory bread(block 69) failed
[  117.104968][ T7086] FAT-fs (loop2): Directory bread(block 70) failed
[  117.107085][ T7086] FAT-fs (loop2): Directory bread(block 71) failed
[  117.109288][ T7086] FAT-fs (loop2): Directory bread(block 72) failed
[  117.120925][ T7086] FAT-fs (loop2): Directory bread(block 73) failed
[  117.139231][ T5925] usb 4-1: USB disconnect, device number 3
[  117.487650][ T7105] loop2: detected capacity change from 0 to 8192
[  117.510753][ T7105] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  117.540258][ T5925] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  117.690180][ T5925] usb 1-1: Using ep0 maxpacket: 32
[  117.693944][ T5925] usb 1-1: config 0 has an invalid interface number: 67 but max is 0
[  117.697127][ T5925] usb 1-1: config 0 has no interface number 0
[  117.704509][ T5925] usb 1-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  117.711631][ T5925] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  117.715083][ T5925] usb 1-1: Product: syz
[  117.720239][ T5925] usb 1-1: Manufacturer: syz
[  117.722121][ T5925] usb 1-1: SerialNumber: syz
[  117.728380][ T5925] usb 1-1: config 0 descriptor??
[  117.737987][ T5925] smsc95xx v2.0.0
[  117.744984][ T5925] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[  117.751033][ T5925] smsc95xx 1-1:0.67: probe with driver smsc95xx failed with error -22
[  117.829989][   T10] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  117.980328][   T10] usb 3-1: Using ep0 maxpacket: 16
[  117.987708][   T10] usb 3-1: unable to get BOS descriptor or descriptor too short
[  117.998828][   T10] usb 3-1: config 229 has an invalid interface number: 152 but max is 1
[  118.007559][   T10] usb 3-1: config 229 has an invalid interface number: 12 but max is 1
[  118.015322][   T10] usb 3-1: config 229 has no interface number 0
[  118.018796][   T10] usb 3-1: config 229 has no interface number 1
[  118.021686][   T10] usb 3-1: config 229 interface 152 has no altsetting 0
[  118.026065][   T10] usb 3-1: config 229 interface 12 has no altsetting 0
[  118.042372][   T10] usb 3-1: New USB device found, idVendor=413c, idProduct=81a3, bcdDevice=25.ca
[  118.046415][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  118.055298][   T10] usb 3-1: Product: syz
[  118.057043][   T10] usb 3-1: Manufacturer: syz
[  118.059105][   T10] usb 3-1: SerialNumber: syz
[  118.139662][   T33] usb 1-1: USB disconnect, device number 7
[  118.307687][   T10] usb 3-1: USB disconnect, device number 7
[  118.918250][ T7149] loop2: detected capacity change from 0 to 1024
[  118.925150][   T10] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  118.976024][ T7149] hfsplus: request for non-existent node 196608 in B*Tree
[  118.978577][ T7149] hfsplus: request for non-existent node 196608 in B*Tree
[  119.005438][ T7149] hfsplus: failed to load root directory
[  119.100235][   T10] usb 4-1: Using ep0 maxpacket: 16
[  119.105358][   T10] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  119.114825][   T10] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  119.122382][   T10] usb 4-1: New USB device found, idVendor=1f6b, idProduct=0101, bcdDevice= 0.40
[  119.126061][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  119.129086][   T10] usb 4-1: Product: syz
[  119.140157][   T10] usb 4-1: Manufacturer: syz
[  119.142200][   T10] usb 4-1: SerialNumber: syz
[  119.288175][ T7165] overlayfs: missing 'lowerdir'
[  119.376773][   T10] usb 4-1: 0:66 : does not exist
[  119.378607][   T10] usb 4-1: unit 4 not found!
[  119.410223][   T10] usb 4-1: USB disconnect, device number 4
[  119.435602][ T5928] udevd[5928]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  119.513237][ T7163] loop0: detected capacity change from 0 to 40427
[  119.524274][ T7163] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  119.527183][ T7163] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  119.546391][ T7163] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  119.584070][ T7163] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  119.591517][ T7163] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  119.594177][ T7163] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  119.603014][ T7169] loop2: detected capacity change from 0 to 32768
[  119.648932][ T7169] JBD2: Ignoring recovery information on journal
[  119.687292][ T7169] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  119.742037][ T5929] ocfs2: Unmounting device (7,2) on (node local)
[  119.889673][ T7179] loop2: detected capacity change from 0 to 512
[  119.988069][ T7183] ip6_tunnel: non-ECT from fe88:0000:0000:0000:0000:0000:0000:0104 with DS=0x92
[  120.218740][ T7199] loop2: detected capacity change from 0 to 512
[  120.236438][ T7199] EXT4-fs (loop2): Invalid log cluster size: 1024
[  120.456520][ T7195] loop3: detected capacity change from 0 to 32768
[  120.496028][ T7212] smc: net device bond0 applied user defined pnetid SYZ0
[  120.666111][ T7219] loop2: detected capacity change from 0 to 128
[  120.831253][ T7229] loop3: detected capacity change from 0 to 1024
[  120.876191][ T7229] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  120.904693][ T6742] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.077682][ T7226] loop0: detected capacity change from 0 to 32768
[  121.088237][ T7244] loop2: detected capacity change from 0 to 64
[  121.091519][ T7226] ocfs2: Slot 0 on device (7,0) was already allocated to this node!
[  121.114349][ T7247] loop3: detected capacity change from 0 to 256
[  121.121972][ T7226] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  121.141293][ T7247] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[  121.153560][ T7247] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x7f1fc68d, utbl_chksum : 0xe619d30d)
[  121.220990][ T5919] ocfs2: Unmounting device (7,0) on (node local)
[  121.570826][    T9] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  121.589371][ T5934] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.629638][ T7261] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  121.724268][    T9] usb 3-1: New USB device found, idVendor=055f, idProduct=c420, bcdDevice=6a.33
[  121.727816][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  121.733844][ T5934] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.752390][    T9] usb 3-1: config 0 descriptor??
[  121.766810][    T9] gspca_main: sunplus-2.14.0 probing 055f:c420
[  121.800005][ T7264] loop0: detected capacity change from 0 to 128
[  121.846070][ T5934] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  121.912902][ T5926] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  121.916510][ T5926] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  121.921909][ T5926] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  121.928462][ T5926] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  121.931644][ T5926] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  121.971666][    T9] gspca_sunplus: reg_w_riv err -71
[  121.973852][    T9] sunplus 3-1:0.0: probe with driver sunplus failed with error -71
[  121.978725][ T5934] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  122.008488][    T9] usb 3-1: USB disconnect, device number 8
[  122.187721][ T5934] bridge_slave_1: left allmulticast mode
[  122.190506][ T5934] bridge_slave_1: left promiscuous mode
[  122.194483][ T5934] bridge0: port 2(bridge_slave_1) entered disabled state
[  122.205061][ T5934] bridge_slave_0: left allmulticast mode
[  122.209456][ T5934] bridge_slave_0: left promiscuous mode
[  122.214707][ T5934] bridge0: port 1(bridge_slave_0) entered disabled state
[  122.545419][ T7284] loop2: detected capacity change from 0 to 512
[  122.568457][ T7284] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  122.574018][ T5934] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  122.583954][ T7284] EXT4-fs (loop2): 1 truncate cleaned up
[  122.587482][ T5934] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  122.593704][ T7284] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  122.594534][ T5934] bond0 (unregistering): Released all slaves
[  122.694278][ T7265] chnl_net:caif_netlink_parms(): no params data found
[  122.781965][ T5929] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  122.907387][ T7292] bridge0: port 1(bridge_slave_0) entered disabled state
[  123.046624][ T7303] loop0: detected capacity change from 0 to 512
[  123.049443][ T7303] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  123.077222][ T7265] bridge0: port 1(bridge_slave_0) entered blocking state
[  123.087707][ T7265] bridge0: port 1(bridge_slave_0) entered disabled state
[  123.091298][ T7265] bridge_slave_0: entered allmulticast mode
[  123.094098][ T7265] bridge_slave_0: entered promiscuous mode
[  123.112355][ T7265] bridge0: port 2(bridge_slave_1) entered blocking state
[  123.115306][ T7265] bridge0: port 2(bridge_slave_1) entered disabled state
[  123.118331][ T7265] bridge_slave_1: entered allmulticast mode
[  123.125743][ T7265] bridge_slave_1: entered promiscuous mode
[  123.207120][ T5934] hsr_slave_0: left promiscuous mode
[  123.213308][ T5934] hsr_slave_1: left promiscuous mode
[  123.215736][ T5934] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  123.220534][ T5934] batman_adv: batadv0: Removing interface: batadv_slave_0
[  123.224883][ T5934] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  123.227204][ T5934] batman_adv: batadv0: Removing interface: batadv_slave_1
[  123.278361][ T5934] veth1_macvtap: left promiscuous mode
[  123.283732][ T5934] veth0_macvtap: left promiscuous mode
[  123.286596][ T5934] veth1_vlan: left promiscuous mode
[  123.291262][ T5934] veth0_vlan: left promiscuous mode
[  123.300258][ T7317] loop0: detected capacity change from 0 to 128
[  123.328943][ T7317] vxfs: WRONG superblock magic 7b3185b5 at 1
[  123.345358][ T7317] vxfs: WRONG superblock magic 7b318cb5 at 8
[  123.347797][ T7317] vxfs: can't find superblock.
[  123.898951][ T5934] team0 (unregistering): Port device team_slave_1 removed
[  124.009416][ T7332] ptrace attach of "/syz-executor exec"[5919] was attempted by "/syz-executor exec"[7332]
[  124.041392][   T55] Bluetooth: hci1: command tx timeout
[  124.057274][ T5934] team0 (unregistering): Port device team_slave_0 removed
[  124.631072][ T7336] loop0: detected capacity change from 0 to 8
[  124.640190][ T7265] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  124.644847][ T7336] SQUASHFS error: Failed to read block 0x2fc: -5
[  124.647197][ T7336] SQUASHFS error: Unable to read metadata cache entry [2fa]
[  124.650391][ T7336] SQUASHFS error: Unable to read inode 0x11f
[  124.672183][ T7265] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  124.755020][ T7340] netlink: 'syz.2.614': attribute type 13 has an invalid length.
[  124.788313][ T7265] team0: Port device team_slave_0 added
[  124.804927][ T7265] team0: Port device team_slave_1 added
[  124.844969][ T7342] netlink: 'syz.0.615': attribute type 9 has an invalid length.
[  124.888258][ T7265] batman_adv: batadv0: Adding interface: batadv_slave_0
[  124.893107][ T7265] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  124.910554][ T7265] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  124.922258][ T7344] tap0: tun_chr_ioctl cmd 1074025677
[  124.924466][ T7344] tap0: linktype set to 825
[  124.935076][ T7265] batman_adv: batadv0: Adding interface: batadv_slave_1
[  124.937792][ T7265] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  124.951838][ T7265] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  125.111604][ T7265] hsr_slave_0: entered promiscuous mode
[  125.114475][ T7265] hsr_slave_1: entered promiscuous mode
[  125.116693][ T7265] debugfs: 'hsr0' already exists in 'hsr'
[  125.118579][ T7265] Cannot create hsr debugfs directory
[  125.240034][ T7346] loop0: detected capacity change from 0 to 32768
[  125.315537][ T7359] netlink: 4 bytes leftover after parsing attributes in process `syz.2.620'.
[  125.540986][ T7265] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  125.557345][ T7265] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  125.568865][ T7265] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  125.574822][ T7265] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  125.680360][ T7381] syz.2.625 uses obsolete (PF_INET,SOCK_PACKET)
[  125.710197][  T793] usb 1-1: new full-speed USB device number 8 using dummy_hcd
[  125.726657][ T7265] 8021q: adding VLAN 0 to HW filter on device bond0
[  125.748006][ T7265] 8021q: adding VLAN 0 to HW filter on device team0
[  125.756859][  T455] bridge0: port 1(bridge_slave_0) entered blocking state
[  125.759037][  T455] bridge0: port 1(bridge_slave_0) entered forwarding state
[  125.769523][  T455] bridge0: port 2(bridge_slave_1) entered blocking state
[  125.772522][  T455] bridge0: port 2(bridge_slave_1) entered forwarding state
[  125.871739][  T793] usb 1-1: config 0 interface 0 altsetting 8 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  125.945932][ T7265] 8021q: adding VLAN 0 to HW filter on device batadv0
[  126.128952][ T7265] veth0_vlan: entered promiscuous mode
[  126.130246][   T55] Bluetooth: hci1: command tx timeout
[  126.146859][ T7265] veth1_vlan: entered promiscuous mode
[  126.176691][ T7265] veth0_macvtap: entered promiscuous mode
[  126.183848][ T7265] veth1_macvtap: entered promiscuous mode
[  126.195927][ T7265] batman_adv: batadv0: Interface activated: batadv_slave_0
[  126.208586][ T7265] batman_adv: batadv0: Interface activated: batadv_slave_1
[  126.217803][ T5934] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  126.226192][ T5934] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  126.232178][ T5934] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  126.244330][ T5934] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  126.313452][ T6017] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  126.322016][ T6017] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  126.347020][   T69] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  126.353438][   T69] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  126.667205][  T793] usb 1-1: config 0 interface 0 has no altsetting 0
[  126.669618][  T793] usb 1-1: New USB device found, idVendor=0419, idProduct=0600, bcdDevice= 0.00
[  126.672754][  T793] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  126.676551][  T793] usb 1-1: config 0 descriptor??
[  126.690298][ T7363] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  126.772089][ T5987] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  126.920749][ T5987] usb 5-1: Using ep0 maxpacket: 8
[  126.927885][ T5987] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  126.931964][ T5987] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  126.935825][ T5987] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0xE has invalid wMaxPacketSize 0
[  126.939365][ T5987] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8 has invalid wMaxPacketSize 0
[  126.947072][ T5987] usb 5-1: New USB device found, idVendor=112a, idProduct=0005, bcdDevice=14.a8
[  126.950806][ T5987] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  126.954026][ T5987] usb 5-1: Product: syz
[  126.955629][ T5987] usb 5-1: Manufacturer: syz
[  126.957623][ T5987] usb 5-1: SerialNumber: syz
[  126.966104][ T5987] usb 5-1: config 0 descriptor??
[  126.975877][ T5987] redrat3 5-1:0.0: Couldn't find all endpoints
[  127.019960][   T33] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  127.098187][  T793] samsung 0003:0419:0600.0003: unbalanced delimiter at end of report description
[  127.102183][  T793] samsung 0003:0419:0600.0003: parse failed
[  127.104178][  T793] samsung 0003:0419:0600.0003: probe with driver samsung failed with error -22
[  127.170445][   T33] usb 3-1: Using ep0 maxpacket: 32
[  127.174427][   T33] usb 3-1: config 0 has an invalid interface number: 247 but max is 0
[  127.186265][   T33] usb 3-1: config 0 has no interface number 0
[  127.189220][ T5987] usb 5-1: USB disconnect, device number 2
[  127.196432][   T33] usb 3-1: New USB device found, idVendor=1d50, idProduct=60c6, bcdDevice=62.9b
[  127.203323][   T33] usb 3-1: New USB device strings: Mfr=1, Product=3, SerialNumber=0
[  127.206333][   T33] usb 3-1: Product: syz
[  127.208007][   T33] usb 3-1: Manufacturer: syz
[  127.217301][   T33] usb 3-1: config 0 descriptor??
[  127.306019][   T33] usb 1-1: USB disconnect, device number 8
[  127.434543][  T793] usb 3-1: USB disconnect, device number 9
[  127.937848][ T7427] netlink: 24 bytes leftover after parsing attributes in process `syz.0.633'.
