last executing test programs:

4m52.844625221s ago: executing program 2 (id=985):
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
r0 = syz_open_dev$video(0x0, 0xa7, 0x0)
ioctl$VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000380)={0x1, @pix_mp={0x8, 0x5, 0x34524742, 0x5, 0x4, [{0x8, 0x9}, {0x7, 0x9}, {0x3}, {0xd, 0x8}, {0xd, 0xe0}, {0x200, 0x7ff}, {0x2, 0x3}, {0xfffffffc, 0xa}], 0xff, 0x28, 0x8, 0x1, 0x5}})
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x8001, 0x0)
bind$802154_dgram(r2, &(0x7f0000000040)={0x24, @long={0x3, 0x1, {0xaaaaaaaaaaaa0102}}}, 0x14)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1e8)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
add_key(&(0x7f0000000040)='rxrpc\x00', 0x0, 0x0, 0x0, 0xffffffffffffffff)
sendmsg$NFT_BATCH(r3, 0x0, 0x0)
sendfile(r1, r3, 0x0, 0x2)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
symlinkat(&(0x7f0000000400)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00')
r4 = openat2$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
name_to_handle_at(r4, &(0x7f0000000500)='./file1\x00', &(0x7f0000000540)=@orangefs_parent={0x28, 0x2, {{"b80c1057004fac0c929e5b126e930b5a", 0x3}, {"13041371982ae495e27232529f48968b", 0xdca5}}}, 0x0, 0x200)
connect$802154_dgram(r2, 0x0, 0x0)

4m52.577909768s ago: executing program 2 (id=986):
r0 = syz_usb_connect(0x0, 0x1cb, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000122f0d4071040403dfe4000000010902b901010000003f0904"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000f80)={0x84, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

4m50.334937859s ago: executing program 2 (id=990):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socket$xdp(0x2c, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080))
socket$tipc(0x1e, 0x5, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x100000000, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000005}, 0x0, 0x0)

4m49.926861213s ago: executing program 2 (id=991):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./file1\x00', 0x101880a, &(0x7f0000005a80)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c61636c2c6673796e635f6d6f64653d7374726963742c696e6c696e655f78617474722c6673796e635f6d6f64653d706f7369782c646973636172645f756e69743d7365676d656e742c6261636b67726f756e645f67633d6f6e2c6e6f696e6c696e655f78617474722c646973636172645f756e69743d626c6f636b2c6673796e635f6d6f64653d7374726963742c617467632c657874656e745f63616368652c6661756c745f696e6a656374696f6e3d30303030303030303030303030303031343033302c00271d57a599b8b169a579679e220c689eaaec4fa6229021e75c68a687d319b615573b0b0ceefba8e2e2419434463974ef8174b66469344931de0ccad650792761"], 0x1, 0x550b, &(0x7f0000000540)="$eJzs3M1rI2UYAPAn/dhv1yIevO3AIrSwiU0/Fr1V3cUP7FJWPXjSNElDdpNMadK09uTBo3jwPxEFTx79Gzx49iYeFG+Ckpmpbv0AoWlj298PJs+8b94887xhWXhmSgK4sOaSX34qxc24GhHTEXEjIjsvFUdmLQ/PRcStiJh64igV839MXIqIaxFxc5Q8z1kq3vrszvD26o9v/vz1t5dnrn/+1XeT2zUwac9HRHc7P9/r5jFt5fFRMV8btrPYXRkWMX+j+7gYp3nca25mGfZqh+tqWVxu5evT7d3+KG51avVRbLW3svntXn7B/rB1mCf7wKPaTjZuNDez2O6nWWwd5HXtH+T/tx30B3meRpHvwyx9DAaHMZ9v7jfz/Ww/zmK9Nyjm87xpo7k/isMiFpeLetppZHVsHueb/n97q93b3U+GzZ1+O+0lq5Xqi5Xq3XJ1J200B82Vcq3buLuSzLc6o2XlQbPWXWulaavTrNTT7kIy36rXy9VqMn+vudmu9ZJqtbJcWSyvLhRnd5LXHrybdBrJ/Ci+0u7tDtqdfrKV7iT5JxaSpcrySwvJ7Wry9vpGsvHw/v31jXfev/feg5fX33i1WPS3spL5pcWlpXJ1sbxUXbhA+/+4KHqM+4djKU26AICzR/8PTMLJ9f87DyNOvv8P/f9YnKn+9/z1/3svREx0/3As+n8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgAvr+9kvXs9O5vLx9WL+qWLqmWJcioipiPjtH0zHpSM5p4s8s/+yfvYvNXxTiizD6BqXi+NaRKwVx69Pn/S3AAAAAOfXlx/d+jTv1vOXuUkXxGnKb9pM3fhgTPlKETE798OYsk2NXp4dU7Ls3/dM7I8pW3YD68qYkuW33GbGle0/mT4SrjwRSnmYOtVyAACAU3G0EzjdLgQAAIDT9MmkC2AySnH4KPPwWXD2l/d/PhC8emQEAAAAnEGlSRcAAAAAnLis//f7fwAAAHC+5b//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAv7NzP7eJA1EcgJ8NXth/WrTa+7ayNyhjS9jjHiMKSBMUkANpIQ1QA7mlhAgiPA6BiEMkj20l+j7JmYxlfrxBcJgZaQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAu3Vfrxe3V7+u2Obt9O3lGAwAAAFyyrdaL+p9Z6n9t7n9vbv1s+kVElBFxae4+ik9nmaMmp3p5/ub0+epVDXcRdcLhPSbN9SUi/jTX44+uPwUAAAD4uDbL1TzN1tOf2dAF0ae0aFN++5spr4iIavaQKa085P3KFFZ/v8fxP1NavYA1zRSWltzGudLepP65H1ftpidNkZry4suORWYbOwAA0KPRWdPvLAQAAIA+/Ru6AIZRxPNW5nErcJKaZnvv81kPAAAAeIeKoQsAAAAAOlfP/3s6/2/v/D8AAAAYRjr/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgC5tq/Vis1zN2+bs9u3kGQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyxP+8oEAJhEAZ713cmc//DSoOmpiZVIHz8jcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMX+vKRACARBFMwZ/zvp+x9WEvQMIkRAw6OKWjQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMXO/bzGUcUBAP/OzM7WtooxSg4RUfCgF5tua2tv4kEJHvwThJBua+zWH20QW4qYizfJuRfRo4igxFv/h55b6KXeethDBc/KzM5kp23A9dfMNvl84M377jDM+75ZCPnOewkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtfFb0zgrDguTOK3O3bp/bb3obz/UF25s31kuWhEnbSb9eHih+SFZioij3SUDAADAwZDV9X1E3M13Vos+XSjr/7y+pqj5v31qElf1/Gd1yfpw/V/X/kX75ed7z+0OtDAZp7jpuY3R8PijqfT+rznOu6f/8ope+eTLdy9Z+YWk7249O87L55l8ffPm2/0yPNRGtgDAP3Gs7qug/n2o6AddJgbAgdFrFN51/Z8tdJsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQBvGW3G0jpOIWO5N48Lt+9fW9+pvbN9Zrtvp69e348vpPYtb5BFxbmM0PN7qbObb5StXL6yNRsNL7QcvRkRXo79ZTf/C+zNcHNHJ8xH8R0Fafdnzks/jEXT4QwkAgH0pr1pR19/Nd1aLc8lixB/fPVj/v9KIY8b6/94Hp281x2rW/4PWZjj/VjYvfrJy+crV1zYurp0fnh9+9PqJwRuDk2dOnTqzUr4rWfHGBAAAgH+nX7Vm/Z8uPrr+f6QRx4z1/6ffDL5ojpWp//c0XfTrOhMAAICD7ZmXfv8t2eN80u/H52ubm5cGk+Pu5xOTYwep/m2Hqtas/7PFrrMCAAAA2jDeSh5Y/z/biGPG9f8nv3/+x+Y9s4g4XK3/H1v/eHS2venMtTb+nLjrOQIAANCtw1Vrrv/n5f7/dHfLQxoRr748iat/AzhT/Z+989UPzbGa+/9PtjfFuZQuTZ5H2S9F9Ja6zggAAID97ImqFcX+r/nO6oc/HXmvb/8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQNv+DAAA///fxzxy")
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x12d41, 0x1d4)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1cc)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000680)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000400)='./file0/file1\x00', 0x440, 0x83)
fcntl$setstatus(r0, 0x4, 0x66800)
fsync(r0)

4m47.736522102s ago: executing program 2 (id=992):
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x36, 0x36}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, 0x0, 0x0)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
semctl$SEM_STAT(0x0, 0x5, 0x12, 0x0)

4m43.256451585s ago: executing program 2 (id=1000):
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
close(r0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSETKEYCODE(r1, 0x4b4b, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x1000089}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x8081)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(0xffffffffffffffff, 0x84, 0xc, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x8031, 0xffffffffffffffff, 0x6a855000)
preadv2(0xffffffffffffffff, &(0x7f0000001540)=[{0x0}, {&(0x7f0000001380)=""/129, 0x7ffff000}], 0x2, 0x0, 0x0, 0x0)

