last executing test programs:

21m30.711328464s ago: executing program 0 (id=136):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x1000000, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mountinfo\x00')
mkdirat(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x1c0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x10008, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x104000, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x1c0)
mount$bind(&(0x7f0000002240)='./file0/file0\x00', &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x1a31406, 0x0)
mount$fuse(0x0, &(0x7f00000005c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
r1 = open(&(0x7f0000000080)='./file1\x00', 0x10b942, 0x1)
sendfile(r1, r0, 0x0, 0x80000000)

21m30.229273553s ago: executing program 0 (id=138):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ctr(cast5)\x00'}, 0x74)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000000c0)="ad00000000", 0x5)

21m29.419695429s ago: executing program 0 (id=143):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x44, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}, @NL80211_ATTR_MAC={0xa, 0x6, @from_mac}, @NL80211_ATTR_AUTH_TYPE={0x8}, @NL80211_ATTR_WIPHY_FREQ_HINT={0x8, 0xc9, @random=0x171b}]}, 0x44}}, 0x0)

21m25.410234755s ago: executing program 0 (id=148):
syz_mount_image$nilfs2(&(0x7f0000000080), &(0x7f0000000040)='./file2\x00', 0x3200400, &(0x7f0000000c00)=ANY=[], 0x1, 0xa76, &(0x7f00000000c0)="$eJzs3U2MG1cBAOA33vUmmwTilIQuSWgTftry091ms4SfCJqquRA1FbdKEZcoTUtEGhCpBK0qkeTEjVZVuPIjTuVQAUJqLyjqiUslGolLxaFw4EAUpEocoJC4iv2e136xNfb+2V5/n/T89s0bz3szOx6PZ+a9F4CJVWm8Li3NFSFcffPV4/984B+zd6Y82pqj1nidbktVQwhFTE9ny3tvqhnfev+lM93iIiw2XlM6PHmz9d7tIYRL4UC4Fmph79Xrr7y9+MTJyyeuHHzntaM31mftAQBgsnzr2tGlPX/7875dH7x+37GwpTU9nZ/XYnpHPO8/Fk/80/l/JXSmi7bQbiabbzqGSjbfVJf52supZvNN9yh/JltutZW/r2O+LSXlT7VN67beMM7SflwLRWW+I12pzM83f5OHxu/6mWL+wrnzz1wcUkWBNffv+0MIB4RBQ71e/3FjA45AXdY/3KgPvw7CeoT6zmEfgQCa8vuFd7mUX1lYndbSpvsr/+Zjle7vhzWw0fu/8ser/F9fjuWf+uu61oPJsFm/v9J6pc/RjpjO7yPkzy8N+vlPy5uKL9PZ8sv0uo8wLvcXetVzaoPrsVK96p/vF5vV12OctsM3svz2z0/+Px2X/zHQ3X8m7Pr/gRGow6YO1RGog9B3qA/7AASMrOXn5prqUcrPn+vL87eU5G8tyZ8tyd9Wkr+9JB8m2e+f/2l4uVj+nZ//ph/0eli6zvaRGH90wPrk1yMHLT9/7ndQqy0/f54YRtkbp586+5WnT11vPv9ftPb/23F/PxDTtfjZuhZnSNcL8+vqrWf/a53lVHrMd09Wn3TcqGxJ89ebJe7unK/Yvbyc0Hacuasec53v29lrvv2d89Wy+WZj2JrVNz8/2Za9L51/pONq2l7T2fpWs/WYyeqRjiu7YpzXA1Yi7Y+9nv9P++dcqBbPnDt/9pGYTvvpn6aqW+5MP9S+0N9sTN2B1em3/c9c6Gz/s6M1vVppPy7sXJ5etB8Xatn0xWaydZs8TT8c0+l77jtTs43p82e+d/7ptV55mHAXX3jxu6fPnz/7A3+kP2ZtFn/4Y9hHJmC9LTz/3PcXLr7w4sPnnjv97Nlnz144fOTI4cXFI189vLTQOK9faD+7BzaT5S/9YdcEAAAAAAAAAAAA6NcPTxy//pe3vvxus/3/cvu/1P4/Pfmb2v//JGv/n7eTT+3gUzvAXV3yG+PuvdFZj5lsvmoMH8vquzsrZ0/2vo/HuDWOX2z/n9rb5/26pvrcm03P++9N82XdCdzVX8pM1gdJPl7gp2J8Jca/CjBExWz3yTHu6N863N2/ddrXU/8U+qUYT+n/lvaG1I9Jav/dq1+ndPzftQF1ZO1tRHPCYa8j0N2/Rr7/77Yz8aHXZQKC7TxRoV43igcwGoY9/me67pniC3/85tY7Ic1287HO42XefymsxqiPP6n8URj/s1izSrTGv+vr+Neld/WOfp77H13hvz+/8W5bsWFvv8ffy9mqp36gd5eX2e6DWH5a/wdDf+XXf5mVn98Q6tP/svK39Vn+Xeu/f2Xl/z+WnzbbQ5/ut/xmjYtKZz3y68bp/l9+3Ti5la1/6ttz4PVf4UCNt2P5MMl6jzPb7wi2o2ko4/92uT+6UvlzGF+K6XQgTM855N/Ig9Y/PV+Rvgf2ZMsvSr7fxmWc4l4mffzfr8W47POQxv9N+2OtS7rSlq522bbjvq/AZvPeyN//G7NwaQTqIIxomB2BOnSGer2+vhe0Sgy1cIa+/Yd993nY5Q97+5fJx//Nz+Hz8X8r2Q+IfPzf/P35+L95fj6+Xp6fj/+bb898/N88/95sufkV7LmS/E+U5O8tyd+3nD/bLX9/yfs/WZJ/MMRzkh7595W8//6S/HtK8qdK8j9Tkv/ZkvwHSvIfKsn/XEn+Zpfao0zq+sMky9vn+fzD5Ej3f3p9/neX5APj62evH3r81O++XWu2/59p/V5L9/GOxXQ1/nb+UUzn971DW/pO3lsx/fcsf9Svd8AkyfvPyL/fHyzJB8ZXes7L5xsmUNG9x55++63qdZ7PePl8jL8Q4y/G+OEYz8d4IcaHYry4QfVjfTz+2z8cfblY/r2/M8vv93nyvD1Q3k/U4T7rk18fGPR59rwfv0GttvwVNgcDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYmkrjdWlprgjh6puvHn/q5LmFO1Mebc1Ra7xOt6WqrfeF8EiMp2L8i/jHrfdfOtMe345xERZDEYrW9PDkzVZJ20MIl8KBcC3Uwt6r1195e/GJk5dPXDn4zmtHb6zfFgAAAIDN78MAAAD//+bcHCE=")
open(&(0x7f0000000180)='./bus\x00', 0xa37e, 0x0)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x400, 0x0, 0x0, 0x1, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000000000000c00002000", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x4]})
open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)

21m24.752594528s ago: executing program 0 (id=151):
r0 = openat$dlm_monitor(0xffffffffffffff9c, &(0x7f00000001c0), 0x20081, 0x0)
write$P9_ROPEN(r0, &(0x7f00000002c0)={0x18, 0x71, 0x2, {{0x40, 0x2, 0x4}, 0x5}}, 0x18)

21m23.99554705s ago: executing program 0 (id=154):
syz_mount_image$udf(&(0x7f00000000c0), &(0x7f0000000180)='./file0\x00', 0x4080, &(0x7f00000001c0)=ANY=[@ANYBLOB='lastblock=00000000000000000000,umask=00000000000000000000002,dmode=00000000000000000077777,novrs,shortad,shortad,undelete,iocharset=cp437,shortad,umask=00000000000000000000006,dmode=00000000000000000000002,nostrict,uid=', @ANYRESOCT=0x0, @ANYRES16], 0x2, 0xc36, &(0x7f0000002540)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIRRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2SEmV9Pjb13Z19b/a9eeMZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr56+qz7PwA8Vq75/38AAAAAAAAAAAAAADjoUhTxZKSYvbKaxqr3HfXL7b7bd0aHhreudiRVNQ9V5cuf+pmz585/6YXBC9283J7+gPp77bPx2si1S42XZ27Nzk3Oz09ONEan2+MzE5M73sNu6292sjoAjVuv3564cWO+cfb5cxs+vjPwfv8TxwcuDj576plu2dGh4eGR9SL13vK1+25Ix3YzPA5HEacixXPf+2lqRUQRuz8W9Qc79psdqTpxsurE6NBw1ZGpdmt6ofzwavdAFBGNnkrN7jHaeiyi1vdA+7C9ZsRi2fyywSfL7o3MtuZa16cmG1dbcwvthfbM9NXUaW3Zn0YUcSFFLEXESv+9u+uLImqR4jvHVtP1iDjUPQ5frCYGb9+OYh/7uANlOxt9EUvFIzBmB1h/FPFqpPjZOydiPF9nqmvNFyJeLfMHEW+V+VJEKk+M8xHvbXEe8WiqRRF/WY7/xdU0UV0PuteVy19rfGX6xkxP2e515SPeH+65Ujyk+8ORTflgHPBrUz2KaFVX/NV0/7/ZAQAAAAAAAAAAAAAAAGCvHYkiPhMpXvmPP6nmFUc1L/3YxcE/HPjV3jnjT3/Ifsqyz0fEYrGzObmH88TAq+lqSg95LvHjrB5F/Gme//eth90YAAAAAAAAAAAAAAAAAACAx1oRP4kUL757Ii1F75ri7embjWut61OdVWG7a/9210xfW1tba6RONnOO5VzMuZRzOedKzihy/ZzNnGM5F3Mu5VzOuZIzDuX6OZs5x3Iu5lzKuZxzJWfUcv2czZxjORfLrK93dDlvX8kZB2TtXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAj5MiivhFpPj2N1ZTpIhoRoxFJ5f7H3brAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBSfyri+5Gi8UfNu9tqEZGqfztOlL+cj+bhMj8ZzcEyX4rmpZytKmvNbz2E9rM7famIH0eK/vrbdwc8j39f593d0yDe+ub6u8/WOnmo++HA+/1PHD92cXD4N57e7nXaqgEnL7enb99pjA4ND4/0bK7lb/9kz7aB/L3F3nSdiJh/483XW1NTk3P3/6I8BXZR/RF6kWqPS08f1ovFvTgh9+5F1A5EMx5O33kMlPf/9yLF7777n90bfuf+X49f6by7e4ePn//Z+v3/xc072uH9v7a5Xr7/l/f0re7/T/ZsezH/bqSvFlFfuDXbdzyiPv/Gm6fat1o3J29OTp8/ffrLg4NfPne673BE/UZ7arLn1Z4cLgAAAAAAAAAAAAAAAIAHJxXx+5Gi9ePV1IiIO9V8rYGLg8+eeuZQHKrmW22Yt/3ayLVLjZdnbs3OTc7PT040Rqfb4zMTkzv9uno13Wt0aHhfOvOhjuxz+4/UX56ZfWOuffOPF7b8/Gj90vX5hbnW+NYfx5EoIpq9W05WDR4dGq4aPdVuTVdVr245mf6j60tF/FekGD/fSJ/P2/L8/80z/DfM/1/cvKN9mv//iZ5t5XemVMTPI8Xv/NXT8fmqnUfjnmOWy/1dpDh54XO5XBwuy3Xb0HmuQGdmYFn2/yLFP/1iY9nufMgn18ue2fGBfUSU438sUnz/L74bv5m3bXz+w9bjf3TzjvZp/J/q2XZ0w/MKdt118vifihQvPfl2/Fbe9kHP/+g+e+NELnz3+Rz7NP6f6tk2kL/3t/em6wAAAAAAAAAAAI+0vlTE30eKHw7X0gt5207+/t/E5h3t09//+nTPtom9Wa/oQ1/s+qACAAAAwAHRl4r4SaS4ufD23TnUG+d/98z//L31+Z9DadOn1Z/z/Vr13IC9/PO/XgP5e8d2320AAAAAAAAAAAAAAAAAAAA4UFIq4oW8nvpYNZ9/Ytv11JcjxSv/81wul46X5brrwA9Uv9avzEyfujQ1NTPeWmhdn5psjMy2xifLuk9FitW//VyuW1Trq3fXm++s8b6+FvtcpBj+h27Zzlrs3bXJn1ove6Ys+4lI8d//uLFsdx3rT62XPVuW/ZtI8fV/2brs8fWy58qy340UP/p6o1v2aFm2+3zUT6+XfX58ptiHUQEAAAAAAAAAAAAAAAAAAOBx05eK+PNI8b+3lu7O5c/r//f1vK289c2e9f43uVOt8z9Qrf+/3ev7Wf+/eq7A4nbfCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH08pingzUsxeWU3L/eX7jvrl9vTtO6NDw1tXO5Kqmoeq8uVP/czZc+e/9MLghW5+cP299pl4beTapcbLM7dm5ybn5ycnGqPT7fGZickd72G39Tc7WR2Axq3Xb0/cuDHfOPv8uQ0f3xl4v/+J4wMXB5899Uy37OjQ8PBIT5la331/+z3SNtsPRxF/HSme+95P0w/7I4rY/bH4kHNnvx2pOnGy6sTo0HDVkal2a3qh/PBq90AUEY2eSs3uMXoAY7ErzYjFsvllg0+W3RuZbc21rk9NNq625hbaC+2Z6aup09qyP40o4kKKWIqIlf57d9cXRbweKb5zbDX9a3/Eoe5x+OKVka+ePrt9O4p97OMOlO1s9EUsFY/AmB1g/VHEP0eKn71zIv6tP6IWnZ/4QsSrZf4g4q3ojHcqT4zzEe9tcR7xaKpFEf9fjv/F1fROf3k96F5XLn+t8ZXpGzM9ZbvXlUf+/vAgHfBrUz2K+FF1xV9N/+6/awAAAAAAAAAAAAAAAIADpIhfjxQvvnsiVfOD784pbk/fbFxrXZ/qTOvrzv3rzpleW1tba6RONnOO5VzMuZRzOedKzihy/ZzNMutra2P5/WLOpZzLOVdyxqFcP2cz51jOxZxLOZdzruSMWq6fs5lzLOdizqWcyzlXcsYBmbsHAAAAAAAAAAAAAAAAAAB8vBTVPym+/Y3VtNbfWV96LDq5bD3Qj71fBgAA//8dq/O8")
unlinkat(0xffffffffffffff9c, &(0x7f0000000c40)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000240)='.\x00', 0x0, 0x2200020, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000180)='./file5\x00', 0x61c0, 0x700)
rename(0x0, 0x0)

21m23.524249098s ago: executing program 32 (id=154):
syz_mount_image$udf(&(0x7f00000000c0), &(0x7f0000000180)='./file0\x00', 0x4080, &(0x7f00000001c0)=ANY=[@ANYBLOB='lastblock=00000000000000000000,umask=00000000000000000000002,dmode=00000000000000000077777,novrs,shortad,shortad,undelete,iocharset=cp437,shortad,umask=00000000000000000000006,dmode=00000000000000000000002,nostrict,uid=', @ANYRESOCT=0x0, @ANYRES16], 0x2, 0xc36, &(0x7f0000002540)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIRRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2SEmV9Pjb13Z19b/a9eeMZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr56+qz7PwA8Vq75/38AAAAAAAAAAAAAADjoUhTxZKSYvbKaxqr3HfXL7b7bd0aHhreudiRVNQ9V5cuf+pmz585/6YXBC9283J7+gPp77bPx2si1S42XZ27Nzk3Oz09ONEan2+MzE5M73sNu6292sjoAjVuv3564cWO+cfb5cxs+vjPwfv8TxwcuDj576plu2dGh4eGR9SL13vK1+25Ix3YzPA5HEacixXPf+2lqRUQRuz8W9Qc79psdqTpxsurE6NBw1ZGpdmt6ofzwavdAFBGNnkrN7jHaeiyi1vdA+7C9ZsRi2fyywSfL7o3MtuZa16cmG1dbcwvthfbM9NXUaW3Zn0YUcSFFLEXESv+9u+uLImqR4jvHVtP1iDjUPQ5frCYGb9+OYh/7uANlOxt9EUvFIzBmB1h/FPFqpPjZOydiPF9nqmvNFyJeLfMHEW+V+VJEKk+M8xHvbXEe8WiqRRF/WY7/xdU0UV0PuteVy19rfGX6xkxP2e515SPeH+65Ujyk+8ORTflgHPBrUz2KaFVX/NV0/7/ZAQAAAAAAAAAAAAAAAGCvHYkiPhMpXvmPP6nmFUc1L/3YxcE/HPjV3jnjT3/Ifsqyz0fEYrGzObmH88TAq+lqSg95LvHjrB5F/Gme//eth90YAAAAAAAAAAAAAAAAAACAx1oRP4kUL757Ii1F75ri7embjWut61OdVWG7a/9210xfW1tba6RONnOO5VzMuZRzOedKzihy/ZzNnGM5F3Mu5VzOuZIzDuX6OZs5x3Iu5lzKuZxzJWfUcv2czZxjORfLrK93dDlvX8kZB2TtXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAj5MiivhFpPj2N1ZTpIhoRoxFJ5f7H3brAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBSfyri+5Gi8UfNu9tqEZGqfztOlL+cj+bhMj8ZzcEyX4rmpZytKmvNbz2E9rM7famIH0eK/vrbdwc8j39f593d0yDe+ub6u8/WOnmo++HA+/1PHD92cXD4N57e7nXaqgEnL7enb99pjA4ND4/0bK7lb/9kz7aB/L3F3nSdiJh/483XW1NTk3P3/6I8BXZR/RF6kWqPS08f1ovFvTgh9+5F1A5EMx5O33kMlPf/9yLF7777n90bfuf+X49f6by7e4ePn//Z+v3/xc072uH9v7a5Xr7/l/f0re7/T/ZsezH/bqSvFlFfuDXbdzyiPv/Gm6fat1o3J29OTp8/ffrLg4NfPne673BE/UZ7arLn1Z4cLgAAAAAAAAAAAAAAAIAHJxXx+5Gi9ePV1IiIO9V8rYGLg8+eeuZQHKrmW22Yt/3ayLVLjZdnbs3OTc7PT040Rqfb4zMTkzv9uno13Wt0aHhfOvOhjuxz+4/UX56ZfWOuffOPF7b8/Gj90vX5hbnW+NYfx5EoIpq9W05WDR4dGq4aPdVuTVdVr245mf6j60tF/FekGD/fSJ/P2/L8/80z/DfM/1/cvKN9mv//iZ5t5XemVMTPI8Xv/NXT8fmqnUfjnmOWy/1dpDh54XO5XBwuy3Xb0HmuQGdmYFn2/yLFP/1iY9nufMgn18ue2fGBfUSU438sUnz/L74bv5m3bXz+w9bjf3TzjvZp/J/q2XZ0w/MKdt118vifihQvPfl2/Fbe9kHP/+g+e+NELnz3+Rz7NP6f6tk2kL/3t/em6wAAAAAAAAAAAI+0vlTE30eKHw7X0gt5207+/t/E5h3t09//+nTPtom9Wa/oQ1/s+qACAAAAwAHRl4r4SaS4ufD23TnUG+d/98z//L31+Z9DadOn1Z/z/Vr13IC9/PO/XgP5e8d2320AAAAAAAAAAAAAAAAAAAA4UFIq4oW8nvpYNZ9/Ytv11JcjxSv/81wul46X5brrwA9Uv9avzEyfujQ1NTPeWmhdn5psjMy2xifLuk9FitW//VyuW1Trq3fXm++s8b6+FvtcpBj+h27Zzlrs3bXJn1ove6Ys+4lI8d//uLFsdx3rT62XPVuW/ZtI8fV/2brs8fWy58qy340UP/p6o1v2aFm2+3zUT6+XfX58ptiHUQEAAAAAAAAAAAAAAAAAAOBx05eK+PNI8b+3lu7O5c/r//f1vK289c2e9f43uVOt8z9Qrf+/3ev7Wf+/eq7A4nbfCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH08pingzUsxeWU3L/eX7jvrl9vTtO6NDw1tXO5Kqmoeq8uVP/czZc+e/9MLghW5+cP299pl4beTapcbLM7dm5ybn5ycnGqPT7fGZickd72G39Tc7WR2Axq3Xb0/cuDHfOPv8uQ0f3xl4v/+J4wMXB5899Uy37OjQ8PBIT5la331/+z3SNtsPRxF/HSme+95P0w/7I4rY/bH4kHNnvx2pOnGy6sTo0HDVkal2a3qh/PBq90AUEY2eSs3uMXoAY7ErzYjFsvllg0+W3RuZbc21rk9NNq625hbaC+2Z6aup09qyP40o4kKKWIqIlf57d9cXRbweKb5zbDX9a3/Eoe5x+OKVka+ePrt9O4p97OMOlO1s9EUsFY/AmB1g/VHEP0eKn71zIv6tP6IWnZ/4QsSrZf4g4q3ojHcqT4zzEe9tcR7xaKpFEf9fjv/F1fROf3k96F5XLn+t8ZXpGzM9ZbvXlUf+/vAgHfBrUz2K+FF1xV9N/+6/awAAAAAAAAAAAAAAAIADpIhfjxQvvnsiVfOD784pbk/fbFxrXZ/qTOvrzv3rzpleW1tba6RONnOO5VzMuZRzOedKzihy/ZzNMutra2P5/WLOpZzLOVdyxqFcP2cz51jOxZxLOZdzruSMWq6fs5lzLOdizqWcyzlXcsYBmbsHAAAAAAAAAAAAAAAAAAB8vBTVPym+/Y3VtNbfWV96LDq5bD3Qj71fBgAA//8dq/O8")
unlinkat(0xffffffffffffff9c, &(0x7f0000000c40)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000240)='.\x00', 0x0, 0x2200020, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000180)='./file5\x00', 0x61c0, 0x700)
rename(0x0, 0x0)

18.541133453s ago: executing program 2 (id=2901):
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x20008030)
sendmsg$alg(0xffffffffffffffff, 0x0, 0x0)
r0 = socket(0x28, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
epoll_create1(0x80000)
connect$vsock_stream(r0, &(0x7f0000000000)={0x28, 0x0, 0xffffec77, @my=0x1}, 0x10)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1, 0x0, 0x0, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC_PROXY(r5, 0x0, 0xd2, &(0x7f0000000200)={@remote, @empty, 0x0, "e798888beab3af341dbec4427a73b0fbda814c5f5cd6f92215f46e0b091038f9"}, 0x3c)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73772cc9f1ba1f848480000005e140602000000000e000a0010000000028000001294", 0x2e}], 0x1}, 0x0)
setsockopt$sock_linger(r4, 0x1, 0xd, &(0x7f0000000000)={0x1, 0x27fd}, 0x8)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
read$msr(0xffffffffffffffff, 0x0, 0x0)
getsockopt$inet6_udp_int(r6, 0x11, 0xa, 0x0, &(0x7f00000000c0))
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(r6, 0x89f3, 0x0)

17.372397087s ago: executing program 2 (id=2906):
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
prlimit64(r0, 0xe, &(0x7f0000000180)={0x3}, 0x0)
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$NL80211_CMD_NEW_STATION(0xffffffffffffffff, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000003c0)={0x1c, 0x0, 0x20, 0x70bd2b, 0x25dfdbfb, {{}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x50)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000100)="1400000016000b63d25a80648c2594f917240685", 0x14}], 0x1}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, 0x0)
sendmsg$NL80211_CMD_NEW_STATION(r4, &(0x7f0000001080)={0x0, 0x0, 0x0}, 0x0)

16.371115448s ago: executing program 2 (id=2909):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route_sched(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x2c, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0x9}, {0xffff, 0xffff}, {0x0, 0x10}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000580)=@newtfilter={0x24, 0x28, 0xd27, 0x1000001, 0x0, {0x0, 0x0, 0x0, r3, {0xd, 0x9}, {0x4}, {0x0, 0xa}}}, 0x24}}, 0x4000)