[  128.013778][ T7432] overlayfs: lowerdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  128.201091][   T55] Bluetooth: hci1: command tx timeout
[  128.260216][   T33] usb 1-1: new full-speed USB device number 9 using dummy_hcd
[  128.412003][   T33] usb 1-1: config 17 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  128.415569][   T33] usb 1-1: config 17 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  128.419363][   T33] usb 1-1: config 17 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  128.423622][   T33] usb 1-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  128.426828][   T33] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  128.500080][  T793] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  128.511788][ T5987] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  128.640005][   T33] aiptek 1-1:17.0: Aiptek using 400 ms programming speed
[  128.645521][   T33] input: Aiptek as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:17.0/input/input9
[  128.652671][  T793] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  128.656706][   T33] input: failed to attach handler kbd to device input9, error: -5
[  128.656708][  T793] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  128.665479][  T793] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66
[  128.669363][  T793] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  128.675195][  T793] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  128.680419][ T5987] usb 5-1: Using ep0 maxpacket: 32
[  128.684007][  T793] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  128.689545][  T793] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  128.698315][  T793] usb 3-1: Product: syz
[  128.699093][ T5987] usb 5-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  128.701079][  T793] usb 3-1: Manufacturer: syz
[  128.704908][ T5987] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  128.711777][   T33] usb 1-1: USB disconnect, device number 9
[  128.736889][  T793] cdc_wdm 3-1:1.0: skipping garbage
[  128.740956][  T793] cdc_wdm 3-1:1.0: skipping garbage
[  128.754723][ T5987] usb 5-1: config 0 descriptor??
[  128.757144][  T793] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device
[  128.769658][ T5987] gspca_main: sunplus-2.14.0 probing 041e:400b
[  128.776214][  T793] cdc_wdm 3-1:1.0: Unknown control protocol
[  128.928935][ T7456] cdc_wdm 3-1:1.0: Error submitting int urb - -90
[  128.934512][   T10] usb 3-1: USB disconnect, device number 10
[  129.621855][   T10] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  129.771892][ T5987] gspca_sunplus: reg_w_riv err -71
[  129.772189][   T10] usb 1-1: Using ep0 maxpacket: 8
[  129.774065][ T5987] sunplus 5-1:0.0: probe with driver sunplus failed with error -71
[  129.781873][ T5987] usb 5-1: USB disconnect, device number 3
[  129.787777][   T10] usb 1-1: config 2 has an invalid interface number: 169 but max is 0
[  129.792089][   T10] usb 1-1: config 2 has no interface number 0
[  129.794605][   T10] usb 1-1: config 2 interface 169 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  129.798401][   T10] usb 1-1: config 2 interface 169 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  129.805408][   T10] usb 1-1: config 2 interface 169 altsetting 0 endpoint 0x8B has an invalid bInterval 129, changing to 11
[  129.809266][   T10] usb 1-1: config 2 interface 169 altsetting 0 endpoint 0x8B has invalid maxpacket 58232, setting to 1024
[  129.813480][   T10] usb 1-1: config 2 interface 169 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  129.817554][   T10] usb 1-1: New USB device found, idVendor=1163, idProduct=0200, bcdDevice=b8.92
[  129.820865][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  129.829221][   T10] cypress_m8 1-1:2.169: DeLorme Earthmate USB converter detected
[  129.832333][  T793] usb 3-1: new full-speed USB device number 11 using dummy_hcd
[  129.992283][  T793] usb 3-1: config 0 has an invalid interface number: 41 but max is 0
[  129.994817][  T793] usb 3-1: config 0 has no interface number 0
[  129.996871][  T793] usb 3-1: config 0 interface 41 has no altsetting 0
[  130.002833][  T793] usb 3-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[  130.006765][  T793] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  130.009725][  T793] usb 3-1: Product: syz
[  130.011077][  T793] usb 3-1: Manufacturer: syz
[  130.012556][  T793] usb 3-1: SerialNumber: syz
[  130.016522][  T793] usb 3-1: config 0 descriptor??
[  130.033868][   T10] usb 1-1: DeLorme Earthmate USB converter now attached to ttyUSB0
[  130.048604][   T10] usb 1-1: USB disconnect, device number 10
[  130.056071][   T10] earthmate ttyUSB0: DeLorme Earthmate USB converter now disconnected from ttyUSB0
[  130.059750][   T10] cypress_m8 1-1:2.169: device disconnected
[  130.279931][   T55] Bluetooth: hci1: command tx timeout
[  130.446681][ T7480] vlan2: entered promiscuous mode
[  130.448870][ T7480] bond0: entered promiscuous mode
[  130.451775][ T7480] bond_slave_0: entered promiscuous mode
[  130.454269][ T7480] bond_slave_1: entered promiscuous mode
[  130.626721][  T793] CoreChips 3-1:0.41: probe with driver CoreChips failed with error -71
[  130.638762][  T793] usb 3-1: USB disconnect, device number 11
[  130.660143][ T7482] loop4: detected capacity change from 0 to 32768
[  130.674640][ T7482] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  130.691040][ T7482] XFS (loop4): Ending clean mount
[  130.703167][ T7482] XFS (loop4): User initiated shutdown received.
[  130.708057][ T7482] XFS (loop4): Log I/O Error (0x6) detected at xfs_fs_goingdown+0x71/0x150 (fs/xfs/xfs_fsops.c:476).  Shutting down filesystem.
[  130.715168][ T7482] XFS (loop4): Please unmount the filesystem and rectify the problem(s)
[  130.739783][ T7265] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  130.843380][ T5987] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  131.001947][ T5987] usb 1-1: unable to get BOS descriptor or descriptor too short
[  131.005891][ T5987] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2
[  131.009425][ T5987] usb 1-1: config 1 interface 0 altsetting 247 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  131.016362][ T5987] usb 1-1: config 1 interface 0 has no altsetting 1
[  131.022057][ T5987] usb 1-1: New USB device found, idVendor=2040, idProduct=b990, bcdDevice=f6.75
[  131.026559][ T5987] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  131.029625][ T5987] usb 1-1: Product: syz
[  131.031870][ T5987] usb 1-1: Manufacturer: syz
[  131.033711][ T5987] usb 1-1: SerialNumber: syz
[  131.041349][ T5987] smsusb:smsusb_probe: board id=8, interface number 0
[  131.047671][ T7498] loop4: detected capacity change from 0 to 32768
[  131.247311][ T5987] smsusb:smsusb_probe: Device initialized with return code -19
[  131.462166][ T5987] usb 1-1: USB disconnect, device number 11
[  131.480512][   T55] Bluetooth: hci2: command 0x206a tx timeout
[  131.529954][ T5926] Bluetooth: hci2: Opcode 0x206a failed: -110
[  132.108262][ T7534] loop4: detected capacity change from 0 to 1024
[  132.133509][ T7534] EXT4-fs: Ignoring removed bh option
[  132.135323][ T7534] EXT4-fs: Ignoring removed nobh option
[  132.137033][ T7534] EXT4-fs: Ignoring removed bh option
[  132.174711][ T7534] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.261500][ T7541] netlink: 24 bytes leftover after parsing attributes in process `syz.2.678'.
[  132.320539][   T10] usb 1-1: new full-speed USB device number 12 using dummy_hcd
[  132.483545][ T7547] syz.2.680 (7547): attempted to duplicate a private mapping with mremap.  This is not supported.
[  132.504192][ T7542] EXT4-fs error (device loop4): ext4_mb_mark_diskspace_used:4193: comm syz.4.676: Allocating blocks 497-513 which overlap fs metadata
[  132.516916][ T7542] EXT4-fs (loop4): pa ffff88810790dd98: logic 256, phys. 385, len 8
[  132.521318][ T7542] EXT4-fs error (device loop4): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 1
[  132.553000][   T10] usb 1-1: config 28 has an invalid interface number: 36 but max is 0
[  132.556250][   T10] usb 1-1: config 28 has no interface number 0
[  132.562195][   T10] usb 1-1: New USB device found, idVendor=0b48, idProduct=300d, bcdDevice=4d.63
[  132.566852][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  132.570342][   T10] usb 1-1: Product: syz
[  132.572006][   T10] usb 1-1: Manufacturer: syz
[  132.573904][   T10] usb 1-1: SerialNumber: syz
[  132.657404][ T7553] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=io+mem,decodes=none:owns=io+mem
[  132.801246][   T10] dvb-usb: found a 'Technotrend TT-connect CT-3650' in warm state.
[  132.810229][   T10] dvb-usb: bulk message failed: -22 (4/0)
[  132.812598][   T10] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[  132.816419][   T10] dvb-usb: bulk message failed: -22 (5/0)
[  132.818638][   T10] ttusb2: there might have been an error during control message transfer. (rlen = 0, was 0)
[  132.830626][   T10] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  132.837771][   T10] dvb-usb: Technotrend TT-connect CT-3650 error while loading driver (-19)
[  132.844357][   T10] usb 1-1: USB disconnect, device number 12
[  133.032016][ T7265] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  133.085097][ T7555] loop4: detected capacity change from 0 to 2048
[  133.109404][ T7556] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  133.122673][   T34] audit: type=1800 audit(1764021163.267:76): pid=7555 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.683" name="file1" dev="loop4" ino=15 res=0 errno=0
[  133.182521][ T7558] netlink: 32 bytes leftover after parsing attributes in process `syz.4.684'.
[  133.185590][ T7558] netlink: 32 bytes leftover after parsing attributes in process `syz.4.684'.
[  133.409420][ T1360] ieee802154 phy0 wpan0: encryption failed: -22
[  133.411633][ T1360] ieee802154 phy1 wpan1: encryption failed: -22
[  133.838923][ T7571] netlink: 14 bytes leftover after parsing attributes in process `syz.2.689'.
[  134.298672][ T7575] loop4: detected capacity change from 0 to 1024
[  134.310199][ T7575] EXT4-fs: Ignoring removed mblk_io_submit option
[  134.313770][ T7575] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  134.349636][ T7575] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  134.437756][ T7265] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.969955][  T793] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  135.120051][  T793] usb 1-1: Using ep0 maxpacket: 32
[  135.124431][  T793] usb 1-1: unable to get BOS descriptor or descriptor too short
[  135.132174][  T793] usb 1-1: config 120 has an invalid interface number: 86 but max is 0
[  135.135733][  T793] usb 1-1: config 120 has an invalid descriptor of length 0, skipping remainder of the config
[  135.140484][  T793] usb 1-1: config 120 has no interface number 0
[  135.146817][  T793] usb 1-1: New USB device found, idVendor=12d1, idProduct=9c20, bcdDevice=e5.af
[  135.151693][  T793] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  135.155370][  T793] usb 1-1: Product: syz
[  135.159429][  T793] usb 1-1: Manufacturer: syz
[  135.163015][  T793] usb 1-1: SerialNumber: syz
[  135.378383][  T793] huawei_cdc_ncm 1-1:120.86: CDC Union missing and no IAD found
[  135.382463][  T793] huawei_cdc_ncm 1-1:120.86: bind() failure
[  135.388234][  T793] usb 1-1: USB disconnect, device number 13
[  135.394993][ T5928] udevd[5928]: setting mode of /dev/bus/usb/001/013 to 020664 failed: No such file or directory
[  135.403838][ T5928] udevd[5928]: setting owner of /dev/bus/usb/001/013 to uid=0, gid=0 failed: No such file or directory
[  135.412313][ T7610] netlink: 'syz.2.705': attribute type 3 has an invalid length.
[  135.425300][ T7610] netlink: 'syz.2.705': attribute type 3 has an invalid length.
[  135.428394][ T7610] netlink: 4 bytes leftover after parsing attributes in process `syz.2.705'.
[  135.789964][  T793] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  135.940930][ T7625] loop0: detected capacity change from 0 to 16
[  135.942300][  T793] usb 3-1: Using ep0 maxpacket: 16
[  135.949491][ T7625] erofs (device loop0): unsupported chunk format 7ff of nid 36
[  135.974768][  T793] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  135.978778][  T793] usb 3-1: config 0 interface 0 has no altsetting 0
[  135.995024][  T793] usb 3-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=9d.3d
[  135.998962][  T793] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  136.008924][  T793] usb 3-1: Product: syz
[  136.011712][  T793] usb 3-1: Manufacturer: syz
[  136.013809][  T793] usb 3-1: SerialNumber: syz
[  136.020992][  T793] usb 3-1: config 0 descriptor??
[  136.029034][  T793] hub 3-1:0.0: bad descriptor, ignoring hub
[  136.035232][  T793] hub 3-1:0.0: probe with driver hub failed with error -5
[  136.084536][  T793] usb 3-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  136.101068][ T5934] usb 3-1: Failed to submit usb control message: -71
[  136.106604][ T5934] usb 3-1: unable to send the bmi data to the device: -71
[  136.113721][ T5934] usb 3-1: unable to get target info from device
[  136.116463][ T5934] usb 3-1: could not get target info (-71)
[  136.119071][ T5934] usb 3-1: could not probe fw (-71)
[  136.209383][ T7636] loop0: detected capacity change from 0 to 512
[  136.235728][ T7636] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  136.242040][ T7636] ext4 filesystem being mounted at /224/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  136.254892][ T7636] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #2: comm syz.0.713: corrupted inode contents
[  136.264749][ T7636] EXT4-fs error (device loop0): ext4_dirty_inode:6517: inode #2: comm syz.0.713: mark_inode_dirty error
[  136.270529][ T7636] EXT4-fs error (device loop0): ext4_do_update_inode:5632: inode #2: comm syz.0.713: corrupted inode contents
[  136.277386][ T7636] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #2: comm syz.0.713: mark_inode_dirty error
[  136.287186][ T7636] EXT4-fs (loop0): shut down requested (2)
[  136.341659][  T794] usb 3-1: USB disconnect, device number 12
[  136.355880][ T5919] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.377987][ T3991] Quota error (device loop0): dquot_write_dquot: Can't write quota structure (error -5). Quota may get out of sync!
[  136.600846][  T793] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  136.626922][ T7646] loop0: detected capacity change from 0 to 32768
[  136.766833][  T793] usb 5-1: New USB device found, idVendor=055f, idProduct=c230, bcdDevice=b6.ac
[  136.773368][  T793] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  136.776022][  T793] usb 5-1: Product: syz
[  136.777511][  T793] usb 5-1: Manufacturer: syz
[  136.779032][  T793] usb 5-1: SerialNumber: syz
[  136.784012][  T793] usb 5-1: config 0 descriptor??
[  136.791987][  T793] gspca_main: sunplus-2.14.0 probing 055f:c230
[  136.865244][ T7669] program syz.2.720 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  136.971657][ T7672] loop2: detected capacity change from 0 to 4096
[  136.976670][ T7672] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512).
[  136.996460][ T7672] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  137.004945][ T7672] ntfs3(loop2): Failed to load $Extend (-22).
[  137.007332][ T7672] ntfs3(loop2): Failed to initialize $Extend.