4m42.129748371s ago: executing program 32 (id=1000):
r0 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x26e1, 0x0)
close(r0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSETKEYCODE(r1, 0x4b4b, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x1000089}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x8081)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(0xffffffffffffffff, 0x84, 0xc, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x8031, 0xffffffffffffffff, 0x6a855000)
preadv2(0xffffffffffffffff, &(0x7f0000001540)=[{0x0}, {&(0x7f0000001380)=""/129, 0x7ffff000}], 0x2, 0x0, 0x0, 0x0)

2m38.943204363s ago: executing program 1 (id=1272):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040))
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$inet6_tcp(0xa, 0x1, 0x0)
timerfd_create(0x0, 0x0)
eventfd2(0x4, 0x1)

2m38.497225029s ago: executing program 1 (id=1273):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1e00, 0x0, '\x00', 0x0, @sk_reuseport=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={0xffffffffffffffff, 0x2000000, 0xe, 0x0, &(0x7f00000004c0)="630b008646dc3f0adf33c9f7b986", 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2}, 0x3f)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00'})
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
syz_open_dev$sndmidi(&(0x7f0000000140), 0x2, 0x141182)
r1 = socket$inet6(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r1, 0x29, 0x10, 0x0, 0x0)
r2 = syz_open_dev$vim2m(&(0x7f0000000100), 0x0, 0x2)
ioctl$vim2m_VIDIOC_QBUF(r2, 0xc058560f, &(0x7f0000000240)=@mmap={0x1, 0x2, 0x4, 0x100000, 0x9, {}, {0x0, 0x2, 0x4, 0xc0, 0x0, 0xf0, "18a6fc23"}, 0x1, 0x1, {}, 0x1})

2m38.330837389s ago: executing program 1 (id=1274):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000100)=[@in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}], 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="120100000000002003043060000000000001090224"], 0x0)
syz_usb_connect$printer(0x2, 0x2d, &(0x7f0000000780)=ANY=[], 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_service_bytes\x00', 0x26e1, 0x0)
renameat(r2, &(0x7f00000000c0)='./file0\x00', r2, &(0x7f00000001c0)='\x00')
close(r2)
r3 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r3, &(0x7f0000000140)={0x28, 0x0, 0x2710, @host}, 0x10)
listen(r3, 0x0)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r4, &(0x7f0000000080)={0x28, 0x0, 0x2710}, 0x10)
accept4(r3, 0x0, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r2, 0x8b14, &(0x7f0000000000)={'wlan1\x00', @random="0100008dffff"})
syz_usb_connect(0x0, 0x3b, &(0x7f0000000080)=ANY=[], 0x0)

2m36.196658234s ago: executing program 1 (id=1280):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x2800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