15.395822777s ago: executing program 2 (id=2912):
syz_mount_image$hfsplus(&(0x7f0000000080), &(0x7f0000000100)='./file1\x00', 0x0, &(0x7f0000000340)=ANY=[], 0x2, 0x634, &(0x7f0000000480)="$eJzs3c1rXNfdB/DvHcmyxgZHeWI7fkogIoa0VNTWC0qrbuqWUlQIJaSLroUtY+Gxk0pKUUJp1De67SJ/QLrQrqtCN4WCIV23u2y1DBS6yUpdTbl37oxGtjwdxZJGTj8fc+ecM+fec3/nN/dlZoyYAP+zlmcy/ihFlmfe3CrbuzsLrd2dhQfdepLzSRrJeKdI8TApPklupbPk/8sn6+GKp+3no7Wltz/9fPezTmu8Xqr1G4O2G852vWQ6yVhdHtd4t595vKI3wzJh17uJg1E7l6R9wE+v7vcMduGZz1vgLCg6982edn1mT1WneSbr9wGdu2Lnnv1c2x51AAAAAHAKXtjLXrZyadRxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwPOk/v3/6lf/J3tPpZhO0f39/4luf5KLIwx1sInhVnvUOOlAAAAAAAAAAODkvbqXvWzlUrfdLtJI8lrVuFw9Xsx72chq1nMjW1nJZjaznrkkU30DTWytbG6uzw2x5fyhW84PGXDz2ecMAAAAAAAAAF9Cv8ry/v//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAWVAkY52iWi5361NpjCeZTDJRrred/KNbf549GnUAAAAAcApe2MtetnKp224X1Wf+q9Xn/sm8l4fZzFo208pq7lTfBXQ+9Td2dxZauzsLD8rlyXG/+68jhVGNmM53D4fv+Vq1RjN3s1Y9cyO3805auZNGtWXpWjeew+P6ZRlT8Z3akJHdqcty5r+vy5M3NsQ6U1VGzvUyMlvHVmbjxcGZOPjqbB91T3Np9L75uXwCOb9Ql0Vy8YenlvNh1Jl4NXUm5vuOvquDM5F89c9//Mm91sP79+5uzJydKR3B+Xa73a0/fkws9GXi5S99JvrNVpm40msv5wf5cWYynbeynrX8LCvZzGqm8/2qtlIfz+Xj1OBM3TrQeqt6bD49kon6delcPY4W02vVtpeylh/lndzJat6o/s1nLt/MYhaz1PcKXxnirG8c7ay//rW6Uk7wd4MnesrKvL5Y5/XD5MA1d6rq639mP0spctzXxvGv1JVyH7+uy7Ph8UzM9WXipcHHyx+qy8pG6+H99Xsr7w65v9frsjyPfnum7hLl8fJ/5YtVtQ4eHWXfS4f2zVV9l3t9jSf6rvT6/tuZOlG/h3typPmq7+VD+xaqvmt9fYe93wLgzLvw9QsTzX82/978uPmb5r3mm5PfO/+t869M5Nzfzn17fHbs9cYrxZ/ycX6x//kfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD44jbe/+D+Squ1uv5Ypd1uf/iUri9aGctRtvrrX45z793fIzrG6RxvZfIoK7fPRsxHqfy73W4fy4DbAw7aY6u0a2cidSOqjPjCBJy4m5sP3r258f4H31jr3iIXF5dmlxbfWLh5d621Ott5HHGQwInYv+mPOhIAAAAAAAAAAABgWKfx5wSjniMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwfFueyfijFJmbvTFbtnd3Flrl0q3vrzmepJGk+HlSfJLcSmfJVN9wxdP289Ha0tuffr772f5Y4931G4O2G852vWQ6yVhdHtd4t595vKI3wzJh17uJg1H7TwAAAP//UOQPsQ==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = syz_open_dev$sg(&(0x7f0000000380), 0x9, 0x8000)
ioctl$SG_NEXT_CMD_LEN(r3, 0x2283, 0x0)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
setrlimit(0xb, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
openat(0xffffffffffffff9c, &(0x7f00000002c0)='./bus\x00', 0x289c2, 0x1)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x2000044, &(0x7f0000000000)={[{@data_err_ignore}, {@journal_dev={'journal_dev', 0x3d, 0x4128}}, {@lazytime}, {@norecovery}, {@auto_da_alloc}]}, 0x2, 0x516, &(0x7f0000000500)="$eJzs3U9sI1cZAPBvJn/s3abNFnoAVOhSCgtarZ1421XVC+VUIVQJ0SOHbUi8UbT2Ooqd0oQ9ZI/ckajECU6cOSBxQOqJOxIHuHEpB6RCV6AGiYPRjMdb54831hLbbfz7SaN5My+e770dzXuzXxS/AGbW1Yg4iIjFiHg7IpaL80mxxeu9Lfu5jx/eXz98eH89iW73rX8meX12LgY+k3mquGY5In7wRsSPkmNB/xTR3tu/u9Zo1HeKU9VOc7va3tu/sdVc26xv1u/VardWb628evOV2rn19YXmbz68FBG//92XP/jjwbd+kjVrqagb7Md56nV94VGczHxEfG8cwaZgrujP4pN8+Ik+xHlKI+JzEfFi/vwvx1x+N486epu+PcHWAQDj0O0uR3d58BgAuOjSPAeWpJUiF7AUaVqp9HJ4z8XltNFqd67fae3e2+jlyq7EQnpnq1FfKXKFV2IhubM1X1/Ny/3jRr127PhmRDwbET8rXcqPK+utxsY0X3wAYIY9dWz+/3epN/8DABdc+ZNiaZrtAAAmpzztBgAAE2f+B4DZY/4HgNlj/geA2WP+B4DZY/4HgJny/TffzLbuYfH91xvv7O3ebb1zY6Pevltp7q5X1ls725XNVmsz/86e5lnXa7Ra26svx+671U693am29/ZvN1u79zq3t5qLUb9dX5hIrwCAx3n2hff/kkTEwWuX8i2zWKzXceZc/fzYmweMUTrtBgBTMzftBgBTc3K1L2BWyMcDA0v0Phg4XT5ROO69kS6fWjcUPn2uffGU/H9R590ALrYj+f+PptcOYPKeLP/vXR4uAvl/mF3dbmLNfwCYMXL8QHJG/eDv/1e6Awej/f4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALqSlfEvSSrEW+FKkaaUS8XREXImF5M5Wo74SEc9ExJ9LC6XseDUirBsEAJ9l6d+TYv2va8svLR2vXSz9p5TvI+LHv3jr5++udTo7qxGLyUePznfeK87XptF+AOAs/Xm6P4/3ffzw/np/m2R7PvxOb3HRLO5hsfVq5mM+35fzXMPlfyXFcU/2vjJ3DvEPHkTEF07rf5LnRq4UK58ej5/Ffnqi8dMj8dO8rrfP/i0+fw5tgVnzfjb+vH7a85fG1Xx/+vNfzkeo/19//Ds8Mf6lj8a/uSHj39VRY7z8h+/mhcEBq7vcq3sQ8aX5iMP+xQfGn378ZEj8l0aM/9fnv/LisLruLyOuxWn9T47Eqnaa29X23v6NrebaZn2zfq9Wu7V6a+XVm6/UqnmOutrPVJ/0j9euPzMsftb/y0Pil8/o/9dH7P+v/vv2D7/6mPjf/Nrp9/+5x8TP5sRvjBh/7fJvy8PqsvgbQ/p/1v2/PmL8D/62vzHijwIAE9De27+71mjUd8ZdSMcfIi8kEQcT6E6vUPr1T9+YVKwxFuLT0QyFo4UkTq3K/js4gejTHpmAcfvkoZ92SwAAAAAAAAAAAAAAgGEm8cdM0+4jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF9f/AgAA//8Dx9I4")
r4 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r4, 0xc0d05605, &(0x7f0000000cc0)={0x1, @pix_mp={0x0, 0x0, 0x50323234, 0x6, 0x0, [{}, {0x0, 0xfffffffd}, {0x0, 0xfffff001}, {}, {0x8b44, 0x578}, {0x3}, {}, {0x0, 0xffffffff}], 0x0, 0x0, 0x0, 0x2}})

14.580212903s ago: executing program 4 (id=2914):
socket$alg(0x26, 0x5, 0x0)
socket$inet6(0xa, 0x1, 0xfffffff9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000003c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(0xffffffffffffffff, 0xc4c85512, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000300)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r1 = socket(0x10, 0x803, 0x0)
r2 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000080)={0xaa, 0x1})
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ff2000/0xe000)=nil, 0xe000}, 0x3})
ioctl$UFFDIO_WRITEPROTECT(r2, 0xc020aa08, &(0x7f0000000100)={{&(0x7f0000ffb000/0x4000)=nil, 0x4000}, 0x1})
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000180)={&(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ff9000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x7000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0}, 0x68)
brk(0x200000ffa000)
syz_genetlink_get_family_id$ethtool(0x0, r1)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000380)={'ip6tnl0\x00', &(0x7f0000000000)={'syztnl2\x00', 0x0, 0x4, 0x0, 0x0, 0x0, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}, @dev={0xfe, 0x80, '\x00', 0xc}, 0x80, 0x8000, 0x2000001, 0x1}})
shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x2000)

13.8720061s ago: executing program 4 (id=2917):
r0 = socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = openat$qat_adf_ctl(0xffffffffffffff9c, &(0x7f0000000000), 0x2000, 0x0)
ioctl$IOCTL_STATUS_ACCEL_DEV(r4, 0x40046103, &(0x7f0000000040)={0x1, 0x1, 0x3, 0x2, 0x6, 0x49, 0x7, 0xf7, 0x7b, 0x6, 0x7f, "d674732e09eccad282170d6cac0c034ef55994b5a86bb51693413205172f9fa6"})
bpf$PROG_LOAD(0x5, 0x0, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x3)
r5 = openat$binder_debug(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
lseek(r5, 0x851, 0x0)
mount(0x0, 0x0, 0x0, 0x1c3425, 0x0)
execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
execve(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NL80211_CMD_UNEXPECTED_FRAME(r5, 0x0, 0x4000)
sendmsg$IPSET_CMD_LIST(r6, 0x0, 0x0)
keyctl$read(0xb, 0x0, &(0x7f0000000680)=""/4096, 0x1000)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000005c0)=ANY=[@ANYRES32=0x0, @ANYBLOB], 0x58}, 0x1, 0x0, 0x0, 0x800}, 0x0)

13.793652866s ago: executing program 2 (id=2918):
r0 = epoll_create1(0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/wakeup_count', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000000c0)={0xe000001a})
preadv(r1, &(0x7f00000002c0)=[{0x0}], 0x1, 0x0, 0xa0000000)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000001c0)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
ioctl$int_in(0xffffffffffffffff, 0x40000000af01, 0x0)
socket$kcm(0x2, 0xa, 0x2)
close_range(r2, 0xffffffffffffffff, 0x0)

13.793160627s ago: executing program 5 (id=2919):
r0 = socket(0x23, 0x5, 0x0)
sendmsg$IPVS_CMD_SET_SERVICE(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4040000}, 0x40)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6a72c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$inet6(0xa, 0x3, 0x87)
setsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, 0x0, 0x0)
mount(0x0, 0x0, 0x0, 0x81000, 0x0)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x89f0, 0x0)
r5 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r5, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x20000}}, {{0xa, 0x0, 0x40000, @dev={0xfe, 0x80, '\x00', 0x26}}}}, 0x108)
syz_80211_inject_frame(&(0x7f00000004c0)=@broadcast, &(0x7f0000000800)=@mgmt_frame=@assoc_resp={{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0xfffc, @default, @val, @val={0x2d, 0x1a, {0x400, 0x3, 0x3, 0x0, {0x100000000, 0xe13, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, 0x1}, 0x8, 0xd43d8798, 0x9f}}}, 0x3c)
pipe(&(0x7f0000000140)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
vmsplice(r6, &(0x7f00000000c0)=[{&(0x7f0000000200)='=', 0x1}], 0x1, 0x0)
write$P9_RGETLOCK(r6, 0x0, 0x0)
setsockopt$inet6_group_source_req(r5, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @loopback}}}, 0x108)
socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r7, 0x8922, &(0x7f0000000440)={'syz_tun\x00', 0x101})

12.961131493s ago: executing program 2 (id=2923):
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0xa, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b01bf0000000000b7080000959700007b8af0ff00000000bfa100000000000007010000f8ffffffbfa4"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0xa, '\x00', 0x0, @fallback=0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
mprotect(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x4)
ioctl$EXT4_IOC_GROUP_ADD(0xffffffffffffffff, 0x40286608, &(0x7f0000000040)={0x31, 0x80000001, 0x1, 0x7ffffffffffffffc, 0x85, 0x52})

12.035794839s ago: executing program 5 (id=2925):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x40001e0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r3, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
r4 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000001400), 0x1, 0x0)
ioctl$SNDCTL_SEQ_THRESHOLD(r4, 0x4004510d, 0xffffffffffffffff)
r5 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=ANY=[@ANYBLOB="380000001800dd8d00000000000000000200000000000006000000000600150004000000140016"], 0x38}, 0x1, 0x0, 0x0, 0x20000000}, 0x0)

11.083187285s ago: executing program 3 (id=2927):
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000005600)='./file0\x00', 0x0, &(0x7f0000000040)={[{@compress_algo={'compress', 0x3d, 'zstd'}}]}, 0x1, 0x559a, &(0x7f0000005680)="$eJzs3X2QVWUdB/Bzd1lYZGI3BMGBFShfQEIhpVRS7kBBuDJtkjU2GQtioaAwzBI1ii04WLgam1kz5QxCiwjDUmszGmXlygyQk9PWjIPIgjLThjG9SMXEFjU2e+99Lveey+5eyVxfPh9m99zn/s7znOeeOX/c72WfcyMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACIoujgjtr/rB1ZV75+06hFt199cPSq0RNWVDWdHHWg+rzdl/absWjovuntdw6b0bH6SPX65tsu6IyiRKpfItN/3vSPX/+FufPmlIcBaz+Z3lZWdnfIdNfD6Ub/vCe7+uX/zI+iqCw2QGlmu7s0p52IHyBaXjhgj8pmbVsycEGyduvmp+ouX7J1XOFLp0t5X0+gr2Suq45T11Iy9bsktke2nXPpJfIu0XT/+AX3prwIAOB1mVST2mTfjmbe4mbb9fF6rJ2MtRtj7fAOoTG3cSbS4/bvbp5j4vU+mmcyHRUGdDvPWD1z/rPtmnj/WDsWNV7HPPN3zUSa8u7muSxW76t5AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALyVvFa3Ys34z714sOyX549bvfLk4WvLL3zoq/8uWXrzS68dqlnzl7ah+6a33zlsRsfqI9Xrm2+7oDOKKlP9EunuiWknXr1kYvWcUeuf+N7ETc+OP16aGTds++XsHO0PD66siKIFOZWOMOzRwVFUk19INaPvFhZuTT2YHQoAAAC8k5yb+l2SbafjYFleO5FKk4nUvyAdFstmbVsycEGyduvmp+ouX7J13JmPV9PNeMnTjpdtV576SeQE4xB/4+OdqoddlxeM07P4iPE8P+X5l1+oGHHtT5+pOu+mlde/NPKax9tmfnP48UX7K+8YtGrc2CsK8n9lz/k/nDn5HwAAgP+F/B8fp2e95f/PzK+75Y5HvnJszD2HVw66+8H9G4eVH7nplsn7/jj8hosvvqz2xoL8PybvkAX5P8w45P+S6MzyPwAAALyV/b/zf7JgnJ71lv/bhzff/MB7Di2sbOt4evtlK/b0X3j1RUMOPHTR3In3XjdozPkNBfl/UnH5v1/utMOTz4UJL66IoknFn1QAAAAgT/h/91MfLYS8nv7kIJ7XW+dtGd3y6swvTxj78KH6P1Vtnvj5jUMe37lh5jd2PXf3/RPbzi7I/8ni8n/Zm/NyAQAAgCI0HTpnxNBPJ38e3X/01vnf/+yuR+9b+sWrLtnbOWvC2l9UP72jviD/1xSX/wf0zcsBAAAATuPE+GsW/mPnkd9e1/yJ+5qO/v5Lq0p/NaNp9/62hqZ/bh81e/XkgvxfW1z+Pyuzzax8SHfaE/4K4VsVUVTe9WBZurA3apyWLQAAAABvkJDT75ryfMm9A6edu2Xub06Me+KFPZ/aN3vxhnPWTGp69n2tiz9y4WMF+X9Zz/f/D3c6COv/8+7/V7D+P6eQvuvfVDcGAAAA4N2ocD1/uD1++psLuvv+/WLX///w6xv+mqiqf/ID8342q/P9zT/Z2zr1wZNVf5hz/OGW5MgnL32xIP/XF5f/S3O3b+T3/wEAAMAZeLt9/9+NBeP0rLf7/7c980j1o1d+6GtXza2buuN3H77iz68Mn9qwPXpl+UfbFx342K5fF+T/xuLyf9gOyn15reH83FMRRSO6HmTuJrgtTHdxrNBSllNIn/hYj7mhR6bQMiCnkLIs1uODFVE0tutBfazw3lBojBWODc4UNsYKbaGQuR6yhR/ECq3hSvvO4Mx044Ufh0JmgUVLWEExKLskItbj79316Cqctkd79uAAAADvKiE8Z7JsWX4zikfZlkRvO5zV2w4lve1Q2tsO/WI7xHfs7vmoNr8Qnv/Rt294ecBdD2yom7Jl04KqhrPX/euxyZNuX7Z2Z93SziF/W7euIP9vLC7/h1PRP73pbv1/FNb/Z77XMLv+vzYUKmOFllCoid8xoCYcIx12G8IxKmsyPY6NyBYAAADgHS18LlDax/MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/7J373FW1nXiwL8zzIUZhplRMS+RISaKwTCMKYaZID/TnwQOq6WFJgSDjgxCXEzQTUTd1VzB2+ZtE0jdtIwoNbVUeGnekspLsKl5SfHSK41lS5Js133NnPM9nPOcOc5BQBn3/f5jzvecz/f6nMuc7/M85/sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/N2z85GVfeHmfj/xg3cKBi1eP+krfI4cMn3DMNTceu/jhb0/e777f//8+aw575sydR60955XRi245de+3QmjuKFeSKl5y6F/XNQwePabvotuvGbz0kYF/qUjXm46HXu1/StN3zoutru0dwh0lIZQlA4NrUoHy9P2aWF/fmhB2CJsCmRIt1akSyYbDA1UhLAmbApmq7qoKoSYrcOwT9624uD1xRVUIe4cQKpNtPFuZaqMqGRhQkQpUJwPTy1KBv76TkgncWZoKwBaLb4bMi355c26G+s7LFXj9lW+1jn2wksPrERP1hfO9MXIbdypLRfKB5i162vKqY5vIe3us9G7rBu+2vO18iact+4tU+hvKO5tClaF0csuUiXPaZsdHSkNDQ49CNW2j5/np9WdN2px0t3kdxg7Ub5XX4aoLe49d/OhRw2+tG35Dn0ELN25pNwtt3m2tMqRfc93meYxG+DzpBm+/vG9J/XzpCiHsf9v42798wcs3L7h87K4HPbHTsDc+u/vdLT+75YTxxx++fsVXf//jvPl//bvP/+PLOd6W5uSOrb5dm5qbx0dqYmJdbWpuDgAAAN1Gd9hr+srq/5722X3HDX185OrqW2+659SL7/v8tT9r3a/t4bE77fj8vvN+lDf/71fc8f94yL8me7QrQxjRkTi3LoRdOx5PBW6O3flqXQh7dqSacwMjE4GVIezWkRiYqSpRomcs0S8ReLU2HRiRCDwYA82JwI0xcEkicF4MLE8EJsXAykTgsBgIrbnj2K82PY6iA1UxMCG1EZfHsxD+XBtbS2yrZzJVAQAAbCXp2WF57t2scx22NEOcXi6v6ipDPAO7YIbKRA3JGWxmWlWwhrKuaijtqobMuOe/+/Dzai7pqua80zBKcjNcWXXLpT8aNumNu2e8tOG0Iz7x2quP1S/96afXXfPGU9Mr79/j8ofz5v+N7z7/r+ykIyV5x/9DGNfxN+YuTUfaMvEJzTkZAAAAgC3w1sADvvydsq/NfeH3jwz75K+vfez1lQ9/dO8zb1v7/Bk/+NZ3au4fnTf/H1Hc+f9xn0iPrMxhVdwNMbUuhMbcQKrag/MDqaPevdIBAAAA6A4yx+Mzx8Jb07epU7ST8+n8/M2bmT8e+B/Raf7131p2/Y6feGT2Q7W3zXhqw+NfWTl64bEz3xh05dmP7HvoQU+N/Gze/L+5uPP/q3NvU514MPbi8roQemYFHoq9bA906BcDLxyaG0iP/8G4AS6KVaVPTMhUdVEsMSEGGhOBJYVKPJYpsWtuIP1kZRo/NzOO1nSJrAAAAAC87+LugHhcPp7/v2LBXZf9x41/umzVgUtnnzz98de+V1H5zknL7zyxzwX39li008hJefP/CZt3/n/HPDjv9P62XiEMKQuhR/KHAauqUwsDxkBNSTpxT3Wqrh7JqhZUh3Bw+8CSVb2YXv+/LLnG4JNVqapiYNf+N60f0J64oSqEIdmBNeOXHtCemJMIZBr/YlUIH28fbbLxn/RMNV6ebPyqniHskRXIVDWpZwjtjVUkq7q/Mn0dg2RVyytD2CkrkKlqWGUIcwMA3VX8Xzo5+8FZc+dNndjW1jJzGybiTvyqMKW1raVh0vS2yZUF+jQ50eecdYzOyR9TsZe++V16jaLVx0ytKyad+aFgY3Zb6R35eWcOpu/HL0PlHeNsKs+5u39yyPvuld9EyPoqVWjIpdt4yNXZlWx6EvPqj/krQq/Qc86slpkNZ0ycPXvm0NTfYrM3pf7G40ypbTU0ua2qO+tbES+PgstlJbzXbTUgu5Ihs6fNGDJr7rzBrdMmntxycstpwz7VNKxp6P5NjUPaB5X+28VIB3RWc2Kk7ywtclhbcaS7l2VV8n58aEhISHS3xE2Xj39m0UcXV3538UmXPHH++WefcvrOt1057ft9p48fdOXnlkz9et78f8a7z//jp0784E+vz1Do+H99PMyfenzTYf4JMbCk2OP/9YWO5mdODOiXCMyPgfkO8wMAAPDhEHdHxr2Zcad07SvfOP1/Tjii9NA/HP2LpqGDdrnw1qkDbnx94+kf23vekmvLKvKv/ze/uN//b6X1/zNL1x9VaJn/gbFEY6H1/5PL/GfW/59faP3/5DL/mfX/l3wA6//PyQQSm+TP1v8HAAA+DN6/9f+7XN4/eYGAvAxdLu+fvEBAXoYul/Ev9gIBm73+/89/XrbDx47YrW/ZF56YuNedB/7mpGkP7vKjUVev+3RT/TfPWPPzZXnz/0uKm/9buB8AAAC2Hyfs+6UBC14a8vVzpj/ww8Ezdn7purOfH3HPL4/75MYxfddVr+v76bz5/5Li5v/v//p/odD5//0KBZoLLQxo/T8AAAC6qULr//3t42d987p+O24Y1O/M29+6emrJ8L2fO/XXbRc9NOrwj435xyWTrs2b/y8vbv4fT7sozckde/N2bWpNu5Bc025dbeYnAwAAANA9lIaGhvIi8+YsjDryvbf5dHop0HdLZ9vtE6vWnHvvdX8fcvP5C9Ydf3rtQUf+oeyQOydf99KCU/boX/Pc2rz5/8ri5v85v8tYdWHvsYsfPWr427fWDb+hz6CFGzcd/wcAAAC2nWL3SwAAAAAAAAAAAAAAAB+8Y1b95Kz/+uWY4+4cNu/qR3d+/OT//PqsM1on/aLtiHUHPLv0hk/tk/f7/zCuo1yh3//H6/7F3xf0yckdW+16/b/0/WNHL5vbsWThqtoQ9soOTF0wdYeQvjb/PtmBFScO3KU9sSBZ4u7nDnu5PXFSMnDk4B03tCc+kwhMiIsk7pYMxKsqbuidCMTlFZ9MBuL2WJ4MVKQDF/ZOjaMkua3+UJPaViXJbfV0TQh1WYHMtrqjJtVGSXKAVyQCmQF+LRmIAxybDpQme7WsV6pXMVATiy7uleoVAADbrfgtsDxMaW1raYxf4ePt7mW5t1HOkmXn5FdbUmTzv0svTbb6mKl1xaR7JL+LbrrWeHmobB/C0Lyvq9lZSjpGuXVq6WLT9Skw5K5WeystUC5pczddReERVaVG1DBpetvk8i4Hvn/XWZrKuswyNG+yk52ltGOTFlFLEX0pYkRFbpsiuhzvl4aGhh6JXMNjsD7k6OoVUezv9bPX+Sv0KsjOs3zUQQOOW/bcgRMWPXnQtKnhI5e9M2Li5FmHXPHiU0vnjxw0oUfe/L++uPl/Zfa4NqQvBjA/Xlnv4LoQJhQ5IgAAAPjwO+W05y674P5LX32hecDL04dcuuK3c6+aV1Z783mHP3336W+OX3jSlsYHDHtj6Kl3/ebcjU2jHrqy99X3X7PTkXU//H/Vvea+tWLQmy/cvVfe/L9fcfP/uAcrfSg4tbdjZbz+/7l1IXRcWr8+Fbg5DverdSHs2ZFqjiVSF9Q/KpZoTAVujjtMBsYSE5pzq+oZA8sTgVdr04GVicCDMZDeS3FTSO/KubQ2hAM6UuNyS8yIJeoTgaNjoF8i0BADjYlA7xgYkQi83jsdaE4EHo2B0Jq7rW7tnd5WAAAAmyM9zyrPvRuS87zlZV1lKOkqQ3VXGUq7ylDZVYZCo4j3fxwzlCdOXinJylSerLUqUUtehngx/M3uV16G8FhuzmTBvKbj+QeZ8w1KcjNccWbF9Dc/33/R8UPGrB/ftPhzc38a/uHtOW9d8OYvz6977pqNJXnz/8bi5v/Vubep1h+M8/9N1/9LBR6K3bs8njreLwZeODQ3kN4x8GCc7F6Uqao5XSI9ab8olhgRA/0SgRkxMCIRmDAuHViyS24gPdPONH5upvHWdImsAAAAALzv4g6CuJsmzv+fXTv+iWnjf3vQZX1nLzx/+VFffvrXx736i3t73v3d/osebitZuzpv/j+iuPl/bK9XdmPnxd6s7R3CHSWbepMJDK5JBeJ+jJr48/i+NSHskLWDI1OipTpVoiLRcHigKvUL9YpkVXdVpdYYiPePfeK+FRe3J66oCmHvrL0vmTaerUy1UZUMDKhIBaqTgellqUDc85MJ3FmaCsAWy+wVjC+o9KkuGfWdlyvw+vuwXBM0Oby8faCd5OvsN1fbSmXygfQ+1YzNe9ryqmObyHt7rPRu647vtnrvtuwvUulvKO9sClWG0sktUybOaZsdH8n+JWuebfQ8Z/9KtZj0Vngdzn/vve1aZbIDjYmPj8bOy3X+OiyJ1a26sPfYxY8eNfzWuuE39Bm0cGPR3Sgg/lB45rCr6rM377ZWGdKvuW73edLs86Q7/hvo52kLIYy7d+xFjYfcuHDSiP7X73xH7fDLvzT4lkMbnx1XM2eXw8e89sV5efP/5uLm/2WJ2w4b48acVRfCvlkbd1Xc/KPqUp+DWYHUp+RO+YHUIfeXagt+cgIAAMDWltndkdlf0Jq+TZ0Qnpwn5+dv3sz8cX/FiE7zF9vv/lecsnL0hAN/23f8XoccvM9Zdy04er+/Tbz+tT9Wj5z0wPd+tfr6vPn/hHef//dMdNPxf8f/2UYc/+/U9r4rumfygflbtCs6rzq2Ccf/O7W9v9sc/++U4/+O/3fG8f8uOP7fqe39acv7ljTDl64Qwr9f/vm/vX3Pbv02LC393pQH5vU//rLvL1r2k52f+efH/mn69H33/FXe/H9GcfN/6/91vmhfZv2/CYXW/5tRaP2/+db/AwAAtqkCC80l53l5q/flZUiu3peXocsFArtcYtD6f5u9/t+L/3Lpgr2mjv3GiWc9dnDvR+tHrRkz6O8nvbrnmuuevHLoIyf8/dt58//5xc3/48uhV3br3WX9v37jClR1SQzMsDAgAAAA26NCOwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4YJ31xynnjVjw+J+ap39l/fLx32nd8fGHprzefMQPRy87es0pu5xyb581hz1z5s6j1p7zyuhFt5y691shtHaUK0kVLzn0r+saBo8e03fR7dcMXvrIwL9UpustT99+NCd3bPXt2hCWZD1SExPratvvbAocO3rZ3LL2xKraEPbKDkxdMHWH9sSNtSHskx1YceLAXdoTC5Il7n7usJfbEyclA0cO3nFDe+Iz6UBJsrv/1jvV3ZJkdy/uHUJdViDT3VN751aVaeOIdKA02cZ3a1JtxEBNLHpVTaqNGGiLJVp7hjCkLIQeyaoeqUxV1SNZ1U8rU1X1SFZ1dmUIB4cQypJVPV+RqqosOfLHKlJVxcCu/W9aP6A9sbQihCHZgTXjlx7QnpiZCGQaP6YihI+3v2SSjd9anmq8PNn4v5aHsEcIoSJZ4s2yVImKZIkXy0LYKSuwaSOWhTA38OEQP30mZz84a+68qRPb2lpmbsNERbqtqjClta2lYdL0tsmViT4VUpKVfuec9z72360/a1L77epjptYVky5Llyvv6HJTec7d/bf33sd+VWdXsun5yKs/5q8IvULPObNaZjacMXH27JlDU3+Lzd6U+tsjHU1tq6HdZVsNyK5kyOxpM4bMmjtvcOu0iSe3nNxy2rBPNQ1rGrp/U+OQ9kGl/26NkS59/0e6e1lWJe/H+19CQqK7JUpzPt0at/fP8bwv+ps6Wh4qOz6g86YV2VlKOka5NQY98j2O+L18TelyREPzJg55WZq6zrJ/3mRiU5aqVJaOr3V5k8Psmko7Nmm8XxoaGnoU2g71uXezN+8bW7B5n05vumLTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwv+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCjtwLAAAAAAgzN86jJ4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAD//+GI8JI=")
r0 = open(&(0x7f0000000440)='./file1\x00', 0x84242, 0x1df2a23c5997fa7f)
write$FUSE_CREATE_OPEN(r0, &(0x7f0000000180)={0xa0, 0x0, 0x0, {{0x4, 0x2, 0x5, 0x2, 0x3, 0x1, {0x400000080001, 0xff, 0x20fb, 0x8, 0xe, 0xd615, 0x9, 0x1, 0xfffffffe, 0x8000, 0x0, 0x0, 0x0, 0x5, 0x2000001}}, {0x0, 0x13}}}, 0xa0)
sendfile(r0, r0, &(0x7f0000000080), 0x7f03)