[  137.088532][ T7677] loop2: detected capacity change from 0 to 512
[  137.092481][ T7677] EXT4-fs: Ignoring removed orlov option
[  137.095196][ T7677] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  137.104079][ T7677] EXT4-fs (loop2): 1 orphan inode deleted
[  137.106403][ T7677] EXT4-fs (loop2): 1 truncate cleaned up
[  137.109419][ T7677] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  137.129666][ T7677] EXT4-fs error (device loop2): empty_inline_dir:1760: inode #12: block 7: comm syz.2.723: bad entry in directory: rec_len is too small for name_len - offset=4, inode=13, rec_len=16, size=60 fake=0
[  137.139714][ T7677] EXT4-fs (loop2): Remounting filesystem read-only
[  137.143752][ T7677] EXT4-fs warning (device loop2): empty_inline_dir:1767: bad inline directory (dir #12) - inode 13, rec_len 16, name_len 53inline size 60
[  137.148301][ T7677] EXT4-fs warning (device loop2): empty_inline_dir:1767: bad inline directory (dir #12) - inode 13, rec_len 16, name_len 53inline size 60
[  137.163243][ T5929] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.297386][ T7682] loop0: detected capacity change from 0 to 8192
[  138.192627][ T7718] binder: 7717:7718 ioctl 5000940b 200000000140 returned -22
[  138.368326][ T7728] netlink: 12 bytes leftover after parsing attributes in process `syz.2.744'.
[  138.451143][ T7732] xt_l2tp: missing protocol rule (udp|l2tpip)
[  138.508142][ T7734] loop2: detected capacity change from 0 to 256
[  138.519201][ T7734] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[  138.606208][  T793] gspca_sunplus: reg_r err -71
[  138.607787][  T793] sunplus 5-1:0.0: probe with driver sunplus failed with error -71
[  138.633726][  T793] usb 5-1: USB disconnect, device number 4
[  139.641173][ T5970] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  139.821837][ T5970] usb 5-1: config 17 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  139.827966][ T5970] usb 5-1: config 17 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  139.839178][ T5970] usb 5-1: config 17 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  139.845933][ T5970] usb 5-1: New USB device found, idVendor=0458, idProduct=5003, bcdDevice= 0.00
[  139.852505][ T5970] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  139.858595][ T7750] netlink: 24 bytes leftover after parsing attributes in process `syz.2.754'.
[  139.863919][ T7748] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  140.072939][ T5970] aiptek 5-1:17.0: Aiptek using 400 ms programming speed
[  140.082343][ T5970] input: Aiptek as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:17.0/input/input10
[  140.143571][ T5970] usb 5-1: USB disconnect, device number 5
[  140.146221][    C0] aiptek 5-1:17.0: aiptek_irq - usb_submit_urb failed with result -19
[  140.184943][ T7766] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+
[  140.200547][ T7766] block device autoloading is deprecated and will be removed.
[  140.638268][    C0] IPv4: Oversized IP packet from 172.20.20.24
[  142.278798][ T7822] loop4: detected capacity change from 0 to 1024
[  142.285621][ T7822] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  142.292092][ T7822] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[  142.296255][ T7822] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  142.300481][ T7822] EXT4-fs error (device loop4): ext4_get_journal_inode:5808: inode #32: comm syz.4.786: iget: special inode unallocated
[  142.304592][ T7822] EXT4-fs (loop4): no journal found
[  142.306419][ T7822] EXT4-fs (loop4): can't get journal size
[  142.309756][ T7822] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  142.330715][ T7265] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.603981][ T5970] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  142.747228][ T7827] netlink: get zone limit has 4 unknown bytes
[  142.772992][ T5970] usb 5-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[  142.779870][ T5970] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  142.782931][ T5970] usb 5-1: Product: syz
[  142.784642][ T5970] usb 5-1: Manufacturer: syz
[  142.800192][ T5970] usb 5-1: SerialNumber: syz
[  142.999295][ T7833] loop2: detected capacity change from 0 to 164
[  143.013046][ T7833] Unable to read rock-ridge attributes
[  143.036258][ T7833] Unable to read rock-ridge attributes
[  143.039056][ T7833] iso9660: Corrupted directory entry in block 4 of inode 1792
[  143.287901][ T7852] loop2: detected capacity change from 0 to 64
[  143.313525][ T7852] minix_free_block (loop2:2): bit already cleared
[  143.315836][ T7852] minix_free_block (loop2:3): bit already cleared
[  143.317838][ T7852] minix_free_block (loop2:4): bit already cleared
[  143.438544][ T5970] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPROTO
[  143.453030][ T5970] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[  143.457379][ T5970] lan78xx 5-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[  143.465680][ T5970] lan78xx 5-1:1.0: probe with driver lan78xx failed with error -71
[  143.477957][ T5970] usb 5-1: USB disconnect, device number 6
[  143.512496][   T34] audit: type=1326 audit(1764021173.657:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7859 comm="syz.2.804" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fc533d8f749 code=0x0
[  144.621985][ T7897] loop4: detected capacity change from 0 to 32768
[  144.627576][ T7897] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.820 (7897)
[  144.637240][ T7897] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  144.642902][ T7897] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm
[  144.729423][ T7897] BTRFS info (device loop4): enabling ssd optimizations
[  144.733091][ T7897] BTRFS info (device loop4): turning on async discard
[  144.735840][ T7897] BTRFS info (device loop4): enabling free space tree
[  145.227857][   T34] audit: type=1800 audit(1764021175.367:78): pid=7927 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.820" name="file2" dev="loop4" ino=261 res=0 errno=0
[  145.518976][ T7265] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  145.564067][ T7929] loop2: detected capacity change from 0 to 40427
[  145.576612][ T7929] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  145.579963][ T7929] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  145.592078][ T7929] F2FS-fs (loop2): invalid crc value
[  145.754923][ T7929] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  145.791570][ T7929] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  145.793878][ T7929] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  145.856144][ T7929] syz.2.826: attempt to access beyond end of device
[  145.856144][ T7929] loop2: rw=2049, sector=45096, nr_sectors = 72 limit=40427
[  145.865874][   T34] audit: type=1800 audit(1764021176.007:79): pid=7929 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.826" name="file1" dev="loop2" ino=10 res=0 errno=0
[  145.873171][ T5926] Bluetooth: hci1: Malformed LE Event: 0x0d
[  146.498157][ T7950] sctp: [Deprecated]: syz.0.835 (pid 7950) Use of struct sctp_assoc_value in delayed_ack socket option.
[  146.498157][ T7950] Use struct sctp_sack_info instead
[  147.944260][ T7976] loop4: detected capacity change from 0 to 512
[  147.989508][ T7976] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  147.993887][ T7976] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002]
[  147.997169][ T7976] System zones: 0-1, 15-15, 18-18, 34-34
[  147.999206][ T7976] EXT4-fs (loop4): orphan cleanup on readonly fs
[  148.003273][ T7976] Quota error (device loop4): v2_read_header: Failed header read: expected=8 got=0
[  148.012899][ T7976] EXT4-fs warning (device loop4): ext4_enable_quotas:7180: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  148.029206][ T7976] EXT4-fs (loop4): Cannot turn on quotas: error -22
[  148.036297][ T7976] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.845: bg 0: block 40: padding at end of block bitmap is not set
[  148.048147][ T7976] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  148.053501][ T7976] EXT4-fs (loop4): 1 truncate cleaned up
[  148.083471][ T7976] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  148.109510][ T7976] EXT4-fs error (device loop4): ext4_encrypted_get_link:46: inode #16: comm syz.4.845: bad symlink.
[  148.117253][ T7976] EXT4-fs error (device loop4): ext4_encrypted_get_link:46: inode #16: comm syz.4.845: bad symlink.
[  148.155989][ T7265] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  148.277965][ T8003] loop4: detected capacity change from 0 to 256
[  148.292062][ T8003] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xecfd5def, utbl_chksum : 0xe619d30d)
[  149.599372][ T8052] netlink: 48 bytes leftover after parsing attributes in process `syz.2.875'.
[  149.634131][ T8055] loop4: detected capacity change from 0 to 1024
[  149.637603][ T8055] hfsplus: Bad value for 'umask'
[  149.981306][ T5925] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  150.130028][ T5925] usb 3-1: Using ep0 maxpacket: 16
[  150.135260][ T5925] usb 3-1: config index 0 descriptor too short (expected 16456, got 72)
[  150.138283][ T5925] usb 3-1: config 0 has an invalid interface number: 125 but max is 1
[  150.147958][ T5925] usb 3-1: config 0 has an invalid interface number: 125 but max is 1
[  150.152006][ T5925] usb 3-1: config 0 has an invalid interface number: 125 but max is 1
[  150.155900][ T5925] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 2
[  150.158857][ T5925] usb 3-1: config 0 has no interface number 0
[  150.163003][ T5925] usb 3-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[  150.167184][ T5925] usb 3-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0
[  150.173490][ T5925] usb 3-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0
[  150.176899][ T5925] usb 3-1: config 0 interface 125 has no altsetting 0
[  150.179200][ T5925] usb 3-1: config 0 interface 125 has no altsetting 1
[  150.188310][ T5925] usb 3-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[  150.192675][ T5925] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  150.195589][ T5925] usb 3-1: Product: syz
[  150.197125][ T5925] usb 3-1: Manufacturer: syz
[  150.198732][ T5925] usb 3-1: SerialNumber: syz
[  150.210331][ T5925] usb 3-1: config 0 descriptor??
[  150.696653][ T5969] usb 3-1: USB disconnect, device number 13
[  151.411053][ T5969] usb 5-1: new full-speed USB device number 7 using dummy_hcd
[  151.564225][ T5969] usb 5-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f
[  151.569576][ T5969] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  151.574058][ T5969] usb 5-1: Product: syz
[  151.575783][ T5969] usb 5-1: Manufacturer: syz
[  151.577791][ T5969] usb 5-1: SerialNumber: syz
[  151.581568][ T5969] usb 5-1: config 0 descriptor??
[  151.994553][ T5969] airspy 5-1:0.0: Board ID: 00
[  151.996784][ T5969] airspy 5-1:0.0: Firmware version: 
[  152.118762][ T8118] loop2: detected capacity change from 0 to 32768
[  152.142745][ T8118] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  152.169526][ T8118] XFS (loop2): Ending clean mount
[  152.208290][ T5929] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  152.549455][ T8141] loop2: detected capacity change from 0 to 256
[  152.561237][ T8141] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  152.971388][ T8149] loop2: detected capacity change from 0 to 16
[  152.976177][ T8149] erofs (device loop2): mounted with root inode @ nid 36.
[  152.986060][ T8149] erofs (device loop2): xattr_isize 12 of nid 46 is not supported yet
[  153.003963][ T5969] airspy 5-1:0.0: Registered as swradio24
[  153.007394][ T5969] airspy 5-1:0.0: SDR API is still slightly experimental and functionality changes may follow
[  153.174326][ T8155] loop2: detected capacity change from 0 to 256
[  153.197303][ T8155] exfat: Deprecated parameter 'utf8'
[  153.199016][ T8155] exfat: Deprecated parameter 'utf8'
[  153.206891][ T8155] exfat: Deprecated parameter 'namecase'
[  153.224413][ T5969] usb 5-1: USB disconnect, device number 7
[  153.230579][ T8155] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x5f26ded4, utbl_chksum : 0xe619d30d)
[  155.787855][ T8184] loop2: detected capacity change from 0 to 32768
[  155.797139][ T8184] (syz.2.929,8184,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  155.815787][ T8184] (syz.2.929,8184,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  155.893450][ T8184] JBD2: Ignoring recovery information on journal
[  155.919684][ T8184] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  155.928982][ T8184] (syz.2.929,8184,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x98842a5e, computed 0xe74db1cd. Applying ECC.
[  156.044675][ T5929] ocfs2: Unmounting device (7,2) on (node local)
[  156.425466][ T8193] loop2: detected capacity change from 0 to 40427
[  156.442684][ T8193] F2FS-fs (loop2): invalid crc value
[  156.517971][ T8193] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  156.526682][ T8193] F2FS-fs (loop2): Start checkpoint disabled!
[  156.574038][ T8193] F2FS-fs (loop2): f2fs_disable_checkpoint() finish, err:0
[  156.582167][ T8193] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  156.733361][ T8193] F2FS-fs (loop2): ino:10, start:0, end:8192, need to trigger GC to reclaim enough free segment when checkpoint is enabled
[  156.800110][ T7744] kworker/u10:8: attempt to access beyond end of device
[  156.800110][ T7744] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  156.811399][ T7744] CPU: 1 UID: 0 PID: 7744 Comm: kworker/u10:8 Not tainted syzkaller #0 PREEMPT(full) 
[  156.811418][ T7744] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  156.811424][ T7744] Workqueue: writeback wb_workfn (flush-7:2)
[  156.811443][ T7744] Call Trace:
[  156.811448][ T7744]  <TASK>
[  156.811452][ T7744]  dump_stack_lvl+0x189/0x250
[  156.811470][ T7744]  ? __pfx_dump_stack_lvl+0x10/0x10
[  156.811482][ T7744]  ? __pfx_queue_work_on+0x10/0x10
[  156.811493][ T7744]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  156.811508][ T7744]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  156.811528][ T7744]  f2fs_handle_critical_error+0x37c/0x540
[  156.811547][ T7744]  f2fs_write_end_io+0x886/0xb60
[  156.811568][ T7744]  __submit_merged_bio+0x27a/0x6a0
[  156.811587][ T7744]  __submit_merged_write_cond+0x255/0x530
[  156.811606][ T7744]  f2fs_write_data_pages+0x261d/0x3000
[  156.811637][ T7744]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  156.811693][ T7744]  ? f2fs_write_meta_pages+0x357/0x450
[  156.811711][ T7744]  ? __lock_acquire+0xab9/0xd20
[  156.811724][ T7744]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  156.811736][ T7744]  do_writepages+0x32e/0x550
[  156.811751][ T7744]  ? reacquire_held_locks+0x127/0x1d0
[  156.811763][ T7744]  ? writeback_sb_inodes+0x384/0x1010
[  156.811785][ T7744]  __writeback_single_inode+0x145/0xff0
[  156.811808][ T7744]  ? do_raw_spin_unlock+0x4d/0x240
[  156.811825][ T7744]  writeback_sb_inodes+0x6c7/0x1010
[  156.811856][ T7744]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  156.811896][ T7744]  ? rcu_is_watching+0x15/0xb0
[  156.811915][ T7744]  wb_writeback+0x43b/0xaf0
[  156.811934][ T7744]  ? queue_io+0x341/0x590
[  156.811951][ T7744]  ? __pfx_wb_writeback+0x10/0x10
[  156.811967][ T7744]  ? _raw_spin_unlock_irq+0x23/0x50
[  156.811982][ T7744]  wb_workfn+0x409/0xef0
[  156.812000][ T7744]  ? __pfx_wb_workfn+0x10/0x10
[  156.812013][ T7744]  ? __lock_acquire+0xab9/0xd20
[  156.812027][ T7744]  ? process_scheduled_works+0x9ef/0x17b0
[  156.812040][ T7744]  ? _raw_spin_unlock_irq+0x23/0x50
[  156.812051][ T7744]  ? process_scheduled_works+0x9ef/0x17b0
[  156.812059][ T7744]  ? process_scheduled_works+0x9ef/0x17b0
[  156.812069][ T7744]  process_scheduled_works+0xae1/0x17b0
[  156.812127][ T7744]  ? __pfx_process_scheduled_works+0x10/0x10
[  156.812171][ T7744]  worker_thread+0x8a0/0xda0
[  156.812186][ T7744]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  156.812205][ T7744]  ? __kthread_parkme+0x7b/0x200
[  156.812224][ T7744]  kthread+0x711/0x8a0
[  156.812239][ T7744]  ? __pfx_worker_thread+0x10/0x10
[  156.812250][ T7744]  ? __pfx_kthread+0x10/0x10
[  156.812265][ T7744]  ? _raw_spin_unlock_irq+0x23/0x50
[  156.812279][ T7744]  ? lockdep_hardirqs_on+0x9c/0x150
[  156.812293][ T7744]  ? __pfx_kthread+0x10/0x10
[  156.812309][ T7744]  ret_from_fork+0x4bc/0x870
[  156.812323][ T7744]  ? __pfx_ret_from_fork+0x10/0x10
[  156.812339][ T7744]  ? __switch_to_asm+0x39/0x70
[  156.812348][ T7744]  ? __switch_to_asm+0x33/0x70
[  156.812356][ T7744]  ? __pfx_kthread+0x10/0x10
[  156.812370][ T7744]  ret_from_fork_asm+0x1a/0x30
[  156.812389][ T7744]  </TASK>
[  156.815417][ T7744] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  157.244244][ T8208] raw_sendmsg: syz.4.935 forgot to set AF_INET. Fix it!