2m35.204703423s ago: executing program 1 (id=1284):
set_mempolicy(0x2, &(0x7f0000000000)=0x1, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0xc}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x5)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, 0x0, 0x4000814)
syz_mount_image$squashfs(&(0x7f0000000200), &(0x7f0000000240)='./file0\x00', 0x8010, &(0x7f0000001880)=ANY=[@ANYBLOB="005901e3fd18fb9c322293c67dcde48bfeffd1843c336e09b34af65ad26aafded7da5cfeeda2b8d8d900c2195f00f646f699eeb47813177405a6a6baf786c0d14f2079a9efa9db8973bcca25eb2973856c6760a483c41d0980c78a4cb096a5affa6b980600000000000000a1eacd2c820176737d4eb55dca564820dd769d8742f6d9ab243775a67afcdf845f978e95365cdf6f30aa43423b381881433e00ccbe6353b21300d8f0ca972589398eef9487db78486fcf174990c488031f8b39cc01bb509f3ea4bcde33d4c9e305ecb4dd88204c5d7bb5e469cabfda0feca3ce70c0acbc34d13e5a5c796eab23abfe3b717834f8e9d7120e1e925c4e210b4152c75210b3e979fbe8ddf23eef2d53733209b22206e0a4afc354c33d7ca2a00116a14d686e4aa86b6ec6a4130178c3ad8c723c0d8506bd7bff780000000000000000004b2ec61cfde813cc124715aaaf5508b93d8cf0860042108b660b74f94b1e4851eeec09fdb7a617eabeeeff8ce8bb99f4b1f9c2896cf31e19c3c24155b0ea7dc3cae1b56acb1946830cad94af3f1caf43ea03b38fc08a7e19480e283a4c0d", @ANYRESDEC, @ANYRESHEX, @ANYRESOCT, @ANYRES16, @ANYRES8, @ANYBLOB="eae535d4c5cd41b584d3bdb8d3fb3e37666220165c8aec9c235bc9af137d4058a50551a5b228bbbcf6cd1275ef3732adfeaebdf711988cbe9d1da671f8bbaac371392e227f548006163fc9aaf3d55e97410ccacb7df3444c03ac4170da3fbc69ae1c8a590318a7a33a774debbcc54bb6d6025bc65458b94791d5a8bcd898b75cce569e2c6fd55928c5084aab22c8196fb436916cff76302fd8c4b69ca674271f5db630ffad103ad9286287759d0d5470d0b54f701a713e8803665b87799065f31bb0cff21d9c109c1fbfffb640facdacd569f158f694c34ffb4c405b186aa90e8be7b47c56e6e439ae953605d89c131c711ff56f0adb96e5ee0d269b4cfc9d089794f60bdd06e845b5ffdccfefee032ecfd92f6cba5920130f685e807f88de4a2e595ea37f39a92dcbaeb2de15dab62a5a199d4666578eb1707e88ebb0b98140fdb62d60005fd6721f18a2054b2ba2ed308813164f8dbc7e1d26a11a707adc6978a25cca2fca5d62e51794447f656b92f8372ebf98934a0bc057b901080da81ef02ccfa18a29c9b82c90fd38eb554b83428948f3608cd8fd5845bed25a0d96b146f09bd4cce20efc1ecc7bf64bd88e7a460b372a298cb776eb1d78cc334da71dc6056b2d1119cdad3af9092a42c184e9d487076399f0be65a442fdc06901089e6b5178ecb57aa4b98ff1f538696e8510551dbb5cbd36b125efa2a3e719f22b96eeec80a178dae9c894a7dd170419c33817baedfc132cde868a1c55192b9c8a332772fc40fed9f6fee1aea0e2001752caeb58afb55ea7c421cd0eb5e6ea301f8e2f6b68484849f5d3e7bd1b4aa865d2cd049dfc773bb4281f5f8dd2a3f1563c8cd3655dd9e391424151dadf7415afb242cb99b9b9541b6780beafc6a8c2c0bd109749dde1e8535040d8d2cda8393abaa6cdae24e13917e867d6d301f6f39619bcbd70acc747e093ef3c22f0b1a8b8a4d8bd11bc19c7102e11a8603d563507423c96d1653a42d02ff1ee390934927f037d2022cbbf86cb605e82e2b6e2c2fa1d523f72b47738f318836defed1f898271bdd4fcbe7863e5aa7c7e468d9bad908de3c6851c696df710da87771840f46e63fc4c3d5d9b13b663ed2fef2e56a8690cdee9e6ac0a9824c9fe458ad29614f9485f9c18caf2d5c229f24a220ab84daa26ddb2a0d4059b43e073b703148d82fe4d91ae24db7224df2ee4e10d596846466d6a62faa9da7d24f9dd1e3b5cc291f4840b6603d1173204a452a9b05a5efcf4f9e09c2a3c38f2fd49322e718ddc8278ea182a359043387705c0be61be7e62ba7bb85dfa0f24400f89087f78d84d2296844944d186fb55045eb016dd3d602c85211d7b19dbebe3247313283da5bcbba09a3a74c590fdce8cdbef49a73b11413a9df4aaefc356e94f838cef801ba2380d7e5fdc8865140311f071c82bc1482c2033b8ad70d08a5a71e1c949f93cd8743b0bd4eefdaf45f5246efcf800444c8e9b8c2a01b76b6eb4e0639ee7381971172c53e165f14946fb56896e40424a3b981d97b4b01504806d797bb9e3405a7326d2ba7bfa6efc923c4c68d0165aea2d80ae953c7e2ec6534d0da7c28bbe255d81097e84254ff7bd065caa84fa7455885e1b28ab7d6243d0f02903860049935a764ebfe5384bdf9ae0b71f1641e457780da2071a84937dd88d2e4aec7ddaab66e335887f555a724ad9692ee996521ccaa35e2358aea1ab6a8c9845af8af552520fdec7ecb635d230074aa532c3efe6677c79b1328451a779501eccb4c11750744cfce16ba2ced0fc6dd2b75a5ff1770f3851c93bcf8850adf496012d94b8dd6a00d1f9f0c96989979b89838a29875072e0b678a2a55338f21625165c350134d7cb9119ac4dcc77f13a153fe6819d1bdc6b357e93531a68813913daf65d2e62d4bd09da6bb16e8d686518f6faff70dc0804b4b6810117d8698a4d27f0482f9adf9be3aae179dbcad90ab1fbd6b1ba15cdc78ee7686bd15a8fe1cf5af00fcc0a6981a77ac5c3485518921a1b4ea90b02e0059c2c71850d517bddc12bd61a5571da765a34b53e5f06a2b8bb122bf9d642f1ad50a0eb7afe34ef6fd2474d25f314adbf276a895b80b8de6e31eaee5fe4544f4709bf6416f26ec52d517dd3a350cb68df6791dc671495e0f056de8b158095b32ec8b43f65b1f3110cf7da37d2383e99a5bd9a0e0d5684a5b15246170bd11909ef22ee740aa5556dbc0f9dacc8ce440c137bf0ec673651067ef1146004701376116986c49b10226141bea12f679c3f53eaea945b1bb92e6c922a85a2221f768ff4f1c188dc82f9e8d947e140f43c4950430f88a47fb15dcd8ef8491ff08d7b287b280eab99e44a7fba6d4fe20fcb2c2cfa1a6f4d59b51755e66a3d9a325a08a286185c2bdac8c8c2910ed3ff8e047f28b2bf1827e0829f8ec8459241300583f1880c96b2e405b253af5f7e9ee91e34c3fa2cd5c53a71bc3b4b1a5741c17a7b73c8e7d3e8ec9e51a90772b8eb38f23fcb9e07eff8b0f68d4f7d4d68bfb8fbc8d90be681166fe5ed220e3a425c65c0e678e8b7470a99d7fccc7a3be07189ee02e1f8c81549b0b8c0113ef602d10d5d2429e8b60fa5aaddd55cb86141609bae35c185c5ad743d0fb0a1244ba6d67755e46073f3d428926c0d9033f8180120deab78a4b42664e36b6723039457195bff897760ede28bf2661a95715dd20bc744ae2a06bcb12ef8b7a373f3a5557f20256446ba95d45b7810d68494f954d1802aa8986279adc368c2365168c0619bc8952ec6ac60840d9968302edb8809d36f6b0c83dc6941193fb8eb2adcef36db70cbe51fd533ee108eaedebc05ab363058feecfb51e294419695019d0ba50a660ecbe3fd1b43ac973141b7e4c423c062f63ad24468ca79740502716b10a823821429d53f34409cc0757587a5de21663c33a8b194c988a3c209cec76b9fc18805649d9cc109635271c968972f4328e561b562ad6c32a71b269718a303ae3635e5b06717152817a11589d3efa0f803d7bb560c08132827333ada867d1a870e2feb3a5e7851363fc333bb681018764aab63eb740978994f62ec3147d4d6a40e099ada0c50c1a5f6a8196549be226508055aef349c76af40596f6c9b7217423628bb6dc07d9382f6d4c87c962ec97bee6384ba3e2522b76ee8619093500a75bcc8fd0fb9bb5093650ec0ca9c867a22260e2668ecf46047e3df87f5d82d992a558e45fb852be616c030edf6aeeae70848403dc1166e6a16776e8660f90449f297224f667563850480f259f6a59039b1a3ea5488971b5e4bcbf380c527c937055dbf4f5a676bacc09f4dde33c50a1286f6024980df1064a9dc4b3f101b129fa1fc141e54f52d4b7322a0cb1c2567205016f5ede0794122fcaa2d11fa77f5fddb3a5f3c7b3d85f0cb6f32cd11d752f755687fb8d93d40711a4c8873ec7c794f0f781bb9c10f9df22fa8f40cca06a48c37e66ea4480fcdd686526be62915ebe36e0bdf7dafd3940f698469ecdc792ca6105a37499a19382247a85bb734e4ba325dd307be8444b5860f99f9dbc7aa28c26747c89041bde3c10c459406786e10792078a52f4bcc32aff61b3f5798cb5dc2927f260f70a41d8e5fc38498b02d0053a86ae408d2efdc1aca9a8508ef9128dfd1fc6a92ba72f940ee469a3111e2cf6c28e77e5a206db6f09139db812fa4e4cfe33c8d184e4763bd8e54e0e473346215b8905d101463dd2ca855747c81c7ffd6c2625e0b59273a9516ec96a5cd8d9078c974980a16b6b87563986ba287821cd41f417792e42dd24e796e313b9cd943f1b9dd6ee35676ff4ad46dbd52db83abbc78f5dad11b6e7bd09a4ace8c246d0a52c36dcb1f0c6025f6ed2868f4b918b6e4e645c63689b7e7bc369dbe44725993b3b43f4572a7136b6e610adc161f45fc307c0937f2338ebc4fd571852b229b80ccd071e1a29c927f88b8b45efa503691758125d29463e742e2ef508babf30ae39ff8bb3a94cfee379f84348c002fdef77b410bee9f47f8119388b3fc159b409b9d9c9af97a4b75c38ca5fc0665cd975df293370de64714cefdd470c1d05a5d3e0f257182889d7a2d797ebf42d6935d1c6b5ef8cd1e2783cef3a316dbd4768510f26ee5b1c481bcac3e1608458d4b5ec6411cb3c921a131140440561931ca51b92231de91d1f950d992eec74c6500a6ecc9e8bc26eec367dba82720accd6dee234db88c132ec649baeef23a16ebb18c8e5b68b95aac984d8322a01b39636baf16911e458242730ea8b22c686bd01bc451e91c34f81fafe88485bbe97ec99299940ca897c3f802d080ecf8ca7e5032c728b8b33f162ab26a6805db239b88103c19ff8160a28268f8f7ac66593c67251fb0f3fa3004d5ad08107f48e0ecc1e4e910554f49ca72e3fd7e212d828fc3c0c40203e4642a3a372f36cfd13a037fd4dd107d6b386659b379c4c41813c8599cb71fd08e4b80f22dbb088d3d0257f30493b1c4d54201a00e049d998d291ecb659e65e2eed9776b367afc9b84b03957701bcbef289b0eea8e5722a63e1bd748d5af209c5ebff7df185d0d68e7ceabbf9a63bba55946cd3b52a09383fd9b9d2d956dc4e5af16986c5600dfd0db89e0e478420557d001c3716350c3e6ba0bbec1e5888435d296d8666f455d22205ea407a95eb60bc68a184e95ae3259f3783c594d3e550c018369df677ea11a37c757a3bd3c19eb257f5e228ad760562e431754a0c620004548962c3a4fb42d49259dafc1b9d365323fa2ace81876728a24f70b06e1198d5f863bfd00a04d5393b3adb15f4191d374c607c7ccb6b7ef84303454b6655392a23dccca41f55cb314a3bfbb637f57178cc9df4fe0645a8dc1ca0386d1fb0ff2cfc3e149991f97264d893fba0b013c027ce753c3e1f907a2988b1507eecd0e5e26368155ff5c55f616ffec31a613be450ee048955a46d68c272aa53f1db6ce199e2765f4be20933799d96f13b3a65f33cb60da1929023ff5d820172c423f83210a992264a37854033cd43c88129fabb5146367d2b748d84be96dc3a4ad95279ec7ed78dcb57056597a9f46a948708b0e9915b22f28216d94554db2082f4b9782a5802bf6700ef9017168a68304b6573f46c78a0a3be302e096b4f5b87313a2ef9a2b5f51956d9e315b08ee89a59aeec225227f3ece808c451e1103df7887f944138af1b93235bc93121fb84591d065d5f245c035c238a1c30d510be5db14725148919e8d57f1e3a36ead8be870e2505e3c9935c4461741c4a8dc4dff7e0e042167a7228bf218c9d8dd9c0be9e5ff4a79968d8f34cfc3206e0ade5889e9c5e44c918ed3755063d4148e7f1da9d2ce7aa45b9fc873f85cb92160b8a4d5b219884d0c43cc1194259ec4a6127887470d2fabbc1983b1bcc51e931f131d1238333c09740b43802fc5b1c01a942c5d08693b81e59429cb7d49f454f517cddc160d563a243182083008f2481e35312b4b35a2688468f18f4733f4b40d2f298c0b88ec2ad51e2efa509905233e3bbb9e172a1e697ab379f500c8c791aa97623bc8faa7f0468e02e6bc6f9bc40c75b4c01b92731fc371ad7c90928bead62a74580bb2d0aa1d8972fa857766ebe8aa00cd9eae79a591ea3e87a5ce636dc865b992c98a6fafe478973665936ad477558dac400fe179e86e6fef41aa074d0812f0c14f3992edb76358d02a2b763512ca9abc0940dd711670deb4d9abf196de9106efa5e1c14a673de86193908206ab9f72afd6ef1b05355f06ad0b9bc83750bb196654566b56e13e6e820d12bc34920b45c3", @ANYRESDEC=r0, @ANYRESDEC=0x0, @ANYRES8, @ANYRES32=r2], 0xfd, 0x200, &(0x7f00000002c0)="$eJzskr9rFEEUx7+zO3fuaUIOORBFEDVoLJLbbDT+KBRsDCoIohADgsfdJS5u/JE90DsOXKsUNoIiJIiFIElhIf4DLqiN2CgEuxBJnSKFjSSsvNm3mwnY28ynuO/NvLfvve/M3A4fhDsAbK5360AZhEQF338JSAAHhNpCw07VYb3MWuT4BSvVmPUP6+bJzvgEIPxDy6NWvKdxUJTRU/n9dQV19N3E6deX3v24WnixtHvt7UfKv3i9/QHiaKPvzav3z87P9ary4saEXseO9887VAjA843x5RW5165ktfxoiVoXkPFyEsKddwAMfR6cO+v2PrW4Ztju3KkFQXMmPPfEwppq9XO9W6c/twAkBPsbA6DnkP1FzqG9fRK4BsBGkudIbFFtTd+vhu3OoD9dm2pONe963sioe9x1T3jVST9ouvQLcDf1OZ8gSI8BoGsq0QhCxXdRbINzdmI7VIfmivK496XE45fQrRe1qxs4jHRb65fZylQgZluOmgPKKlk+Ajrah5HQdvtVFQllbAwCNi+GpTZf2stRgaFP94LGLMgbf7YAmdcYXkUhX3j6YuRU5hCzrP3YujFigXWVNXvR2UuVqoLF73kgAop4VGu1kiR5jMUeXPmWRmhvxivm/8qRfmDUtWxvN3fG/setGAwGg8FgMBgMBsN/4m8AAAD//4Hjlpw=")
open(&(0x7f0000000140)='./file2\x00', 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00'})