10.926926108s ago: executing program 5 (id=2928):
socket$alg(0x26, 0x5, 0x0)
socket$inet6(0xa, 0x1, 0xfffffff9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000003c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(0xffffffffffffffff, 0xc4c85512, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000300)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r1 = socket(0x10, 0x803, 0x0)
r2 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000080)={0xaa, 0x1})
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ff2000/0xe000)=nil, 0xe000}, 0x3})
ioctl$UFFDIO_WRITEPROTECT(r2, 0xc020aa08, &(0x7f0000000100)={{&(0x7f0000ffb000/0x4000)=nil, 0x4000}, 0x1})
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000180)={&(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ff9000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x7000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0}, 0x68)
brk(0x200000ffa000)
syz_genetlink_get_family_id$ethtool(0x0, r1)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000380)={'ip6tnl0\x00', &(0x7f0000000000)={'syztnl2\x00', 0x0, 0x4, 0x0, 0x0, 0x0, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}, @dev={0xfe, 0x80, '\x00', 0xc}, 0x80, 0x8000, 0x2000001, 0x1}})
shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x2000)

10.638499671s ago: executing program 1 (id=2929):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
ioctl$sock_SIOCGIFVLAN_DEL_VLAN_CMD(r0, 0x8982, &(0x7f0000000cc0)={0x1, 'pim6reg0\x00', {}, 0x3b9})

10.557479138s ago: executing program 5 (id=2930):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000600)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x6, 0x0, 0x0, 0x1f00c00e}, 0x0)
openat$vnet(0xffffffffffffff9c, 0x0, 0x2, 0x0)
sendmsg(0xffffffffffffffff, &(0x7f0000001500)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000080)="817bb97cdac2f8f819447aa4a50c293af36b43cab2641b7753df26944b52221c709e644460775e", 0x27}], 0x1}, 0x24040050)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="01090000000000000f478e"])
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x0, 0x10000, 0xb0, 0x4002004c4, 0x1000, 0x0, 0x0, 0x0, 0x5, 0x0, 0x9, 0x0, 0x7], 0xeeee8000, 0x2113c0})
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r3, &(0x7f0000000380)=ANY=[@ANYBLOB="0e00010002"], 0x8)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000003980)=[{{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000140)="661dd86d73db6c75f11a65f20fb1b06909a9fa10d887c981a9", 0x19}], 0x1, 0x0, 0x58, 0x4c001}}], 0x1, 0x0)
recvmmsg(r3, &(0x7f0000007440)=[{{0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000140)=""/53, 0x35}], 0x1}, 0x3ff}], 0x1, 0x40012040, 0x0)
ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f0000000100)={&(0x7f0000ff9000/0x4000)=nil, 0x4000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

10.4110658s ago: executing program 1 (id=2931):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f00000001c0)={0x24, r1, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r2}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x24}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)

10.28103331s ago: executing program 5 (id=2932):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000180)={0x84, @remote, 0x0, 0x0, 'lblc\x00'}, 0x2c)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
syz_usb_connect$printer(0x2, 0x0, 0x0, 0x0)
fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
getpid()
ioctl$sock_SIOCBRDELBR(0xffffffffffffffff, 0x89a2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, &(0x7f0000000100)='GPL\x00'}, 0x94)
getpid()
socket$nl_route(0x10, 0x3, 0x0)
setsockopt$packet_rx_ring(0xffffffffffffffff, 0x107, 0x5, &(0x7f0000000040)=@req3={0x20001000, 0x957e, 0x1000, 0x3a}, 0x1c)
r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r2, &(0x7f0000000040)={0x0, 0x2f, &(0x7f0000002580)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140000002500010000000000f100000006"], 0x14}], 0x1, 0x0, 0x0, 0x400048c0}, 0x0)
setsockopt$IP_VS_SO_SET_DEL(r0, 0x0, 0x484, &(0x7f0000001280)={0x20000000000084, @remote, 0x0, 0x0, 'rr\x00'}, 0x2c)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000440)=ANY=[@ANYBLOB="3c00000010000305fcffffff0380000000000000529f12a6abc76359f69715d27ae6123253539bd8f4d0b800000080c4109cc79046fa", @ANYRES32=0x0, @ANYBLOB="0000000010a001001c0012800b0001006d616373656300000c0002800500090001000000"], 0x3c}, 0x1, 0x0, 0x0, 0x8090}, 0x44000)
sendmsg$NFT_BATCH(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0104000000000000000001000000080002"], 0x50}}, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000040)="1400000028000b05d25a806f8c6394f902018000", 0x14}], 0x1}, 0x84)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x7b, &(0x7f0000000540)={0x0, 0x3bca, 0x10100, 0x3, 0x30f}, &(0x7f0000000200), &(0x7f0000000400))

10.045600539s ago: executing program 1 (id=2933):
r0 = dup(0xffffffffffffffff)
write$6lowpan_enable(r0, &(0x7f0000000000)='0', 0xfffffd2c)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
ioctl$VHOST_SET_VRING_BASE(0xffffffffffffffff, 0xaf01, 0x0)
r1 = eventfd(0xc)
ioctl$VHOST_SET_LOG_FD(0xffffffffffffffff, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(0xffffffffffffffff, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(0xffffffffffffffff, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, &(0x7f0000000e40))
ioctl$VHOST_SET_VRING_ERR(0xffffffffffffffff, 0x4008af22, &(0x7f00000002c0)={0x1, r1})
ioctl$VHOST_VSOCK_SET_RUNNING(0xffffffffffffffff, 0x4004af61, &(0x7f0000000000)=0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xf}, 0x94)

7.941451149s ago: executing program 1 (id=2934):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00'}, 0x10)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r2, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r3, @ANYBLOB="01000000000000001c0012000c000100626f6e64000000000c0002000800010005"], 0x3c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="20000000110001002dbd7000ffdbdf2500000000", @ANYRES32=r3], 0x20}}, 0x40040)

7.442200319s ago: executing program 4 (id=2935):
r0 = socket(0x23, 0x5, 0x0)
sendmsg$IPVS_CMD_SET_SERVICE(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000200)={0x0}, 0x1, 0x0, 0x0, 0x4040000}, 0x40)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6a72c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$inet6(0xa, 0x3, 0x87)
setsockopt$inet6_IPV6_XFRM_POLICY(r4, 0x29, 0x23, 0x0, 0x0)
mount(0x0, 0x0, 0x0, 0x81000, 0x0)
setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0xc, 0x0, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x89f0, 0x0)
r5 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r5, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x20000}}, {{0xa, 0x0, 0x40000, @dev={0xfe, 0x80, '\x00', 0x26}}}}, 0x108)
syz_80211_inject_frame(&(0x7f00000004c0)=@broadcast, &(0x7f0000000800)=@mgmt_frame=@assoc_resp={{{}, {}, @device_b, @device_a, @from_mac, {0x0, 0x2}}, 0x1, 0xfffc, @default, @val, @val={0x2d, 0x1a, {0x400, 0x3, 0x3, 0x0, {0x100000000, 0xe13, 0x0, 0x0, 0x0, 0x0, 0x1, 0x2, 0x1}, 0x8, 0xd43d8798, 0x9f}}}, 0x3c)
pipe(&(0x7f0000000140)={0xffffffffffffffff, <r6=>0xffffffffffffffff})
vmsplice(r6, &(0x7f00000000c0)=[{&(0x7f0000000200)='=', 0x1}], 0x1, 0x0)
write$P9_RGETLOCK(r6, 0x0, 0x0)
setsockopt$inet6_group_source_req(r5, 0x29, 0x2e, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @loopback}}}, 0x108)
socket$nl_netfilter(0x10, 0x3, 0xc)
r7 = socket$pppl2tp(0x18, 0x1, 0x1)
ioctl$SIOCSIFMTU(r7, 0x8922, &(0x7f0000000440)={'syz_tun\x00', 0x101})

5.297514942s ago: executing program 3 (id=2936):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)={{0x14}, [], {0x14}}, 0x28}}, 0x0)
syz_mount_image$nilfs2(&(0x7f0000000a40), &(0x7f0000000a80)='./file0\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="00a717cf64394a00dc299b573660f498c4d99aac48af10923f703f53e58070c2bf4575228d0e471df7101ac03b8d48a1b0fc276e395f25b63e9a27cd2ab98888989eec154d97b4dbcf"], 0x1, 0xa09, &(0x7f0000001540)="$eJzs3UuMHEfdAPDq2Z31M5/H+WyyOCaxCSThkd14vZiHBXEUX7DiiFukiIvlOMHCMQhHgkQ52D5xI1FkrjzEKZcIEBK5ICsnLpGIJS45BQ4csIwUiQME7EW7WzU7+/eMemZt73h2fj+ptqa6aqaqZ3t6erq7qhIwthpLf+fnp6uULr3z5tG/P/y3LYtLnmiXaC39nexINVNKVU5Phtf7cGI5vv7Raye7xVWaW/pb0umZa+3nbkspnU/70uXUSnsuXXnjvbmnj184dnH/+28dvnpn1h4AAMbLty4fnt/9lz/dv/Pjtx84kja1l5fj81ZOb8/H/UfygX85/m+k1emqI3SaCuUmc2iEchNdynXW0wzlJnvUPxVet9mj3Kaa+ic6lnVbbxhlZTtupaoxsyrdaMzMLP8mT0u/66eqmbOnz7xwbkgNBW67fz6YUtonCMI4hoUdw94DASyL1wtvcj6eWbg17Veb7K/+a082uj8fboP13v7VP1r1/+qCPQ63z0bdmsp6lc/R9pyO1xHi/UuDfv7L68XrEc0+29nrOsKoXF/o1c6JdW7HWvVqf9wuNqqv57i8D98I+Z2fn/g/HZX/MdDdv5z/F4SxDQvD3gEBd61439xCVvLjfX0xf1NN/uaa/C01+Vtr8rfV5MM4++3LP0mvVyu/8+Nv+kHPh5XzbPfk+P8GbE88Hzlo/fG+30Hdav3xfmK4m/3+xLOnvvL8c1eW7/+v2tv/jby978vpVv5sXc4FyvnCeF69fe9/a3U9jR7l7g3tuadL+aXHu1aXq3atvE7q2M/c1I7p1c/b0avc3tXlWqHclhw2h/bG45Ot4Xnl+KPsV8v7NRnWtxnWYyq0o+xXduY4tgPWomyPve7/L9vndGpWL5w+c+rxnC7b6R8nmpsWlx9Y53YDt67f/j/TaXX/n+3t5c1G535hx8ryqnO/0ArL53osP5jT5XvuOxNblpbPnPzemedv98rDmDv3yqvfPXHmzKkfeOCBBx60Hwx7zwTcabMvv/T92XOvvPrY6ZdOvHjqxVNnDx46dHBu7tBXD87PLh3Xz3Ye3QMbycqX/rBbAgAAAAAAAAAAAPTrh8eOXvnzu1/+YLn//0r/v9L/v9z5W/r//zj0/4/95Es/+NIPcGeX/KUyYYDVqVCumcP/h/buCvXsDs/7RI7b8/jl/v+lujiua2nPfWF5HL+3lAvDCdw0XspUGIMkzhf46RxfzPEvEwxRtaX74hzXjW9dtvUyPoVxKUZT+b+VraGMY1L6f/ca16ns/3euQxu5/dajO+Gw1xHo7h/G/xaEsQ0LC2bxAO4Ow57/s5z3LPHZP3xz82Ioxa49uXp/GccvhVtxt88/qf6NNf9ne/67vvd/Yca81trq/ffPrn7QUW3a02/9cf3LONC7Bqv/41x/WZtHUn/1L/wi1B8vCPXpP6H+rX3Wf9P6711b/f/N9Ze37dGH+q1/ucVVY3U74nnjcv0vnjcurof1L2N7Drz+a5yo8UauH8bZqMwzO6hRmf+3l3gfxpdyuuwIy30Ocb6TQdtf7q8o3wO7w+tXNd9v5v8dbV/Lcd3nocz/W7bHVpd0oyPd7PLebtR9DYyqD13/E4SxDQsLC3f2hFaNoVbO0N//Yf9OGHb9w37/68T5f+MxfJz/N+bH+X9jfpz/N+bH+fVifpz/N76fcf7fmH9feN04P/B0Tf4na/L31OTfX5O/tyb/UzX5+2vyH6jJf7Am/96a/Idq8j9Tk//ZmvyHa/Ifrcn/XE3+Rlf6o4zr+sM4i/3zfP5hfJTrP70+/7tq8oHR9dO3Dzz13G++3Vru/z/VPh9SruMdyelm/u38o5yO171TR3ox792c/mvIv9vPd8A4ieNnxO/3R2rygdFV7vPy+YYxVHUfsaffcat6HeczWj6f4y/k+Is5fizHMzmezfGBHM+tU/u4M5769e8Ov16t/N7fEfL7vZ889geK40Qd7LM98fzAoPezx3H8BnWr9a+xOxgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDQNJb+zs9PVyldeufNo88ePz27uOSJdonW0t/JjlSz/byUHs/xRI5/nh9c/+i1k53xjcV4KqUqzaUqVe3l6Zlr7Zq2pZTOp33pcmqlPZeuvPHe3NPHLxy7uP/9tw5fvYNvAQAAAGx4/wsAAP//2XsNow==")
open(&(0x7f0000000080)='.\x00', 0x0, 0x1b5)
syz_mount_image$exfat(&(0x7f0000000080), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f0000000380)=ANY=[@ANYBLOB="696f636861727365743d69736f383835392d31352c7561736b3d303030303030303030303030ba303030303030303030332c6e616d65636173653d312c7569643d00", @ANYRESHEX, @ANYBLOB=',fmask=00040000000000000000253,discard,dmask=00000000000000000000002,utf8,iocharset=macinuit,allow_utime=00000000000000000147070,\x00'], 0x41, 0x1528, &(0x7f00000037c0)="$eJzs3AuYT9X6OPD3XWvtMSS+TXIZ1lrv5ptclkmSXJLkkiRJkuSWkDTJkYTEEJI0JCG5DEkMIblMTBr3+/2SkCRNkoTklqz/M+FxOnX+p/M7/XKe37yf59mP9X73ftd+9/f9XvbeZubbrkNrNaldvRERwX8EL/yTBACxADAQAPICQAAA5ePKx2Wtzykx6T/bCftzPZh6pStgVxL3P3vj/mdv3P/sjfufvXH/szfuf/bG/c/euP+MZWebphW6hpfsu/D9/+yMv///D8ksM/bLNWWu6wYQ80dTuP/ZG/f//6zgj2zE/c/euP/ZVeyVLoD9F+D3f3aQ45+u4f5nb9x/xrKzK33/+UovEPkvew6O5LzQmL/q+BljjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMsb/AaX+ZAoBL4ytdF2OMMcYYY4wxxv48PseVroAxxhhjjDHGGGP/+xAESFAQQAzkgFjICblAAMDVkAfyQgSugTi4FvLBdZAfCkBBKATxUBiKgAYDFghCKArFIArXQ3G4AUpASSgFpcFBGUiAG6Es3ATl4GYoD7dABbgVKkIlqAxV4DaoCrdDNbgDqsOdUANqQi2oDXdBHbgb6sI9UA/uhfpwHzSA+6EhPACN4EFoDA9BE3gYmsIj0AyaQwtoCa3+R/nPQ094AXpBb0iCPtAXXoR+0B8GwEswEF6GQfAKDIZXIRmGwFB4DYbB6zAc3oARMBJGwZswGt6CMTAWxsF4SIEJMBHehknwDkyGd2EKTIVUmAbT4T2YATNhFrwPs+EDmANzYR7MhzT4EBbAQkiHj2ARfAwZsBiWwFJYBsthBayEVbAa1sBaWAfrYQNshE2wGbbAVtgG22EHfAI74VPYBbthD3wGe+HzfzP/1D/kd0NAQIECFSqMwRiMxVjMhbkwN+bGPJgHIxjBOIzDfJgP82N+LIgFMR7jsQgWQYMGCQmLYlGMYhSLY3EsgSWwFJZChw4TMAHL4k1YDstheSyPFbACVsRKWAmrYBWsilWxGlbD6lgda2ANrIW18C68C/tgXayL9bAe1sf6l25PYSNshI2xMTbBJtgUm2IzbIYtsAW2wlbYGltjG2yD7bAdtsf22AE7YCImYkfsiJ2wE3bGztgFu2BX7IrdsDt2z3w+B+AL+AL2xhqiD/bFvtgPk3MMwJfwJXwZB+Er+Aq+isk4BIfia/gavo7D8SSOwJE4CkdhVfEWjsGxSGI8pmAKTsSJOAknYVah7+JUTMVpOB2n4wyciTPxfZyNH+AHOBfn4nxMwzRcgAsxHdNxEZ7CDFyMS3ApLsPluAxX4ipciWtwLa7B9bgeN+JG3IybcStuxe24HT9BBYCf4m7cjcm4F/fiPtyH+3E/HsADmImZeBAP4iE8hIfxMB7BI3gUj+FxPIYn8ASexFN4Gk/jWTyL5/DZ+K8bf1JydTKILEooESNiRKyIFblELpFb5BZ5RB4RERERJ+JEPpFP5Bf5RUFRUMSLeFFEFBFGGEEijAEAERVRUVwUFyVECVFKlBJOOJEgEkRZUVaUE+VEeXGLqCBuFRVFJdHWVRFVRFXRzlUTd4jqorqoIWqKWqK2qC3qiDqirqgr6ol6or6oLxqI+0VD0QcH4IMiqzNNxBBsKoZiM9FcyIufYK3FcGwj2op24nExEkdgB9HaJYqnREcxBjuJv4mx+IzoIsZjV/Gc6Ca6ix7iedFTtHG9RG8xGfuIvmIq9hP9xQDxkpiBNcX7ODtnLfGqSBZDxFDxmpiPr4vh4g0xQowUo8SbYrR4S4wRY8U4MV6kiAlionhbTBLviMniXTFFTBWpYpqYLt4TM8RMMUu8L2aLD8QcMVfME/NFmvhQLBALRbr4SCwSH4sMsVgsEUvFMrFcrBArxSqxWqwRa8U6sV5sEBvFJrFZbBFbxTaxXewQn4id4lOxS+wWe8RnYq/4XOwTX4j94ktxQHwlMsXX4qD4RhwS34rD4jtxRHwvjopj4rj4QZwQP4qT4pQ4Lc6Is+IncU78LM4LL0CiFFJKJQMZI3PIWJlT5pJXydwyuPjsXiPj5LUyn7xO5pcFZEFZSMbLwrKI1NJIK0mGsqgsJqPyellc3iBLyJKylCwtnSwjE+SNsqy8SZaTN8vy8hZZQd4qK8pKsrKsIm+TVeXtEiIX9lFD1pS1ZG15l0yCu2VdeY+sJ++V9eV9soG8XzaUD8hG8kHZWD4km8iHZVP5iGwmm8sWsqVsJR+VreVjso1sK9vJx2V7+YTsIJ+UifIp2VH6iy+RZ2QX+azsKp+T3WR32UP+LM9LL3vJ3hL6gOwrX5T9ZH85IBYA5MtykHxFDpavymQ5RA6Vr8lh8nU5XL4hR8iRcpR8U46Wb8kxcqwcJ8fLFDlBTpRvy0nyHTlZviunyKkyVU6TA+TAX2aaJeW/zH/7d/IH/7L3jXKT3Cy3yK1ym9wud8hP5E65U+6Su+QeuUfulXvlPrlP7pf75QF5QGbKTHlQHpSH5CF5WB6WR+QReVQek2fkD/KE/FGelKfkKXlGnpVn5bmLzwEoVEJJpVSgYlQOFatyqlzqKpVbXa3yqLwqoq5RcepalU9dp/KrAqqgKqTiVWFVRGlllFWkQlVUFVNRdT1efMGoUqq0cqqMSlA3/jv5qri6QZVQJX+Vf6m+pH9SXyvVSrVWrVUb1Ua1U+1Ue9VedVAdVKJKVB1VR9VJdVKdVWfVRXVRXVVX1U11Uz1UD9VT9VS9VC+VpJJUX/Wi6qf6qwHqJTVQvawGqUFqsBqsklWyGqqGqmFqmBquhqsRaoQapUap0Wq0GqPGqHFqnEpRKWqimqgmqUlqspqspqgpKlWlqulqupqhZqhZapaarWarOWqOmqfmqTSVphaoBSpdpatFapHKUIvVYrVULVXL1XK1Uq1Uq9VqtVatVevVepWhNqlNaovaorapbWqH2qF2qp1ql9ql9qg9aq/aq/apfWq/2q8OqAMqU2Wqg+qgOqQOqcPqsDqijqij6qg6ro6rE+qEOqlOqtPqtDqrzqpz6pw6r85nnfYFIhCBClQQE8QEsUFskCvIFeQOcgd5gjxBJIgEcUFckC+4LsgfFAgKBoWC+KBwUCTQgQlsIC42PRpcHxQPbghKBCWDUkHpwAVlgoTgxqBscFNQLrg5KB/cElQIbg0qBpWCykGV4LaganB7UC24I6ge3BnUCGoGtYLawV1BneDuoG5wT1AvuDeoH9wXNAjuDxoGDwSNggeDxsFDQZPg4aBp8EjQLGgetAhaBq3+1Pm9P1ngMddL99ZJuo/uq1/U/XR/PUC/pAfql/Ug/YoerF/VyXqIHqpf08P063q4fkOP0CP1KP2mHq3f0mP0WD1Oj9cpeoKeqN/Wk/Q7erJ+V0/RU3Wqnqan6/f0DD1Tz9Lv69n6Az1Hz9Xz9Hydpj/UC/RCna4/0ov0xzpDL9ZL9FK9TC/XK/RKvUqv1mv0Wr1Or9cb9Ea9SW/WW/RWvU1v1zv0J3qn/lTv0rv1Hv2Z3qs/1/v0F3q//lIf0F/pTP21Pqi/0Yf0t/qw/k4f0d/ro/qYPq5/0Cf0j/qkPqVP6zP6rP5Jn9M/6/PaZ53cZ329G2WUiTExJtbEmlwml8ltcps8Jo+JmIiJM3Emn8ln8pv8pqApaOJNvCliipgsZMgUNUVN1ERNcVPclDAlTClTyjjjTIJJMGVNWVPOlDPlTXlTwVQwFU1FU9lUNreZ28zt5nZzh7nD3GnuNDVNTVPb1DZ1TB1T19Q19Uw9U9/UNw1MA9PQNDSNTCPT2DQ2TUwT09Q0Nc1MM9PCtDCtTCvT2rQ2bUwb0860M+1Ne9PBdDCJJtF0NB1NJ9PJdDadTRfTxXQ1XU030830MD1MT9PT9DK9TJJJMn1NX9PP9DMDzAAz0Aw0g8wgM9gMNskm2Qw1Q80wM8wMN8PNCDPSjMo6UTVvmTFmrBlnxpsUk2ImmolmkplkJpvJZoqZYlJNqpluppsZZoaZZWaZ2Wa2mWPmmHlmnkkzaWaBWWDSTbpZZBaZDJNhlpglZplZZlaYFWaVWWXWmDVmHawzG8wGs8lsMlvMFrPNbDM7zA6z0+w0u8wus8fsMXvNXrPP7DP7zX5zwBwwmSbTHDQHzSFzyBw2h80Rc8QcNUfNcXPcnDAnzElz0pw2p81ZU+Di96U3sTanzWWvsrnt1TaPzWv/MS5oC9l4W9gWsdrmtwV+FRtrbQlb0paypa2zZWyCvfE3cUVbyVa2Vexttqq93Vb7TVzH3m3r2ntsPXuvrW3v+lVc395nG9iHbUNEANvcNrYtbRP7sG1qH7HNbHPbwra07e0TtoN90ibap2xH+/Rv4gV2oV1lV9s1dq3dZXfb0/aMPWS/tWftT7aX7W0H2pftIPuKHWxftcl2yG/iUfZNO9q+ZcfYsXacHf+beIqdalPtNDvdvmdn2Jm/idPsh3a2Tbdz7Fw7z87/Jc6qKd1+ZBfZj22GDWCJXWqX2eV2hV15qVaf1663G+xGu9N+arfYrXab3W53XDoRtrvtHvuZ3Ws/twftN3a//dIesIdtpv36lzjr+A7b7+wR+709ao/Z4/YHe8L+qC5lZx37D/Zne956C4QEJElRQDGUg2IpJ+Wiqyg3XU15KC9F6BqKo2spH11H+akAFaRCFE+FqQhpMmSJKKSiVIyidD1dKq8UlSZHZSiBbqSydBOVo5upPN1CFehWqkiVqDJVoduoKt1O1egOqk53Ug2qSbWoNt1Fdehuqkv3UD26l+rTfdSA7qeG9AA1ogepMT1ETehhakqPUDNqTi2oJbWiR6k1PUZtqC21o8epPT1BHehJSqSnqCM9TZ3ob9SZnqEu9Cx1peeoG3WnHvQ89aQXqBf1piTqQ33pRepH/WkAvUQD6WUaRK/QYHqVkmkIDaXXaBi9TsPpDRpBI2kUvUmj6S0aQ2NpHI2nFJpAE+ltmkTv0GR6l6bQVEqlaTSd3qMZNJNm0fs0mz6gOTSX5tF8SqMPaQEtpHT6iBbRx5RBi2kJLaVltJxW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nXbQJ7STPqVdtJv20Ge0lz6nffQF7acv6QB9RZn0NR2kb+gQfUuH6Tvfm76no3SMjtMPdIJ+pJN0ik7TGTpLP9E5+pnOkycIMRShDFUYhDFhjjA2zBnmCq8Kc4dXh3nCvGEkvCaMC68N84XXhfnDAmHBsFAYHxYOi4Q6NKENKQzDomGxMBpeHxYPbwhLhCXDUmHp0IVlwoTwxrBseFNYLrw5LB/eElYIbw0rhpXCh++tEt4WVg1vD6uFd4TVwzvDGmHNsFZYO7wrrBPeHdYN7wnrhfeG5cL7wgbh/WHD8IGwUfhg2Dh8KGwSPhw2DR8Jm4XNwxZhy7BV+GjYOnwsbBO2DduFj4ftwyfCDuGTYWL4VNgxfPqX9fct/Ofrk8I+Yd/wxfDF0Pt75Lzo/Gha9MPogujCaHr0o+ii6MfRjOji6JLo0uiy6PLoiujK6Kro6uia6Nrouuj66Iboxqj3tXOAQyecdMoFLsblcLEup8vlrnK53dUuj8vrIu4aF+eudfncdS6/K+AKukIu3hV2RZx2xllHLnRFXTEXdde74u4GV8KVdKVcaedcGZfgWrpWrpVr7R5zbVxb18497h53T7gn3JPuSfeU6+iedp3c31xn94zr4p51z7rnXDfX3fVwz7uebkKeC+/JJNfX9XX9XD83wA1wA91AN8gNcoPdYJfskt1QN9QNc8PccDfcjXAj3Cg3yo12o90YN8aNc+NciktxE91EN8lNcpPdZDfFTXGpLtVNd9PdDDfDVZ15YS9z3Bw3z81zaS7NLXBZ54zpbpFb5DJchlvilrhlbplb4Va4VW6VW+PWuHVundvgNrhNbpPb4ra4bW6b2+F2uJ1up9vl816Y1O11+9w+t9/tdwfcVy7Tfe0Oum/cIfetO+y+c0fc9+6oO+aOux/cCfejO+lOudPujDvrfnLn3M/uvPMuJTIhMjHydmRS5J3I5Mi7kSmRqZHUyLTI9Mh7kRmRmZFZkfcjsyMfROZE5kbmReZH0iIfRhZEFkbSIx9FFkU+jmREFkeWRJZGlkWWR7wvvCX0RX0xH/XX++L+Bl/Cl/SlfGnvfBmf4G/0Zf1Nvpy/2Zf3t/gK/lZf0Vfylf0jvplv7lv4lr6Vf9S39o/5Nr6tb+cf9+39E76Df9In+qd8R/+07+T/5jv7Z3wX/6zv6p/z3Xx338M/73v6F3wv39sn+T6+r3/R9/P9/QD/kh/oX/aD/Ct+sH/VJ/shfqh/zQ/zr/vh/g0/wo/0o2Le9KMvXSLDeJ/iJ/iJ/m0/yb/jJ/t3/RQ/1af6aX66f8/P8DP9LP++n+0/8HP8XD/Pz/dp/kO/wC/06f4jv8h/7DP84ks3lf0Kv9Kv8qv9Gr/Wr/Pr/Qa/0W/ym/0Wv9Vv89v9Dv+J3+k/9bv8br/Hf+b3+s/9Pv+F3++/9Af8Vz7Tf+0P+m/8If+tP+y/80f89/6oP+aP+x/8Cf+jP+lP+dP+jD/rf/Ln/M/+PP/OGmOMMcbYHzLh8lD8es2F2/l9fidH/N3GfQHg6q2FMv9+fdYZ5br8F8b9RXz7CAA81bvrg5eWGjWSkpIubpshISg2F+DS/wRliYHL8WJoB09AIrSFsr9bf3/R/Sz9i/mjtwDk+rucWLgcX57/CwBM+p35H3181IIK4em4/8/8cwFKFLuckxMux4uh3S/3V9pCuX9Sf4HW/6L+nF+mALT5u5zccDm+XH8CPAZPQ+KvtmSMMcYYY4wxxi7oLyp3vnT9eeknPn/v+jxeXc7JAZfjf3V9zhhjjDHGGGOMsSvvme49nnw0MbFt539/UO1/lPWHB03hf2tmHvzuwHuAS48oAPgPJwTIGsi/8ig2/yX7Sr741vnHVcvO+AD+O1r5Zwyu8AcTY4wxxhhj7E93+aT/14+rK1UQY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDGWDf0Vf07sSh8jY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxdqX9vwAAAP//kfb+pw==")
ioctl$SNDRV_TIMER_IOCTL_NEXT_DEVICE(0xffffffffffffffff, 0xc0145401, 0x0)
pipe2(0x0, 0x80880)
fcntl$notify(0xffffffffffffffff, 0x402, 0x8000002c)
fcntl$setsig(0xffffffffffffffff, 0xa, 0x21)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000002c0), 0x4000, 0x0)
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x83)
open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000001c0)=ANY=[], 0x48)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$inet(0x2, 0x2, 0x0)
r1 = open(&(0x7f0000000180)='./file1\x00', 0x185102, 0x2b)
ftruncate(r1, 0x2007ffb)