[  157.750643][ T8226] xt_hashlimit: size too large, truncated to 1048576
[  158.651932][ T8253] vlan1: entered allmulticast mode
[  158.654388][ T8253] veth0_vlan: entered allmulticast mode
[  158.777352][ T8261] loop4: detected capacity change from 0 to 4096
[  158.780431][ T5970] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  158.786993][ T8261] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  158.800999][ T8261] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  158.880786][ T8265] EXT4-fs (loop4): shut down requested (2)
[  158.915987][ T7265] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.932417][ T5970] usb 3-1: Using ep0 maxpacket: 8
[  158.963540][ T5970] usb 3-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  158.966285][ T5970] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  158.968794][ T5970] usb 3-1: Product: syz
[  158.971502][ T5970] usb 3-1: Manufacturer: syz
[  158.973169][ T5970] usb 3-1: SerialNumber: syz
[  158.981457][ T5970] usb 3-1: config 0 descriptor??
[  158.984962][ T5970] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  158.987560][ T5970] usb 3-1: setting power ON
[  158.989166][ T5970] dvb-usb: bulk message failed: -22 (2/0)
[  159.007881][ T5970] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  159.013602][ T5970] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  159.018808][ T5970] usb 3-1: media controller created
[  159.041188][ T5970] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  159.082717][ T5970] usb 3-1: selecting invalid altsetting 6
[  159.085250][ T5970] usb 3-1: digital interface selection failed (-22)
[  159.087891][ T5970] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  159.093958][ T5970] usb 3-1: setting power OFF
[  159.095983][ T5970] dvb-usb: bulk message failed: -22 (2/0)
[  159.099318][ T5970] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  159.103680][ T5970] (NULL device *): no alternate interface
[  159.129471][ T5970] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  159.203774][ T5970] usb 3-1: USB disconnect, device number 14
[  159.469963][ T5925] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  159.629931][ T5925] usb 5-1: Using ep0 maxpacket: 8
[  159.636014][ T5925] usb 5-1: New USB device found, idVendor=0ccd, idProduct=10a3, bcdDevice=23.a2
[  159.639760][ T5925] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  159.643684][ T5925] usb 5-1: Product: syz
[  159.645822][ T5925] usb 5-1: Manufacturer: syz
[  159.647965][ T5925] usb 5-1: SerialNumber: syz
[  159.656360][ T5925] usb 5-1: config 0 descriptor??
[  159.863739][ T5925] usb 5-1: dvb_usb_v2: found a 'Terratec H7' in warm state
[  160.064339][ T5925] usb write operation failed. (-71)
[  160.073414][ T5925] usb 5-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  160.077674][ T5925] dvbdev: DVB: registering new adapter (Terratec H7)
[  160.081432][ T5925] usb 5-1: media controller created
[  160.083708][ T5925] usb read operation failed. (-71)
[  160.087001][ T5925] usb write operation failed. (-71)
[  160.091819][ T5925] dvb_usb_az6007 5-1:0.0: probe with driver dvb_usb_az6007 failed with error -5
[  160.096720][ T5925] usb 5-1: USB disconnect, device number 8
[  161.029950][ T5970] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  161.058364][ T5969] IPVS: starting estimator thread 0...
[  161.075537][ T8318] overlayfs: failed to clone upperpath
[  161.160847][ T8316] IPVS: using max 52 ests per chain, 124800 per kthread
[  161.175310][ T8324] netlink: 4 bytes leftover after parsing attributes in process `syz.0.984'.
[  161.199981][ T5970] usb 3-1: Using ep0 maxpacket: 16
[  161.208058][ T5970] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x84 has an invalid bInterval 52, changing to 7
[  161.212920][ T5970] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid maxpacket 9272, setting to 1024
[  161.223358][ T5970] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  161.226896][ T5970] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  161.230425][ T5970] usb 3-1: Product: syz
[  161.232271][ T5970] usb 3-1: Manufacturer: syz
[  161.234298][ T5970] usb 3-1: SerialNumber: syz
[  161.238425][ T5970] usb 3-1: config 0 descriptor??
[  161.247732][ T5970] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  161.252254][ T5970] em28xx 3-1:0.0: DVB interface 0 found: isoc
[  161.510551][ T5970] em28xx 3-1:0.0: unknown em28xx chip ID (0)
[  161.576196][ T5970] em28xx 3-1:0.0: reading from i2c device at 0xa0 failed (error=-5)
[  161.579668][ T5970] em28xx 3-1:0.0: board has no eeprom
[  161.640028][ T5970] em28xx 3-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  161.643592][ T5970] em28xx 3-1:0.0: dvb set to isoc mode.
[  161.646923][ T5925] em28xx 3-1:0.0: Binding DVB extension
[  161.663204][ T5970] usb 3-1: USB disconnect, device number 15
[  161.667238][ T5970] em28xx 3-1:0.0: Disconnecting em28xx
[  161.743164][ T5925] em28xx 3-1:0.0: Registering input extension
[  161.749205][ T5970] em28xx 3-1:0.0: Closing input extension
[  161.777530][ T5970] em28xx 3-1:0.0: Freeing device
[  162.289724][ T8343] netlink: 'syz.0.992': attribute type 46 has an invalid length.
[  162.292960][ T8343] netlink: 55 bytes leftover after parsing attributes in process `syz.0.992'.
[  162.303136][ T8341] loop4: detected capacity change from 0 to 32768
[  162.326727][ T8341] ocfs2: Slot 0 on device (7,4) was already allocated to this node!
[  162.358685][ T8341] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  162.374194][ T8341] (syz.4.990,8341,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is too small for name_len - offset=0, inode=65, rec_len=16, name_len=9
[  162.383390][ T5970] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  162.388387][ T8341] (syz.4.990,8341,0):ocfs2_prepare_dir_for_insert:4302 ERROR: status = -2
[  162.392176][ T8341] (syz.4.990,8341,0):ocfs2_mknod:301 ERROR: status = -2
[  162.395522][ T8341] (syz.4.990,8341,0):ocfs2_mknod:505 ERROR: status = -2
[  162.398251][ T8341] (syz.4.990,8341,0):ocfs2_mkdir:661 ERROR: status = -2
[  162.427398][ T7265] ocfs2: Unmounting device (7,4) on (node local)
[  162.544284][ T5970] usb 3-1: config 0 has an invalid interface number: 46 but max is 0
[  162.547536][ T5970] usb 3-1: config 0 has no interface number 0
[  162.564203][ T5970] usb 3-1: New USB device found, idVendor=04e2, idProduct=1420, bcdDevice=9e.b9
[  162.568677][ T5970] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  162.579247][ T8356] loop4: detected capacity change from 0 to 8
[  162.579762][ T5970] usb 3-1: Product: syz
[  162.587158][ T5970] usb 3-1: Manufacturer: syz
[  162.589693][ T5970] usb 3-1: SerialNumber: syz
[  162.596593][ T5970] usb 3-1: config 0 descriptor??
[  162.602528][ T5970] xr_serial 3-1:0.46: More than one union descriptor, skipping ...
[  162.803966][ T5970] usb 3-1: USB disconnect, device number 16
[  163.523117][ T5970] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  163.539422][ T8379] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  163.594182][ T8381] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  163.689970][ T5970] usb 5-1: Using ep0 maxpacket: 16
[  163.699423][ T5970] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  163.712610][ T5970] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  163.717752][ T5970] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  163.724748][ T5970] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  163.731944][ T5970] usb 5-1: config 0 descriptor??
[  163.738794][ T8377] loop2: detected capacity change from 0 to 32768
[  163.806654][ T8377] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  163.821329][ T8377] XFS (loop2): Ending clean mount
[  163.856554][ T5929] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  164.073684][ T8399] netlink: 'syz.2.1013': attribute type 1 has an invalid length.
[  164.076939][ T8399] netlink: 'syz.2.1013': attribute type 2 has an invalid length.
[  164.167045][ T5970] HID 045e:07da: Invalid code 65791 type 1
[  164.171539][ T5970] HID 045e:07da: Invalid code 768 type 1
[  164.173535][ T5970] HID 045e:07da: Invalid code 769 type 1
[  164.175846][ T5970] HID 045e:07da: Invalid code 770 type 1
[  164.178461][ T5970] HID 045e:07da: Invalid code 771 type 1
[  164.181337][ T5970] HID 045e:07da: Invalid code 772 type 1
[  164.183779][ T5970] HID 045e:07da: Invalid code 773 type 1
[  164.186280][ T5970] HID 045e:07da: Invalid code 774 type 1
[  164.191021][ T5970] HID 045e:07da: Invalid code 775 type 1
[  164.199683][ T5970] HID 045e:07da: Invalid code 776 type 1
[  164.224400][ T5970] input: HID 045e:07da as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:045E:07DA.0004/input/input12
[  164.330782][ T8409] team_slave_0: entered promiscuous mode
[  164.333260][ T8409] team_slave_1: entered promiscuous mode
[  164.334871][ T5970] microsoft 0003:045E:07DA.0004: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0
[  164.340952][ T8409] netlink: 'syz.0.1018': attribute type 10 has an invalid length.
[  164.343367][ T8409] team_slave_0: left promiscuous mode
[  164.362364][ T8409] team_slave_1: left promiscuous mode
[  164.381020][ T8409] team_slave_0: entered promiscuous mode
[  164.383340][ T8409] team_slave_1: entered promiscuous mode
[  164.397133][ T8409] 8021q: adding VLAN 0 to HW filter on device team0
[  164.405683][ T8409] bond0: (slave team0): Enslaving as an active interface with an up link
[  164.428005][ T8408] team_slave_0: left promiscuous mode
[  164.430642][ T8408] team_slave_1: left promiscuous mode
[  165.237620][ T5969] usb 5-1: USB disconnect, device number 9
[  165.325053][ T8423] overlayfs: conflicting options: userxattr,redirect_dir=follow
[  165.466619][ T8431] loop2: detected capacity change from 0 to 256
[  165.508597][ T8431] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x89cb6648, utbl_chksum : 0xe619d30d)
[  165.747472][ T8440] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1030'.
[  165.987816][ T8452] loop2: detected capacity change from 0 to 1024
[  166.029879][ T8452] hfsplus: xattr searching failed
[  166.045467][ T8454] Invalid source name
[  166.048434][ T8452] hfsplus: catalog searching failed
[  166.088246][ T3991] hfsplus: b-tree write err: -5, ino 3
[  166.227108][ T8463] netlink: 'syz.0.1041': attribute type 2 has an invalid length.
[  166.229591][ T8463] netlink: 'syz.0.1041': attribute type 8 has an invalid length.
[  166.232315][ T8458] bond1: option lp_interval: invalid value (0)
[  166.232817][ T8463] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1041'.
[  166.234813][ T8458] bond1: option lp_interval: allowed values 1 - 2147483647
[  166.245407][ T8458] bond1 (unregistering): Released all slaves
[  166.483889][ T8473] loop4: detected capacity change from 0 to 4096
[  166.546170][ T8473] ntfs3(loop4): $Secure::$SII is corrupted.
[  166.548057][ T8473] ntfs3(loop4): Failed to initialize $Secure (-22).
[  167.175109][ T8513] loop4: detected capacity change from 0 to 512
[  167.195965][ T8513] Quota error (device loop4): find_tree_dqentry: Cycle in quota tree detected: block 3 index 0
[  167.211803][ T8513] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0
[  167.215745][ T8513] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.1063: Failed to acquire dquot type 1
[  167.245978][ T8513] EXT4-fs (loop4): 1 truncate cleaned up
[  167.269450][ T8513] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  167.280189][ T8513] ext4 filesystem being mounted at /119/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  167.322269][ T7265] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  167.533544][ T8533] PKCS7: Unknown OID: [4] 0.38.35.0.951690.11253
[  167.536450][ T8533] PKCS7: Only support pkcs7_signedData type
[  167.610530][ T8523] loop2: detected capacity change from 0 to 32768
[  167.641928][ T8523] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  167.663906][ T8523] XFS (loop2): Ending clean mount
[  167.671378][ T8523] XFS (loop2): Quotacheck needed: Please wait.
[  167.682218][ T5969] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  167.713855][ T8523] XFS (loop2): Quotacheck: Done.
[  167.767827][ T5929] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  167.857979][ T5969] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  167.862621][ T5969] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  167.866494][ T5969] usb 5-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  167.909714][ T5969] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  167.915493][ T5969] usb 5-1: config 0 descriptor??
[  168.326032][ T5969] cp2112 0003:10C4:EA90.0005: unknown main item tag 0x0
[  168.344347][ T5969] cp2112 0003:10C4:EA90.0005: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.4-1/input0
[  168.533892][ T5969] cp2112 0003:10C4:EA90.0005: error requesting version
[  168.551412][ T5969] cp2112 0003:10C4:EA90.0005: probe with driver cp2112 failed with error -32
[  168.561386][ T5969] usb 5-1: USB disconnect, device number 10
[  168.794574][ T8562] overlayfs: failed to clone upperpath
[  169.075388][ T8579] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1085'.
[  169.129942][ T5969] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  169.139284][ T8584] loop4: detected capacity change from 0 to 128
[  169.148700][ T8584] EXT4-fs (loop4): Test dummy encryption mode enabled
[  169.175884][ T8584] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  169.183137][ T8584] ext4 filesystem being mounted at /123/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  169.258636][ T8584] fscrypt: AES-256-CBC-CTS using implementation "cts(cbc(ecb(aes-fixed-time)))"
[  169.267301][ T8584] EXT4-fs error (device loop4): ext4_validate_block_bitmap:423: comm syz.4.1088: bg 0: bad block bitmap checksum
[  169.282622][ T5969] usb 3-1: Using ep0 maxpacket: 16
[  169.288984][ T5969] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  169.298852][ T5969] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  169.315381][ T5969] usb 3-1: config 0 interface 0 has no altsetting 0
[  169.318097][ T5969] usb 3-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  169.327862][ T5969] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  169.337809][ T7265] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  169.345534][ T5969] usb 3-1: config 0 descriptor??
[  169.532452][ T8604] loop4: detected capacity change from 0 to 512
[  169.572649][ T8604] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  169.587641][ T8604] EXT4-fs error (device loop4): ext4_get_first_dir_block:3529: inode #12: comm syz.4.1096: Directory block failed checksum
[  169.627429][ T7265] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  169.777864][ T5969] hid (null): global environment stack underflow
[  169.790126][ T5969] hid (null): global environment stack underflow
[  169.792757][ T5969] hid (null): report_id 0 is invalid
[  169.794934][ T5969] hid (null): global environment stack underflow
[  169.797469][ T5969] hid (null): report_id 0 is invalid
[  169.799585][ T5969] hid (null): report_id 0 is invalid
[  169.804330][ T5969] hid (null): global environment stack underflow
[  169.974901][ T5970] usb 3-1: USB disconnect, device number 17
[  170.144837][ T8612] loop4: detected capacity change from 0 to 32768
[  170.498901][ T8622] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1103'.
[  170.512622][ T5934] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  170.515691][ T5934] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  170.520925][ T8622] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1103'.