2m33.572610399s ago: executing program 1 (id=1288):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000100)=[@in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}], 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="120100000000002003043060000000000001090224"], 0x0)
syz_usb_connect$printer(0x2, 0x2d, &(0x7f0000000780)=ANY=[], 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_service_bytes\x00', 0x26e1, 0x0)
renameat(r4, &(0x7f00000000c0)='./file0\x00', r4, &(0x7f00000001c0)='\x00')
close(r4)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r5, &(0x7f0000000140)={0x28, 0x0, 0x2710, @host}, 0x10)
listen(r5, 0x0)
r6 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r6, &(0x7f0000000080)={0x28, 0x0, 0x2710}, 0x10)
accept4(r5, 0x0, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8b14, &(0x7f0000000000)={'wlan1\x00', @random="0100008dffff"})
syz_usb_connect(0x0, 0x3b, &(0x7f0000000080)=ANY=[], 0x0)

2m18.490048636s ago: executing program 33 (id=1288):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000100)=[@in={0x2, 0x4e24, @initdev={0xac, 0x1e, 0x0, 0x0}}], 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc2(&(0x7f0000000400), 0xffffffffffffffff)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="120100000000002003043060000000000001090224"], 0x0)
syz_usb_connect$printer(0x2, 0x2d, &(0x7f0000000780)=ANY=[], 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_service_bytes\x00', 0x26e1, 0x0)
renameat(r4, &(0x7f00000000c0)='./file0\x00', r4, &(0x7f00000001c0)='\x00')
close(r4)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r5, &(0x7f0000000140)={0x28, 0x0, 0x2710, @host}, 0x10)
listen(r5, 0x0)
r6 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r6, &(0x7f0000000080)={0x28, 0x0, 0x2710}, 0x10)
accept4(r5, 0x0, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8b14, &(0x7f0000000000)={'wlan1\x00', @random="0100008dffff"})
syz_usb_connect(0x0, 0x3b, &(0x7f0000000080)=ANY=[], 0x0)

9.505061273s ago: executing program 0 (id=1621):
syz_mount_image$ext4(&(0x7f00000004c0)='ext3\x00', &(0x7f0000000000)='./file0\x00', 0x40, &(0x7f0000000140)={[{@debug}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x2}}]}, 0x0, 0x4f7, &(0x7f0000000540)="$eJzs3c9vI1cdAPDvTOJNmqZNCpUKCOhSCgtarZ1426jqqVxAqKqEqDhxSEPijaLYcRQ7pQkrNfkfkKjEAcGJMwckDpV64ojgBre9LAekBVagDRIHo/GPbHZjJ2HXsVX785FGM2/eeL7vrTXveb9J/AIYW1cj4iAirkTEexEx1z6ftLd4q7Vl1z24f3v16P7t1SQajXf/kTTrs3Nx4jWZZ9v3nI6I738n4kfJ6bi1vf3NlXK5tNMuF+qV7UJtb//GRmVlvbRe2ioWlxaXFt64+Xqxb319ufKbe9/eePsHH//uS3f/dPDNn2TNmm3XnexHP7W6njuOk5mMiLcvI9gQTLT7c2XYDeGJpBHxmYh4pfn8z8VE8928mC6PNQDwKdBozEVj7mQZABh1aTMHlqT5di5gNtI0n2/l8F6MmbRcrdWv36rubq21cmXzkUtvbZRLC+1c4Xzkkqy8+GF2/LBcjEfLNyPihYj46dQzzXJ+9eJ5BgCgv559bP7/91Rr/gcARtz0eRcsD6YdAMDgnDv/AwAjx/wPAOPH/A8A48f8DwDjx/wPAOPmTmf+nxh2SwCAgfjeO+9kW+Oo/f3Xa+/v7W5W37+xVqpt5iu7q/nV6s52fr1aXS+X8qvVynn3K1er24uvxe4HhXqpVi/U9vaXK9Xdrfpy83u9l0u5gfQKADjLCy9/8pckIg7efKa5xYm1HMzVMNrSYTcAGBo5fxhfvoUbxpf/4wPnreXZ81eEP3qCYI0Pn+BFQL9d+7z8P4wr+X8YX/L/ML7k/2F8NRpJrzX/0+NLAICRIscPDPTn/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAiZpvb/IlymubzEc9FxHzkklsb5dJCRDwfEX+eyk1l5cWhthgAeHrp35L2+l/X5l6dfbz2SvKfqeY+In7883d/9sFKvb6zmJ3/5/H5+kft88VhtB8AOE9nnu7M4x0P7t9e7WyDbM+9b7UWF83iHrW3Vs1kTGa7P05HLiJm/pW0ym3Z55WJPsQ/OIyIz3Xrf9LMjcy3Vz59PH4W+7mBxk8fiZ8261r77N/is6fuPNUz5nlrvcK4+CQbf97q9vylcbW5n+66+PF0c4R6ep3x7+jU+Nd53qebY0238e/qRWO89vvv9qw7jPjCZLf4yXH8pEf8Vy8Y/84Xv/xKr7rGLyOuRff4J2MV6pXtQm1v/8ZGZWW9tF7aKhaXFpcW3rj5erHQzFEXOpnq0/7+5vXne/b/1xEzPeJPn9P/r53Z68bxAPyr/773w6/0in8Y8Y2vdn//XzwjfjYnfv3M+A+tzPy25/LdWfy1Vv8P/9/3//oF49/96/7aBS8FAAagtre/uVIul3b6epCLPt/wxEFySW12MOIH2efxp73PS+2UWddr/vCLj1/KKofe074cDHlgAi7dw4d+2C0BAAAAAAAAAAAAAAB6ufQ/J0qH3UMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABG2f8CAAD//zwQyy8=")
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
read$msr(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
add_key$keyring(&(0x7f0000000000), 0x0, 0x0, 0x0, 0xfffffffffffffffe)
recvfrom(0xffffffffffffffff, 0x0, 0x0, 0x40000040, &(0x7f00000005c0)=@pppoe={0x18, 0x0, {0x1, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, 'rose0\x00'}}, 0x80)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r2)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r3, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x4000054)

7.028905108s ago: executing program 3 (id=1625):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
ioctl$DRM_IOCTL_MODE_GETCONNECTOR(0xffffffffffffffff, 0xc05064a7, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0})
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
prctl$PR_SET_SECUREBITS(0x1c, 0x2c)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x0)
fsetxattr$system_posix_acl(r2, &(0x7f0000000000)='system.posix_acl_access\x00', 0x0, 0x0, 0x0)
mknod(0x0, 0x1ffa, 0x0)
timer_create(0x0, 0x0, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc080003400000001408000c4000000e45400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xb4}, 0x1, 0x0, 0x0, 0x20040055}, 0x40)
socket$nl_netfilter(0x10, 0x3, 0xc)

6.981921172s ago: executing program 5 (id=1626):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x4, 0xb, &(0x7f00000006c0)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000900)={r0, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000500)="7c5331fc9356b5b1000600008100", 0x0, 0xd5a2, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