5.037559144s ago: executing program 5 (id=2937):
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x10, &(0x7f00000002c0)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x8}}, {@prjquota}, {@auto_da_alloc}, {@nobarrier}, {@noblock_validity}]}, 0xfe, 0x4bb, &(0x7f0000001180)="$eJzs3M1vVFUbAPDnTj/4pry8vLzvy4dU0dj40dKCysLEaHSniYkucGNS20KQgRpaEiFEqjG4NCTujStj9C9wpRuirkzc6t6QECUY0IWMuXPvHaal09JhPoD+fsnAOb1n5pxnzv0495yZCWDVGkz/SSI2RsTPETGQZecXGMz+u37l7MSfV85OJFGpvPZbUi137crZiaJo8bwNeWaoFFH6MMkrmW/m9Jlj4+Xy1Mk8PzJ7/J2RmdNnnjx6fPzI1JGpE2MHDx7YP/rM02NPtSTONK5rO96b3pX0vnHhlYlDF976/qveiNi+O9teH8cdKW2oJQfTwH+vVC0s9khLKrt7bKpLJ71dbAgr0hMRaXf1VY//geiJm503EC990Oh5fZ1qINA26bVpTePNczcqwP0riW63AOiO4kKf3v8Wjw4NPe4Kl5/PboDSuK/nj2xLb5TyMu281/lfRBya++vT9BF5P/y9sY0VAgCr3jfp+OeJxcZ/pdheV25zvoayJSL+FRFbI+LfEbEtIv4TUS3733w8sxLZ0lBPLX/r+LN0qengbkM6/ns2X9uaP/7LRn+VSuVGT57bVI2/Lzl8tDy1L39PhqJvTZofXaKOb1/86eNG2wbrxn/pI62/GAvm7bjUu2CCbnJ8drxVg9LL70fs6F0s/qS2EpBExP8jYsfKXnpzkTj62Be7GhVaPv4ltGCdqfJZxKNZ/8/FgvgLydLrkyNrozy1b6TYK271w4/nX21U/x3F3wJp/6+fv/8vKDFwNalfr51ZeR3nf/mo4T1ls/t/f/J6dc26P//bu+OzsydHI/qTl6v5/nN1fx+7+dwiX5RP4x/aW4t/Tf3xvzVLXEzj3xkR6U68OyIeiIg9edsfjIiHImJvowDXRXz3wsNvNxP/Hx24D0zjn1z0/Ffb/7fM7/+VJ3qOXfy6mfgzaf8fqKaG8vNw9fy3jMbNifJUelpvem8GAACAe096P70xktJwLV0qDQ9nn+HfFutL5emZ2ccPT586MZl9R2BL9JWKma6BfD40vdseTebyV8zmR8fyueJivnR/Pm/8Sc+6an54Yro82eXYYbXb0OD4T/3a0+3WAW3n+1qwei08/ktdagfQea7/sHo1c/w/14Z2AJ3n+g+rV93x/+Wp8zuriezz03tqGxZdC1jil0OAe0P99f9MF9sBdN7y4//77ecqgUJx/C+/7ne17W0BOqvZ+b/TLW4H0FF38r3+5hP90f66+lv3grG2k2/U533d6ZQVJqK0VJk3o+MNi7vibbmNRP7Tm+duq3Cy5I9ZtDHR7TMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAa/wTAAD//9QP9q0=")
socket(0x2a, 0x2, 0xfffff864)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_SAVE(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=ANY=[@ANYBLOB="1c000000000601"], 0x1c}}, 0x0)
shmctl$SHM_STAT_ANY(0x0, 0xf, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f0000000100), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
lsetxattr$security_ima(0x0, 0x0, 0x0, 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r3, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)
setsockopt$inet6_mreq(r3, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x14)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000200)=@newsa={0x10c, 0x1a, 0x7, 0x0, 0x0, {{@in6=@mcast2, @in=@multicast2, 0xffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xee00}, {@in6=@mcast1, 0x0, 0x2b}, @in6=@private0, {0x0, 0x0, 0x2}, {0x0, 0x200000, 0x7}, {0x40000, 0x0, 0xae8}, 0x0, 0x0, 0xa, 0x2, 0x0, 0x70}, [@coaddr={0x14, 0xe, @in6=@remote}, @etimer_thresh={0x8, 0xc, 0x3}]}, 0x10c}}, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000440)=@newtfilter={0x24, 0x11, 0x1, 0x70bd28, 0x2000, {0x0, 0x0, 0x74, 0x0, {0xfffd, 0x10}, {0x1, 0xfff1}, {0xfff2, 0xd}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x30004804}, 0x840)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={0x0}}, 0x29a83a768e447add)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x13f}}, 0x20)
syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a00009040000010301010009210008000122010009058103"], 0x0)
r5 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r5, &(0x7f0000000040)={0x2, 0x4e23, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x2b)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

5.037233224s ago: executing program 3 (id=2938):
syz_mount_image$cramfs(&(0x7f0000000000), &(0x7f0000000180)='./file0\x00', 0x0, &(0x7f0000000040)=ANY=[@ANYRES16=0x0], 0xfd, 0x149, &(0x7f0000000440)="$eJzszjFLamEYwPH/0aNe79WrF7zgvUMEDYlhHo/Y1pCRJGQHCpemQE8UaIZCOFZzQx/gDEXQJA7R2JJNlkLY53ALGov3nFMRtLW+v83/8/qcZ2l+mCAKXhyLjfpe02y1zOrkmlEqrF9eXf8WPQD8sF/UI03xuKryZtsDqDA+hCpwGxahZs5WGjUxHy9AAsj/gq0dn/0f8fanaDHRambGbYkp6P11mv5Fy7rtvwr5iNM04OUMpsW+P04TX3kC2pbPvTKVvPC8n0zbmul27lYH/WIqOWEe64V/56G4l7LpBxQxf0z3Uw/pbmc0HJRWjJIxzOr6XFbLaFpuZNwPirmDE9Tl0D5sKJ/3+cWOMhwpYCnQsefjGyUM9E6fjXokEAsCu1H4uMmeKO6PKChtq7IZ99kliCRJkiRJkiRJkiR9w2sAAAD//5vOV+k=")

4.867836437s ago: executing program 4 (id=2939):
socket$alg(0x26, 0x5, 0x0)
socket$inet6(0xa, 0x1, 0xfffffff9)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000003c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(0xffffffffffffffff, 0xc4c85512, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000300)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket(0x10, 0x803, 0x0)
r4 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r4, 0xc018aa3f, &(0x7f0000000080)={0xaa, 0x1})
ioctl$UFFDIO_REGISTER(r4, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ff2000/0xe000)=nil, 0xe000}, 0x3})
ioctl$UFFDIO_WRITEPROTECT(r4, 0xc020aa08, &(0x7f0000000100)={{&(0x7f0000ffb000/0x4000)=nil, 0x4000}, 0x1})
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000180)={&(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ff9000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x7000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0}, 0x68)
brk(0x200000ffa000)
syz_genetlink_get_family_id$ethtool(0x0, r3)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r3, 0x89f1, &(0x7f0000000380)={'ip6tnl0\x00', &(0x7f0000000000)={'syztnl2\x00', 0x0, 0x4, 0x0, 0x0, 0x0, 0x1, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x1, 0x0}}, @dev={0xfe, 0x80, '\x00', 0xc}, 0x80, 0x8000, 0x2000001, 0x1}})
shmat(0x0, &(0x7f0000ffc000/0x4000)=nil, 0x2000)

4.821597071s ago: executing program 1 (id=2940):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$int_in(r1, 0x40000000af01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, 0x0)
r2 = socket$packet(0x11, 0x2, 0x300)
r3 = dup(r0)
r4 = fcntl$dupfd(r1, 0x406, r2)
ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000100)={0x0, 0x0, 0x0, &(0x7f0000000180)=""/251, 0x0, 0x4000})
ioctl$VHOST_NET_SET_BACKEND(r4, 0x4008af30, &(0x7f0000000080)={0x0, r3})
r5 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r5, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})

4.433661002s ago: executing program 3 (id=2941):
r0 = epoll_create1(0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/power/wakeup_count', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f00000000c0)={0xe000001a})
preadv(r1, &(0x7f00000002c0)=[{&(0x7f0000000100)=""/125, 0x7d}], 0x1, 0x0, 0xa0000000)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
ioctl$int_in(0xffffffffffffffff, 0x40000000af01, 0x0)
socket$kcm(0x2, 0xa, 0x2)
close_range(r2, 0xffffffffffffffff, 0x0)

3.97038314s ago: executing program 3 (id=2942):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000600)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x6, 0x0, 0x0, 0x1f00c00e}, 0x0)
openat$vnet(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
sendmsg(0xffffffffffffffff, 0x0, 0x24040050)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)=ANY=[@ANYBLOB="01090000000000000f478e"])
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x2, 0x9, 0xfffffffffffffffd, 0x0, 0x10000, 0xb0, 0x4002004c4, 0x1000, 0x0, 0x0, 0x0, 0x5, 0x0, 0x9, 0x0, 0x7], 0xeeee8000, 0x2113c0})
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r3, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
write$bt_hci(r3, &(0x7f0000000380)=ANY=[@ANYBLOB="0e00010002"], 0x8)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000003980)=[{{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000140)="661dd86d73db6c75f11a65f20fb1b06909a9fa10d887c981a9", 0x19}], 0x1, 0x0, 0x58, 0x4c001}}], 0x1, 0x0)
recvmmsg(r3, &(0x7f0000007440)=[{{0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000000140)=""/53, 0x35}], 0x1}, 0x3ff}], 0x1, 0x40012040, 0x0)
ioctl$UFFDIO_WAKE(0xffffffffffffffff, 0x8010aa02, &(0x7f0000000100)={&(0x7f0000ff9000/0x4000)=nil, 0x4000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

3.918334644s ago: executing program 4 (id=2943):
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_opts(r0, 0x84, 0x7, 0xfffffffffffffffe, &(0x7f0000000000)=0xff49)

741.38256ms ago: executing program 3 (id=2944):
r0 = dup(0xffffffffffffffff)
write$6lowpan_enable(r0, &(0x7f0000000000)='0', 0xfffffd2c)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
r2 = eventfd(0xc)
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r2)
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x1, r2})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/247, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000e40))
ioctl$VHOST_SET_VRING_ERR(r1, 0x4008af22, &(0x7f00000002c0)={0x1, r2})
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xf}, 0x94)

619.92564ms ago: executing program 4 (id=2945):
syz_mount_image$hfs(&(0x7f0000000180), &(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="71756965742c636f6465706167653d69736f383835392d31352c706172743d3078303030303030300000000000000000662c00a20000000700000000ede9debf530c3cc4d04b548919aca0c2937d4da1fc31dc42fc2e3e", @ANYRESDEC=0x0, @ANYRESOCT, @ANYRES16, @ANYRES16], 0x11, 0x2d9, &(0x7f0000000580)="$eJzs3U9rE08cx/HPbNIm/TX0t/0jgsdqQS9S60W8pEgehHgQtYlQDBVtBfViFU8ievfuU/ApCF4Un4CePPkAIggrM7v5s+lmN4Zmt8H3Cyyb7Pz5TnZ2ZyZgRgD+Wdca395f/mH/GamkkvTqquRJqkplSad0uvpo72D3oN1qppTTCRybyyjMaY4k2tlrJWauxl/6Nn9ZNVcKpioIgu3vkvaLDgSFcnd/Ak+qRPezO1/NPbJ0zyfMd3jMccwa01FHj7VUdBwAgGJF478XjfO1aP7uedJGNOyfyPF/Up2iA5i6IPXswPjvVlmBsdf3f3eqv95zSzh73uuuEsepeW7o9bzCnhWbYJqsVaWLxVu4u9tuXdy53256eqF6ZCDZmvvbDLtuV0a06wlr0xRjtN0kzygXXRvmbBu2RsS/OmGNEzOfzBdz0/h6p2Zv/lcOjL1M7kr5Q1cqjH9zdImulb5NpeixUa/XvViSZVfJmaiGSEYrq8krEnV71LLiXxD4WXG6XCtDucLWXcrItRrm2l6I5drqvhqRay1Wl21NrzePrm/azBtz3azrpz6oMTD/92x8G0q9M/t3jalEB/YTD9szn1xd2ZXpHxk5DnWjFn+n9ylWhoroPU9+pT/TMORZyrnXuqMrWtp/8vReqd1uPbQHtxMOHtS6V70191JKTFPAgaf+Ozrsn6oo/CLySK5uJ8oz1AvHWqB9fmQmtndZLg08MT2hiIPG53w7UhEHOTyfULj+Rc9M+jGXgJA3N+8K138D65VNN+zbP37KPD1zQhaVGNg5dm8FVI3lX3FH//3VCm5x9Apu3DXX2fPSud5bv4OMGv0oztkQpE39LNPQV93i+38AAAAAAAAAAAAAAAAAAIBZk8d/Jyi6jQAAAAAAAAAAAAAAAAAAAAAAzLre/r/q7v+r8fb/Hf7l71K4w8sk+/+6nwMf2CjHf7sn9v8Fpu9PAAAA///15YZH")

0s ago: executing program 1 (id=2946):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000000000008500000073000000850000005000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = socket(0x10, 0x803, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(r1, 0x89f0, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f076bbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r3 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0)
bind$802154_raw(r3, &(0x7f0000000180)={0x24, @short={0x2, 0x3}}, 0x14)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001b40)={0x0, r0}, 0x18)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000140)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r4, <r5=>0xffffffffffffffff}, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xc, 0x10, &(0x7f0000000740)=@framed={{}, [@snprintf={{0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x8, 0xfe00}, {0x7, 0x0, 0x8}, {}, {0x5}, {0x7, 0x0, 0x2, 0x0, 0x0, 0x1100}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r5}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x49}}]}, &(0x7f0000000440)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
r6 = openat$ubi_ctrl(0xffffffffffffff9c, &(0x7f00000002c0), 0xc02, 0x0)
sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, &(0x7f0000000380)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000340)={&(0x7f0000000300)={0x30, 0x0, 0x300, 0x70bd2c, 0x25dfdbfb, {}, [@GTPA_NET_NS_FD={0x8, 0x7, r6}, @GTPA_TID={0xc, 0x3, 0x1}, @GTPA_MS_ADDRESS={0x8, 0x5, @multicast2}]}, 0x30}, 0x1, 0x0, 0x0, 0xc000}, 0x48000)
socket$inet6_sctp(0xa, 0x5, 0x84)
r7 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000000), 0x165143)
mmap$qrtrtun(&(0x7f000000f000/0x1000)=nil, 0x1000, 0x5, 0x8010, r7, 0x4)
syz_io_uring_setup(0x10d, &(0x7f00000000c0)={0x0, 0x25b9, 0x100, 0x0, 0x215}, &(0x7f0000000040), &(0x7f00000003c0))

kernel console output (not intermixed with test programs):