[  170.525177][ T5934] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  170.529111][ T5934] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  170.708973][ T8631] fuse: Bad value for 'fd'
[  170.829294][ T8637] veth4: entered promiscuous mode
[  170.834459][ T8637] veth4: entered allmulticast mode
[  172.115504][ T8638] loop4: detected capacity change from 0 to 32768
[  172.471565][ T8668] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1123'.
[  173.160993][ T8678] loop2: detected capacity change from 0 to 764
[  173.757599][ T8688] loop4: detected capacity change from 0 to 2048
[  173.772562][ T8688] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  173.895151][ T8695] loop4: detected capacity change from 0 to 1764
[  173.938906][ T7265] iso9660: Corrupted directory entry in block 2 of inode 1920
[  173.944162][ T7265] iso9660: Corrupted directory entry in block 2 of inode 1920
[  175.155830][ T8711] loop4: detected capacity change from 0 to 32768
[  175.648677][ T8733] loop2: detected capacity change from 0 to 1024
[  175.667155][ T8733] EXT4-fs: Ignoring removed oldalloc option
[  175.669627][ T8733] EXT4-fs: Ignoring removed bh option
[  175.699640][ T8733] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  175.820731][ T8742] IPv6: addrconf: prefix option has invalid lifetime
[  175.855384][ T5929] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  175.933192][ T8746] loop2: detected capacity change from 0 to 16
[  175.961014][ T8746] erofs (device loop2): mounted with root inode @ nid 36.
[  175.983835][ T8750] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1157'.
[  176.054298][ T8754] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  176.183581][ T8759] loop4: detected capacity change from 0 to 1024
[  176.416406][ T7569] hfsplus: b-tree write err: -5, ino 4
[  176.506407][ T8766] loop4: detected capacity change from 0 to 64
[  176.524354][   T34] audit: type=1800 audit(1764021206.667:80): pid=8766 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1163" name="file2" dev="loop4" ino=6 res=0 errno=0
[  176.745214][ T8776] wireguard0: entered promiscuous mode
[  176.757240][ T8776] wireguard0: entered allmulticast mode
[  176.817396][ T8782] loop4: detected capacity change from 0 to 1024
[  176.852304][ T8782] EXT4-fs: inline encryption not supported
[  176.854501][ T8782] EXT4-fs: Ignoring removed i_version option
[  176.857639][ T8782] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  176.869235][ T8782] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 2: comm syz.4.1169: lblock 2 mapped to illegal pblock 2 (length 1)
[  176.875396][ T8782] Quota error (device loop4): qtree_write_dquot: dquota write failed
[  176.878347][ T8782] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 48: comm syz.4.1169: lblock 0 mapped to illegal pblock 48 (length 1)
[  176.883695][ T8782] Quota error (device loop4): v2_write_file_info: Can't write info structure
[  176.890435][ T8782] EXT4-fs error (device loop4): ext4_acquire_dquot:6945: comm syz.4.1169: Failed to acquire dquot type 0
[  176.894824][ T8782] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  176.950878][ T8782] EXT4-fs error (device loop4): ext4_evict_inode:254: inode #11: comm syz.4.1169: mark_inode_dirty error
[  176.987495][ T8782] EXT4-fs warning (device loop4): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  177.004904][ T8782] EXT4-fs (loop4): 1 orphan inode deleted
[  177.009275][ T8782] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  177.051954][ T7265] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  177.063097][ T1091] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 1: comm kworker/u9:5: lblock 1 mapped to illegal pblock 1 (length 1)
[  177.071733][ T1091] Quota error (device loop4): remove_tree: Can't read quota data block 1
[  177.075143][ T1091] EXT4-fs error (device loop4): ext4_release_dquot:6981: comm kworker/u9:5: Failed to release dquot type 0
[  177.079692][ T7265] EXT4-fs error (device loop4): __ext4_get_inode_loc:4832: comm syz-executor: Invalid inode table block 1 in block_group 0
[  177.088625][ T7265] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6313: Corrupt filesystem
[  177.093201][ T7265] EXT4-fs error (device loop4): ext4_quota_off:7229: inode #3: comm syz-executor: mark_inode_dirty error
[  177.385330][ T8808] loop4: detected capacity change from 0 to 4096
[  177.388863][ T8808] NILFS: invalid option "cp=0": invalid checkpoint number 0
[  177.932701][ T8816] loop4: detected capacity change from 0 to 128
[  177.935936][ T8816] hpfs: Unknown parameter 'chkdqk'
[  178.435669][   T10] kernel write not supported for file /uinput (pid: 10 comm: kworker/0:1)
[  178.518133][ T5925] usb 3-1: new full-speed USB device number 18 using dummy_hcd
[  178.537811][ T8825] netlink: 108 bytes leftover after parsing attributes in process `syz.4.1187'.
[  178.678282][ T5925] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  178.686465][ T5925] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 2
[  178.696872][ T5925] usb 3-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  178.701875][ T5925] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  178.711979][ T5925] usb 3-1: config 0 descriptor??
[  178.718691][ T5925] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  178.733978][ T5925] dvb-usb: bulk message failed: -22 (3/0)
[  178.743678][ T5925] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  178.749293][ T5925] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  178.756321][ T5925] usb 3-1: media controller created
[  178.764359][ T5925] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  178.772194][ T8841] bridge0: entered promiscuous mode
[  178.776013][ T8841] bridge0: port 3(vlan3) entered blocking state
[  178.778782][ T8841] bridge0: port 3(vlan3) entered disabled state
[  178.792838][ T8841] vlan3: entered allmulticast mode
[  178.795011][ T8841] bridge0: entered allmulticast mode
[  178.802082][ T5925] dvb-usb: bulk message failed: -22 (6/0)
[  178.807517][ T5925] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  178.813816][ T8841] vlan3: left allmulticast mode
[  178.818178][ T8841] bridge0: left allmulticast mode
[  178.824826][ T5925] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.2/usb3/3-1/input/input13
[  178.836391][ T8841] bridge0: left promiscuous mode
[  178.845102][ T5925] dvb-usb: schedule remote query interval to 150 msecs.
[  178.848094][ T5925] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  179.002193][   T10] dvb-usb: bulk message failed: -22 (1/0)
[  179.004919][   T10] dvb-usb: error while querying for an remote control event.
[  179.024124][ T5969] usb 3-1: USB disconnect, device number 18
[  179.063428][ T5969] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  179.720968][ T8867] loop2: detected capacity change from 0 to 8192
[  179.732784][ T8867] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  180.228931][ T8877] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1211'.
[  180.233439][ T8877] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1211'.
[  180.278409][ T8879] loop2: detected capacity change from 0 to 4096
[  180.655021][ T8885] loop4: detected capacity change from 0 to 32768
[  180.660028][ T8885] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1214 (8885)
[  180.665878][ T8885] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  180.669501][ T8885] BTRFS info (device loop4): using crc32c (crc32c-lib) checksum algorithm
[  180.736559][ T8885] BTRFS info (device loop4): enabling ssd optimizations
[  180.749976][ T8885] BTRFS info (device loop4): turning on async discard
[  180.752790][ T8885] BTRFS info (device loop4): enabling free space tree
[  180.757739][   T27] BTRFS warning (device loop4): checksum verify failed on logical 5308416 mirror 1 wanted 0xe1d58233 found 0xd32026ab level 0
[  180.780327][ T8885] BTRFS: error (device loop4) in btrfs_fill_super:998: errno=-5 IO failure
[  180.806427][ T8885] BTRFS error (device loop4 state E): commit super ret -30
[  181.097233][ T5969] libceph: connect (1)[c::]:6789 error -101
[  181.112929][ T5969] libceph: mon0 (1)[c::]:6789 connect error
[  181.145733][ T8920] ceph: No mds server is up or the cluster is laggy
[  181.149443][ T5969] libceph: connect (1)[c::]:6789 error -101
[  181.154979][ T5969] libceph: mon0 (1)[c::]:6789 connect error
[  181.177673][ T8930] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1226'.
[  181.344298][ T8936] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd
[  181.532170][ T8947] loop2: detected capacity change from 0 to 64
[  181.556426][ T8947] BFS-fs: bfs_fill_super(): loop2 is unclean, continuing
[  181.602151][ T8949] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1235'.
[  182.229357][ T8974] syzkaller1: entered promiscuous mode
[  182.240302][ T8974] syzkaller1: entered allmulticast mode
[  182.588848][ T8990] uprobe: syz.0.1253:8990 failed to unregister, leaking uprobe
[  182.635872][ T8995] sch_tbf: burst 274 is lower than device lo mtu (65550) !
[  182.668418][ T8997] loop4: detected capacity change from 0 to 4096
[  182.709330][ T8997] NILFS (loop4): invalid segment: Checksum error in segment payload
[  182.715357][ T8997] NILFS (loop4): trying rollback from an earlier position
[  182.748872][ T8997] NILFS (loop4): recovery complete
[  182.764680][ T9002] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  182.782825][ T9004] kernel profiling enabled (shift: 9)
[  183.057984][ T9022] netlink: ct family unspecified
[  183.060689][ T9022] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  183.110214][  T794] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  183.270012][  T794] usb 3-1: Using ep0 maxpacket: 16
[  183.303521][  T794] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 32
[  183.309558][  T794] usb 3-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=9d.3d
[  183.314162][  T794] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  183.317357][  T794] usb 3-1: Product: syz
[  183.319576][  T794] usb 3-1: Manufacturer: syz
[  183.323143][  T794] usb 3-1: SerialNumber: syz
[  183.327597][  T794] usb 3-1: config 0 descriptor??
[  183.334624][ T9008] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  183.346021][  T794] usb 3-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  183.578907][ T5987] usb 3-1: USB disconnect, device number 19
[  183.588615][ T5934] usb 3-1: Failed to submit usb control message: -71
[  183.593735][ T5934] usb 3-1: unable to send the bmi data to the device: -71
[  183.596479][ T5934] usb 3-1: unable to get target info from device
[  183.599128][ T5934] usb 3-1: could not get target info (-71)
[  183.603004][ T5934] usb 3-1: could not probe fw (-71)
[  184.119311][ T9042] ICMPv6: Received fragmented ndisc packet. Carefully consider disabling suppress_frag_ndisc.
[  184.227999][ T9049] loop4: detected capacity change from 0 to 512
[  184.232496][ T9049] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  184.250924][ T9049] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  184.261144][ T9050] overlayfs: failed to clone upperpath
[  184.304809][ T7265] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  184.566816][ T9072] netlink: 6 bytes leftover after parsing attributes in process `syz.0.1286'.
[  184.757044][ T9080] input: syz0 as /devices/virtual/input/input14
[  184.895888][ T5934] netdevsim netdevsim4 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  184.902042][ T5934] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  184.974458][ T5934] netdevsim netdevsim4 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  184.978501][ T5934] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  184.988450][   T55] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  184.996245][   T55] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  184.999526][   T55] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  185.005787][   T55] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  185.009183][   T55] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  185.075301][ T5934] netdevsim netdevsim4 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  185.081751][ T5934] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  185.168175][ T5934] netdevsim netdevsim4 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  185.172735][ T5934] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  185.271038][ T9087] loop2: detected capacity change from 0 to 32768
[  185.284900][ T9087] ocfs2: Slot 0 on device (7,2) was already allocated to this node!
[  185.310895][ T9087] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  185.416585][ T9084] chnl_net:caif_netlink_parms(): no params data found
[  185.438650][ T9087] syz.2.1295 (9087) used greatest stack depth: 18472 bytes left
[  185.500508][ T5929] ocfs2: Unmounting device (7,2) on (node local)
[  185.568143][ T5934] bridge_slave_1: left allmulticast mode
[  185.572895][ T5934] bridge_slave_1: left promiscuous mode
[  185.575788][ T5934] bridge0: port 2(bridge_slave_1) entered disabled state
[  185.588012][ T5934] bridge_slave_0: left allmulticast mode
[  185.590960][ T5934] bridge_slave_0: left promiscuous mode
[  185.594875][ T5934] bridge0: port 1(bridge_slave_0) entered disabled state
[  186.301984][ T5934] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  186.305933][ T5934] bond_slave_0: left promiscuous mode
[  186.312201][ T5934] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  186.316505][ T5934] bond_slave_1: left promiscuous mode
[  186.319680][ T5934] bond0 (unregistering): Released all slaves
[  186.364012][ T9115] syzkaller0: tun_chr_ioctl cmd 2147767507
[  186.426546][ T9084] bridge0: port 1(bridge_slave_0) entered blocking state
[  186.429470][ T9084] bridge0: port 1(bridge_slave_0) entered disabled state
[  186.448185][ T9084] bridge_slave_0: entered allmulticast mode
[  186.456225][ T9084] bridge_slave_0: entered promiscuous mode
[  186.529154][ T9084] bridge0: port 2(bridge_slave_1) entered blocking state
[  186.532863][ T9084] bridge0: port 2(bridge_slave_1) entered disabled state
[  186.535977][ T9084] bridge_slave_1: entered allmulticast mode
[  186.540115][ T9084] bridge_slave_1: entered promiscuous mode
[  186.544705][ T9122] netlink: 96 bytes leftover after parsing attributes in process `syz.0.1303'.
[  186.679316][ T9084] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  186.764893][ T9084] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  186.817926][ T9084] team0: Port device team_slave_0 added
[  186.834618][ T5934] hsr_slave_0: left promiscuous mode
[  186.837980][ T5934] hsr_slave_1: left promiscuous mode
[  186.842839][ T5934] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  186.845613][ T5934] batman_adv: batadv0: Removing interface: batadv_slave_0
[  186.848609][ T5934] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  186.854102][ T5934] batman_adv: batadv0: Removing interface: batadv_slave_1
[  186.868270][ T5934] veth1_macvtap: left promiscuous mode
[  186.870580][ T5934] veth0_macvtap: left promiscuous mode
[  186.873040][ T5934] veth1_vlan: left promiscuous mode
[  186.875206][ T5934] veth0_vlan: left promiscuous mode
[  186.910166][ T5925] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  187.062759][ T5925] usb 3-1: Using ep0 maxpacket: 16
[  187.066852][ T5925] usb 3-1: unable to get BOS descriptor or descriptor too short
[  187.072138][ T5925] usb 3-1: config 192 has too many interfaces: 127, using maximum allowed: 32
[  187.075307][ T5925] usb 3-1: config 192 has an invalid interface association descriptor of length 5, skipping
[  187.078794][ T5925] usb 3-1: config 192 has an invalid descriptor of length 0, skipping remainder of the config
[  187.083998][ T5925] usb 3-1: config 192 has 0 interfaces, different from the descriptor's value: 127
[  187.091216][   T55] Bluetooth: hci1: command tx timeout
[  187.095403][ T5925] usb 3-1: config 192 has too many interfaces: 127, using maximum allowed: 32
[  187.098138][ T5925] usb 3-1: config 192 has an invalid interface association descriptor of length 5, skipping
[  187.101675][ T5925] usb 3-1: config 192 has an invalid descriptor of length 0, skipping remainder of the config
[  187.105146][ T5925] usb 3-1: config 192 has 0 interfaces, different from the descriptor's value: 127
[  187.121365][ T5925] usb 3-1: New USB device found, idVendor=03eb, idProduct=7617, bcdDevice= 2.69
[  187.124419][ T5925] usb 3-1: New USB device strings: Mfr=3, Product=1, SerialNumber=9
[  187.127218][ T5925] usb 3-1: Product: syz
[  187.128835][ T5925] usb 3-1: Manufacturer: syz
[  187.133495][ T5925] usb 3-1: SerialNumber: syz
[  187.357006][ T5925] usb 3-1: USB disconnect, device number 20
[  187.408137][ T5934] team0 (unregistering): Port device team_slave_1 removed
[  187.455287][ T5934] team0 (unregistering): Port device team_slave_0 removed
[  188.013960][ T9084] team0: Port device team_slave_1 added
[  188.026661][ T9145] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1312'.