6.704541687s ago: executing program 4 (id=1627):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000380)={'syztnl0\x00', &(0x7f0000000240)={'syztnl1\x00', 0x0, 0x4, 0x3, 0xd7, 0x7, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x1, 0x20, 0x8000, 0x2}})
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000001000)={'batadv_slave_1\x00', <r5=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="540000001400090525bd70000003000002180d00", @ANYRES32=r5, @ANYBLOB="08000b000000000008000200ac14143f080009"], 0x54}}, 0x0)

6.704170648s ago: executing program 5 (id=1628):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000000, &(0x7f00000006c0), 0x1, 0x513, &(0x7f0000000c40)="$eJzs3W9rJHcdAPDvTLJp7i41WxU5C7bFVu6K3m7S2DaKtBVEHxXU+jzGZBNCNtmQ3dRLKJriCxBEVPAF+ETwBQjSlyDCgT4XFUX0Th/qjczuRPNnN1mSTfbcfD4w2d9v/n2/vyE7O39+zARwbb0QEW9FxFhEvBwR08X4tBgW8sp+Z75HD99byocksuydvyWRFOMO1pXXxyPiVmeRmIyIr38l4lvJybjN3b31xXq9tl3Uq62NrWpzd+/e2sbiam21tjk3N/va/Ovzr87PZIULtbMcEW986U8/+v7PvvzGrz7z7d8v/OXud/K0vvCxTt4RsXShAD101l1qb4sD+TbavoxgQ5K3pzQ27CwAAOhHfoz/4Yj4ZPv4fzrG2kdzAAAAwCjJ3pyKfyURGQAAADCy0oiYiiStFH0BpiJNK5VOH96Pxs203mi2Pr3S2NlczqdFlKOUrqzVazNFX+FylJK8Plv0sT2ov3KsPhcRz0TED6dvtOuVpUZ9edgXPwAAAOCauPX80fP/f06n7TIAAAAwYso9KwAAAMCocMoPAAAAo8/5PwAAAIy0r779dj5kB+/xXn53d2e98e695VpzvbKxs1RZamxvVVYbjdX2M/s2zlpfvdHY+mxs7tyvtmrNVrW5u7ew0djZbC2sHXkFNgAAAHCFnnn+g98lEbH/+RvtIYrnAAIc8cdhJwAM0tiwEwCGZnzYCQBDUzpzDnsIGHXJGdNPdt7pXCuMX19OPgAAwODd+fjJ+/8TxbSzrw0A/8/09QGA68fdPbi+SuftAXh70JkAw/KhzsdTvab3fHhHH/f/O9cYsuxciQEAAAMz1R6StFIcp09FmlYqEU+3XwtQSlbW6rWZ4vzgt9Olp/L6bHvJ5Mw+wwAAAAAAAAAAAAAAAAAAAAAAAABAR5YlkQEAAAAjLSL9c9J+mn/EnemXpo5eHTj21q+fvvPj+4ut1vZsxETy9+l81EREtH5SjH8l80oAAAAAeAJ0ztOLz9lhZwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAqHn08L2lg+Eq4/71ixFR7hZ/PCbbn5NRioib/0hi/NBySUSMDSD+/vsRcbtb/CQeZ1lWLrLoFv/GJccvtzdN9/hpRNwaQHy4zj7I9z9vdfv+pfFC+7P792+8GC6q9/4v/e/+b6zH/ufpY/Venn3wi2rP+O9HPDveff9zED/pxD8SIq+82Gcbv/mNvb2uEw6tslv8w7GqrY2tanN3797axuJqbbW2OTc3+9r86/Ovzs9UV9bqteJv1zA/+MQvH5/W/ps94pePtv/E9n+pr9Zn8e8H9x9+pFMpdYt/98Xuv7+3e8RPi9++TxXlfPqdg/J+p3zYcz//zXOntX+5R/snz2j/3b7aH597+Wvf+0PXKSe2BgBwFZq7e+uL9Xpt+5TCZB/zXHHhzScjjQEW4slIY1iF7Lud/8eLreeCi58oZBdZfDwGkMbEie/pWJx3hUnEfr6uPv8hAQCAEfO/g/7T7iABAAAAAAAAAAAAAAAAAAAAl+mcjyWbjIi+Zz4ec384TQUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAONV/AgAA//8FStFZ")
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x100)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r4, 0x40345410, &(0x7f00000083c0)={{0x1}})
socket$nl_xfrm(0x10, 0x3, 0x6)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x14, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f66f63bb85"], 0x0, 0x0, 0x0, 0x0, 0x83d00, 0x2, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x94)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r4, 0x40505412, &(0x7f00000000c0)={0x2, 0x2000008, 0x200, 0x0, 0x3})
fgetxattr(r3, 0x0, 0x0, 0x0)
bind$tipc(0xffffffffffffffff, 0x0, 0x0)
sendmsg$tipc(0xffffffffffffffff, 0x0, 0x0)
quotactl$Q_GETNEXTQUOTA(0xffffffff80000901, &(0x7f0000000000)=@loop={'/dev/loop', 0x0}, 0x0, 0xffffffffffffffff)

6.403242435s ago: executing program 3 (id=1629):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000000)={&(0x7f0000000480)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@enum64={0x8, 0x0, 0x0, 0x13, 0x0, 0x2}]}}, 0x0, 0x26, 0x0, 0x1, 0x5}, 0x28)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x2c}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r1, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000000c0)=@newqdisc={0x2c, 0x24, 0xf0b, 0x70bd2e, 0x0, {0x0, 0x0, 0x12, r2, {0x0, 0xfff3}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_mq={0x7}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8004043}, 0x20040000)

6.15563225s ago: executing program 0 (id=1630):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet_mptcp(0x2, 0x1, 0x106)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$phonet_pipe(0x23, 0x5, 0x2)
r1 = syz_open_procfs(0x0, &(0x7f0000000180)='oom_adj\x00')
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000140)='15', 0x2}], 0x8)

6.068347754s ago: executing program 3 (id=1631):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f00000003c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(arc4)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r3, 0x117, 0x1, &(0x7f0000000380)='\x00\x00', 0x2)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000002f40)=[{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2400c044}], 0x1, 0x8800)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)

5.6296044s ago: executing program 4 (id=1632):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, 0x0, 0x880)
getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f00000001c0)={@dev={0xfe, 0x80, '\x00', 0x2a}, 0x91ee, 0x1, 0x1, 0x0, 0x2, 0x80}, &(0x7f00000002c0)=0x20)
setsockopt$inet_sctp6_SCTP_AUTH_ACTIVE_KEY(0xffffffffffffffff, 0x84, 0x18, 0x0, 0x0)
r4 = openat$sw_sync(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
r5 = openat$sw_sync(0xffffffffffffff9c, 0x0, 0x800, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r4, 0xc0285700, &(0x7f0000000f40)={0x8, "b546baa5cc590d3033de259c2996817bb959ebab028deda525e19bdeffafde25"})
close_range(r4, r5, 0x0)
ioctl$SYNC_IOC_FILE_INFO(0xffffffffffffffff, 0xc0383e04, &(0x7f0000000040)={""/32, 0x0, 0x0, 0x2, 0x0, &(0x7f0000019300)=[{}, {}]})

5.552543205s ago: executing program 0 (id=1633):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r3, 0x0, 0x2004c889)
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r3, &(0x7f0000000340)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000280)={&(0x7f0000000400)={0xbc, 0x3, 0x1, 0x401, 0x0, 0x0, {0x1, 0x0, 0x5}, [@CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_REPLY_FLAGS={0x8, 0x2, 0x900}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x5}, @CTA_ID={0x8, 0xc, 0x1, 0x0, 0x4}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x7}, @CTA_TUPLE_ORIG={0x7c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @remote}, {0x8, 0x2, @loopback}}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2}, {0x8, 0x2, @empty}}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private2}, {0x14, 0x4, @private2={0xfc, 0x2, '\x00', 0x1}}}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x8, 0x2, @broadcast}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}]}, @CTA_MARK={0x8, 0x8, 0x1, 0x0, 0x57}]}, 0xbc}}, 0x8080)
sendmsg$IPSET_CMD_TYPE(r3, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x20}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20000000}, 0xc000)
ioctl$UFFDIO_WRITEPROTECT(0xffffffffffffffff, 0xc018aa06, 0x0)
write$UHID_CREATE2(0xffffffffffffffff, 0x0, 0x118)
r4 = syz_pidfd_open(0x0, 0x0)
socket$nl_sock_diag(0x10, 0x3, 0x4)
syz_open_procfs(0x0, &(0x7f0000000040)='stat\x00')
ioctl$VIDIOC_QBUF(r4, 0xc058ff0b, 0x0)
mount(&(0x7f0000000000)=@nullb, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='ufs\x00', 0x210818, 0x0)

5.28836928s ago: executing program 5 (id=1634):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)={0x20, 0x24, 0x107, 0xfffffffe, 0x0, {0x3, 0x7c}, [@nested={0xc, 0x1, 0x0, 0x1, [@typed={0x8, 0x4, 0x0, 0x0, @fd=r0}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x8000}, 0x8010)