nfined op=collect_data cause=failed(directio) comm="syz.1.2166" name="file1" dev="loop1" ino=15 res=0 errno=0
[ 1060.164544][T13261] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1060.179216][ T4275] XFS (loop3): Unmounting Filesystem
[ 1060.185010][T13261] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1060.191081][T13261] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[ 1060.237174][T13261] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1060.243161][T13261] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1060.259506][T13261] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[ 1060.361832][T13261] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1060.384334][T13261] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1060.427138][T13261] Bluetooth: hci4: Suspend notifier action (1) failed: -4
[ 1060.474281][T13261] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1060.538215][T13261] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1060.689476][T13261] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[ 1060.764887][   T26] audit: type=1800 audit(1754033967.483:60): pid=13272 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2166" name="file1" dev="loop1" ino=15 res=0 errno=0
[ 1061.363173][T13275] loop1: detected capacity change from 0 to 1024
[ 1061.695361][   T46] hfsplus: b-tree write err: -5, ino 4
[ 1063.177543][ T9079] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1063.183602][ T9079] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1063.189698][ T9079] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1063.204889][ T4274] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1063.290455][ T4384] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[ 1064.116374][ T4384] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1064.128824][ T4384] usb 4-1: config 6 has an invalid interface number: 158 but max is 0
[ 1064.243893][ T4384] usb 4-1: config 6 has no interface number 0
[ 1064.250399][ T4384] usb 4-1: config 6 interface 158 has no altsetting 0
[ 1064.276816][ T4384] usb 4-1: New USB device found, idVendor=0bda, idProduct=0140, bcdDevice=da.29
[ 1064.314002][ T4384] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1064.322049][ T4384] usb 4-1: Product: syz
[ 1064.364012][ T4384] usb 4-1: Manufacturer: syz
[ 1064.368703][ T4384] usb 4-1: SerialNumber: syz
[ 1065.100478][ T4384] usb 4-1: can't set config #6, error -71
[ 1065.110963][ T4384] usb 4-1: USB disconnect, device number 4
[ 1065.294048][ T4281] Bluetooth: hci4: command 0x0406 tx timeout
[ 1065.301290][ T4281] Bluetooth: hci1: command 0x0406 tx timeout
[ 1065.480515][ T9079] Bluetooth: hci3: command 0x0406 tx timeout
[ 1065.486621][ T9079] Bluetooth: hci2: command 0x0406 tx timeout
[ 1065.715454][T13315] loop5: detected capacity change from 0 to 2048
[ 1065.900219][T13316] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1066.406544][T13321] loop5: detected capacity change from 0 to 2048
[ 1066.452652][T13321] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1066.479859][T13321] NILFS (loop5): mounting unchecked fs
[ 1066.531545][ T4375] udevd[4375]: incorrect nilfs2 checksum on /dev/loop5
[ 1066.550468][T13321] NILFS (loop5): recovery complete
[ 1066.572381][T13325] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1067.274855][T13321] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1067.378538][   T26] audit: type=1800 audit(1754033974.073:61): pid=13329 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2181" name="file1" dev="loop5" ino=15 res=0 errno=0
[ 1067.404403][T13321] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1067.450019][T13321] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[ 1067.496713][T13321] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1067.662392][ T9079] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1067.671948][T13335] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2182'.
[ 1068.697953][T13321] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1068.743215][T13321] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[ 1068.802508][T13321] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1068.904239][ T4281] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1068.934394][T13321] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1068.974075][T13321] Bluetooth: hci4: Suspend notifier action (1) failed: -4
[ 1068.997660][   T26] audit: type=1800 audit(1754033975.693:62): pid=13329 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2181" name="file1" dev="loop5" ino=15 res=0 errno=0
[ 1069.080046][T13321] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1069.184499][T13321] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1069.220441][T13348] loop4: detected capacity change from 0 to 1024
[ 1069.240525][T13321] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[ 1069.551105][ T4281] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1070.133781][ T4417] hfsplus: b-tree write err: -5, ino 4
[ 1070.466788][T13364] loop5: detected capacity change from 0 to 2048
[ 1070.490428][T13364] NILFS (loop5): unrecognized mount option "errors=contynue"
[ 1070.700476][T13368] loop2: detected capacity change from 0 to 2048
[ 1071.078169][ T4281] Bluetooth: hci2: command 0x0406 tx timeout
[ 1071.110714][ T9079] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1071.145007][ T9079] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1071.487464][T13370] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1071.673348][ T4281] Bluetooth: hci3: command 0x0406 tx timeout
[ 1073.144171][ T9079] Bluetooth: hci4: command 0x0406 tx timeout
[ 1073.224293][ T9079] Bluetooth: hci1: command 0x0406 tx timeout
[ 1073.511057][T13387] loop5: detected capacity change from 0 to 2048
[ 1073.575911][T13387] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1073.639880][T13387] NILFS (loop5): mounting unchecked fs
[ 1073.679123][T13387] NILFS (loop5): recovery complete
[ 1073.691304][T13391] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1074.470003][   T26] audit: type=1800 audit(1754033981.183:63): pid=13396 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2199" name="file1" dev="loop5" ino=15 res=0 errno=0
[ 1074.554152][T13387] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1074.560827][T13387] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1074.800978][   T26] audit: type=1800 audit(1754033981.303:64): pid=13397 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2199" name="file1" dev="loop5" ino=15 res=0 errno=0
[ 1074.900404][T13387] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[ 1074.908886][T13387] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1074.915294][T13387] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1074.925268][T13387] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[ 1074.935585][T13387] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1074.944328][T13387] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1074.951709][T13387] Bluetooth: hci4: Suspend notifier action (1) failed: -4
[ 1074.971539][T13387] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1074.976499][T13395] loop1: detected capacity change from 0 to 2048
[ 1074.984730][T13387] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1074.990697][T13387] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[ 1075.161538][T13395] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1075.179180][ T4388] udevd[4388]: incorrect nilfs2 checksum on /dev/loop1
[ 1075.204120][T13395] NILFS (loop1): mounting unchecked fs
[ 1075.690556][T13395] NILFS (loop1): recovery complete
[ 1075.857068][T13402] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1076.584076][ T9079] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1076.687036][T13405] loop5: detected capacity change from 0 to 2048
[ 1076.712636][T13405] hpfs: filesystem error: invalid size in superblock: ffffffff; already mounted read-only
[ 1076.984264][ T9079] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1076.990718][ T9079] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1076.996926][ T4281] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1077.163622][T13395] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1077.178244][T13395] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1077.188755][   T26] audit: type=1800 audit(1754033983.903:65): pid=13409 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2201" name="file1" dev="loop1" ino=15 res=0 errno=0
[ 1077.234969][T13395] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[ 1077.304553][T13395] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1077.310586][T13395] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1077.345288][T13395] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[ 1077.353574][T13395] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1077.406514][T13395] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1077.444767][T13395] Bluetooth: hci4: Suspend notifier action (1) failed: -4
[ 1077.513408][T13418] loop3: detected capacity change from 0 to 1024
[ 1077.553570][T13418] hfsplus: invalid attributes max_key_len 0
[ 1077.606746][T13418] hfsplus: failed to load attributes file
[ 1077.654221][T13395] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1077.682788][T13395] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1077.811656][   T26] audit: type=1800 audit(1754033984.513:66): pid=13409 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2201" name="file1" dev="loop1" ino=15 res=0 errno=0
[ 1077.938371][T13395] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[ 1078.170331][T13427] loop4: detected capacity change from 0 to 2048
[ 1078.490835][T13428] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1079.094196][ T9079] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1079.384128][ T9079] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1079.391685][ T4281] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1079.544677][ T9079] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1081.174197][ T4281] Bluetooth: hci2: command 0x0406 tx timeout
[ 1081.330316][T13447] loop4: detected capacity change from 0 to 2048
[ 1081.464079][ T9079] Bluetooth: hci4: command 0x0406 tx timeout
[ 1081.468359][T13447] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1081.470133][ T9079] Bluetooth: hci3: command 0x0406 tx timeout
[ 1081.487521][T13447] NILFS (loop4): mounting unchecked fs
[ 1081.503378][T13451] loop1: detected capacity change from 0 to 64
[ 1082.159235][ T4281] Bluetooth: hci1: command 0x0406 tx timeout
[ 1082.260956][T13447] NILFS (loop4): recovery complete
[ 1082.273459][T13455] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1082.433376][T13453] genirq: Flags mismatch irq 4. 00000000 (pcmmio) vs. 00000000 (ttyS0)
[ 1082.778261][T13457] loop3: detected capacity change from 0 to 32768
[ 1082.785209][T13457] XFS: noikeep mount option is deprecated.
[ 1082.791081][T13457] XFS: ikeep mount option is deprecated.
[ 1082.964130][   T26] audit: type=1800 audit(1754033989.673:67): pid=13447 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2213" name="file1" dev="loop4" ino=15 res=0 errno=0
[ 1083.066829][T13446] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1083.073571][T13446] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1083.080608][T13446] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[ 1083.088532][T13446] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1083.188231][T13457] XFS (loop3): Mounting V5 Filesystem
[ 1083.399425][   T26] audit: type=1800 audit(1754033989.833:68): pid=13468 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2213" name="file1" dev="loop4" ino=15 res=0 errno=0
[ 1083.446083][T13446] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1083.452251][T13446] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[ 1083.459845][T13446] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1083.467223][T13446] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1083.473879][T13446] Bluetooth: hci4: Suspend notifier action (1) failed: -4
[ 1083.481534][T13446] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1083.583595][T13446] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1083.611545][T13457] XFS (loop3): Ending clean mount
[ 1083.693280][T13446] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[ 1083.703897][T13474] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2218'.
[ 1083.874568][ T4275] XFS (loop3): Unmounting Filesystem
[ 1084.100134][T13480] loop1: detected capacity change from 0 to 1024
[ 1084.143368][T13480] hfsplus: invalid attributes max_key_len 0
[ 1084.165771][T13482] loop4: detected capacity change from 0 to 2048
[ 1084.184520][T13480] hfsplus: failed to load attributes file
[ 1084.223609][T13482] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1084.243665][T13482] NILFS (loop4): mounting unchecked fs
[ 1084.322390][T13482] NILFS (loop4): recovery complete
[ 1084.370354][T13486] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1084.462726][T13482] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1084.480874][   T26] audit: type=1800 audit(1754033991.193:69): pid=13487 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2221" name="file1" dev="loop4" ino=15 res=0 errno=0
[ 1084.514134][T13482] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1084.528164][T13482] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[ 1084.567704][T13482] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1084.596252][T13482] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1084.657918][T13482] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[ 1084.820145][T13482] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1085.032168][T13482] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1085.044187][T13482] Bluetooth: hci4: Suspend notifier action (1) failed: -4
[ 1085.099536][T13482] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1085.130878][T13482] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1085.383915][T13482] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[ 1085.398975][   T26] audit: type=1800 audit(1754033992.103:70): pid=13493 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2221" name="file1" dev="loop4" ino=15 res=0 errno=0
[ 1086.504091][ T9079] Bluetooth: hci2: command 0x0406 tx timeout
[ 1086.584263][ T9079] Bluetooth: hci3: command 0x0406 tx timeout
[ 1086.824205][ T9079] Bluetooth: hci4: command 0x0406 tx timeout
[ 1086.988870][T13506] loop1: detected capacity change from 0 to 1024
[ 1087.192066][ T4281] Bluetooth: hci1: command 0x0406 tx timeout
[ 1087.909243][ T5202] hfsplus: b-tree write err: -5, ino 4
[ 1088.073120][T13517] loop4: detected capacity change from 0 to 4096
[ 1088.080705][T13517] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1088.404550][T13517] EXT4-fs (loop4): invalid first ino: 0
[ 1088.616491][ T9079] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1088.750197][ T9079] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1089.622225][ T9079] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1089.726433][ T4281] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1090.452186][T13531] loop5: detected capacity change from 0 to 128
[ 1090.519228][T13531] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[ 1090.604385][T13531] ext4 filesystem being mounted at /418/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1090.612895][T13530] loop3: detected capacity change from 0 to 2048
[ 1090.684060][ T9079] Bluetooth: hci2: command 0x0406 tx timeout
[ 1090.715904][T13530] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1090.794062][T13530] NILFS (loop3): mounting unchecked fs
[ 1090.824624][ T4281] Bluetooth: hci3: command 0x0406 tx timeout
[ 1090.833297][T13530] NILFS (loop3): recovery complete
[ 1090.864100][T13539] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1090.898753][ T4981] EXT4-fs (loop5): unmounting filesystem.
[ 1090.989311][T13530] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1090.999846][T13538] loop1: detected capacity change from 0 to 2048
[ 1091.020038][   T26] audit: type=1800 audit(1754033997.733:71): pid=13540 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2232" name="file1" dev="loop3" ino=15 res=0 errno=0
[ 1091.051329][T13530] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1091.057878][T13530] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[ 1091.065787][T13530] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1091.072358][T13530] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1091.079742][T13530] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[ 1091.087824][T13530] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1091.094577][T13530] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1091.101426][T13530] Bluetooth: hci4: Suspend notifier action (1) failed: -4
[ 1091.109303][T13530] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1091.136919][T13538] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1091.265656][T13538] NILFS (loop1): mounting unchecked fs
[ 1091.348956][   T26] audit: type=1800 audit(1754033997.873:72): pid=13541 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2232" name="file1" dev="loop3" ino=15 res=0 errno=0
[ 1091.474179][T13530] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1091.480250][T13530] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[ 1091.587660][T13538] NILFS (loop1): recovery complete
[ 1091.641751][T13548] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1091.797622][T13538] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1091.866572][   T26] audit: type=1800 audit(1754033998.583:73): pid=13552 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2235" name="file1" dev="loop1" ino=15 res=0 errno=0
[ 1092.173374][T13538] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1092.449384][T13538] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[ 1092.530040][T13538] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1092.558078][T13538] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1093.000333][T13538] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[ 1093.067865][T13538] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1093.089241][T13538] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1093.144048][ T9079] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1093.753708][T13538] Bluetooth: hci4: Suspend notifier action (1) failed: -4
[ 1093.794085][ T9079] Bluetooth: hci2: command 0x0406 tx timeout
[ 1093.982602][T13570] loop4: detected capacity change from 0 to 2048
[ 1094.365687][T13538] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1094.393137][T13571] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1094.425318][T13538] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1094.432395][T13538] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[ 1094.584147][ T9079] Bluetooth: hci3: command 0x0406 tx timeout
[ 1095.254655][ T9079] Bluetooth: hci4: command 0x0406 tx timeout
[ 1095.864298][ T9079] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1096.424179][ T9079] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1096.664286][ T9079] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1097.063342][T13599] loop5: detected capacity change from 0 to 2048
[ 1097.071620][T13601] loop3: detected capacity change from 0 to 1024
[ 1097.151860][T13599] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1097.174067][T13599] NILFS (loop5): mounting unchecked fs
[ 1097.205039][T13599] NILFS (loop5): recovery complete
[ 1097.247444][T13604] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1097.324087][ T9079] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1097.354908][    T9] hfsplus: b-tree write err: -5, ino 4
[ 1097.683908][T13599] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1097.903378][T13599] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1098.009548][   T26] audit: type=1800 audit(1754034004.723:74): pid=13608 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2249" name="file1" dev="loop5" ino=15 res=0 errno=0
[ 1098.011580][T13599] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[ 1098.050613][T13599] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1098.056654][T13599] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1098.062855][T13599] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[ 1098.070212][T13599] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1098.076203][T13599] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1098.082164][T13599] Bluetooth: hci4: Suspend notifier action (1) failed: -4
[ 1098.136386][T13599] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1098.143998][T13599] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1098.149993][T13599] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[ 1098.304143][   T26] audit: type=1800 audit(1754034005.013:75): pid=13608 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2249" name="file1" dev="loop5" ino=15 res=0 errno=0
[ 1099.015223][T13623] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2253'.
[ 1099.704040][ T9079] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1100.299871][T13633] loop2: detected capacity change from 0 to 2048
[ 1100.596790][ T9079] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1100.602982][ T9079] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1100.625154][ T4281] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1100.651827][T13634] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1100.688962][   T26] audit: type=1800 audit(1754034007.383:76): pid=13606 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2249" name="file1" dev="loop5" ino=15 res=0 errno=0
[ 1100.757193][T13638] loop4: detected capacity change from 0 to 1024
[ 1100.769158][T13638] hfsplus: invalid attributes max_key_len 0
[ 1100.775689][T13638] hfsplus: failed to load attributes file
[ 1100.991760][T13641] loop3: detected capacity change from 0 to 2048
[ 1100.999689][T13641] NILFS (loop3): unrecognized mount option "errors=contynue"
[ 1101.039115][ T4388] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1101.745876][T13654] loop5: detected capacity change from 0 to 64
[ 1101.794063][ T4281] Bluetooth: hci2: command 0x0406 tx timeout
[ 1102.060849][T13659] genirq: Flags mismatch irq 4. 00000000 (pcmmio) vs. 00000000 (ttyS0)
[ 1102.958015][ T9061] Bluetooth: hci4: command 0x0406 tx timeout
[ 1102.958102][ T4281] Bluetooth: hci1: command 0x0406 tx timeout
[ 1102.970301][ T9079] Bluetooth: hci3: command 0x0406 tx timeout
[ 1105.930510][T13683] loop2: detected capacity change from 0 to 2048
[ 1106.865679][T13683] hpfs: filesystem error: invalid size in superblock: ffffffff; already mounted read-only
[ 1107.230359][T13691] loop4: detected capacity change from 0 to 2048
[ 1107.238426][T13690] loop5: detected capacity change from 0 to 1024
[ 1107.303790][T13691] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1107.329112][T13690] hfsplus: invalid attributes max_key_len 0
[ 1107.338160][T13691] NILFS (loop4): mounting unchecked fs
[ 1107.465419][T13690] hfsplus: failed to load attributes file
[ 1107.875746][T13697] loop1: detected capacity change from 0 to 1024
[ 1108.086625][ T5054] udevd[5054]: incorrect nilfs2 checksum on /dev/loop4
[ 1108.195325][T13691] NILFS (loop4): recovery complete
[ 1108.421475][T13705] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1108.977707][T13707] loop2: detected capacity change from 0 to 64
[ 1109.820601][T13712] genirq: Flags mismatch irq 4. 00000000 (pcmmio) vs. 00000000 (ttyS0)
[ 1110.718623][   T11] hfsplus: b-tree write err: -5, ino 4
[ 1114.710935][T13750] loop5: detected capacity change from 0 to 2048
[ 1114.724456][T13750] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1114.738967][T13750] NILFS (loop5): mounting unchecked fs
[ 1114.775539][T13750] NILFS (loop5): recovery complete
[ 1114.795592][T13751] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1114.902206][   T26] audit: type=1800 audit(1754034021.613:77): pid=13754 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2288" name="file1" dev="loop5" ino=15 res=0 errno=0
[ 1115.044871][T13750] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1115.051142][T13750] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1115.058208][T13750] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[ 1115.066420][T13750] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1115.072715][T13750] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1115.079413][T13750] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[ 1115.087315][T13750] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1115.093771][T13750] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1115.101004][T13750] Bluetooth: hci4: Suspend notifier action (1) failed: -4
[ 1115.109160][T13750] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1115.115685][T13750] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1115.122487][T13750] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[ 1115.400694][   T26] audit: type=1800 audit(1754034021.893:78): pid=13750 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2288" name="file1" dev="loop5" ino=15 res=0 errno=0
[ 1115.667635][   T26] audit: type=1800 audit(1754034022.383:79): pid=13758 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2288" name="file1" dev="loop5" ino=15 res=0 errno=0
[ 1115.767620][T13761] loop4: detected capacity change from 0 to 1024
[ 1115.804447][ T1274] ieee802154 phy0 wpan0: encryption failed: -22
[ 1115.810870][ T1274] ieee802154 phy1 wpan1: encryption failed: -22
[ 1115.859016][T13761] hfsplus: invalid attributes max_key_len 0
[ 1115.914896][T13761] hfsplus: failed to load attributes file
[ 1116.650879][T13769] loop5: detected capacity change from 0 to 64
[ 1116.743111][T13770] genirq: Flags mismatch irq 4. 00000000 (pcmmio) vs. 00000000 (ttyS0)
[ 1117.064199][ T4281] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1117.144142][ T9079] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1117.150316][ T9079] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1117.156530][ T4281] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1118.559022][T13772] loop1: detected capacity change from 0 to 4096
[ 1118.691270][T13772] ntfs3: loop1: Different NTFS' sector size (1024) and media sector size (512)
[ 1119.098701][T13772] ntfs3: loop1: Failed to load $Extend.
[ 1119.154070][ T4281] Bluetooth: hci2: command 0x0406 tx timeout
[ 1119.224116][ T4281] Bluetooth: hci3: command 0x0406 tx timeout
[ 1119.230196][ T4281] Bluetooth: hci1: command 0x0406 tx timeout
[ 1119.236283][ T9079] Bluetooth: hci4: command 0x0406 tx timeout
[ 1121.740188][T13798] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2302'.
[ 1121.907044][T13802] loop1: detected capacity change from 0 to 1024
[ 1122.041959][T13809] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2305'.
[ 1122.717137][T13807] loop4: detected capacity change from 0 to 2048
[ 1122.748422][T13807] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1122.861573][T13807] NILFS (loop4): mounting unchecked fs
[ 1122.907467][T13807] NILFS (loop4): recovery complete
[ 1122.918721][   T46] hfsplus: b-tree write err: -5, ino 4
[ 1122.939020][T13811] loop5: detected capacity change from 0 to 64
[ 1123.015286][T13812] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1123.060982][T13813] genirq: Flags mismatch irq 4. 00000000 (pcmmio) vs. 00000000 (ttyS0)
[ 1124.749430][T13807] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1124.755581][   T26] audit: type=1800 audit(1754034031.463:80): pid=13814 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2304" name="file1" dev="loop4" ino=15 res=0 errno=0
[ 1124.776256][T13807] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1124.799868][T13807] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[ 1124.807959][T13807] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1124.814465][T13807] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1124.821441][T13807] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[ 1124.829541][T13807] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1124.835919][T13807] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1124.842612][T13807] Bluetooth: hci4: Suspend notifier action (1) failed: -4
[ 1124.850765][T13807] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1124.857413][T13807] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1124.863906][T13807] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[ 1125.186884][   T26] audit: type=1800 audit(1754034031.613:81): pid=13807 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2304" name="file1" dev="loop4" ino=15 res=0 errno=0
[ 1125.610074][T13825] loop4: detected capacity change from 0 to 1024
[ 1125.677936][T13825] hfsplus: invalid attributes max_key_len 0
[ 1125.723383][T13825] hfsplus: failed to load attributes file
[ 1127.141964][T13838] loop2: detected capacity change from 0 to 2048
[ 1127.214027][ T4281] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1127.220077][ T4281] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1127.226150][ T4281] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1127.232179][ T4281] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1127.312349][T13840] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1127.633481][T13843] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2314'.
[ 1128.119762][T13857] loop3: detected capacity change from 0 to 128
[ 1128.162077][T13857] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1128.180665][T13857] ext4 filesystem being mounted at /447/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1128.311413][T13862] loop4: detected capacity change from 0 to 64
[ 1128.417263][T13864] genirq: Flags mismatch irq 4. 00000000 (pcmmio) vs. 00000000 (ttyS0)
[ 1129.304344][ T9079] Bluetooth: hci4: command 0x0406 tx timeout
[ 1129.310731][ T4281] Bluetooth: hci2: command 0x0406 tx timeout
[ 1129.310795][ T9061] Bluetooth: hci1: command 0x0406 tx timeout
[ 1129.323340][ T9061] Bluetooth: hci3: command 0x0406 tx timeout
[ 1129.615035][ T4275] EXT4-fs (loop3): unmounting filesystem.
[ 1129.660463][T13870] loop4: detected capacity change from 0 to 1024
[ 1130.160249][T13870] hfsplus: invalid attributes max_key_len 0
[ 1130.170037][T13870] hfsplus: failed to load attributes file
[ 1130.173878][T13875] loop5: detected capacity change from 0 to 1024
[ 1130.341787][   T62] hfsplus: b-tree write err: -5, ino 4
[ 1131.018190][T13888] loop5: detected capacity change from 0 to 4096
[ 1131.248301][T13890] loop1: detected capacity change from 0 to 2048
[ 1131.563405][T13888] ntfs3: loop5: Different NTFS' sector size (1024) and media sector size (512)
[ 1131.583426][T13891] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1131.682757][T13888] ntfs3: loop5: Failed to load $Extend.
[ 1132.700194][T13906] loop3: detected capacity change from 0 to 64
[ 1133.181375][T13910] genirq: Flags mismatch irq 4. 00000000 (pcmmio) vs. 00000000 (ttyS0)
[ 1133.567670][T13914] loop1: detected capacity change from 0 to 256
[ 1134.759001][T13926] loop1: detected capacity change from 0 to 1024
[ 1136.655833][   T46] hfsplus: b-tree write err: -5, ino 4
[ 1137.793269][T13954] loop4: detected capacity change from 0 to 1024
[ 1137.833092][T13954] hfsplus: invalid attributes max_key_len 0
[ 1137.859502][T13954] hfsplus: failed to load attributes file
[ 1137.958861][T13936] loop3: detected capacity change from 0 to 32768
[ 1138.002206][T13936] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[ 1138.076219][T13936] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[ 1138.198702][T13936] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[ 1138.323644][ T5437] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[ 1138.339215][ T5437] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[ 1138.427521][ T5437] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 88ms
[ 1138.451375][ T5437] gfs2: fsid=syz:syz.0: jid=0: Done
[ 1138.462209][T13936] gfs2: fsid=syz:syz.0: first mount done, others may mount
[ 1138.842505][ T9066] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[ 1140.032572][ T9066] usb 6-1: Using ep0 maxpacket: 8