[  188.054467][ T9147] : renamed from wg2 (while UP)
[  188.076220][ T9084] batman_adv: batadv0: Adding interface: batadv_slave_0
[  188.078891][ T9084] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  188.092640][ T9084] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  188.105194][ T9084] batman_adv: batadv0: Adding interface: batadv_slave_1
[  188.108384][ T9084] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  188.123370][ T9084] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  188.284480][ T9084] hsr_slave_0: entered promiscuous mode
[  188.286947][ T9084] hsr_slave_1: entered promiscuous mode
[  188.289100][ T9084] debugfs: 'hsr0' already exists in 'hsr'
[  188.300447][ T9084] Cannot create hsr debugfs directory
[  188.545715][ T9160] loop2: detected capacity change from 0 to 32768
[  188.600355][ T9160] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1318 (9160)
[  188.612391][ T9160] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  188.615650][ T9160] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm
[  189.130266][ T9160] BTRFS info (device loop2): enabling ssd optimizations
[  189.133117][ T9160] BTRFS info (device loop2): turning on async discard
[  189.151678][ T9160] BTRFS info (device loop2): enabling free space tree
[  189.160227][   T55] Bluetooth: hci1: command tx timeout
[  189.212253][ T5929] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  189.228727][ T5934] IPVS: stop unused estimator thread 0...
[  189.982488][ T9084] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  190.073400][ T9084] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  190.094894][ T9084] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  190.103913][ T9084] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  190.655738][ T9084] 8021q: adding VLAN 0 to HW filter on device bond0
[  190.677277][ T9084] 8021q: adding VLAN 0 to HW filter on device team0
[  190.691383][   T27] bridge0: port 1(bridge_slave_0) entered blocking state
[  190.694536][   T27] bridge0: port 1(bridge_slave_0) entered forwarding state
[  190.706320][   T27] bridge0: port 2(bridge_slave_1) entered blocking state
[  190.709458][   T27] bridge0: port 2(bridge_slave_1) entered forwarding state
[  190.875440][ T9084] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  191.083207][ T9084] 8021q: adding VLAN 0 to HW filter on device batadv0
[  191.143591][ T9250] loop2: detected capacity change from 0 to 32768
[  191.169592][ T9250] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  191.189294][ T9250] (syz.2.1331,9250,1):ocfs2_inode_is_valid_to_delete:948 ERROR: Skipping delete of system file 72
[  191.205513][ T9250] ocfs2: Unmounting device (7,2) on (node local)
[  191.250793][   T55] Bluetooth: hci1: command tx timeout
[  191.391137][ T9084] veth0_vlan: entered promiscuous mode
[  191.397563][ T9084] veth1_vlan: entered promiscuous mode
[  191.419569][ T9084] veth0_macvtap: entered promiscuous mode
[  191.426638][ T9084] veth1_macvtap: entered promiscuous mode
[  191.437333][ T9084] batman_adv: batadv0: Interface activated: batadv_slave_0
[  191.451935][ T9084] batman_adv: batadv0: Interface activated: batadv_slave_1
[  191.464760][   T13] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  191.471467][   T13] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  191.474411][   T13] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  191.477297][   T13] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  191.482508][ T9268] loop2: detected capacity change from 0 to 1024
[  191.568855][ T7569] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  191.572833][ T7569] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  191.632325][ T3991] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  191.642749][ T3991] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  192.619441][ T9292] evm: overlay not supported
[  193.147699][ T9324] loop2: detected capacity change from 0 to 256
[  193.164699][ T9324] exfat: Deprecated parameter 'utf8'
[  193.187801][ T9324] exfat: Deprecated parameter 'utf8'
[  193.206090][ T9324] exfat: Deprecated parameter 'namecase'
[  193.247593][ T9324] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x5f26ded4, utbl_chksum : 0xe619d30d)
[  193.332449][   T55] Bluetooth: hci1: command tx timeout
[  193.791491][ T9329] netlink: 'syz.4.1358': attribute type 1 has an invalid length.
[  193.798177][ T9329] netlink: 'syz.4.1358': attribute type 2 has an invalid length.
[  193.883744][   T34] audit: type=1326 audit(1764021224.027:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9332 comm="syz.0.1360" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0497d8f749 code=0x7ffc0000
[  193.900780][   T34] audit: type=1326 audit(1764021224.027:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9332 comm="syz.0.1360" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0497d8f749 code=0x7ffc0000
[  193.926171][   T34] audit: type=1326 audit(1764021224.037:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9332 comm="syz.0.1360" exe="/syz-executor" sig=0 arch=c000003e syscall=26 compat=0 ip=0x7f0497d8f749 code=0x7ffc0000
[  193.953168][   T34] audit: type=1326 audit(1764021224.047:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9332 comm="syz.0.1360" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0497d8f749 code=0x7ffc0000
[  193.973831][   T34] audit: type=1326 audit(1764021224.047:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9332 comm="syz.0.1360" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0497d8f749 code=0x7ffc0000
[  194.594864][ T9337] loop4: detected capacity change from 0 to 32768
[  194.633724][ T9337] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  194.671691][ T9337] XFS (loop4): Ending clean mount
[  194.729560][ T9084] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  194.859856][ T1360] ieee802154 phy0 wpan0: encryption failed: -22
[  194.862920][ T1360] ieee802154 phy1 wpan1: encryption failed: -22
[  194.865731][ T9355] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1366'.
[  195.152738][ T9361] loop4: detected capacity change from 0 to 32768
[  195.157251][ T9361] (syz.4.1364,9361,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  195.162382][ T9361] (syz.4.1364,9361,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  195.188702][ T9361] (syz.4.1364,9361,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xbec99099, computed 0x3881d996. Applying ECC.
[  195.194900][ T9361] (syz.4.1364,9361,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x93f628a2, computed 0x2aee8be5. Applying ECC.
[  195.201500][ T9361] JBD2: Ignoring recovery information on journal
[  195.221709][ T9361] (syz.4.1364,9361,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xbec99099, computed 0x3881d996. Applying ECC.
[  195.228172][ T9361] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  195.233971][ T9361] (syz.4.1364,9361,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x93f628a2, computed 0x2aee8be5. Applying ECC.
[  195.242414][ T9361] (syz.4.1364,9361,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x98842a5e, computed 0xe74db1cd. Applying ECC.
[  195.304302][ T9084] ocfs2: Unmounting device (7,4) on (node local)
[  195.325915][ T9357] loop2: detected capacity change from 0 to 32768
[  195.332140][ T9357] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1367 (9357)
[  195.342743][ T9357] BTRFS info (device loop2): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  195.346770][ T9357] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[  195.394828][ T9357] BTRFS info (device loop2): enabling ssd optimizations
[  195.397791][ T9357] BTRFS info (device loop2): turning on async discard
[  195.415275][ T9357] BTRFS info (device loop2): enabling free space tree
[  195.446062][ T9357] BTRFS info (device loop2): use zstd compression, level 3
[  195.735808][ T5929] BTRFS info (device loop2): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  196.014895][ T9406] cifs: Bad value for 'cache'
[  196.017834][ T5926] Bluetooth: hci0: unexpected cc 0x2039 length: 9 > 1
[  196.024240][ T5926] Bluetooth: hci0: unexpected event for opcode 0x2039
[  196.145587][ T9410] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1381'.
[  196.291244][ T9414] netlink: 'syz.4.1383': attribute type 1 has an invalid length.
[  196.294695][ T9414] netlink: 244 bytes leftover after parsing attributes in process `syz.4.1383'.
[  196.423584][ T9412] loop2: detected capacity change from 0 to 32768
[  196.437136][ T9412] XFS (loop2): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  196.519234][ T9412] XFS (loop2): Ending clean mount
[  196.608286][ T5929] XFS (loop2): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  197.420705][ T9454] loop2: detected capacity change from 0 to 512
[  197.472834][ T9454] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  197.571512][ T5970] IPVS: starting estimator thread 0...
[  197.623160][ T5929] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  197.660826][ T9461] IPVS: using max 78 ests per chain, 187200 per kthread
[  197.744385][ T9465] 9pnet_fd: Insufficient options for proto=fd
[  198.258020][ T9493] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1409'.
[  198.359771][ T9501] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1413'.
[  198.410643][   T34] audit: type=1326 audit(1764021228.547:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9504 comm="syz.4.1415" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14f478f749 code=0x7ffc0000
[  198.419108][   T34] audit: type=1326 audit(1764021228.547:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9504 comm="syz.4.1415" exe="/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7f14f478f749 code=0x7ffc0000
[  198.442241][   T34] audit: type=1326 audit(1764021228.547:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9504 comm="syz.4.1415" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14f478f749 code=0x7ffc0000
[  198.451488][   T34] audit: type=1326 audit(1764021228.547:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9504 comm="syz.4.1415" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f14f478f749 code=0x7ffc0000
[  198.458024][   T34] audit: type=1326 audit(1764021228.547:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9504 comm="syz.4.1415" exe="/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f14f478f749 code=0x7ffc0000
[  198.719957][ T9519] fuse: Bad value for 'fd'
[  199.438279][ T9523] loop2: detected capacity change from 0 to 40427
[  199.476645][ T9523] F2FS-fs (loop2): build fault injection rate: 14
[  199.479268][ T9523] F2FS-fs (loop2): build fault injection type: 0x3bfe8c
[  199.489005][ T9523] F2FS-fs (loop2): invalid crc value
[  199.492584][    C1] F2FS-fs (loop2): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60
[  199.510229][    C1] F2FS-fs (loop2): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60
[  199.557302][ T9523] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  199.564335][ T9523] F2FS-fs (loop2): inject page alloc in f2fs_grab_cache_folio of __get_meta_folio+0x157/0x4f0
[  199.578312][ T9523] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  199.599002][ T9523] F2FS-fs (loop2): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x1d9/0xa40
[  199.710650][ T5987] libceph: connect (1)[c::]:6789 error -101
[  199.713149][ T5987] libceph: mon0 (1)[c::]:6789 connect error
[  199.734778][ T5929] F2FS-fs (loop2): inject inconsistent footer in sanity_check_node_footer of f2fs_get_dnode_of_data+0xab4/0x1cf0
[  199.742576][ T5929] F2FS-fs (loop2): inconsistent node block, node_type:3, nid:13, node_footer[nid:13,ino:3,ofs:191623,cpver:0,blkaddr:0]
[  199.792134][    C1] F2FS-fs (loop2): inject write IO error in f2fs_write_end_io of blk_update_request+0x57e/0xe60
[  199.796329][    C1] CPU: 1 UID: 0 PID: 23 Comm: ksoftirqd/1 Not tainted syzkaller #0 PREEMPT(full) 
[  199.796347][    C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  199.796355][    C1] Call Trace:
[  199.796360][    C1]  <TASK>
[  199.796366][    C1]  dump_stack_lvl+0x189/0x250
[  199.796387][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[  199.796403][    C1]  ? __pfx_queue_work_on+0x10/0x10
[  199.796416][    C1]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  199.796434][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  199.796457][    C1]  f2fs_handle_critical_error+0x37c/0x540
[  199.796485][    C1]  f2fs_write_end_io+0x886/0xb60
[  199.796508][    C1]  blk_update_request+0x57e/0xe60
[  199.796532][    C1]  blk_mq_end_request+0x3e/0x70
[  199.796548][    C1]  blk_done_softirq+0x10a/0x160
[  199.796564][    C1]  handle_softirqs+0x286/0x870
[  199.796580][    C1]  ? run_ksoftirqd+0x9b/0x100
[  199.796597][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  199.796612][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  199.796626][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  199.796638][    C1]  run_ksoftirqd+0x9b/0x100
[  199.796651][    C1]  ? __pfx_run_ksoftirqd+0x10/0x10
[  199.796669][    C1]  smpboot_thread_fn+0x542/0xa60
[  199.796683][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  199.796702][    C1]  kthread+0x711/0x8a0
[  199.796717][    C1]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  199.796730][    C1]  ? __pfx_kthread+0x10/0x10
[  199.796747][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  199.796762][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  199.796777][    C1]  ? __pfx_kthread+0x10/0x10
[  199.796792][    C1]  ret_from_fork+0x4bc/0x870
[  199.796807][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[  199.796823][    C1]  ? __switch_to_asm+0x39/0x70
[  199.796833][    C1]  ? __switch_to_asm+0x33/0x70
[  199.796842][    C1]  ? __pfx_kthread+0x10/0x10
[  199.796857][    C1]  ret_from_fork_asm+0x1a/0x30
[  199.796878][    C1]  </TASK>
[  199.796884][    C1] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  199.874168][    C1] CPU: 1 UID: 0 PID: 23 Comm: ksoftirqd/1 Not tainted syzkaller #0 PREEMPT(full) 
[  199.874187][    C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  199.874195][    C1] Call Trace:
[  199.874203][    C1]  <TASK>
[  199.874210][    C1]  dump_stack_lvl+0x189/0x250
[  199.874232][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[  199.874246][    C1]  ? __pfx_queue_work_on+0x10/0x10
[  199.874258][    C1]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  199.874274][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  199.874294][    C1]  f2fs_handle_critical_error+0x37c/0x540
[  199.874315][    C1]  f2fs_write_end_io+0x886/0xb60
[  199.874338][    C1]  blk_update_request+0x57e/0xe60
[  199.874361][    C1]  blk_mq_end_request+0x3e/0x70
[  199.874376][    C1]  blk_done_softirq+0x10a/0x160
[  199.874392][    C1]  handle_softirqs+0x286/0x870
[  199.874407][    C1]  ? run_ksoftirqd+0x9b/0x100
[  199.874424][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  199.874438][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  199.874452][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  199.874471][    C1]  run_ksoftirqd+0x9b/0x100
[  199.874484][    C1]  ? __pfx_run_ksoftirqd+0x10/0x10
[  199.874501][    C1]  smpboot_thread_fn+0x542/0xa60
[  199.874516][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  199.874533][    C1]  kthread+0x711/0x8a0
[  199.874551][    C1]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  199.874564][    C1]  ? __pfx_kthread+0x10/0x10
[  199.874580][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  199.874595][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  199.874610][    C1]  ? __pfx_kthread+0x10/0x10
[  199.874625][    C1]  ret_from_fork+0x4bc/0x870
[  199.874639][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[  199.874655][    C1]  ? __switch_to_asm+0x39/0x70