4.465754368s ago: executing program 0 (id=1635):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
capset(&(0x7f0000001680)={0x20071026}, 0x0)
ioctl(0xffffffffffffffff, 0x3, &(0x7f0000000040))
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000003, 0x50032, 0xffffffffffffffff, 0x0)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
syz_clone(0x100, 0x0, 0x0, 0x0, 0x0, 0x0)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)

4.396893362s ago: executing program 4 (id=1636):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x3, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x2c, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffdfffe}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000580)={r1, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001440)={r1, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, <r2=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000840)=@newqdisc={0x78, 0x24, 0xf0b, 0x70bd2e, 0x1, {0x0, 0x0, 0x12, r2, {0x0, 0xb}, {0xffff, 0xffff}, {0x5}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0xa0d4, 0x2000000, 0x6, 0x0, 0xd99}, 0x8, 0x0, 0x3, 0x0, 0x0, 0x6, 0x1b, 0xf, 0x3, 0x6, {0x6, 0x81, 0x9, 0x6, 0x6, 0x1}}}}]}, 0x78}, 0x1, 0x0, 0x0, 0xc0000c1}, 0x0)

3.454260577s ago: executing program 0 (id=1637):
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000080)=@nameseq={0x1e, 0x1, 0x1, {0x41, 0x0, 0x4}}, 0x10)
bind$tipc(r0, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={0x0, 0x0}, 0x28)
prctl$PR_SET_TIMERSLACK(0x1d, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r4 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r4, 0x7a7, &(0x7f00000000c0)=0xa0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r4, 0x7a0, &(0x7f0000000040)={@host})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(0xffffffffffffffff, 0x7a8, &(0x7f00000001c0)={{@host}, @host, 0x4, 0xabc, 0x2449, 0x2, 0x0, 0x8})
ioctl$IOCTL_VMCI_QUEUEPAIR_DETACH(r4, 0x7a5, &(0x7f0000000140)={{@host}, 0x1})

3.429916519s ago: executing program 4 (id=1638):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x3000000, &(0x7f00000006c0), 0x1, 0x513, &(0x7f0000000c40)="$eJzs3W9rJHcdAPDvTLJp7i41WxU5C7bFVu6K3m7S2DaKtBVEHxXU+jzGZBNCNtmQ3dRLKJriCxBEVPAF+ETwBQjSlyDCgT4XFUX0Th/qjczuRPNnN1mSTfbcfD4w2d9v/n2/vyE7O39+zARwbb0QEW9FxFhEvBwR08X4tBgW8sp+Z75HD99byocksuydvyWRFOMO1pXXxyPiVmeRmIyIr38l4lvJybjN3b31xXq9tl3Uq62NrWpzd+/e2sbiam21tjk3N/va/Ovzr87PZIULtbMcEW986U8/+v7PvvzGrz7z7d8v/OXud/K0vvCxTt4RsXShAD101l1qb4sD+TbavoxgQ5K3pzQ27CwAAOhHfoz/4Yj4ZPv4fzrG2kdzAAAAwCjJ3pyKfyURGQAAADCy0oiYiiStFH0BpiJNK5VOH96Pxs203mi2Pr3S2NlczqdFlKOUrqzVazNFX+FylJK8Plv0sT2ov3KsPhcRz0TED6dvtOuVpUZ9edgXPwAAAOCauPX80fP/f06n7TIAAAAwYso9KwAAAMCocMoPAAAAo8/5PwAAAIy0r779dj5kB+/xXn53d2e98e695VpzvbKxs1RZamxvVVYbjdX2M/s2zlpfvdHY+mxs7tyvtmrNVrW5u7ew0djZbC2sHXkFNgAAAHCFnnn+g98lEbH/+RvtIYrnAAIc8cdhJwAM0tiwEwCGZnzYCQBDUzpzDnsIGHXJGdNPdt7pXCuMX19OPgAAwODd+fjJ+/8TxbSzrw0A/8/09QGA68fdPbi+SuftAXh70JkAw/KhzsdTvab3fHhHH/f/O9cYsuxciQEAAAMz1R6StFIcp09FmlYqEU+3XwtQSlbW6rWZ4vzgt9Olp/L6bHvJ5Mw+wwAAAAAAAAAAAAAAAAAAAAAAAABAR5YlkQEAAAAjLSL9c9J+mn/EnemXpo5eHTj21q+fvvPj+4ut1vZsxETy9+l81EREtH5SjH8l80oAAAAAeAJ0ztOLz9lhZwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAqHn08L2lg+Eq4/71ixFR7hZ/PCbbn5NRioib/0hi/NBySUSMDSD+/vsRcbtb/CQeZ1lWLrLoFv/GJccvtzdN9/hpRNwaQHy4zj7I9z9vdfv+pfFC+7P792+8GC6q9/4v/e/+b6zH/ufpY/Venn3wi2rP+O9HPDveff9zED/pxD8SIq+82Gcbv/mNvb2uEw6tslv8w7GqrY2tanN3797axuJqbbW2OTc3+9r86/Ovzs9UV9bqteJv1zA/+MQvH5/W/ps94pePtv/E9n+pr9Zn8e8H9x9+pFMpdYt/98Xuv7+3e8RPi9++TxXlfPqdg/J+p3zYcz//zXOntX+5R/snz2j/3b7aH597+Wvf+0PXKSe2BgBwFZq7e+uL9Xpt+5TCZB/zXHHhzScjjQEW4slIY1iF7Lud/8eLreeCi58oZBdZfDwGkMbEie/pWJx3hUnEfr6uPv8hAQCAEfO/g/7T7iABAAAAAAAAAAAAAAAAAAAAl+mcjyWbjIi+Zz4ec384TQUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAONV/AgAA//8FStFZ")
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x100)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r4, 0x40345410, &(0x7f00000083c0)={{0x1}})
socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r4, 0x40505412, &(0x7f00000000c0)={0x2, 0x2000008, 0x200, 0x0, 0x3})
fgetxattr(r3, 0x0, 0x0, 0x0)
r5 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r5, 0x0, 0x0)
sendmsg$tipc(r5, 0x0, 0x0)
quotactl$Q_GETNEXTQUOTA(0xffffffff80000901, &(0x7f0000000000)=@loop={'/dev/loop', 0x0}, 0x0, 0xffffffffffffffff)

3.373871362s ago: executing program 5 (id=1639):
syz_mount_image$ext4(&(0x7f00000004c0)='ext3\x00', &(0x7f0000000000)='./file0\x00', 0x40, &(0x7f0000000140)={[{@debug}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x2}}]}, 0x0, 0x4f7, &(0x7f0000000540)="$eJzs3c9vI1cdAPDvTOJNmqZNCpUKCOhSCgtarZ1426jqqVxAqKqEqDhxSEPijaLYcRQ7pQkrNfkfkKjEAcGJMwckDpV64ojgBre9LAekBVagDRIHo/GPbHZjJ2HXsVX785FGM2/eeL7vrTXveb9J/AIYW1cj4iAirkTEexEx1z6ftLd4q7Vl1z24f3v16P7t1SQajXf/kTTrs3Nx4jWZZ9v3nI6I738n4kfJ6bi1vf3NlXK5tNMuF+qV7UJtb//GRmVlvbRe2ioWlxaXFt64+Xqxb319ufKbe9/eePsHH//uS3f/dPDNn2TNmm3XnexHP7W6njuOk5mMiLcvI9gQTLT7c2XYDeGJpBHxmYh4pfn8z8VE8928mC6PNQDwKdBozEVj7mQZABh1aTMHlqT5di5gNtI0n2/l8F6MmbRcrdWv36rubq21cmXzkUtvbZRLC+1c4Xzkkqy8+GF2/LBcjEfLNyPihYj46dQzzXJ+9eJ5BgCgv559bP7/91Rr/gcARtz0eRcsD6YdAMDgnDv/AwAjx/wPAOPH/A8A48f8DwDjx/wPAOPmTmf+nxh2SwCAgfjeO+9kW+Oo/f3Xa+/v7W5W37+xVqpt5iu7q/nV6s52fr1aXS+X8qvVynn3K1er24uvxe4HhXqpVi/U9vaXK9Xdrfpy83u9l0u5gfQKADjLCy9/8pckIg7efKa5xYm1HMzVMNrSYTcAGBo5fxhfvoUbxpf/4wPnreXZ81eEP3qCYI0Pn+BFQL9d+7z8P4wr+X8YX/L/ML7k/2F8NRpJrzX/0+NLAICRIscPDPTn/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAiZpvb/IlymubzEc9FxHzkklsb5dJCRDwfEX+eyk1l5cWhthgAeHrp35L2+l/X5l6dfbz2SvKfqeY+In7883d/9sFKvb6zmJ3/5/H5+kft88VhtB8AOE9nnu7M4x0P7t9e7WyDbM+9b7UWF83iHrW3Vs1kTGa7P05HLiJm/pW0ym3Z55WJPsQ/OIyIz3Xrf9LMjcy3Vz59PH4W+7mBxk8fiZ8261r77N/is6fuPNUz5nlrvcK4+CQbf97q9vylcbW5n+66+PF0c4R6ep3x7+jU+Nd53qebY0238e/qRWO89vvv9qw7jPjCZLf4yXH8pEf8Vy8Y/84Xv/xKr7rGLyOuRff4J2MV6pXtQm1v/8ZGZWW9tF7aKhaXFpcW3rj5erHQzFEXOpnq0/7+5vXne/b/1xEzPeJPn9P/r53Z68bxAPyr/773w6/0in8Y8Y2vdn//XzwjfjYnfv3M+A+tzPy25/LdWfy1Vv8P/9/3//oF49/96/7aBS8FAAagtre/uVIul3b6epCLPt/wxEFySW12MOIH2efxp73PS+2UWddr/vCLj1/KKofe074cDHlgAi7dw4d+2C0BAAAAAAAAAAAAAAB6ufQ/J0qH3UMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABG2f8CAAD//zwQyy8=")
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
read$msr(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
add_key$keyring(&(0x7f0000000000), 0x0, 0x0, 0x0, 0xfffffffffffffffe)
recvfrom(0xffffffffffffffff, 0x0, 0x0, 0x40000040, &(0x7f00000005c0)=@pppoe={0x18, 0x0, {0x1, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, 'rose0\x00'}}, 0x80)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r3)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x14, r4, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@void, @void}}}, 0x14}}, 0x4000054)