[ 1140.171736][ T9066] usb 6-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[ 1140.189095][ T9066] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1140.199304][ T9066] usb 6-1: Product: syz
[ 1140.203671][ T9066] usb 6-1: Manufacturer: syz
[ 1140.214237][ T9066] usb 6-1: SerialNumber: syz
[ 1140.220608][ T9066] usb 6-1: config 0 descriptor??
[ 1140.438509][ T9066] usb 6-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[ 1141.266651][T14005] loop2: detected capacity change from 0 to 2048
[ 1141.298965][T14005] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1141.311760][T14005] NILFS (loop2): mounting unchecked fs
[ 1141.367770][T14005] NILFS (loop2): recovery complete
[ 1141.389728][T14010] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1141.481350][   T26] audit: type=1800 audit(1754034048.193:82): pid=14012 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2353" name="file1" dev="loop2" ino=15 res=0 errno=0
[ 1141.524686][T14005] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1141.530708][T14005] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1141.536760][T14005] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[ 1141.554178][   T26] audit: type=1800 audit(1754034048.233:83): pid=14012 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2353" name="file1" dev="loop2" ino=15 res=0 errno=0
[ 1141.581233][T14005] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1141.592417][T14005] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1141.603676][T14005] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[ 1141.605234][   T26] audit: type=1800 audit(1754034048.323:84): pid=14013 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2353" name="file1" dev="loop2" ino=15 res=0 errno=0
[ 1141.631714][T14005] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1141.693910][T14005] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1141.715545][T14008] loop3: detected capacity change from 0 to 4096
[ 1141.724410][T14005] Bluetooth: hci4: Suspend notifier action (1) failed: -4
[ 1141.733128][T14008] ntfs3: loop3: Different NTFS' sector size (1024) and media sector size (512)
[ 1141.772031][T14005] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1141.778202][T14005] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1141.784436][T14005] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[ 1141.887131][T14008] ntfs3: loop3: Failed to load $Extend.
[ 1142.463138][T14026] usb usb9: usbfs: process 14026 (syz.3.2356) did not claim interface 5 before use
[ 1142.482532][T14026] netlink: 156 bytes leftover after parsing attributes in process `syz.3.2356'.
[ 1142.525831][ T9066] dvb_usb_rtl28xxu: probe of 6-1:0.0 failed with error -71
[ 1142.564533][T14027] binder: 14024:14027 unknown command 1074553619
[ 1142.571174][T14027] binder: 14024:14027 ioctl c0306201 200000000540 returned -22
[ 1143.544130][T13865] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1143.624385][T13865] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1143.704037][T13865] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1143.794096][T13865] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1144.525453][ T9066] usb 6-1: USB disconnect, device number 7
[ 1144.930498][T14033] loop1: detected capacity change from 0 to 1024
[ 1145.246600][T14033] hfsplus: invalid attributes max_key_len 0
[ 1145.337429][T14033] hfsplus: failed to load attributes file
[ 1145.624164][T13865] Bluetooth: hci2: command 0x0406 tx timeout
[ 1145.704129][T13865] Bluetooth: hci3: command 0x0406 tx timeout
[ 1145.784263][T13865] Bluetooth: hci4: command 0x0406 tx timeout
[ 1145.864196][T13865] Bluetooth: hci1: command 0x0406 tx timeout
[ 1147.430216][T14050] loop2: detected capacity change from 0 to 128
[ 1147.500263][T14050] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 1147.679779][T14050] ext4 filesystem being mounted at /478/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1147.987126][ T4272] EXT4-fs (loop2): unmounting filesystem.
[ 1148.776343][T14067] loop2: detected capacity change from 0 to 2048
[ 1148.803537][T14067] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1148.819262][T14067] NILFS (loop2): mounting unchecked fs
[ 1149.086648][T14070] loop4: detected capacity change from 0 to 2048
[ 1149.109440][T14070] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1149.125019][T14070] NILFS (loop4): mounting unchecked fs
[ 1149.130636][T14067] NILFS (loop2): recovery complete
[ 1149.150297][T14077] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1149.195635][T14070] NILFS (loop4): recovery complete
[ 1149.228873][T14078] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1149.248640][T14067] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1149.264918][T14067] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1149.270955][   T26] audit: type=1800 audit(1754034055.983:85): pid=14079 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2366" name="file1" dev="loop2" ino=15 res=0 errno=0
[ 1149.307793][T14067] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[ 1149.359083][T14067] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1149.366889][T14067] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1149.374546][   T26] audit: type=1800 audit(1754034056.023:86): pid=14079 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2366" name="file1" dev="loop2" ino=15 res=0 errno=0
[ 1149.808699][T14067] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[ 1149.826523][T14067] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1149.832596][T14067] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1149.839243][T14067] Bluetooth: hci4: Suspend notifier action (1) failed: -4
[ 1149.846723][T14067] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1149.871238][T14067] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1149.877725][T14067] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[ 1149.928306][T14087] loop3: detected capacity change from 0 to 1024
[ 1150.076599][   T26] audit: type=1800 audit(1754034056.183:87): pid=14082 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2369" name="file1" dev="loop4" ino=15 res=0 errno=0
[ 1150.588884][   T26] audit: type=1800 audit(1754034056.473:88): pid=14081 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2366" name="file1" dev="loop2" ino=15 res=0 errno=0
[ 1150.674514][T14070] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1150.680891][T14070] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1150.694340][T14070] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[ 1150.718226][T14070] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1150.824349][T14070] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1150.830364][T14070] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[ 1150.866169][T14100] usb usb9: usbfs: process 14100 (syz.2.2374) did not claim interface 5 before use
[ 1150.949221][T14100] netlink: 156 bytes leftover after parsing attributes in process `syz.2.2374'.
[ 1150.959786][T14100] binder: 14097:14100 unknown command 1074553619
[ 1150.966288][T14100] binder: 14097:14100 ioctl c0306201 200000000540 returned -22
[ 1151.025163][T14070] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1151.034866][T14070] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1151.044424][ T4788] hfsplus: b-tree write err: -5, ino 4
[ 1151.070202][T14070] Bluetooth: hci4: Suspend notifier action (1) failed: -4
[ 1151.079368][T14070] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1151.094164][T14070] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1151.103399][T14070] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[ 1151.150590][T14098] loop5: detected capacity change from 0 to 4096
[ 1151.152357][T14102] loop1: detected capacity change from 0 to 1024
[ 1151.169782][T14098] ntfs3: loop5: Different NTFS' sector size (1024) and media sector size (512)
[ 1151.251745][T14102] hfsplus: invalid attributes max_key_len 0
[ 1151.343103][T14098] ntfs3: loop5: Failed to load $Extend.
[ 1151.346108][T14102] hfsplus: failed to load attributes file
[ 1151.534169][T14106] loop4: detected capacity change from 0 to 32768
[ 1151.541195][T14106] XFS: noikeep mount option is deprecated.
[ 1151.547147][T14106] XFS: ikeep mount option is deprecated.
[ 1151.628984][ T4375] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1151.734202][T14106] XFS (loop4): Mounting V5 Filesystem
[ 1151.857963][T14106] XFS (loop4): Ending clean mount
[ 1152.154064][T14120] loop3: detected capacity change from 0 to 40427
[ 1152.187017][T14120] F2FS-fs (loop3): Unrecognized mount option "age_extent_cache" or missing value
[ 1152.275769][T14123] autofs4:pid:14123:autofs_fill_super: called with bogus options
[ 1152.744401][ T4274] Bluetooth: hci2: command 0x0406 tx timeout
[ 1152.744467][T13865] Bluetooth: hci3: command 0x0406 tx timeout
[ 1153.064248][T13865] Bluetooth: hci4: command 0x0406 tx timeout
[ 1153.154303][T13865] Bluetooth: hci1: command 0x0406 tx timeout
[ 1153.221416][ T4269] XFS (loop4): Unmounting Filesystem
[ 1154.824172][T13865] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1154.830424][ T4274] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1155.888227][ T4281] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1155.894482][ T4274] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1156.015644][T14150] loop5: detected capacity change from 0 to 64
[ 1156.129432][T14154] genirq: Flags mismatch irq 4. 00000000 (pcmmio) vs. 00000000 (ttyS0)
[ 1156.912872][T14153] loop1: detected capacity change from 0 to 2048
[ 1156.919446][T13865] Bluetooth: hci3: command 0x0406 tx timeout
[ 1156.919485][T13865] Bluetooth: hci2: command 0x0406 tx timeout
[ 1156.928684][T14153] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1156.941545][T14153] NILFS (loop1): mounting unchecked fs
[ 1156.949234][T14156] loop3: detected capacity change from 0 to 1024
[ 1157.018172][T14157] loop2: detected capacity change from 0 to 2048
[ 1157.055117][T14153] NILFS (loop1): recovery complete
[ 1157.070491][T14157] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1157.107248][T14158] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1157.146069][T14157] NILFS (loop2): mounting unchecked fs
[ 1157.217638][T14157] NILFS (loop2): recovery complete
[ 1157.242026][T13234] hfsplus: b-tree write err: -5, ino 4
[ 1157.251537][   T26] audit: type=1800 audit(1754034063.973:89): pid=14161 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2389" name="file1" dev="loop1" ino=15 res=0 errno=0
[ 1157.264479][T14162] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1157.423249][   T26] audit: type=1800 audit(1754034064.133:90): pid=14165 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2386" name="file1" dev="loop2" ino=15 res=0 errno=0
[ 1158.094476][ T4274] Bluetooth: hci4: command 0x0406 tx timeout
[ 1158.100983][ T4274] Bluetooth: hci1: command 0x0406 tx timeout
[ 1158.468348][T14153] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1158.488068][   T26] audit: type=1800 audit(1754034064.163:91): pid=14165 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2386" name="file1" dev="loop2" ino=15 res=0 errno=0
[ 1158.509491][   T26] audit: type=1800 audit(1754034064.943:92): pid=14161 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2389" name="file1" dev="loop1" ino=15 res=0 errno=0
[ 1158.565060][T14153] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1158.572742][T14153] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[ 1158.650048][   T26] audit: type=1800 audit(1754034065.143:93): pid=14171 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2386" name="file1" dev="loop2" ino=15 res=0 errno=0
[ 1158.677957][T14153] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1158.685673][T14153] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1158.698528][T14177] loop5: detected capacity change from 0 to 1024
[ 1158.698839][T14153] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[ 1158.713328][T14153] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1158.729856][T14153] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1158.741541][T14177] hfsplus: invalid attributes max_key_len 0
[ 1158.759613][T14177] hfsplus: failed to load attributes file
[ 1158.759913][T14153] Bluetooth: hci4: Suspend notifier action (1) failed: -4
[ 1158.773279][T14153] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1158.784868][T14153] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1158.798347][T14153] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[ 1158.844223][T14157] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1158.860848][T14157] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1158.874198][T14157] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[ 1158.927947][T14157] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1158.935828][T14157] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1158.941783][T14157] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[ 1158.953892][T14157] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1158.973139][T14157] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1158.983016][T14157] Bluetooth: hci4: Suspend notifier action (1) failed: -4
[ 1158.997003][T14157] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1159.003196][T14157] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1159.013098][T14157] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[ 1159.414092][T14185] loop1: detected capacity change from 0 to 2048
[ 1159.967615][T14188] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1159.988310][T14189] usb usb9: usbfs: process 14189 (syz.4.2395) did not claim interface 5 before use
[ 1160.025171][T14189] netlink: 156 bytes leftover after parsing attributes in process `syz.4.2395'.
[ 1160.048632][T14189] binder: 14186:14189 unknown command 1074553619
[ 1160.055502][T14189] binder: 14186:14189 ioctl c0306201 200000000540 returned -22
[ 1160.223704][T14189] loop4: detected capacity change from 0 to 128
[ 1160.239637][T14189] ufs: You didn't specify the type of your ufs filesystem
[ 1160.239637][T14189] 
[ 1160.239637][T14189] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[ 1160.239637][T14189] 
[ 1160.239637][T14189] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[ 1160.270682][T14189] ufs: ufstype=old is supported read-only
[ 1160.279268][T14189] ufs: ufs_fill_super(): fragment size 3263967611 is not a power of 2
[ 1160.904161][T13865] Bluetooth: hci2: command 0x0406 tx timeout
[ 1160.984285][ T4274] Bluetooth: hci3: command 0x0406 tx timeout
[ 1160.984349][T13865] Bluetooth: hci4: command 0x0406 tx timeout
[ 1161.064045][T13865] Bluetooth: hci1: command 0x0406 tx timeout
[ 1162.984091][T13865] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1163.064321][ T4274] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1163.064384][T13865] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1163.144098][T13865] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1164.539166][T14204] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2396'.
[ 1164.552062][T14204] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2396'.
[ 1165.074040][T13865] Bluetooth: hci2: command 0x0406 tx timeout
[ 1165.144112][ T4274] Bluetooth: hci3: command 0x0406 tx timeout
[ 1165.150222][T13865] Bluetooth: hci4: command 0x0406 tx timeout
[ 1165.234063][T13865] Bluetooth: hci1: command 0x0406 tx timeout
[ 1169.641063][T14223] loop2: detected capacity change from 0 to 2048
[ 1169.680578][T14223] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1169.720922][T14223] NILFS (loop2): mounting unchecked fs
[ 1169.804358][T14223] NILFS (loop2): recovery complete
[ 1170.247322][T14232] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1170.370084][   T26] audit: type=1800 audit(1754034077.083:94): pid=14234 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2404" name="file1" dev="loop2" ino=15 res=0 errno=0
[ 1170.794545][   T26] audit: type=1800 audit(1754034077.513:95): pid=14236 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2404" name="file1" dev="loop2" ino=15 res=0 errno=0
[ 1170.929734][T14223] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1170.936241][T14223] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1170.952120][T14223] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[ 1170.961544][T14223] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1170.968001][T14223] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1170.976833][T14223] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[ 1170.984554][T14223] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1170.990540][T14223] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1171.002806][T14223] Bluetooth: hci4: Suspend notifier action (1) failed: -4
[ 1171.010366][T14223] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1171.063087][T14241] loop4: detected capacity change from 0 to 2048
[ 1171.595835][T14243] loop3: detected capacity change from 0 to 2048
[ 1171.630149][T14243] hpfs: filesystem error: invalid size in superblock: ffffffff; already mounted read-only
[ 1171.829287][T14223] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1171.870987][T14223] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[ 1171.878422][T14241] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1171.985131][T14241] NILFS (loop4): mounting unchecked fs
[ 1172.010724][ T4388] udevd[4388]: incorrect nilfs2 checksum on /dev/loop4
[ 1172.044700][T14241] NILFS (loop4): recovery complete
[ 1172.089038][T14247] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1172.212963][   T26] audit: type=1800 audit(1754034078.923:96): pid=14241 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2407" name="file1" dev="loop4" ino=15 res=0 errno=0
[ 1172.244873][T14239] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1172.304455][T14239] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1172.310576][T14239] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[ 1172.314540][T14245] loop3: detected capacity change from 0 to 4096
[ 1172.977762][T14239] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1172.998047][T14245] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[ 1173.034436][T14239] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1173.041497][T14245] ntfs3: loop3: volume is dirty and "force" flag is not set!
[ 1173.064259][T13865] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1173.070604][ T4274] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1173.076944][T14239] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[ 1173.077397][   T26] audit: type=1800 audit(1754034079.793:97): pid=14241 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2407" name="file1" dev="loop4" ino=15 res=0 errno=0
[ 1173.108565][T14239] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1173.127092][T14239] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1173.149782][T14239] Bluetooth: hci4: Suspend notifier action (1) failed: -4
[ 1173.157542][T14239] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1173.163707][T14239] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1173.170053][T14239] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[ 1173.198139][   T26] audit: type=1800 audit(1754034079.903:98): pid=14258 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2407" name="file1" dev="loop4" ino=15 res=0 errno=0
[ 1173.432428][T14255] loop5: detected capacity change from 0 to 4096
[ 1173.482290][T14255] ntfs3: loop5: Different NTFS' sector size (1024) and media sector size (512)
[ 1173.659903][T14255] ntfs3: loop5: Failed to load $Extend.
[ 1173.671771][T14261] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2414'.
[ 1173.686380][T14261] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2414'.
[ 1174.264076][ T4274] Bluetooth: hci2: command 0x0406 tx timeout
[ 1174.984044][ T4274] Bluetooth: hci3: command 0x0406 tx timeout
[ 1175.074995][T14264] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2415'.
[ 1175.154289][T13865] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1175.224103][T13865] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1176.344144][T13865] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1177.064368][T13865] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1177.185040][T14273] loop2: detected capacity change from 0 to 128
[ 1177.228348][T13865] Bluetooth: hci4: command 0x0406 tx timeout
[ 1177.235663][ T1274] ieee802154 phy0 wpan0: encryption failed: -22
[ 1177.249965][ T1274] ieee802154 phy1 wpan1: encryption failed: -22
[ 1177.304323][T13865] Bluetooth: hci1: command 0x0406 tx timeout
[ 1177.594447][T14273] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 1177.689472][T14273] ext4 filesystem being mounted at /488/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1177.898244][T14280] loop3: detected capacity change from 0 to 2048
[ 1177.994637][T14280] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1178.064186][T14280] NILFS (loop3): mounting unchecked fs
[ 1178.139531][T14280] NILFS (loop3): recovery complete
[ 1178.162232][ T4272] EXT4-fs (loop2): unmounting filesystem.
[ 1178.221909][T14285] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1178.329115][   T26] audit: type=1800 audit(1754034085.043:99): pid=14288 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2420" name="file1" dev="loop3" ino=15 res=0 errno=0
[ 1178.752153][T14280] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1179.050853][   T26] audit: type=1800 audit(1754034085.233:100): pid=14291 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2420" name="file1" dev="loop3" ino=15 res=0 errno=0
[ 1179.124734][T14280] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1179.133853][T14280] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[ 1179.144270][T13865] Bluetooth: hci3: command 0x0406 tx timeout
[ 1179.284202][T14280] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1179.294404][T14280] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1179.317846][T14280] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[ 1179.979665][T14280] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1180.025235][T14280] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1180.052744][T14280] Bluetooth: hci4: Suspend notifier action (1) failed: -4
[ 1180.111157][T14280] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1180.146876][T14280] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1180.194190][T14280] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[ 1180.424195][T13865] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1181.304138][T13865] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1181.646732][T14318] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2428'.
[ 1182.024149][T13865] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1182.184137][T13865] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1182.588092][T14315] loop3: detected capacity change from 0 to 32768
[ 1182.595091][T14315] XFS: noikeep mount option is deprecated.
[ 1182.600897][T14315] XFS: ikeep mount option is deprecated.
[ 1182.607677][T13865] Bluetooth: hci2: command 0x0406 tx timeout
[ 1182.897525][T14327] overlayfs: failed to resolve './bus': -2
[ 1182.945479][T14315] XFS (loop3): Mounting V5 Filesystem
[ 1183.384306][T13865] Bluetooth: hci3: command 0x0406 tx timeout
[ 1183.502087][T14312] loop4: detected capacity change from 0 to 4096
[ 1183.609720][T14315] XFS (loop3): Ending clean mount
[ 1183.680894][T14312] ntfs3: loop4: Mark volume as dirty due to NTFS errors
[ 1183.744221][T14337] usb usb9: usbfs: process 14337 (syz.2.2431) did not claim interface 5 before use
[ 1183.767271][T14337] binder: 14334:14337 unknown command 1074553619
[ 1183.774034][T14337] binder: 14334:14337 ioctl c0306201 200000000540 returned -22
[ 1183.835512][T14337] loop2: detected capacity change from 0 to 128
[ 1183.855491][T14337] ufs: You didn't specify the type of your ufs filesystem
[ 1183.855491][T14337] 
[ 1183.855491][T14337] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[ 1183.855491][T14337] 
[ 1183.855491][T14337] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[ 1183.886800][T14337] ufs: ufstype=old is supported read-only
[ 1184.019502][T14337] ufs: ufs_fill_super(): fragment size 3263967611 is not a power of 2
[ 1184.104069][T13865] Bluetooth: hci4: command 0x0406 tx timeout
[ 1184.264310][T13865] Bluetooth: hci1: command 0x0406 tx timeout
[ 1187.743677][T14312] ntfs3: loop4: volume is dirty and "force" flag is not set!
[ 1188.270089][ T4275] XFS (loop3): Unmounting Filesystem
[ 1191.744680][T14367] overlayfs: failed to resolve './bus': -2
[ 1192.474143][T14380] loop4: detected capacity change from 0 to 32768
[ 1192.481018][T14380] XFS: noikeep mount option is deprecated.
[ 1192.486897][T14380] XFS: ikeep mount option is deprecated.
[ 1192.530056][T14380] XFS (loop4): Mounting V5 Filesystem
[ 1192.582847][T14378] loop5: detected capacity change from 0 to 2048
[ 1192.622266][T14375] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2441'.
[ 1192.710957][T14378] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1192.713858][T14380] XFS (loop4): Ending clean mount
[ 1192.774114][T14378] NILFS (loop5): mounting unchecked fs
[ 1192.844760][ T4388] udevd[4388]: incorrect nilfs2 checksum on /dev/loop5
[ 1192.857040][T14378] NILFS (loop5): recovery complete
[ 1192.884949][T14394] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1192.954896][   T26] audit: type=1800 audit(1754034099.673:101): pid=14378 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2444" name="file1" dev="loop5" ino=15 res=0 errno=0
[ 1193.226973][   T26] audit: type=1800 audit(1754034099.783:102): pid=14395 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2444" name="file1" dev="loop5" ino=15 res=0 errno=0
[ 1193.321621][T14396] autofs4:pid:14396:autofs_fill_super: called with bogus options
[ 1194.307921][T14387] loop3: detected capacity change from 0 to 32768
[ 1194.362714][T14387] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.2445 (14387)
[ 1194.425260][T14387] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1194.655365][T14387] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[ 1194.686561][ T4269] XFS (loop4): Unmounting Filesystem
[ 1194.882131][T14387] BTRFS info (device loop3): metadata ratio 2
[ 1194.999890][T14387] BTRFS info (device loop3): allowing degraded mounts
[ 1195.006950][T14387] BTRFS info (device loop3): force zlib compression, level 3
[ 1195.014525][T14387] BTRFS info (device loop3): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[ 1195.024090][T14387] BTRFS info (device loop3): use zstd compression, level 3
[ 1195.031327][T14387] BTRFS info (device loop3): doing ref verification
[ 1195.038392][T14387] BTRFS info (device loop3): max_inline at 0
[ 1195.044471][T14387] BTRFS info (device loop3): using free space tree
[ 1196.508703][T14387] BTRFS error (device loop3): open_ctree failed: -22
[ 1198.002298][T14436] usb usb9: usbfs: process 14436 (syz.4.2452) did not claim interface 5 before use
[ 1198.034383][T14436] binder: 14432:14436 unknown command 1074553619
[ 1198.041013][T14436] binder: 14432:14436 ioctl c0306201 200000000540 returned -22
[ 1198.134448][T14436] loop4: detected capacity change from 0 to 128
[ 1198.150316][T14436] ufs: You didn't specify the type of your ufs filesystem
[ 1198.150316][T14436] 
[ 1198.150316][T14436] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[ 1198.150316][T14436] 
[ 1198.150316][T14436] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[ 1198.181530][T14436] ufs: ufstype=old is supported read-only
[ 1198.191680][T14436] ufs: ufs_fill_super(): fragment size 3263967611 is not a power of 2
[ 1205.261714][T14469] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2461'.
[ 1205.356202][T14467] loop3: detected capacity change from 0 to 2048
[ 1205.494783][T14470] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1207.018377][T14496] loop3: detected capacity change from 0 to 32768
[ 1207.025361][T14496] XFS: noikeep mount option is deprecated.
[ 1207.031170][T14496] XFS: ikeep mount option is deprecated.
[ 1207.213518][T14496] XFS (loop3): Mounting V5 Filesystem
[ 1207.443837][T14496] XFS (loop3): Ending clean mount
[ 1207.642230][T14506] autofs4:pid:14506:autofs_fill_super: called with bogus options
[ 1208.347134][ T4275] XFS (loop3): Unmounting Filesystem
[ 1216.039116][T14554] loop4: detected capacity change from 0 to 2048
[ 1216.065977][T14535] loop5: detected capacity change from 0 to 2048
[ 1216.314534][T14558] loop1: detected capacity change from 0 to 32768
[ 1216.321454][T14558] XFS: noikeep mount option is deprecated.
[ 1216.327335][T14558] XFS: ikeep mount option is deprecated.
[ 1216.392009][T14554] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[ 1216.428396][T14558] XFS (loop1): Mounting V5 Filesystem
[ 1216.489020][T14569] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1216.610787][T14558] XFS (loop1): Ending clean mount
[ 1217.850277][ T4264] XFS (loop1): Unmounting Filesystem
[ 1217.881655][ T4269] EXT4-fs (loop4): unmounting filesystem.
[ 1218.511523][T14591] device syzkaller0 entered promiscuous mode
[ 1220.692473][T14618] loop1: detected capacity change from 0 to 128
[ 1220.846793][T14618] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[ 1220.888306][T14618] ext4 filesystem being mounted at /501/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1221.156784][ T4264] EXT4-fs (loop1): unmounting filesystem.
[ 1221.330383][T14626] loop5: detected capacity change from 0 to 32768
[ 1221.337538][T14626] XFS: noikeep mount option is deprecated.
[ 1221.343376][T14626] XFS: ikeep mount option is deprecated.
[ 1221.429243][T14626] XFS (loop5): Mounting V5 Filesystem
[ 1221.870709][T14626] XFS (loop5): Ending clean mount
[ 1222.795317][T14636] loop1: detected capacity change from 0 to 2048
[ 1222.829701][T14636] hpfs: filesystem error: invalid size in superblock: ffffffff; already mounted read-only
[ 1223.061872][ T4981] XFS (loop5): Unmounting Filesystem
[ 1224.356482][T14650] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1224.466326][T14652] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1224.499350][T14655] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[ 1227.074762][T14688] loop2: detected capacity change from 0 to 2048
[ 1227.278542][T14689] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1227.734519][T14696] loop2: detected capacity change from 0 to 64
[ 1229.436795][T14700] loop1: detected capacity change from 0 to 2048
[ 1229.458106][T14700] hpfs: filesystem error: invalid size in superblock: ffffffff; already mounted read-only
[ 1231.631310][T14713] loop1: detected capacity change from 0 to 2048
[ 1231.641012][T14713] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1231.670363][T14713] NILFS (loop1): mounting unchecked fs
[ 1231.702276][T14713] NILFS (loop1): recovery complete
[ 1231.730769][T14714] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1231.828243][   T26] audit: type=1800 audit(1754034138.553:103): pid=14715 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2513" name="file1" dev="loop1" ino=15 res=0 errno=0
[ 1231.906139][   T26] audit: type=1800 audit(1754034138.623:104): pid=14716 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2513" name="file1" dev="loop1" ino=15 res=0 errno=0
[ 1232.502527][T14713] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1232.531449][T14713] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1233.748334][T14713] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[ 1233.806671][T14713] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1233.826601][T14713] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1233.850998][T14713] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[ 1233.867492][T14713] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1233.873563][T14713] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1233.885612][T14713] Bluetooth: hci4: Suspend notifier action (1) failed: -4