[  199.874664][    C1]  ? __switch_to_asm+0x33/0x70
[  199.874673][    C1]  ? __pfx_kthread+0x10/0x10
[  199.874688][    C1]  ret_from_fork_asm+0x1a/0x30
[  199.874709][    C1]  </TASK>
[  199.874715][    C1] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  199.950857][    C1] CPU: 1 UID: 0 PID: 23 Comm: ksoftirqd/1 Not tainted syzkaller #0 PREEMPT(full) 
[  199.950876][    C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  199.950883][    C1] Call Trace:
[  199.950891][    C1]  <TASK>
[  199.950899][    C1]  dump_stack_lvl+0x189/0x250
[  199.950923][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[  199.950939][    C1]  ? __pfx_queue_work_on+0x10/0x10
[  199.950952][    C1]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  199.950969][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  199.950992][    C1]  f2fs_handle_critical_error+0x37c/0x540
[  199.951015][    C1]  f2fs_write_end_io+0x886/0xb60
[  199.951068][    C1]  blk_update_request+0x57e/0xe60
[  199.951094][    C1]  blk_mq_end_request+0x3e/0x70
[  199.951110][    C1]  blk_done_softirq+0x10a/0x160
[  199.951127][    C1]  handle_softirqs+0x286/0x870
[  199.951143][    C1]  ? run_ksoftirqd+0x9b/0x100
[  199.951161][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  199.951177][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  199.951193][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  199.951205][    C1]  run_ksoftirqd+0x9b/0x100
[  199.951218][    C1]  ? __pfx_run_ksoftirqd+0x10/0x10
[  199.951236][    C1]  smpboot_thread_fn+0x542/0xa60
[  199.951249][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  199.951266][    C1]  kthread+0x711/0x8a0
[  199.951283][    C1]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  199.951295][    C1]  ? __pfx_kthread+0x10/0x10
[  199.951312][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  199.951328][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  199.951343][    C1]  ? __pfx_kthread+0x10/0x10
[  199.951360][    C1]  ret_from_fork+0x4bc/0x870
[  199.951375][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[  199.951392][    C1]  ? __switch_to_asm+0x39/0x70
[  199.951402][    C1]  ? __switch_to_asm+0x33/0x70
[  199.951411][    C1]  ? __pfx_kthread+0x10/0x10
[  199.951427][    C1]  ret_from_fork_asm+0x1a/0x30
[  199.951450][    C1]  </TASK>
[  199.951455][    C1] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  200.020626][    C1] CPU: 1 UID: 0 PID: 23 Comm: ksoftirqd/1 Not tainted syzkaller #0 PREEMPT(full) 
[  200.020638][    C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  200.020643][    C1] Call Trace:
[  200.020648][    C1]  <TASK>
[  200.020652][    C1]  dump_stack_lvl+0x189/0x250
[  200.020668][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[  200.020677][    C1]  ? __pfx_queue_work_on+0x10/0x10
[  200.020684][    C1]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  200.020694][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  200.020706][    C1]  f2fs_handle_critical_error+0x37c/0x540
[  200.020724][    C1]  f2fs_write_end_io+0x886/0xb60
[  200.020737][    C1]  blk_update_request+0x57e/0xe60
[  200.020751][    C1]  blk_mq_end_request+0x3e/0x70
[  200.020759][    C1]  blk_done_softirq+0x10a/0x160
[  200.020768][    C1]  handle_softirqs+0x286/0x870
[  200.020778][    C1]  ? run_ksoftirqd+0x9b/0x100
[  200.020787][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  200.020795][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  200.020803][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  200.020809][    C1]  run_ksoftirqd+0x9b/0x100
[  200.020818][    C1]  ? __pfx_run_ksoftirqd+0x10/0x10
[  200.020827][    C1]  smpboot_thread_fn+0x542/0xa60
[  200.020835][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  200.020844][    C1]  kthread+0x711/0x8a0
[  200.020854][    C1]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  200.020861][    C1]  ? __pfx_kthread+0x10/0x10
[  200.020874][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  200.020882][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  200.020891][    C1]  ? __pfx_kthread+0x10/0x10
[  200.020899][    C1]  ret_from_fork+0x4bc/0x870
[  200.020907][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[  200.020916][    C1]  ? __switch_to_asm+0x39/0x70
[  200.020921][    C1]  ? __switch_to_asm+0x33/0x70
[  200.020926][    C1]  ? __pfx_kthread+0x10/0x10
[  200.020934][    C1]  ret_from_fork_asm+0x1a/0x30
[  200.020945][    C1]  </TASK>
[  200.020949][    C1] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  200.088925][    C1] CPU: 1 UID: 0 PID: 23 Comm: ksoftirqd/1 Not tainted syzkaller #0 PREEMPT(full) 
[  200.088938][    C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  200.088942][    C1] Call Trace:
[  200.088947][    C1]  <TASK>
[  200.088951][    C1]  dump_stack_lvl+0x189/0x250
[  200.088966][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[  200.088975][    C1]  ? __pfx_queue_work_on+0x10/0x10
[  200.088982][    C1]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  200.088991][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  200.089003][    C1]  f2fs_handle_critical_error+0x37c/0x540
[  200.089016][    C1]  f2fs_write_end_io+0x886/0xb60
[  200.089055][    C1]  blk_update_request+0x57e/0xe60
[  200.089076][    C1]  blk_mq_end_request+0x3e/0x70
[  200.089090][    C1]  blk_done_softirq+0x10a/0x160
[  200.089103][    C1]  handle_softirqs+0x286/0x870
[  200.089116][    C1]  ? run_ksoftirqd+0x9b/0x100
[  200.089131][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  200.089144][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  200.089153][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  200.089159][    C1]  run_ksoftirqd+0x9b/0x100
[  200.089167][    C1]  ? __pfx_run_ksoftirqd+0x10/0x10
[  200.089177][    C1]  smpboot_thread_fn+0x542/0xa60
[  200.089184][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  200.089194][    C1]  kthread+0x711/0x8a0
[  200.089203][    C1]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  200.089210][    C1]  ? __pfx_kthread+0x10/0x10
[  200.089219][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  200.089227][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  200.089235][    C1]  ? __pfx_kthread+0x10/0x10
[  200.089243][    C1]  ret_from_fork+0x4bc/0x870
[  200.089251][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[  200.089259][    C1]  ? __switch_to_asm+0x39/0x70
[  200.089265][    C1]  ? __switch_to_asm+0x33/0x70
[  200.089270][    C1]  ? __pfx_kthread+0x10/0x10
[  200.089278][    C1]  ret_from_fork_asm+0x1a/0x30
[  200.089288][    C1]  </TASK>
[  200.089292][    C1] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  200.153913][ T5926] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  200.157496][ T5926] Bluetooth: hci0: Injecting HCI hardware error event
[  200.162819][ T5926] Bluetooth: hci0: hardware error 0x00
[  200.169950][ T5929] F2FS-fs (loop2): do_checkpoint failed err:-5, stop checkpoint
[  200.174795][  T794] libceph: connect (1)[c::]:6789 error -101
[  200.176732][  T794] libceph: mon0 (1)[c::]:6789 connect error
[  200.267346][ T9535] ceph: No mds server is up or the cluster is laggy
[  200.320863][ T9540] loop4: detected capacity change from 0 to 32768
[  200.356628][ T9540] btrfs: Deprecated parameter 'usebackuproot'
[  200.358712][ T9540] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  200.370065][ T9540] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1428 (9540)
[  200.383569][ T9540] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  200.387462][ T9540] BTRFS info (device loop4): using crc32c (crc32c-lib) checksum algorithm
[  200.462496][ T5201] Bluetooth: hci0: unexpected event for opcode 0x080c
[  200.497478][ T9558] netlink: 'syz.0.1430': attribute type 1 has an invalid length.
[  200.497962][  T455] BTRFS warning (device loop4): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0x32b4fbab level 0
[  200.525882][ T9540] BTRFS error (device loop4): failed to load root extent
[  200.528746][ T9540] BTRFS warning (device loop4): try to load backup roots slot 1
[  200.549566][ T9558] bond2: (slave ip6gretap1): Enslaving as a backup interface with an up link
[  200.565225][ T9540] BTRFS info (device loop4): setting nodatasum
[  200.567531][ T9540] BTRFS info (device loop4): setting nodatacow
[  200.569713][ T9540] BTRFS info (device loop4): turning on flush-on-commit
[  200.575001][ T9558] 8021q: adding VLAN 0 to HW filter on device bond2
[  200.579469][ T5934] bond2: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  200.600019][ T9540] BTRFS info (device loop4): turning on sync discard
[  200.602429][ T9540] BTRFS info (device loop4): enabling free space tree
[  200.604421][ T9540] BTRFS info (device loop4): force clearing of disk cache
[  200.607069][ T9540] BTRFS info (device loop4): trying to use backup root at mount time
[  200.670135][ T9084] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  200.691459][   T13] bond2: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  201.369537][ T9582] loop4: detected capacity change from 0 to 2048
[  201.410578][ T9582] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  201.416068][ T9582] ext4 filesystem being mounted at /29/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  201.523088][ T9084] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  201.673825][ T9596] loop4: detected capacity change from 0 to 512
[  201.676985][ T9596] ext4: Bad value for 'sb'
[  202.200210][   T55] Bluetooth: hci2: command 0x206a tx timeout
[  202.290102][ T9617] IPv6: Can't replace route, no match found
[  202.379999][ T5926] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  202.393292][ T9616] loop2: detected capacity change from 0 to 8
[  202.486365][ T9620] input: syz1 as /devices/virtual/input/input16
[  202.784232][ T9626] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1454'.
[  204.217061][ T9654] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1467'.
[  204.223966][ T9654] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1467'.
[  204.271520][ T9656] loop4: detected capacity change from 0 to 256
[  204.274099][ T9656] exfat: Deprecated parameter 'namecase'
[  204.276570][ T9656] exfat: Deprecated parameter 'codepage'
[  204.278969][ T9656] exfat: Bad value for 'codepage'
[  204.291329][ T9658] loop2: detected capacity change from 0 to 16
[  204.296625][ T9658] erofs (device loop2): mounted with root inode @ nid 36.
[  204.466552][ T9665] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1472'.
[  204.518080][ T9667] loop2: detected capacity change from 0 to 1764
[  204.588863][ T9661] loop4: detected capacity change from 0 to 32768
[  204.610881][ T9661] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  204.654952][ T9084] ocfs2: Unmounting device (7,4) on (node local)
[  205.734090][ T9704] loop2: detected capacity change from 0 to 40427
[  205.736543][ T9704] f2fs: Unknown parameter '01777777777777777777777'
[  205.795243][ T5987] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  205.846268][ T9704] loop2: detected capacity change from 0 to 2048
[  205.848798][ T9704] udf: Unexpected value for 'shortad'
[  205.970303][ T5987] usb 5-1: Using ep0 maxpacket: 32
[  206.054548][ T5987] usb 5-1: config 0 has an invalid interface number: 133 but max is 0
[  206.333840][ T5987] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  206.337995][ T5987] usb 5-1: config 0 has no interface number 0
[  206.389998][ T5987] usb 5-1: config 0 interface 133 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  206.394064][ T5987] usb 5-1: config 0 interface 133 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0
[  206.397769][ T5987] usb 5-1: config 0 interface 133 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  206.411791][ T5987] usb 5-1: New USB device found, idVendor=0424, idProduct=012c, bcdDevice=71.1e
[  206.415310][ T5987] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  206.419301][ T5987] usb 5-1: Product: syz
[  206.423137][ T5987] usb 5-1: Manufacturer: syz
[  206.424920][ T5987] usb 5-1: SerialNumber: syz
[  206.429738][ T5987] usb 5-1: config 0 descriptor??
[  206.642458][ T9730] netlink: 96 bytes leftover after parsing attributes in process `syz.2.1501'.
[  206.648017][ T5987] usb 5-1: probing VID:PID(0424:012C)   
[  206.649531][ T5987] usb 5-1: vub300 testing BULK OUT EndPoint(0) 0B
[  206.657286][ T5987] usb 5-1: Could not find two sets of bulk-in/out endpoint pairs
[  206.659662][ T5987] vub300 5-1:0.133: probe with driver vub300 failed with error -22
[  206.664354][ T5987] usb 5-1: USB disconnect, device number 11
[  207.213698][ T9760] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  207.599910][ T5925] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  207.665892][ T9780] loop2: detected capacity change from 0 to 4096
[  207.679690][ T9780] EXT4-fs (loop2): Test dummy encryption mode enabled
[  207.688273][ T9780] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  207.718876][ T5929] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  207.755764][ T5925] usb 5-1: Using ep0 maxpacket: 32
[  207.762274][ T5925] usb 5-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  207.765993][ T5925] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  207.769522][ T5925] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  207.773117][ T5925] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  207.779359][ T5925] usb 5-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22
[  207.786556][ T5925] usb 5-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131
[  207.789449][ T5925] usb 5-1: Product: syz
[  207.800325][ T5925] usb 5-1: Manufacturer: syz
[  207.801811][ T5925] usb 5-1: SerialNumber: syz
[  207.813798][ T9778] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  207.821129][ T5925] input: appletouch as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/input/input17
[  207.875000][    C1] appletouch 5-1:1.0: atp_complete: usb_submit_urb failed with result -1
[  208.045272][ T5987] usb 5-1: USB disconnect, device number 12
[  208.065449][ T5987] appletouch 5-1:1.0: input: appletouch disconnected
[  208.149703][ T9800] netlink: 'syz.2.1533': attribute type 10 has an invalid length.
[  208.162659][ T9800] team0: Failed to send port change of device netdevsim0 via netlink (err -105)
[  208.165567][ T9800] team0: Failed to send options change via netlink (err -105)
[  208.167917][ T9800] team0: Port device netdevsim0 added
[  208.555920][ T9818] loop2: detected capacity change from 0 to 32768
[  208.574296][ T9818] (syz.2.1541,9818,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  208.581456][ T9818] (syz.2.1541,9818,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  208.595536][ T9818] JBD2: Ignoring recovery information on journal
[  208.652241][ T9818] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  208.724231][ T9818] 
[  208.724309][ T9824] loop4: detected capacity change from 0 to 512
[  208.725701][ T9818] ======================================================
[  208.725714][ T9818] WARNING: possible circular locking dependency detected
[  208.725723][ T9818] syzkaller #0 Not tainted
[  208.729500][ T9824] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  208.731211][ T9818] ------------------------------------------------------
[  208.731222][ T9818] syz.2.1541/9818 is trying to acquire lock:
[  208.731231][ T9818] ffff88810afd2610 (sb_internal#4){.+.+}-{0:0}, at: ocfs2_acquire_dquot+0x455/0xb30
[  208.731274][ T9818] 
[  208.731274][ T9818] but task is already holding lock:
[  208.731279][ T9818] ffff8881ad08dd60 (&ocfs2_quota_ip_alloc_sem_key){++++}-{4:4}, at: ocfs2_lock_global_qf+0x1e8/0x270
[  208.731310][ T9818] 
[  208.731310][ T9818] which lock already depends on the new lock.