3.012124643s ago: executing program 3 (id=1640):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000380)={'syztnl0\x00', &(0x7f0000000240)={'syztnl1\x00', 0x0, 0x4, 0x3, 0xd7, 0x7, 0x4, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x1, 0x20, 0x8000, 0x2}})
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r4, 0x8933, &(0x7f0000001000)={'batadv_slave_1\x00', <r5=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="540000001400090525bd70000003000002180d00", @ANYRES32=r5, @ANYBLOB="08000b000000000008000200ac14143f080009"], 0x54}}, 0x0)

2.115974366s ago: executing program 4 (id=1641):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet_mptcp(0x2, 0x1, 0x106)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$phonet_pipe(0x23, 0x5, 0x2)
r1 = syz_open_procfs(0x0, &(0x7f0000000180)='oom_adj\x00')
writev(r1, &(0x7f00000000c0)=[{&(0x7f0000000140)='15', 0x2}], 0x8)

1.799402684s ago: executing program 4 (id=1642):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)={0x54, 0x9, 0x6, 0x201, 0x0, 0x0, {0x2}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x2c, 0x7, 0x0, 0x1, [@IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @local}}, @IPSET_ATTR_PROTO={0x5, 0x7, 0x5c}, @IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e20}, @IPSET_ATTR_IP_TO={0xc, 0x2, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @loopback}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x10000082}, 0x80)

1.509660711s ago: executing program 3 (id=1643):
bpf$MAP_CREATE(0x0, 0x0, 0x50)
socket$kcm(0x10, 0x2, 0x0)
keyctl$get_keyring_id(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x2a, 0xa9}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000700)=@abs={0x0, 0x0, 0x10000}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r3 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000c00), 0x2, 0x0)
ioctl$VHOST_SET_FEATURES(r3, 0x4008af00, &(0x7f0000000000)=0x200000000)
write$vhost_msg(r3, &(0x7f0000000540)={0x1, {&(0x7f0000000040)=""/62, 0x3e, 0x0, 0x2, 0x2}}, 0x48)
write$vhost_msg_v2(r3, 0x0, 0x0)
write$vhost_msg_v2(r3, &(0x7f0000000d40)={0x2, 0x0, {&(0x7f0000000ac0)=""/116, 0x74, 0x0, 0x2, 0x2}}, 0x48)
ioctl$IOMMU_HWPT_SET_DIRTY_TRACKING(0xffffffffffffffff, 0x3b8b, &(0x7f00000004c0)={0x10, 0x1})
write$vhost_msg_v2(r3, &(0x7f00000039c0)={0x2, 0x0, {&(0x7f0000000680)=""/184, 0xfffffefd, 0x0, 0x3, 0x2}}, 0x48)
write$vhost_msg_v2(r3, 0x0, 0x0)
write$vhost_msg_v2(r3, &(0x7f0000000180)={0x2, 0x0, {&(0x7f0000000e40)=""/187, 0xbb, 0x0, 0x2, 0x3}}, 0x48)

1.108276155s ago: executing program 5 (id=1644):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, 0x0, 0x2004c889)
sendmsg$IPCTNL_MSG_CT_GET_CTRZERO(r2, &(0x7f0000000340)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000280)={&(0x7f0000000400)={0xbc, 0x3, 0x1, 0x401, 0x0, 0x0, {0x1, 0x0, 0x5}, [@CTA_FILTER={0xc, 0x19, 0x0, 0x1, [@CTA_FILTER_REPLY_FLAGS={0x8, 0x2, 0x900}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x5}, @CTA_ID={0x8, 0xc, 0x1, 0x0, 0x4}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x7}, @CTA_TUPLE_ORIG={0x7c, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @remote}, {0x8, 0x2, @loopback}}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2}, {0x8, 0x2, @empty}}}, @CTA_TUPLE_IP={0x2c, 0x1, 0x0, 0x1, @ipv6={{0x14, 0x3, @private2}, {0x14, 0x4, @private2={0xfc, 0x2, '\x00', 0x1}}}}, @CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x8, 0x2, @broadcast}}}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x3}, @CTA_TUPLE_ZONE={0x6, 0x3, 0x1, 0x0, 0x2}]}, @CTA_MARK={0x8, 0x8, 0x1, 0x0, 0x57}]}, 0xbc}}, 0x8080)
sendmsg$IPSET_CMD_TYPE(r2, &(0x7f00000003c0)={&(0x7f0000000180)={0x10, 0x0, 0x0, 0x20}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x20000000}, 0xc000)
ioctl$UFFDIO_WRITEPROTECT(0xffffffffffffffff, 0xc018aa06, 0x0)
write$UHID_CREATE2(0xffffffffffffffff, 0x0, 0x118)
r3 = syz_pidfd_open(0x0, 0x0)
socket$nl_sock_diag(0x10, 0x3, 0x4)
syz_open_procfs(0x0, &(0x7f0000000040)='stat\x00')
ioctl$VIDIOC_QBUF(r3, 0xc058ff0b, 0x0)
mount(&(0x7f0000000000)=@nullb, &(0x7f00000000c0)='.\x00', &(0x7f0000000100)='ufs\x00', 0x210818, 0x0)

531.162199ms ago: executing program 0 (id=1645):
socket$key(0xf, 0x3, 0x2)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_DELETE_BATCH(0x18, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x5, r1, 0x0, 0x20}, 0x38)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/custom1\x00', 0x802, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f00000000c0)=0x3)
r2 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x201, 0x2002)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r2, 0x0)
mremap(&(0x7f0000010000/0x3000)=nil, 0x3000, 0x2000, 0x3, &(0x7f000000d000/0x2000)=nil)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r4 = dup(r3)
write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c)
syz_io_uring_submit(0x0, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
ioprio_get$uid(0x3, 0x0)
ioctl$HCIINQUIRY(r0, 0x400448ca, 0x0)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0x0, 0x1}, 0x6)
r5 = syz_open_dev$vim2m(&(0x7f0000000580), 0x4, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r5, 0xc0145608, &(0x7f00000000c0)={0x2, 0x1, 0x1})
ioctl$vim2m_VIDIOC_STREAMOFF(r5, 0x40045612, &(0x7f0000000100)=0x1)
bind$packet(0xffffffffffffffff, 0x0, 0x0)

344.850399ms ago: executing program 3 (id=1646):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
capset(&(0x7f0000001680)={0x20071026}, 0x0)
ioctl(0xffffffffffffffff, 0x3, &(0x7f0000000040))
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000003, 0x50032, 0xffffffffffffffff, 0x0)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
syz_clone(0x100, 0x0, 0x0, 0x0, 0x0, 0x0)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)

0s ago: executing program 5 (id=1647):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000600)={0x5, 0xf, &(0x7f00000001c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x40503c2b, 0x0, 0x0, 0x0, 0x7}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x85, 0x0, 0x0, 0xae}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001ac0)='syzkaller\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100ff}, 0x94)

kernel console output (not intermixed with test programs):