[ 1233.909061][T14713] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1233.927863][T14713] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1233.946508][T14713] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[ 1233.997152][T14737] loop4: detected capacity change from 0 to 4096
[ 1234.033412][T14737] ntfs3: loop4: Different NTFS' sector size (4096) and media sector size (512)
[ 1234.136404][   T26] audit: type=1800 audit(1754034140.853:105): pid=14737 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2518" name="file1" dev="loop4" ino=33 res=0 errno=0
[ 1234.189171][T14739] loop3: detected capacity change from 0 to 4096
[ 1234.534161][T13865] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1235.368755][T14749] loop1: detected capacity change from 0 to 2048
[ 1236.436394][ T4281] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1236.436522][T13865] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1236.448647][ T4274] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1236.532704][T14749] hpfs: filesystem error: invalid size in superblock: ffffffff; already mounted read-only
[ 1236.594138][ T4281] Bluetooth: hci2: command 0x0406 tx timeout
[ 1237.532017][T14757] loop5: detected capacity change from 0 to 64
[ 1237.993423][T14760] loop1: detected capacity change from 0 to 2048
[ 1238.124872][T14760] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1238.175319][T14760] NILFS (loop1): mounting unchecked fs
[ 1238.343472][T14760] NILFS (loop1): recovery complete
[ 1238.397869][T14767] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1238.532779][ T4281] Bluetooth: hci4: command 0x0406 tx timeout
[ 1238.539467][T13865] Bluetooth: hci1: command 0x0406 tx timeout
[ 1238.545673][ T4274] Bluetooth: hci3: command 0x0406 tx timeout
[ 1238.835971][ T1274] ieee802154 phy0 wpan0: encryption failed: -22
[ 1238.853070][ T1274] ieee802154 phy1 wpan1: encryption failed: -22
[ 1239.198516][T14754] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1239.494850][   T26] audit: type=1800 audit(1754034146.213:106): pid=14778 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2526" name="file1" dev="loop1" ino=15 res=0 errno=0
[ 1239.520330][T14754] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1239.562794][T14754] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[ 1239.684626][T14754] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1239.690629][T14754] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1239.697181][T14754] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[ 1239.753044][T14782] loop4: detected capacity change from 0 to 2048
[ 1240.063360][T14782] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1240.920381][T14754] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1240.939766][T14754] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1240.966359][T14754] Bluetooth: hci4: Suspend notifier action (1) failed: -4
[ 1241.016970][T14782] NILFS (loop4): mounting unchecked fs
[ 1241.224234][ T4281] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1241.313859][T14754] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1241.506357][T14754] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1241.546124][T14754] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[ 1241.608057][T14782] NILFS (loop4): recovery complete
[ 1241.688690][T14790] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1241.704118][ T4281] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1241.923858][   T26] audit: type=1800 audit(1754034148.633:107): pid=14796 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2531" name="file1" dev="loop4" ino=15 res=0 errno=0
[ 1242.984360][ T4281] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1242.996313][T14782] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1243.212136][T14782] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1243.524387][ T4281] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1243.788659][T13865] Bluetooth: hci3: command 0x0406 tx timeout
[ 1243.815724][   T26] audit: type=1800 audit(1754034149.533:108): pid=14799 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2531" name="file1" dev="loop4" ino=15 res=0 errno=0
[ 1243.893708][T14782] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[ 1243.934166][T14782] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1243.974796][T14782] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1244.110965][T14782] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[ 1244.944109][T13865] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1245.064544][ T4281] Bluetooth: hci4: command 0x0406 tx timeout
[ 1245.762261][T13865] Bluetooth: hci1: command 0x0406 tx timeout
[ 1245.769933][T14782] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1245.884934][T14812] loop2: detected capacity change from 0 to 2048
[ 1245.907698][T14782] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1245.908385][T14812] hpfs: filesystem error: invalid size in superblock: ffffffff; already mounted read-only
[ 1245.932176][T14782] Bluetooth: hci4: Suspend notifier action (1) failed: -4
[ 1245.944037][T13865] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1246.056594][T14782] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1246.146719][T14782] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1246.229154][T14782] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[ 1246.682979][T14824] loop4: detected capacity change from 0 to 2048
[ 1246.691313][T14814] loop2: detected capacity change from 0 to 64
[ 1247.031420][T13865] Bluetooth: hci2: command 0x0406 tx timeout
[ 1247.587509][T14824] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1247.820501][T13865] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1247.865707][T14824] NILFS (loop4): mounting unchecked fs
[ 1248.178043][T13865] Bluetooth: hci3: command 0x0406 tx timeout
[ 1248.184336][T13865] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1248.609237][T14824] NILFS (loop4): recovery complete
[ 1248.799961][T14836] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1249.488288][T14838] loop1: detected capacity change from 0 to 1024
[ 1249.521568][T14838] hfsplus: invalid attributes max_key_len 0
[ 1249.546350][T14838] hfsplus: failed to load attributes file
[ 1249.599901][T14841] usb usb9: usbfs: process 14841 (syz.5.2547) did not claim interface 5 before use
[ 1249.634695][T14841] binder: 14839:14841 unknown command 1074553619
[ 1249.641225][T14841] binder: 14839:14841 ioctl c0306201 200000000540 returned -22
[ 1249.728973][T14841] loop5: detected capacity change from 0 to 128
[ 1249.744552][T14841] ufs: You didn't specify the type of your ufs filesystem
[ 1249.744552][T14841] 
[ 1249.744552][T14841] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[ 1249.744552][T14841] 
[ 1249.744552][T14841] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[ 1249.775955][T14841] ufs: ufstype=old is supported read-only
[ 1249.787076][T14841] ufs: ufs_fill_super(): fragment size 3263967611 is not a power of 2
[ 1249.864254][ T4281] Bluetooth: hci4: command 0x0406 tx timeout
[ 1250.130920][T14824] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1250.257859][T14824] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1250.265872][ T4281] Bluetooth: hci1: command 0x0406 tx timeout
[ 1250.745944][T14824] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[ 1251.078322][T14824] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1251.281947][T14824] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1251.408478][T14824] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[ 1251.539120][T14824] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1251.657206][T14824] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1251.704439][ T4281] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1251.782712][T14824] Bluetooth: hci4: Suspend notifier action (1) failed: -4
[ 1252.075729][T14824] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1252.081811][T14824] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1252.294123][T14824] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[ 1253.144032][ T4281] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1253.544183][ T4281] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1253.560284][T14860] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2552'.
[ 1253.569920][T14860] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2552'.
[ 1253.784077][T13865] Bluetooth: hci2: command 0x0406 tx timeout
[ 1254.375977][ T4281] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1255.224193][ T4281] Bluetooth: hci3: command 0x0406 tx timeout
[ 1255.624428][ T4281] Bluetooth: hci4: command 0x0406 tx timeout
[ 1255.958778][T14879] loop2: detected capacity change from 0 to 1024
[ 1256.424155][ T4281] Bluetooth: hci1: command 0x0406 tx timeout
[ 1256.900164][T14881] device syzkaller0 entered promiscuous mode
[ 1257.049255][T14888] loop5: detected capacity change from 0 to 1024
[ 1257.130236][   T62] hfsplus: b-tree write err: -5, ino 4
[ 1257.149941][T14888] hfsplus: invalid attributes max_key_len 0
[ 1257.335580][T14888] hfsplus: failed to load attributes file
[ 1259.220863][T14914] loop2: detected capacity change from 0 to 2048
[ 1259.237259][T14914] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1259.247449][T14914] NILFS (loop2): mounting unchecked fs
[ 1259.273460][T14576] udevd[14576]: incorrect nilfs2 checksum on /dev/loop2
[ 1259.278337][T14914] NILFS (loop2): recovery complete
[ 1259.310578][T14915] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1259.398891][   T26] audit: type=1800 audit(1754034166.123:109): pid=14916 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2564" name="file1" dev="loop2" ino=15 res=0 errno=0
[ 1259.639864][   T26] audit: type=1800 audit(1754034166.363:110): pid=14917 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2564" name="file1" dev="loop2" ino=15 res=0 errno=0
[ 1260.015219][   T26] audit: type=1800 audit(1754034166.733:111): pid=14917 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2564" name="file1" dev="loop2" ino=15 res=0 errno=0
[ 1263.154973][T14914] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1263.261908][T14931] loop4: detected capacity change from 0 to 2048
[ 1263.279658][T14931] hpfs: filesystem error: invalid size in superblock: ffffffff; already mounted read-only
[ 1263.969486][T14914] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1264.603823][T14914] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[ 1264.798032][T14914] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1264.874173][T14914] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1264.880166][T14914] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[ 1264.894320][T14914] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1264.900469][T14914] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1264.906859][T14914] Bluetooth: hci4: Suspend notifier action (1) failed: -4
[ 1264.922433][T14914] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1264.928873][T14914] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1264.938776][T14914] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[ 1265.224155][ T4281] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1266.929744][T13865] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1266.931701][ T4281] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1266.984307][ T4281] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1267.115551][T14948] loop3: detected capacity change from 0 to 128
[ 1267.680942][T14942] loop4: detected capacity change from 0 to 32768
[ 1267.687937][T14942] XFS: noikeep mount option is deprecated.
[ 1267.693770][T14942] XFS: ikeep mount option is deprecated.
[ 1267.699723][ T4281] Bluetooth: hci2: command 0x0406 tx timeout
[ 1267.751813][T14955] loop2: detected capacity change from 0 to 1024
[ 1267.761904][T14955] hfsplus: invalid attributes max_key_len 0
[ 1267.769196][T14955] hfsplus: failed to load attributes file
[ 1267.807954][T14948] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1267.874287][T14948] ext4 filesystem being mounted at /496/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1268.070151][T14942] XFS (loop4): Mounting V5 Filesystem
[ 1268.095902][ T4275] EXT4-fs (loop3): unmounting filesystem.
[ 1268.221197][T14942] XFS (loop4): Ending clean mount
[ 1268.261746][ T4269] XFS (loop4): Unmounting Filesystem
[ 1268.992631][ T4281] Bluetooth: hci3: command 0x0406 tx timeout
[ 1269.002441][ T4281] Bluetooth: hci4: command 0x0406 tx timeout
[ 1269.064140][ T9061] Bluetooth: hci1: command 0x0406 tx timeout
[ 1269.372738][T14983] loop3: detected capacity change from 0 to 2048
[ 1269.383050][T14983] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1269.402544][T14981] loop2: detected capacity change from 0 to 4096
[ 1269.409630][T14983] NILFS (loop3): mounting unchecked fs
[ 1269.426963][T14981] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512)
[ 1269.463071][T14983] NILFS (loop3): recovery complete
[ 1269.490038][T14987] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1269.561854][T14981] ntfs3: loop2: Failed to load $Extend.
[ 1269.654981][   T26] audit: type=1800 audit(1754034176.373:112): pid=14990 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2581" name="file1" dev="loop3" ino=15 res=0 errno=0
[ 1269.703783][T14983] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1269.727871][T14992] loop4: detected capacity change from 0 to 1024
[ 1269.749132][T14992] hfsplus: invalid attributes max_key_len 0
[ 1269.769560][T14983] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1270.427821][T14992] hfsplus: failed to load attributes file
[ 1270.474171][T14983] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[ 1270.657874][T14983] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1270.691902][T14983] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1270.698466][T14983] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[ 1271.415481][T14983] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1271.704308][ T9061] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1272.281514][T15014] loop1: detected capacity change from 0 to 1024
[ 1272.291227][T15014] hfsplus: invalid attributes max_key_len 0
[ 1272.297655][T15014] hfsplus: failed to load attributes file
[ 1272.304658][T14983] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1272.359608][T14983] Bluetooth: hci4: Suspend notifier action (1) failed: -4
[ 1272.367365][T14983] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1272.418681][T14983] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1272.496957][T14983] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[ 1272.514120][ T9061] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1272.740653][T15018] loop4: detected capacity change from 0 to 4096
[ 1272.785214][ T9061] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1273.840002][T15020] loop3: detected capacity change from 0 to 32768
[ 1273.846946][T15020] XFS: noikeep mount option is deprecated.
[ 1273.853212][T15020] XFS: ikeep mount option is deprecated.
[ 1273.865395][ T4281] Bluetooth: hci2: command 0x0406 tx timeout
[ 1274.924841][ T9061] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1274.932582][ T4281] Bluetooth: hci3: command 0x0406 tx timeout
[ 1274.939525][T13865] Bluetooth: hci4: command 0x0406 tx timeout
[ 1276.994549][ T9061] Bluetooth: hci1: command 0x0406 tx timeout
[ 1277.597157][T15062] loop4: detected capacity change from 0 to 4096
[ 1277.618613][T15067] loop3: detected capacity change from 0 to 1024
[ 1277.642148][T15062] ntfs3: loop4: Different NTFS' sector size (1024) and media sector size (512)
[ 1277.680554][T15069] loop5: detected capacity change from 0 to 2048
[ 1277.700283][T15067] hfsplus: invalid attributes max_key_len 0
[ 1277.705251][T15069] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1277.706458][T15062] ntfs3: loop4: Failed to load $Extend.
[ 1277.740309][T15067] hfsplus: failed to load attributes file
[ 1277.805994][T15069] NILFS (loop5): mounting unchecked fs
[ 1277.878458][T15069] NILFS (loop5): recovery complete
[ 1277.916993][T15076] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1278.063724][   T26] audit: type=1800 audit(1754034184.773:113): pid=15078 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2599" name="file1" dev="loop5" ino=15 res=0 errno=0
[ 1278.333099][T15069] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1278.552309][T15069] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1278.565085][T15069] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[ 1279.387753][   T26] audit: type=1800 audit(1754034186.103:114): pid=15080 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2599" name="file1" dev="loop5" ino=15 res=0 errno=0
[ 1279.432220][T15069] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1279.480905][T15069] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1279.588880][T15069] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[ 1279.596607][T15069] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1279.607763][T15069] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1280.344054][ T9061] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1280.835198][T15096] loop1: detected capacity change from 0 to 2048
[ 1281.464216][ T9061] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1281.482783][T15096] hpfs: filesystem error: invalid size in superblock: ffffffff; already mounted read-only
[ 1281.624118][ T9061] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1281.646373][T15069] Bluetooth: hci4: Suspend notifier action (1) failed: -4
[ 1281.833995][T15069] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1281.987694][T15069] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1282.278382][T15100] loop3: detected capacity change from 0 to 32768
[ 1282.285356][T15100] XFS: noikeep mount option is deprecated.
[ 1282.291175][T15100] XFS: ikeep mount option is deprecated.
[ 1282.297285][T15069] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[ 1282.424223][ T9061] Bluetooth: hci2: command 0x0406 tx timeout
[ 1282.928166][T15104] loop1: detected capacity change from 0 to 4096
[ 1282.999532][T15100] XFS (loop3): Mounting V5 Filesystem
[ 1283.553469][ T9061] Bluetooth: hci3: command 0x0406 tx timeout
[ 1284.179763][ T9061] Bluetooth: hci4: command 0x0406 tx timeout
[ 1284.188304][ T9061] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1284.565726][T15100] XFS (loop3): Ending clean mount
[ 1284.669572][T15103] autofs4:pid:15103:autofs_fill_super: called with bogus options
[ 1285.639811][T15134] loop2: detected capacity change from 0 to 4096
[ 1285.691730][ T4275] XFS (loop3): Unmounting Filesystem
[ 1285.694292][T15134] ntfs3: loop2: Different NTFS' sector size (1024) and media sector size (512)
[ 1285.743400][T15141] loop5: detected capacity change from 0 to 1024
[ 1285.788428][T15141] hfsplus: invalid attributes max_key_len 0
[ 1285.830831][T15134] ntfs3: loop2: Failed to load $Extend.
[ 1285.843054][T15141] hfsplus: failed to load attributes file
[ 1286.264461][T13865] Bluetooth: hci1: command 0x0406 tx timeout
[ 1286.862263][T15150] loop2: detected capacity change from 0 to 2048
[ 1286.883086][T15150] hpfs: filesystem error: invalid size in superblock: ffffffff; already mounted read-only
[ 1290.089985][T15188] loop4: detected capacity change from 0 to 8
[ 1290.310701][T15188] SQUASHFS error: Failed to read block 0x71e: -5
[ 1290.324076][T15188] SQUASHFS error: Unable to read metadata cache entry [71c]
[ 1290.341599][T15188] SQUASHFS error: Unable to read inode 0x11f
[ 1291.812223][T15202] loop3: detected capacity change from 0 to 2048
[ 1291.831861][T15202] hpfs: filesystem error: invalid size in superblock: ffffffff; already mounted read-only
[ 1294.616210][T15240] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2641'.
[ 1294.946947][T15247] loop3: detected capacity change from 0 to 2048
[ 1294.983478][T15247] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1295.018641][T15247] NILFS (loop3): mounting unchecked fs
[ 1295.058147][T15247] NILFS (loop3): recovery complete
[ 1295.104258][T15250] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1295.294185][   T26] audit: type=1800 audit(1754034201.983:115): pid=15255 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2644" name="file1" dev="loop3" ino=15 res=0 errno=0
[ 1295.756865][T15247] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1295.832924][   T26] audit: type=1800 audit(1754034202.173:116): pid=15261 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2644" name="file1" dev="loop3" ino=15 res=0 errno=0
[ 1295.873120][T15247] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1295.898504][T15260] usb usb9: usbfs: process 15260 (syz.1.2648) did not claim interface 5 before use
[ 1296.001521][T15247] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[ 1296.029106][T15247] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1296.040672][T15257] binder: 15256:15257 unknown command 1074553619
[ 1296.054407][T15247] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1296.157231][T15257] binder: 15256:15257 ioctl c0306201 200000000540 returned -22
[ 1296.166123][T15247] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[ 1296.188385][T15257] loop1: detected capacity change from 0 to 128
[ 1296.194896][T15247] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1296.204309][T15247] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1296.343636][T15247] Bluetooth: hci4: Suspend notifier action (1) failed: -4
[ 1296.357749][T15257] ufs: You didn't specify the type of your ufs filesystem
[ 1296.357749][T15257] 
[ 1296.357749][T15257] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[ 1296.357749][T15257] 
[ 1296.357749][T15257] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[ 1296.361466][T15247] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1296.404374][T15257] ufs: ufstype=old is supported read-only
[ 1296.412565][T15257] ufs: ufs_fill_super(): fragment size 3263967611 is not a power of 2
[ 1296.422785][T15247] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1296.437510][T15247] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[ 1296.710055][T15263] loop5: detected capacity change from 0 to 32768
[ 1296.804335][T15263] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 scanned by syz.5.2649 (15263)
[ 1297.299585][T15263] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1297.446607][T15263] BTRFS info (device loop5): using crc32c (crc32c-intel) checksum algorithm
[ 1297.464125][T13865] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1298.104162][T13865] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1298.224332][T13865] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1298.274702][T15263] BTRFS info (device loop5): turning off barriers
[ 1298.344296][T15263] BTRFS info (device loop5): setting nodatasum
[ 1298.432853][T15263] BTRFS info (device loop5): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[ 1298.442462][T13865] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1298.503756][T15263] BTRFS info (device loop5): use zstd compression, level 3
[ 1298.534234][T15263] BTRFS info (device loop5): using free space tree
[ 1299.724205][T13865] Bluetooth: hci2: command 0x0406 tx timeout
[ 1300.028385][ T5047] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[ 1300.144528][ T1274] ieee802154 phy0 wpan0: encryption failed: -22
[ 1300.151034][ T1274] ieee802154 phy1 wpan1: encryption failed: -22
[ 1300.193472][T15324] loop1: detected capacity change from 0 to 2048
[ 1300.214915][ T5047] usb 3-1: Using ep0 maxpacket: 8
[ 1300.227230][ T5047] usb 3-1: config 0 has an invalid interface number: 52 but max is 0
[ 1300.235897][T13865] Bluetooth: hci3: command 0x0406 tx timeout
[ 1300.265444][T15324] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1300.301899][ T5047] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1300.333428][T15324] NILFS (loop1): mounting unchecked fs
[ 1300.363822][ T5047] usb 3-1: config 0 has no interface number 0
[ 1300.412494][ T5047] usb 3-1: config 0 interface 52 altsetting 1 has an invalid endpoint with address 0xEE, skipping
[ 1300.413198][ T9061] Bluetooth: hci4: command 0x0406 tx timeout
[ 1300.456617][T15324] NILFS (loop1): recovery complete
[ 1300.479253][T15263] BTRFS error (device loop5): open_ctree failed: -12
[ 1300.498975][ T5047] usb 3-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1300.512400][T13865] Bluetooth: hci1: command 0x0406 tx timeout
[ 1300.524873][T15326] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1300.537247][ T5047] usb 3-1: config 0 interface 52 has no altsetting 0
[ 1300.564389][ T5047] usb 3-1: New USB device found, idVendor=06cb, idProduct=0009, bcdDevice= 8.00
[ 1300.573781][ T5047] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=184
[ 1300.582583][ T5047] usb 3-1: SerialNumber: syz
[ 1300.603004][ T5047] usb 3-1: config 0 descriptor??
[ 1300.658035][   T26] audit: type=1800 audit(1754034207.373:117): pid=15329 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2662" name="file1" dev="loop1" ino=15 res=0 errno=0
[ 1300.965430][   T26] audit: type=1800 audit(1754034207.543:118): pid=15332 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2662" name="file1" dev="loop1" ino=15 res=0 errno=0
[ 1301.052402][T15324] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1301.688671][T15324] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1301.701947][ T5174] usb 3-1: USB disconnect, device number 6
[ 1301.712678][T15324] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[ 1301.726079][T15324] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1301.732275][T15324] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1301.746294][T15324] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[ 1301.753920][T15324] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1301.760169][T15324] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1301.768754][T15324] Bluetooth: hci4: Suspend notifier action (1) failed: -4
[ 1301.776745][T15324] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1301.782896][T15324] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1301.791010][T15324] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[ 1301.798760][T14572] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 scanned by udevd (14572)
[ 1302.127097][T15346] loop4: detected capacity change from 0 to 1024
[ 1302.138326][T15346] hfsplus: invalid attributes max_key_len 0
[ 1302.184853][T15346] hfsplus: failed to load attributes file
[ 1302.664123][ T9061] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1304.071179][ T9061] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1304.077418][ T9061] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1304.083548][ T9061] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1304.188908][T15367] loop4: detected capacity change from 0 to 1024
[ 1304.530474][T15367] hfsplus: invalid attributes max_key_len 0
[ 1304.585002][T15367] hfsplus: failed to load attributes file
[ 1304.656401][T15362] loop5: detected capacity change from 0 to 4096
[ 1304.664846][T15362] ntfs3: loop5: Different NTFS' sector size (1024) and media sector size (512)
[ 1304.714281][T15362] ntfs3: loop5: Failed to load $Extend.
[ 1304.744164][T13865] Bluetooth: hci2: command 0x0406 tx timeout
[ 1305.599831][T15380] loop4: detected capacity change from 0 to 1024
[ 1306.037019][T15380] hfsplus: invalid attributes max_key_len 0
[ 1306.065012][T15380] hfsplus: failed to load attributes file
[ 1306.104350][ T9061] Bluetooth: hci4: command 0x0406 tx timeout
[ 1306.110457][ T9061] Bluetooth: hci1: command 0x0406 tx timeout
[ 1306.197294][T13865] Bluetooth: hci3: command 0x0406 tx timeout
[ 1306.218051][T14572] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1308.134501][T15412] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2685'.
[ 1309.368868][T15425] loop2: detected capacity change from 0 to 1024
[ 1309.390887][T15425] hfsplus: invalid attributes max_key_len 0
[ 1309.401462][T15425] hfsplus: failed to load attributes file
[ 1310.269915][T15441] loop3: detected capacity change from 0 to 1024
[ 1310.303339][T15441] hfsplus: invalid attributes max_key_len 0
[ 1310.344627][T15441] hfsplus: failed to load attributes file
[ 1311.783995][T15460] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2700'.
[ 1312.713231][T15445] loop1: detected capacity change from 0 to 262144
[ 1312.728560][T14572] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1312.743182][T15445] BTRFS: device fsid 7e32c2af-f87a-45a1-bcba-64dea7c56a53 devid 1 transid 8 /dev/loop1 scanned by syz.1.2696 (15445)
[ 1312.761758][T15445] BTRFS info (device loop1): first mount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[ 1312.772784][T15445] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm
[ 1312.782101][T15445] BTRFS info (device loop1): using free space tree
[ 1312.863620][T15466] loop5: detected capacity change from 0 to 128
[ 1313.041495][T15466] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[ 1313.061785][T15466] ext4 filesystem being mounted at /513/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1313.138653][T15466] EXT4-fs warning (device loop5): verify_group_input:151: Cannot add at group 42175 (only 1 groups)
[ 1313.222187][ T4981] EXT4-fs (loop5): unmounting filesystem.
[ 1313.385298][T15492] loop4: detected capacity change from 0 to 2048
[ 1313.471466][T15492] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1313.514129][T15492] NILFS (loop4): mounting unchecked fs
[ 1313.556292][T15492] NILFS (loop4): recovery complete
[ 1314.103383][T15503] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1314.139251][T15504] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2707'.
[ 1314.229932][T15505] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2707'.
[ 1314.456680][T15507] loop2: detected capacity change from 0 to 1024
[ 1314.531364][T15507] hfsplus: invalid attributes max_key_len 0
[ 1314.580608][T15507] hfsplus: failed to load attributes file
[ 1315.882057][T15518] loop3: detected capacity change from 0 to 1024
[ 1315.921973][T15518] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1316.565946][T15445] BTRFS error (device loop1): open_ctree failed: -12
[ 1316.613790][T14576] BTRFS: device fsid 7e32c2af-f87a-45a1-bcba-64dea7c56a53 devid 1 transid 8 /dev/loop1 scanned by udevd (14576)
[ 1316.801649][T15526] usb usb9: usbfs: process 15526 (syz.1.2712) did not claim interface 5 before use
[ 1316.832930][T15526] binder: 15524:15526 unknown command 1074553619
[ 1316.839786][T15526] binder: 15524:15526 ioctl c0306201 200000000540 returned -22
[ 1321.139838][ T4275] EXT4-fs (loop3): unmounting filesystem.
[ 1322.983493][T15557] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2714'.
[ 1323.514189][T15555] loop1: detected capacity change from 0 to 4096
[ 1323.817522][T15562] loop5: detected capacity change from 0 to 2048
[ 1323.875625][T15562] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1323.914176][T15562] NILFS (loop5): mounting unchecked fs
[ 1324.050541][T15562] NILFS (loop5): recovery complete
[ 1324.070222][T15570] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2723'.
[ 1324.149547][T15571] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1324.269444][   T26] audit: type=1800 audit(1754034230.983:119): pid=15573 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2721" name="file1" dev="loop5" ino=15 res=0 errno=0
[ 1324.320556][T15562] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1324.412707][T15562] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1324.428625][T15569] loop3: detected capacity change from 0 to 4096
[ 1324.490686][T15562] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[ 1325.352604][T15562] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1325.369079][T15569] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[ 1326.239111][   T26] audit: type=1800 audit(1754034232.953:120): pid=15578 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2721" name="file1" dev="loop5" ino=15 res=0 errno=0