[  208.731310][ T9818] 
[  208.731314][ T9818] 
[  208.731314][ T9818] the existing dependency chain (in reverse order) is:
[  208.737203][ T9824] EXT4-fs (loop4): 1 truncate cleaned up
[  208.739309][ T9818] 
[  208.739309][ T9818] -> #6 (
[  208.742606][ T9824] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  208.744354][ T9818] &ocfs2_quota_ip_alloc_sem_key){++++}-{4:4}:
[  208.775481][ T9818]        lock_acquire+0x120/0x360
[  208.777519][ T9818]        down_write+0x96/0x1f0
[  208.779606][ T9818]        ocfs2_lock_global_qf+0x1e8/0x270
[  208.782201][ T9818]        ocfs2_acquire_dquot+0x2b0/0xb30
[  208.784594][ T9818]        dqget+0x7b1/0xf10
[  208.786449][ T9818]        __dquot_initialize+0x3b3/0xcb0
[  208.788833][ T9818]        ocfs2_get_init_inode+0x13b/0x1b0
[  208.791264][ T9818]        ocfs2_mknod+0x863/0x2050
[  208.793744][ T9818]        ocfs2_mkdir+0x191/0x440
[  208.795987][ T9818]        vfs_mkdir+0x306/0x510
[  208.798073][ T9818]        do_mkdirat+0x247/0x590
[  208.800008][ T9818]        __x64_sys_mkdirat+0x87/0xa0
[  208.802081][ T9818]        do_syscall_64+0xfa/0xfa0
[  208.804521][ T9818]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.807160][ T9818] 
[  208.807160][ T9818] -> #5 (&ocfs2_sysfile_lock_key[USER_QUOTA_SYSTEM_INODE]){+.+.}-{4:4}:
[  208.811491][ T9818]        lock_acquire+0x120/0x360
[  208.813600][ T9818]        down_write+0x96/0x1f0
[  208.815590][ T9818]        ocfs2_lock_global_qf+0x1ca/0x270
[  208.817935][ T9818]        ocfs2_acquire_dquot+0x2b0/0xb30
[  208.820191][ T9818]        dqget+0x7b1/0xf10
[  208.822131][ T9818]        __dquot_initialize+0x3b3/0xcb0
[  208.824452][ T9818]        ocfs2_get_init_inode+0x13b/0x1b0
[  208.826885][ T9818]        ocfs2_mknod+0x863/0x2050
[  208.829262][ T9818]        ocfs2_mkdir+0x191/0x440
[  208.831328][ T9818]        vfs_mkdir+0x306/0x510
[  208.833377][ T9818]        do_mkdirat+0x247/0x590
[  208.835435][ T9818]        __x64_sys_mkdirat+0x87/0xa0
[  208.837522][ T9818]        do_syscall_64+0xfa/0xfa0
[  208.839776][ T9818]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.842695][ T9818] 
[  208.842695][ T9818] -> #4 (&dquot->dq_lock){+.+.}-{4:4}:
[  208.847107][ T9818]        lock_acquire+0x120/0x360
[  208.849370][ T9818]        __mutex_lock+0x187/0x1350
[  208.851386][ T9818]        dqget+0x72a/0xf10
[  208.853374][ T9818]        __dquot_initialize+0x32a/0xcb0
[  208.856107][ T9818]        __ext4_new_inode+0x7dd/0x3cb0
[  208.858979][ T9818]        ext4_xattr_inode_lookup_create+0xa3f/0x1c20
[  208.861699][ T9818]        ext4_xattr_block_set+0x223/0x2ac0
[  208.864264][ T9818]        ext4_xattr_set_handle+0x1350/0x1590
[  208.867314][ T9818]        ext4_xattr_set+0x230/0x320
[  208.869542][ T9818]        __vfs_setxattr+0x43c/0x480
[  208.871685][ T9818]        __vfs_setxattr_noperm+0x12d/0x660
[  208.874057][ T9818]        vfs_setxattr+0x16b/0x2f0
[  208.876116][ T9818]        filename_setxattr+0x274/0x600
[  208.878828][ T9818]        path_setxattrat+0x364/0x3a0
[  208.881771][ T9818]        __x64_sys_setxattr+0xbc/0xe0
[  208.885740][ T9818]        do_syscall_64+0xfa/0xfa0
[  208.889005][ T9818]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.891633][ T9818] 
[  208.891633][ T9818] -> #3 (&ei->xattr_sem){++++}-{4:4}:
[  208.894645][ T9818]        lock_acquire+0x120/0x360
[  208.896688][ T9818]        down_read+0x46/0x2e0
[  208.898677][ T9818]        ext4_setattr+0x855/0x1bc0
[  208.901180][ T9818]        notify_change+0xc1a/0xf40
[  208.904817][ T9818]        chown_common+0x40c/0x5c0
[  208.907969][ T9818]        do_fchownat+0x161/0x270
[  208.910389][ T9818]        __x64_sys_chown+0x82/0xa0
[  208.912493][ T9818]        do_syscall_64+0xfa/0xfa0
[  208.914568][ T9818]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.917104][ T9818] 
[  208.917104][ T9818] -> #2 (jbd2_handle){++++}-{0:0}:
[  208.921197][ T9818]        lock_acquire+0x120/0x360
[  208.923347][ T9818]        start_this_handle+0x1fa7/0x21c0
[  208.927052][ T9818]        jbd2__journal_start+0x2c1/0x5b0
[  208.929729][ T9818]        jbd2_journal_start+0x2a/0x40
[  208.931882][ T9818]        ocfs2_start_trans+0x376/0x6d0
[  208.934267][ T9818]        ocfs2_shutdown_local_alloc+0x200/0xa10
[  208.936820][ T9818]        ocfs2_dismount_volume+0x201/0x8d0
[  208.939443][ T9818]        generic_shutdown_super+0x135/0x2c0
[  208.942903][ T9818]        kill_block_super+0x44/0x90
[  208.946186][ T9818]        deactivate_locked_super+0xbc/0x130
[  208.949138][ T9818]        cleanup_mnt+0x425/0x4c0
[  208.951198][ T9818]        task_work_run+0x1d4/0x260
[  208.953421][ T9818]        exit_to_user_mode_loop+0xe9/0x130
[  208.955851][ T9818]        do_syscall_64+0x2bd/0xfa0
[  208.958077][ T9818]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.961723][ T9818] 
[  208.961723][ T9818] -> #1 (&journal->j_trans_barrier){.+.+}-{4:4}:
[  208.966245][ T9818]        lock_acquire+0x120/0x360
[  208.969061][ T9818]        down_read+0x46/0x2e0
[  208.970957][ T9818]        ocfs2_start_trans+0x36a/0x6d0
[  208.973373][ T9818]        ocfs2_shutdown_local_alloc+0x200/0xa10
[  208.976055][ T9818]        ocfs2_dismount_volume+0x201/0x8d0
[  208.978454][ T9818]        generic_shutdown_super+0x135/0x2c0
[  208.981720][ T9818]        kill_block_super+0x44/0x90
[  208.984314][ T9818]        deactivate_locked_super+0xbc/0x130
[  208.987455][ T9818]        cleanup_mnt+0x425/0x4c0
[  208.989747][ T9818]        task_work_run+0x1d4/0x260
[  208.991975][ T9818]        exit_to_user_mode_loop+0xe9/0x130
[  208.994452][ T9818]        do_syscall_64+0x2bd/0xfa0
[  208.996552][ T9818]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  208.999434][ T9818] 
[  208.999434][ T9818] -> #0 (sb_internal#4){.+.+}-{0:0}:
[  209.003172][ T9818]        validate_chain+0xb9b/0x2140
[  209.007139][ T9818]        __lock_acquire+0xab9/0xd20
[  209.009836][ T9818]        lock_acquire+0x120/0x360
[  209.011960][ T9818]        ocfs2_start_trans+0x26b/0x6d0
[  209.014149][ T9818]        ocfs2_acquire_dquot+0x455/0xb30
[  209.016314][ T9818]        dqget+0x7b1/0xf10
[  209.017917][ T9818]        __dquot_initialize+0x3b3/0xcb0
[  209.020270][ T9818]        ocfs2_get_init_inode+0x13b/0x1b0
[  209.023274][ T9818]        ocfs2_mknod+0x863/0x2050
[  209.025454][ T9818]        ocfs2_mkdir+0x191/0x440
[  209.029172][ T9818]        vfs_mkdir+0x306/0x510
[  209.031282][ T9818]        do_mkdirat+0x247/0x590
[  209.033232][ T9818]        __x64_sys_mkdirat+0x87/0xa0
[  209.035206][ T9818]        do_syscall_64+0xfa/0xfa0
[  209.037089][ T9818]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.040093][ T9818] 
[  209.040093][ T9818] other info that might help us debug this:
[  209.040093][ T9818] 
[  209.045416][ T9818] Chain exists of:
[  209.045416][ T9818]   sb_internal#4 --> &ocfs2_sysfile_lock_key[USER_QUOTA_SYSTEM_INODE] --> &ocfs2_quota_ip_alloc_sem_key
[  209.045416][ T9818] 
[  209.053214][ T9818]  Possible unsafe locking scenario:
[  209.053214][ T9818] 
[  209.056278][ T9818]        CPU0                    CPU1
[  209.058802][ T9818]        ----                    ----
[  209.061806][ T9818]   lock(&ocfs2_quota_ip_alloc_sem_key);
[  209.064529][ T9818]                                lock(&ocfs2_sysfile_lock_key[USER_QUOTA_SYSTEM_INODE]);
[  209.068740][ T9818]                                lock(&ocfs2_quota_ip_alloc_sem_key);
[  209.072040][ T9818]   rlock(sb_internal#4);
[  209.073835][ T9818] 
[  209.073835][ T9818]  *** DEADLOCK ***
[  209.073835][ T9818] 
[  209.077327][ T9818] 6 locks held by syz.2.1541/9818:
[  209.080664][ T9818]  #0: ffff88810afd2420 (sb_writers#26){.+.+}-{0:0}, at: mnt_want_write+0x41/0x90
[  209.086201][ T9818]  #1: ffff8881ad0889c0 (&type->i_mutex_dir_key#17/1){+.+.}-{4:4}, at: filename_create+0x1f8/0x3c0
[  209.090968][ T9818]  #2: ffff8881199a1840 (&ocfs2_sysfile_lock_key[INODE_ALLOC_SYSTEM_INODE]){+.+.}-{4:4}, at: ocfs2_reserve_suballoc_bits+0x15e/0x4640
[  209.096409][ T9818]  #3: ffff88811aea80a8 (&dquot->dq_lock){+.+.}-{4:4}, at: ocfs2_acquire_dquot+0x2a3/0xb30
[  209.100872][ T9818]  #4: ffff8881ad08e0c0 (&ocfs2_sysfile_lock_key[USER_QUOTA_SYSTEM_INODE]){+.+.}-{4:4}, at: ocfs2_lock_global_qf+0x1ca/0x270
[  209.106322][ T9818]  #5: ffff8881ad08dd60 (&ocfs2_quota_ip_alloc_sem_key){++++}-{4:4}, at: ocfs2_lock_global_qf+0x1e8/0x270
[  209.111439][ T9818] 
[  209.111439][ T9818] stack backtrace:
[  209.113869][ T9818] CPU: 0 UID: 0 PID: 9818 Comm: syz.2.1541 Not tainted syzkaller #0 PREEMPT(full) 
[  209.113886][ T9818] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  209.113893][ T9818] Call Trace:
[  209.113902][ T9818]  <TASK>
[  209.113909][ T9818]  dump_stack_lvl+0x189/0x250
[  209.113930][ T9818]  ? __pfx_dump_stack_lvl+0x10/0x10
[  209.113945][ T9818]  ? __pfx__printk+0x10/0x10
[  209.113958][ T9818]  ? print_lock_name+0xde/0x100
[  209.113969][ T9818]  print_circular_bug+0x2ee/0x310
[  209.113986][ T9818]  check_noncircular+0x134/0x160
[  209.114002][ T9818]  validate_chain+0xb9b/0x2140
[  209.114044][ T9818]  __lock_acquire+0xab9/0xd20
[  209.114058][ T9818]  ? ocfs2_acquire_dquot+0x455/0xb30
[  209.114072][ T9818]  lock_acquire+0x120/0x360
[  209.114083][ T9818]  ? ocfs2_acquire_dquot+0x455/0xb30
[  209.114099][ T9818]  ? do_raw_spin_unlock+0x4d/0x240
[  209.114116][ T9818]  ocfs2_start_trans+0x26b/0x6d0
[  209.114130][ T9818]  ? ocfs2_acquire_dquot+0x455/0xb30
[  209.114145][ T9818]  ? __pfx_ocfs2_start_trans+0x10/0x10
[  209.114160][ T9818]  ? do_raw_spin_unlock+0x4d/0x240
[  209.114175][ T9818]  ? _raw_spin_unlock+0x28/0x50
[  209.114189][ T9818]  ? ocfs2_qinfo_unlock+0x121/0x150
[  209.114204][ T9818]  ocfs2_acquire_dquot+0x455/0xb30
[  209.114221][ T9818]  ? __pfx_ocfs2_acquire_dquot+0x10/0x10
[  209.114238][ T9818]  dqget+0x7b1/0xf10
[  209.114254][ T9818]  __dquot_initialize+0x3b3/0xcb0
[  209.114270][ T9818]  ? __pfx___dquot_initialize+0x10/0x10
[  209.114284][ T9818]  ? do_raw_spin_unlock+0x4d/0x240
[  209.114297][ T9818]  ? from_vfsgid+0x72/0xa0
[  209.114312][ T9818]  ? inode_init_owner+0x1ee/0x3a0
[  209.114328][ T9818]  ocfs2_get_init_inode+0x13b/0x1b0
[  209.114341][ T9818]  ? __pfx_ocfs2_get_init_inode+0x10/0x10
[  209.114354][ T9818]  ocfs2_mknod+0x863/0x2050
[  209.114369][ T9818]  ? __pfx_ocfs2_mknod+0x10/0x10
[  209.114380][ T9818]  ? do_raw_spin_unlock+0x4d/0x240
[  209.114397][ T9818]  ? ocfs2_inode_lock_full_nested+0xabe/0x1b40
[  209.114415][ T9818]  ? __lock_acquire+0xab9/0xd20
[  209.114431][ T9818]  ? __lock_acquire+0xab9/0xd20
[  209.114444][ T9818]  ? do_raw_spin_lock+0x121/0x290
[  209.114461][ T9818]  ? do_raw_spin_unlock+0x4d/0x240
[  209.114477][ T9818]  ? put_pid+0xe9/0x130
[  209.114492][ T9818]  ocfs2_mkdir+0x191/0x440
[  209.114503][ T9818]  ? __pfx_from_kgid+0x10/0x10
[  209.114512][ T9818]  ? apparmor_path_mkdir+0x1a7/0x220
[  209.114526][ T9818]  ? __pfx_ocfs2_mkdir+0x10/0x10
[  209.114537][ T9818]  ? HAS_UNMAPPED_ID+0x11a/0x180
[  209.114552][ T9818]  ? inode_permission+0x149/0x470
[  209.114562][ T9818]  ? __pfx_ocfs2_permission+0x10/0x10
[  209.114572][ T9818]  ? bpf_lsm_inode_mkdir+0x9/0x20
[  209.114584][ T9818]  vfs_mkdir+0x306/0x510
[  209.114602][ T9818]  do_mkdirat+0x247/0x590
[  209.114618][ T9818]  ? __pfx_do_mkdirat+0x10/0x10
[  209.114633][ T9818]  ? getname_flags+0x1e5/0x540
[  209.114646][ T9818]  __x64_sys_mkdirat+0x87/0xa0
[  209.114662][ T9818]  do_syscall_64+0xfa/0xfa0
[  209.114678][ T9818]  ? lockdep_hardirqs_on+0x9c/0x150
[  209.114694][ T9818]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.114705][ T9818]  ? exc_page_fault+0xab/0x100
[  209.114721][ T9818]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.114733][ T9818] RIP: 0033:0x7fc533d8de97
[  209.114752][ T9818] Code: 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  209.114763][ T9818] RSP: 002b:00007fc534c1ce68 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[  209.114779][ T9818] RAX: ffffffffffffffda RBX: 00007fc534c1cef0 RCX: 00007fc533d8de97
[  209.114787][ T9818] RDX: 00000000000001ff RSI: 00002000000000c0 RDI: 00000000ffffff9c
[  209.114796][ T9818] RBP: 00002000000002c0 R08: 00002000000007c0 R09: 0000000000000000
[  209.114803][ T9818] R10: 00002000000002c0 R11: 0000000000000246 R12: 00002000000000c0
[  209.114810][ T9818] R13: 00007fc534c1ceb0 R14: 0000000000000000 R15: 0000000000000000
[  209.114822][ T9818]  </TASK>
[  209.288063][ T9084] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  209.312533][   T34] kauditd_printk_skb: 1 callbacks suppressed
[  209.312542][   T34] audit: type=1326 audit(1764021239.457:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9827 comm="syz.4.1544" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f14f478f749 code=0x0
[  209.339347][ T5929] ocfs2: Unmounting device (7,2) on (node local)