[ 1326.274785][   T26] audit: type=1800 audit(1754034232.993:121): pid=15576 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2721" name="file1" dev="loop5" ino=15 res=0 errno=0
[ 1326.344187][T13865] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1326.512287][T15562] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1326.562126][T15569] ntfs3: loop3: Failed to load $Extend.
[ 1326.569291][T15562] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[ 1326.641448][T15562] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1326.654340][T15562] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1326.660798][T15562] Bluetooth: hci4: Suspend notifier action (1) failed: -4
[ 1326.676482][T15562] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1326.694823][T15562] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1326.713436][T15562] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[ 1327.384414][T13865] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1327.975717][T15588] loop5: detected capacity change from 0 to 2048
[ 1328.073126][T15588] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1328.424163][T13865] Bluetooth: hci2: command 0x0406 tx timeout
[ 1328.664066][T13865] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1328.744135][T13865] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1329.104156][T15588] NILFS (loop5): mounting unchecked fs
[ 1329.167651][T15594] loop2: detected capacity change from 0 to 2048
[ 1329.177054][T15588] NILFS (loop5): recovery complete
[ 1329.219429][T15596] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1329.286572][T15594] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1329.319006][   T26] audit: type=1800 audit(1754034236.033:122): pid=15599 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2728" name="file1" dev="loop5" ino=15 res=0 errno=0
[ 1329.464112][T13865] Bluetooth: hci3: command 0x0406 tx timeout
[ 1329.548290][   T26] audit: type=1800 audit(1754034236.133:123): pid=15600 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2728" name="file1" dev="loop5" ino=15 res=0 errno=0
[ 1329.627583][T15588] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1329.754783][T15588] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1329.776500][T15603] usb usb9: usbfs: process 15603 (syz.3.2730) did not claim interface 5 before use
[ 1329.802201][T15603] binder: 15601:15603 unknown command 1074553619
[ 1329.808687][T15603] binder: 15601:15603 ioctl c0306201 200000000540 returned -22
[ 1329.875329][T15603] loop3: detected capacity change from 0 to 128
[ 1329.888150][T15603] ufs: You didn't specify the type of your ufs filesystem
[ 1329.888150][T15603] 
[ 1329.888150][T15603] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[ 1329.888150][T15603] 
[ 1329.888150][T15603] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[ 1329.919428][T15603] ufs: ufstype=old is supported read-only
[ 1329.931930][T15603] ufs: ufs_fill_super(): fragment size 3263967611 is not a power of 2
[ 1330.744274][T13865] Bluetooth: hci4: command 0x0406 tx timeout
[ 1330.834212][T13865] Bluetooth: hci1: command 0x0406 tx timeout
[ 1331.394145][T13865] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1331.635431][T15588] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[ 1331.964125][T15588] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1332.221258][T15588] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1332.599984][T15588] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[ 1332.827680][T15588] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1332.994292][T15588] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1333.390298][T15588] Bluetooth: hci4: Suspend notifier action (1) failed: -4
[ 1333.464272][T13865] Bluetooth: hci2: command 0x0406 tx timeout
[ 1333.637327][T15588] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1333.704210][T13865] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1333.804971][T15588] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1333.810969][T15588] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[ 1334.319184][T15612] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2733'.
[ 1334.744097][T13865] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1335.235499][T15623] loop2: detected capacity change from 0 to 2048
[ 1335.824187][T13865] Bluetooth: hci3: command 0x0406 tx timeout
[ 1335.824241][ T9061] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1335.974832][T15623] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1336.014271][T15623] NILFS (loop2): mounting unchecked fs
[ 1336.053295][T15623] NILFS (loop2): recovery complete
[ 1336.068005][T15629] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1336.335755][   T26] audit: type=1800 audit(1754034243.013:124): pid=15632 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2738" name="file1" dev="loop2" ino=15 res=0 errno=0
[ 1336.555641][T15623] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1336.569450][T15623] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1336.586474][T15623] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[ 1336.594533][   T26] audit: type=1800 audit(1754034243.013:125): pid=15632 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2738" name="file1" dev="loop2" ino=15 res=0 errno=0
[ 1336.639359][T15623] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1336.647831][T15623] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1336.659799][T15623] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[ 1336.667362][T15623] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1336.673473][T15623] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1336.682976][T15623] Bluetooth: hci4: Suspend notifier action (1) failed: -4
[ 1336.690505][T15623] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1336.697842][T15623] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1336.710478][T15623] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[ 1336.823449][T15617] loop1: detected capacity change from 0 to 40427
[ 1336.855884][T15617] F2FS-fs (loop1): invalid crc value
[ 1336.944154][T15617] F2FS-fs (loop1): Found nat_bits in checkpoint
[ 1337.344025][ T4570] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[ 1338.001669][T15617] F2FS-fs (loop1): Start checkpoint disabled!
[ 1338.104069][ T4570] usb 5-1: Using ep0 maxpacket: 8
[ 1338.110948][ T4570] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1338.159601][ T4570] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1338.169818][ T4570] usb 5-1: config 1 has no interface number 0
[ 1338.182895][ T4570] usb 5-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1338.256355][ T4570] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 1.40
[ 1338.363491][ T4570] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1338.495403][ T4570] usb 5-1: Product: syz
[ 1338.567484][ T4570] usb 5-1: Manufacturer: syz
[ 1338.624471][ T4281] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1338.651350][ T4570] usb 5-1: SerialNumber: syz
[ 1338.674172][ T4281] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1338.754494][T13865] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1338.754545][ T4281] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1338.839789][ T4570] cdc_ncm 5-1:1.1: NCM or ECM functional descriptors missing
[ 1338.850831][ T4570] cdc_ncm 5-1:1.1: bind() failure
[ 1339.042419][ T4570] usb 5-1: USB disconnect, device number 5
[ 1339.391825][T15670] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2749'.
[ 1340.219116][T15669] loop5: detected capacity change from 0 to 2048
[ 1340.664047][T13865] Bluetooth: hci2: command 0x0406 tx timeout
[ 1340.744083][T13865] Bluetooth: hci3: command 0x0406 tx timeout
[ 1340.824158][T13865] Bluetooth: hci4: command 0x0406 tx timeout
[ 1340.830305][T13865] Bluetooth: hci1: command 0x0406 tx timeout
[ 1341.007898][T15669] hpfs: filesystem error: invalid size in superblock: ffffffff; already mounted read-only
[ 1341.633480][T15677] usb usb9: usbfs: process 15677 (syz.3.2753) did not claim interface 5 before use
[ 1341.658326][T15677] binder: 15673:15677 unknown command 1074553619
[ 1341.664924][T15677] binder: 15673:15677 ioctl c0306201 200000000540 returned -22
[ 1341.726640][T15677] loop3: detected capacity change from 0 to 128
[ 1341.740165][T15677] ufs: You didn't specify the type of your ufs filesystem
[ 1341.740165][T15677] 
[ 1341.740165][T15677] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[ 1341.740165][T15677] 
[ 1341.740165][T15677] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[ 1341.771239][T15677] ufs: ufstype=old is supported read-only
[ 1341.967786][T15677] ufs: ufs_fill_super(): fragment size 3263967611 is not a power of 2
[ 1345.413541][T15691] loop1: detected capacity change from 0 to 2048
[ 1345.430641][T15691] UDF-fs: bad mount option "rootdir=000J0000000000000003" or missing value
[ 1346.187984][T15685] loop2: detected capacity change from 0 to 4096
[ 1347.878654][T15714] netlink: 20 bytes leftover after parsing attributes in process `syz.5.2763'.
[ 1349.282426][T15722] loop1: detected capacity change from 0 to 2048
[ 1349.304819][T15722] hpfs: filesystem error: invalid size in superblock: ffffffff; already mounted read-only
[ 1349.831631][T15726] loop5: detected capacity change from 0 to 2048
[ 1349.890133][T15726] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1350.585903][T15726] NILFS (loop5): mounting unchecked fs
[ 1350.914565][T14578] udevd[14578]: incorrect nilfs2 checksum on /dev/loop5
[ 1350.919005][T15726] NILFS (loop5): recovery complete
[ 1350.970890][T15736] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1351.049608][T15737] loop2: detected capacity change from 0 to 2048
[ 1351.367638][T15739] loop1: detected capacity change from 0 to 2048
[ 1351.458835][T15726] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1351.465679][T15726] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1351.472260][T15726] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[ 1351.480191][T15726] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1351.487204][T15726] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1351.494815][T15726] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[ 1351.502954][T15726] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1351.509641][T15726] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1351.516453][T15726] Bluetooth: hci4: Suspend notifier action (1) failed: -4
[ 1351.524219][T15726] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1351.530791][T15726] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1351.537815][T15726] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[ 1351.566838][   T26] audit: type=1800 audit(1754034258.283:126): pid=15746 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2768" name="file1" dev="loop5" ino=15 res=0 errno=0
[ 1351.675504][T15739] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1351.733001][T15737] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 1351.902727][   T26] audit: type=1800 audit(1754034258.323:127): pid=15746 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2768" name="file1" dev="loop5" ino=15 res=0 errno=0
[ 1353.464978][T13865] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1353.547651][ T4281] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1353.553918][ T4281] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1353.559977][T13865] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1353.700385][ T4272] EXT4-fs (loop2): unmounting filesystem.
[ 1355.544174][ T9061] Bluetooth: hci2: command 0x0406 tx timeout
[ 1355.624187][ T9061] Bluetooth: hci1: command 0x0406 tx timeout
[ 1355.729126][T13865] Bluetooth: hci3: command 0x0406 tx timeout
[ 1355.735497][ T4281] Bluetooth: hci4: command 0x0406 tx timeout
[ 1357.273600][T15812] loop4: detected capacity change from 0 to 2048
[ 1357.652740][T15812] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1357.846783][T15812] NILFS (loop4): mounting unchecked fs
[ 1357.879468][T15812] NILFS (loop4): recovery complete
[ 1357.900241][T15819] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1358.130388][   T26] audit: type=1800 audit(1754034264.843:128): pid=15812 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2788" name="file1" dev="loop4" ino=15 res=0 errno=0
[ 1358.437152][   T26] audit: type=1800 audit(1754034264.923:129): pid=15827 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2788" name="file1" dev="loop4" ino=15 res=0 errno=0
[ 1358.474008][   T26] audit: type=1800 audit(1754034265.183:130): pid=15828 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2788" name="file1" dev="loop4" ino=15 res=0 errno=0
[ 1359.272554][T15810] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1359.278900][T15810] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1359.286689][T15810] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[ 1359.414299][T15810] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1359.429349][T15810] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1359.477547][T15810] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[ 1359.633011][T15810] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1359.651628][T15810] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1359.661699][T15810] Bluetooth: hci4: Suspend notifier action (1) failed: -4
[ 1359.671341][T15810] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1359.676502][T15835] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2793'.
[ 1359.690113][T15810] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1359.697878][T15810] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[ 1359.814307][T15838] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2793'.
[ 1360.193441][ T4281] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1361.464157][ T4281] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1361.548329][ T1274] ieee802154 phy0 wpan0: encryption failed: -22
[ 1361.554770][ T1274] ieee802154 phy1 wpan1: encryption failed: -22
[ 1361.576629][T15850] loop4: detected capacity change from 0 to 40427
[ 1361.604840][T15850] F2FS-fs (loop4): invalid crc value
[ 1361.619487][T15850] F2FS-fs (loop4): Found nat_bits in checkpoint
[ 1361.624761][T15854] loop5: detected capacity change from 0 to 32768
[ 1361.756200][ T4281] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1361.762631][ T4281] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1361.816141][T15850] F2FS-fs (loop4): Start checkpoint disabled!
[ 1362.254118][T15850] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[ 1362.264266][T13865] Bluetooth: hci2: command 0x0406 tx timeout
[ 1362.306507][T15861] loop3: detected capacity change from 0 to 4096
[ 1362.979097][   T11] kworker/u4:1: attempt to access beyond end of device
[ 1362.979097][   T11] loop4: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[ 1363.366229][T15882] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2809'.
[ 1363.596233][ T4281] Bluetooth: hci3: command 0x0406 tx timeout
[ 1363.784240][T13865] Bluetooth: hci1: command 0x0406 tx timeout
[ 1363.784291][ T4281] Bluetooth: hci4: command 0x0406 tx timeout
[ 1364.263915][T15865] loop5: detected capacity change from 0 to 32768
[ 1364.395340][T15865] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop5 scanned by syz.5.2803 (15865)
[ 1364.440340][T15887] loop1: detected capacity change from 0 to 2048
[ 1364.549207][T15865] BTRFS info (device loop5): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[ 1364.566178][T15887] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1364.579211][T15865] BTRFS info (device loop5): using blake2b (blake2b-256-generic) checksum algorithm
[ 1364.757868][T15893] loop2: detected capacity change from 0 to 2048
[ 1364.773154][T15893] UDF-fs: bad mount option "rootdir=000J0000000000000003" or missing value
[ 1365.120708][T15865] BTRFS info (device loop5): setting incompat feature flag for COMPRESS_LZO (0x8)
[ 1365.279512][T15865] BTRFS info (device loop5): use lzo compression, level 0
[ 1365.310261][T15865] BTRFS info (device loop5): turning on async discard
[ 1365.376069][T15865] BTRFS info (device loop5): using free space tree
[ 1365.846841][T15865] BTRFS error (device loop5): open_ctree failed: -12
[ 1365.853988][T14572] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop5 scanned by udevd (14572)
[ 1366.792037][T15930] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2816'.
[ 1366.885466][T15932] loop1: detected capacity change from 0 to 64
[ 1366.892695][T15932] hfs: unable to change codepage
[ 1367.052575][T15935] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2816'.
[ 1367.084063][T15932] hfs: unable to parse mount options
[ 1369.935732][T15943] loop1: detected capacity change from 0 to 512
[ 1369.955028][T15943] EXT4-fs warning (device loop1): ext4_multi_mount_protect:404: Unable to create kmmpd thread for loop1.
[ 1370.925299][T14576] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1371.257359][T15954] loop4: detected capacity change from 0 to 4096
[ 1371.326540][T15959] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2823'.
[ 1372.094152][T15964] loop5: detected capacity change from 0 to 256
[ 1372.189274][T15964] FAT-fs (loop5): error, invalid access to FAT (entry 0x00000001)
[ 1372.244133][T15964] FAT-fs (loop5): Filesystem has been set read-only
[ 1373.444234][T15978] loop3: detected capacity change from 0 to 2048
[ 1373.490985][T15980] loop5: detected capacity change from 0 to 1024
[ 1373.515494][T15978] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1374.090959][T15984] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2835'.
[ 1374.379574][T15987] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2835'.
[ 1376.481783][T16009] loop2: detected capacity change from 0 to 22
[ 1376.502546][T16009] MTD: Attempt to mount non-MTD device "/dev/loop2"
[ 1376.547701][T16009] romfs: Mounting image 'rom 637cf1fa' through the block layer
[ 1376.753597][T16013] loop2: detected capacity change from 0 to 512
[ 1376.824302][T16013] EXT4-fs error (device loop2): ext4_orphan_get:1400: inode #15: comm syz.2.2844: casefold flag without casefold feature
[ 1376.851903][T16013] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.2844: couldn't read orphan inode 15 (err -117)
[ 1376.876010][T16013] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 1377.010154][ T4272] EXT4-fs (loop2): unmounting filesystem.
[ 1377.017406][T16017] loop4: detected capacity change from 0 to 2048
[ 1377.124180][T16017] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1381.681946][T16059] loop5: detected capacity change from 0 to 2048
[ 1381.774819][T16059] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1381.941798][T16061] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2859'.
[ 1382.044375][T16062] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2859'.
[ 1385.828669][T16093] loop1: detected capacity change from 0 to 2048
[ 1385.850504][T16093] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1385.898763][T16095] loop5: detected capacity change from 0 to 2048
[ 1385.908236][T16093] NILFS (loop1): mounting unchecked fs
[ 1385.969953][T16093] NILFS (loop1): recovery complete
[ 1385.985369][T16095] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1386.188127][T16099] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1386.235545][   T26] audit: type=1800 audit(1754034292.953:131): pid=16093 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2872" name="file1" dev="loop1" ino=15 res=0 errno=0
[ 1387.163319][   T26] audit: type=1800 audit(1754034293.873:132): pid=16108 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2872" name="file1" dev="loop1" ino=15 res=0 errno=0
[ 1388.398149][   T26] audit: type=1800 audit(1754034295.113:133): pid=16110 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2872" name="file1" dev="loop1" ino=15 res=0 errno=0
[ 1389.593677][T16139] loop5: detected capacity change from 0 to 2048
[ 1389.621793][T16139] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1393.293564][T16167] loop5: detected capacity change from 0 to 2048
[ 1393.324518][T16167] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1393.380925][T16167] NILFS (loop5): mounting unchecked fs
[ 1393.404064][T16167] NILFS (loop5): recovery complete
[ 1393.423299][T16174] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1393.481383][T16176] Invalid ELF section header size
[ 1393.589144][   T26] audit: type=1800 audit(1754034300.303:134): pid=16177 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2894" name="file1" dev="loop5" ino=15 res=0 errno=0
[ 1394.647675][   T26] audit: type=1800 audit(1754034301.163:135): pid=16181 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2894" name="file1" dev="loop5" ino=15 res=0 errno=0
[ 1394.671425][T16167] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1394.964529][T16167] Bluetooth: hci2: Opcode 0x0406 failed: -4
[ 1394.996958][T16167] Bluetooth: hci2: Suspend notifier action (1) failed: -4
[ 1395.014813][T16167] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[ 1395.816388][T16167] Bluetooth: hci3: Opcode 0x0406 failed: -4
[ 1395.864783][T16167] Bluetooth: hci3: Suspend notifier action (1) failed: -4
[ 1395.904785][T16167] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[ 1395.911029][T16167] Bluetooth: hci4: Opcode 0x0406 failed: -4
[ 1395.934679][T16167] Bluetooth: hci4: Suspend notifier action (1) failed: -4
[ 1395.950026][T16167] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[ 1395.956604][T16167] Bluetooth: hci1: Opcode 0x0406 failed: -4
[ 1395.962697][T16167] Bluetooth: hci1: Suspend notifier action (1) failed: -4
[ 1396.774244][T13865] Bluetooth: hci2: command 0x0c1a tx timeout
[ 1397.064284][ T4281] Bluetooth: hci3: command 0x0c1a tx timeout
[ 1397.944936][ T4281] Bluetooth: hci4: command 0x0c1a tx timeout
[ 1398.024129][ T4281] Bluetooth: hci1: command 0x0c1a tx timeout
[ 1398.894225][ T4281] Bluetooth: hci2: command 0x0406 tx timeout
[ 1399.398349][ T4281] Bluetooth: hci3: command 0x0406 tx timeout
[ 1399.758717][T16247] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1399.896727][T16242] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2916'.
[ 1400.064179][ T4281] Bluetooth: hci4: command 0x0406 tx timeout
[ 1400.104155][T13865] Bluetooth: hci1: command 0x0406 tx timeout
[ 1400.236571][T16242] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2916'.
[ 1401.590323][T16267] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2925'.
[ 1402.925098][ T4791] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1403.238282][T16286] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2932'.
[ 1403.341320][ T4281] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1403.354364][ T4281] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1403.377165][ T4281] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1403.390718][ T4281] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1403.406264][ T4281] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 1403.415871][ T4281] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1403.538070][ T4791] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1403.733226][T16285] netlink: 28 bytes leftover after parsing attributes in process `syz.5.2932'.
[ 1404.213724][ T4791] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1404.782401][ T4791] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1405.465682][T13865] Bluetooth: hci3: command 0x0409 tx timeout
[ 1407.343756][T16294] netlink: 'syz.1.2934': attribute type 1 has an invalid length.
[ 1407.485529][T16300] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[ 1407.597982][T13865] Bluetooth: hci3: command 0x041b tx timeout
[ 1407.914759][T16294] 8021q: adding VLAN 0 to HW filter on device bond1
[ 1408.193087][T16297] bond1 (unregistering): Released all slaves
[ 1408.254364][T16305] loop5: detected capacity change from 0 to 512
[ 1408.620573][T16305] EXT4-fs error (device loop5): ext4_xattr_ibody_find:2195: inode #15: comm syz.5.2937: corrupted in-inode xattr
[ 1408.636255][T16284] chnl_net:caif_netlink_parms(): no params data found
[ 1408.646291][T16305] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.2937: couldn't read orphan inode 15 (err -117)
[ 1408.712518][T16305] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[ 1408.853401][T16305] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2937'.
[ 1409.624225][ T4281] Bluetooth: hci3: command 0x040f tx timeout
[ 1409.754191][ T4570] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[ 1409.964487][ T4570] usb 6-1: Using ep0 maxpacket: 32
[ 1410.013086][ T4570] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1410.153638][ T4570] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1410.269329][ T4570] usb 6-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1410.366697][ T4570] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1410.551983][ T4570] usb 6-1: config 0 descriptor??
[ 1410.730795][ T4570] hub 6-1:0.0: USB hub found
[ 1411.064088][T16313] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 256: padding at end of block bitmap is not set
[ 1411.209733][T16329] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2937'.
[ 1411.704122][ T4281] Bluetooth: hci3: command 0x0419 tx timeout
[ 1413.252414][T16340] loop4: detected capacity change from 0 to 64
[ 1413.284720][T16340] general protection fault, probably for non-canonical address 0xdffffc0000000008: 0000 [#1] PREEMPT SMP KASAN
[ 1413.296487][T16340] KASAN: null-ptr-deref in range [0x0000000000000040-0x0000000000000047]
[ 1413.304904][T16340] CPU: 0 PID: 16340 Comm: syz.4.2945 Not tainted 6.1.147-syzkaller #0
[ 1413.313061][T16340] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[ 1413.323156][T16340] RIP: 0010:hfs_find_init+0x66/0x1d0
[ 1413.328448][T16340] Code: 7e 18 4c 89 f8 48 c1 e8 03 42 80 3c 28 00 74 08 4c 89 ff e8 5c 5f 8a ff 49 c7 07 00 00 00 00 48 8d 6b 40 49 89 ef 49 c1 ef 03 <43> 0f b6 04 2f 84 c0 0f 85 01 01 00 00 8b 45 00 8d 7c 00 04 be c0
[ 1413.348057][T16340] RSP: 0018:ffffc9000df5f3a8 EFLAGS: 00010202
[ 1413.354119][T16340] RAX: 1ffff92001bebe93 RBX: 0000000000000000 RCX: 0000000000080000
[ 1413.362088][T16340] RDX: ffffc9000e6fa000 RSI: 0000000000003c2f RDI: ffffc9000df5f490
[ 1413.370050][T16340] RBP: 0000000000000040 R08: dffffc0000000000 R09: ffffc9000df5f480
[ 1413.378006][T16340] R10: fffff52001bebe97 R11: 1ffff92001bebe90 R12: ffff88807c9e2678
[ 1413.385959][T16340] R13: dffffc0000000000 R14: ffffc9000df5f480 R15: 0000000000000008
[ 1413.393920][T16340] FS:  00007f4e6b6d66c0(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[ 1413.402852][T16340] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1413.409448][T16340] CR2: fffffffffffffffd CR3: 000000002cb93000 CR4: 00000000003506f0
[ 1413.417418][T16340] Call Trace:
[ 1413.420685][T16340]  <TASK>
[ 1413.423602][T16340]  hfs_get_block+0x518/0xbd0
[ 1413.428277][T16340]  ? hfs_free_extents+0x430/0x430
[ 1413.433284][T16340]  ? create_page_buffers+0x24f/0x4a0
[ 1413.438555][T16340]  block_read_full_folio+0x3c9/0xed0
[ 1413.443865][T16340]  ? hfs_free_extents+0x430/0x430
[ 1413.448901][T16340]  ? block_is_partially_uptodate+0x5f0/0x5f0
[ 1413.454887][T16340]  ? __lock_acquire+0x7c50/0x7c50
[ 1413.459907][T16340]  filemap_read_folio+0x160/0x760
[ 1413.464922][T16340]  ? folio_add_lru+0xd50/0xd50
[ 1413.469676][T16340]  ? hfs_writepage+0x30/0x30
[ 1413.474276][T16340]  ? maybe_unlock_mmap_for_io+0x140/0x140
[ 1413.480017][T16340]  ? folio_add_lru+0x545/0xd50
[ 1413.484782][T16340]  ? filemap_add_folio+0x188/0x3c0
[ 1413.489893][T16340]  do_read_cache_folio+0x2a0/0x760
[ 1413.495003][T16340]  ? hfs_writepage+0x30/0x30
[ 1413.499611][T16340]  do_read_cache_page+0x32/0x220
[ 1413.504534][T16340]  hfs_btree_open+0x568/0x10b0
[ 1413.509733][T16340]  hfs_mdb_get+0x12db/0x2010
[ 1413.514347][T16340]  ? hfs_xattr_set+0x4b0/0x4b0
[ 1413.519104][T16340]  ? lockdep_softirqs_off+0x420/0x420
[ 1413.524474][T16340]  ? __raw_spin_lock_init+0x41/0x100
[ 1413.529754][T16340]  hfs_fill_super+0xe0b/0x1410
[ 1413.534526][T16340]  ? hfs_mount+0x40/0x40
[ 1413.538758][T16340]  ? snprintf+0xd7/0x120
[ 1413.543092][T16340]  ? set_blocksize+0x1d3/0x350
[ 1413.547859][T16340]  ? sb_set_blocksize+0xa5/0xe0
[ 1413.552712][T16340]  mount_bdev+0x287/0x3c0
[ 1413.557048][T16340]  ? hfs_mount+0x40/0x40
[ 1413.561279][T16340]  legacy_get_tree+0xe6/0x180
[ 1413.565945][T16340]  ? hfs_mark_mdb_dirty+0x1b0/0x1b0
[ 1413.571127][T16340]  vfs_get_tree+0x88/0x270
[ 1413.575526][T16340]  do_new_mount+0x24a/0xa40
[ 1413.580022][T16340]  __se_sys_mount+0x2d6/0x3c0
[ 1413.584697][T16340]  ? __x64_sys_mount+0xc0/0xc0
[ 1413.589453][T16340]  ? lockdep_hardirqs_on+0x94/0x140
[ 1413.594645][T16340]  ? __x64_sys_mount+0x1c/0xc0
[ 1413.599400][T16340]  do_syscall_64+0x4c/0xa0
[ 1413.603843][T16340]  ? clear_bhb_loop+0x60/0xb0
[ 1413.608795][T16340]  ? clear_bhb_loop+0x60/0xb0
[ 1413.613741][T16340]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1413.619643][T16340] RIP: 0033:0x7f4e6a79030a
[ 1413.624113][T16340] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1413.643705][T16340] RSP: 002b:00007f4e6b6d5e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 1413.652109][T16340] RAX: ffffffffffffffda RBX: 00007f4e6b6d5ef0 RCX: 00007f4e6a79030a
[ 1413.660080][T16340] RDX: 0000200000000180 RSI: 0000200000000100 RDI: 00007f4e6b6d5eb0
[ 1413.668039][T16340] RBP: 0000200000000180 R08: 00007f4e6b6d5ef0 R09: 0000000000000000
[ 1413.675992][T16340] R10: 0000000000000000 R11: 0000000000000246 R12: 0000200000000100
[ 1413.683950][T16340] R13: 00007f4e6b6d5eb0 R14: 00000000000002d9 R15: 0000200000000240
[ 1413.691924][T16340]  </TASK>
[ 1413.694934][T16340] Modules linked in:
[ 1413.722352][T16284] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1413.736615][T16284] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1413.758537][T16284] device bridge_slave_0 entered promiscuous mode
[ 1413.779784][T16284] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1413.796206][T16284] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1413.812064][T16284] device bridge_slave_1 entered promiscuous mode
[ 1413.862326][T16284] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1413.876966][T16340] ---[ end trace 0000000000000000 ]---
[ 1413.883406][T16340] RIP: 0010:hfs_find_init+0x66/0x1d0
[ 1413.896650][T16340] Code: 7e 18 4c 89 f8 48 c1 e8 03 42 80 3c 28 00 74 08 4c 89 ff e8 5c 5f 8a ff 49 c7 07 00 00 00 00 48 8d 6b 40 49 89 ef 49 c1 ef 03 <43> 0f b6 04 2f 84 c0 0f 85 01 01 00 00 8b 45 00 8d 7c 00 04 be c0
[ 1413.952016][ T4570] hub 6-1:0.0: config failed, can't read hub descriptor (err -22)
[ 1413.969075][ T4570] usbhid 6-1:0.0: can't add hid device: -71
[ 1413.972673][T16340] RSP: 0018:ffffc9000df5f3a8 EFLAGS: 00010202
[ 1413.976663][T16284] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1413.984331][ T4570] usbhid: probe of 6-1:0.0 failed with error -71
[ 1414.000548][ T4981] EXT4-fs (loop5): unmounting filesystem.
[ 1414.022506][T16340] 
[ 1414.024984][T16340] RAX: 1ffff92001bebe93 RBX: 0000000000000000 RCX: 0000000000080000
[ 1414.040535][T16340] RDX: ffffc9000e6fa000 RSI: 0000000000003c2f RDI: ffffc9000df5f490
[ 1414.051426][ T4570] usb 6-1: USB disconnect, device number 8
[ 1414.070884][T16284] team0: Port device team_slave_0 added
[ 1414.079046][T16284] team0: Port device team_slave_1 added
[ 1414.084114][T16340] RBP: 0000000000000040 R08: dffffc0000000000 R09: ffffc9000df5f480
[ 1414.094270][T16340] R10: fffff52001bebe97 R11: 1ffff92001bebe90 R12: ffff88807c9e2678
[ 1414.107988][T16340] R13: dffffc0000000000 R14: ffffc9000df5f480 R15: 0000000000000008
[ 1414.125325][T16340] FS:  00007f4e6b6d66c0(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[ 1414.137872][T16284] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1414.145578][T16340] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1414.152288][T16284] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1414.179249][T16340] CR2: fffffffffffffffd CR3: 000000002cb93000 CR4: 00000000003506e0
[ 1414.187552][T16340] Kernel panic - not syncing: Fatal exception
[ 1414.193878][T16340] Kernel Offset: disabled
[ 1414.198207][T16340] Rebooting in 86400 seconds..