 T789] usb 3-1: config 0 descriptor??
[  611.108340][ T8699] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  611.183575][ T8699] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  611.465794][ T5864] usbhid 1-1:0.0: can't add hid device: -71
[  612.220908][ T5864] usbhid: probe of 1-1:0.0 failed with error -71
[  612.240711][ T5864] usb 1-1: USB disconnect, device number 35
[  612.371933][ T8718] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  612.382818][ T8718] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  613.634598][ T8728] random: crng reseeded on system resumption
[  614.576580][  T789] usb 3-1: USB disconnect, device number 27
[  614.780316][ T8732] loop2: detected capacity change from 0 to 128
[  614.813015][ T8732] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  614.859526][ T8732] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  615.130852][ T2895] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  617.350645][ T7110] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  617.510674][  T789] usb 1-1: new high-speed USB device number 36 using dummy_hcd
[  618.230123][ T7110] usb 3-1: Using ep0 maxpacket: 16
[  618.241320][ T7110] usb 3-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  618.263071][ T7110] usb 3-1: config 0 interface 0 has no altsetting 0
[  618.270748][ T7110] usb 3-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  618.279940][ T7110] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  618.290933][ T7110] usb 3-1: config 0 descriptor??
[  618.421230][  T789] usb 1-1: Using ep0 maxpacket: 32
[  618.429376][  T789] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  618.441885][  T789] usb 1-1: config 0 has no interfaces?
[  618.447503][  T789] usb 1-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  618.463714][  T789] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  618.487606][  T789] usb 1-1: config 0 descriptor??
[  618.718797][ T8755] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  618.741102][ T8755] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  618.820312][ T8765] random: crng reseeded on system resumption
[  619.850605][ T7110] usbhid 3-1:0.0: can't add hid device: -71
[  619.868402][ T7110] usbhid: probe of 3-1:0.0 failed with error -71
[  619.918066][ T7110] usb 3-1: USB disconnect, device number 28
[  620.114903][ T8768] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  620.125547][ T8768] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  621.860786][ T7105] usb 1-1: USB disconnect, device number 36
[  625.325440][ T8804] random: crng reseeded on system resumption
[  625.420764][ T7106] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[  627.050698][ T5864] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[  627.230625][ T7106] usb 3-1: Using ep0 maxpacket: 16
[  627.242732][ T7106] usb 3-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  627.267560][ T7106] usb 3-1: config 0 interface 0 has no altsetting 0
[  627.282134][ T7106] usb 3-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  627.293188][ T7106] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  627.306254][ T7106] usb 3-1: config 0 descriptor??
[  627.502665][ T7106] usbhid 3-1:0.0: can't add hid device: -71
[  627.537072][ T7106] usbhid: probe of 3-1:0.0 failed with error -71
[  627.550754][ T5864] usb 2-1: Using ep0 maxpacket: 32
[  627.567753][ T5864] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  627.579987][ T7106] usb 3-1: USB disconnect, device number 29
[  628.320567][ T5864] usb 2-1: config 0 has no interfaces?
[  628.326257][ T5864] usb 2-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  628.337813][ T5864] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  628.402142][ T5864] usb 2-1: config 0 descriptor??
[  628.841927][ T8812] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  628.852116][ T8812] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  629.179556][ T8830] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  629.188544][ T8830] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  631.054146][ T5864] usb 2-1: USB disconnect, device number 28
[  631.572187][ T8849] random: crng reseeded on system resumption
[  634.030633][ T5864] usb 1-1: new high-speed USB device number 37 using dummy_hcd
[  635.001336][ T5864] usb 1-1: Using ep0 maxpacket: 16
[  635.095043][ T5864] usb 1-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  635.327203][ T5864] usb 1-1: config 0 interface 0 has no altsetting 0
[  635.385161][ T5864] usb 1-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  635.526785][ T5864] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  635.558830][ T5864] usb 1-1: config 0 descriptor??
[  635.830649][  T789] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[  636.030884][  T789] usb 3-1: Using ep0 maxpacket: 32
[  636.040308][  T789] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  636.051109][  T789] usb 3-1: config 0 has no interfaces?
[  636.056713][  T789] usb 3-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  636.066340][  T789] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  636.100933][  T789] usb 3-1: config 0 descriptor??
[  636.646653][ T5864] usbhid 1-1:0.0: can't add hid device: -71
[  636.682734][ T8877] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  636.700733][ T5864] usbhid: probe of 1-1:0.0 failed with error -71
[  636.741967][ T8877] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  636.749924][ T5864] usb 1-1: USB disconnect, device number 37
[  637.038654][ T8877] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  637.047987][ T8877] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  637.257831][ T8894] loop1: detected capacity change from 0 to 512
[  637.447507][ T8894] EXT4-fs (loop1): Test dummy encryption mode enabled
[  637.457077][ T8894] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  637.472623][ T8894] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c802e02c, mo2=0002]
[  637.481548][ T8894] EXT4-fs (loop1): orphan cleanup on readonly fs
[  637.494202][ T8894] EXT4-fs error (device loop1): ext4_validate_block_bitmap:439: comm syz.1.920: bg 0: block 361: padding at end of block bitmap is not set
[  637.512993][ T8894] EXT4-fs (loop1): Remounting filesystem read-only
[  637.522686][ T8894] EXT4-fs (loop1): 1 truncate cleaned up
[  637.529927][ T8894] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none.
[  637.554617][ T8894] EXT4-fs warning (device loop1): dx_probe:893: inode #2: comm syz.1.920: dx entry: limit 0 != root limit 125
[  637.580208][ T8894] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.920: Corrupt directory, running e2fsck is recommended
[  637.607830][ T8894] EXT4-fs warning (device loop1): dx_probe:893: inode #2: comm syz.1.920: dx entry: limit 0 != root limit 125
[  637.633992][ T8894] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.920: Corrupt directory, running e2fsck is recommended
[  637.648643][ T8894] EXT4-fs warning (device loop1): dx_probe:893: inode #2: comm syz.1.920: dx entry: limit 0 != root limit 125
[  637.680297][ T8894] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.920: Corrupt directory, running e2fsck is recommended
[  637.727054][ T8902] EXT4-fs warning (device loop1): dx_probe:893: inode #2: comm syz.1.920: dx entry: limit 0 != root limit 125
[  637.746261][ T8902] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.920: Corrupt directory, running e2fsck is recommended
[  637.768013][ T8894] EXT4-fs warning (device loop1): dx_probe:893: inode #2: comm syz.1.920: dx entry: limit 0 != root limit 125
[  637.784542][ T8894] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.920: Corrupt directory, running e2fsck is recommended
[  637.931415][ T5769] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  638.722594][ T7106] usb 3-1: USB disconnect, device number 30
[  638.950772][ T5864] usb 2-1: new high-speed USB device number 29 using dummy_hcd
[  639.172594][ T5864] usb 2-1: Using ep0 maxpacket: 8
[  639.181640][ T5864] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  639.196216][ T5864] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  639.208183][ T5864] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  639.221978][ T5864] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  640.142092][ T5864] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  640.153794][ T5864] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  640.583932][ T5864] usb 2-1: usb_control_msg returned -32
[  640.601476][ T5864] usbtmc 2-1:16.0: can't read capabilities
[  642.692093][ T7125] usb 1-1: new high-speed USB device number 38 using dummy_hcd
[  642.794881][  T789] usb 2-1: USB disconnect, device number 29
[  642.879583][ T8943] netlink: 56 bytes leftover after parsing attributes in process `syz.1.934'.
[  642.900727][ T7125] usb 1-1: Using ep0 maxpacket: 16
[  642.926010][ T7125] usb 1-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  642.944132][ T7125] usb 1-1: config 0 interface 0 has no altsetting 0
[  643.027727][ T7125] usb 1-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  643.134139][ T7125] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  643.316963][ T7125] usb 1-1: config 0 descriptor??
[  644.236620][ T1293] ieee802154 phy0 wpan0: encryption failed: -22
[  644.347704][ T1293] ieee802154 phy1 wpan1: encryption failed: -22
[  645.284732][ T7125] nzxt-smart2 0003:1E71:2009.0002: unknown main item tag 0x0
[  646.081274][ T7125] nzxt-smart2 0003:1E71:2009.0002: unknown main item tag 0x0
[  646.088783][ T7125] nzxt-smart2 0003:1E71:2009.0002: unknown main item tag 0x0
[  646.096437][ T7125] nzxt-smart2 0003:1E71:2009.0002: unknown main item tag 0x0
[  646.103939][ T7125] nzxt-smart2 0003:1E71:2009.0002: unknown main item tag 0x0
[  646.227187][ T7125] nzxt-smart2 0003:1E71:2009.0002: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.0-1/input0
[  646.797555][ T7125] usb 1-1: USB disconnect, device number 38
[  647.097135][ T8969] loop0: detected capacity change from 0 to 512
[  647.145036][ T8969] EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities
[  647.198750][ T8971] netlink: 56 bytes leftover after parsing attributes in process `syz.3.943'.
[  647.210109][ T8964] fido_id[8964]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.0/usb1/report_descriptor': No such file or directory
[  647.939519][ T8973] syz.0.942 (8973) used greatest stack depth: 17448 bytes left
[  650.080952][ T7106] usb 2-1: new high-speed USB device number 30 using dummy_hcd
[  650.300904][ T7106] usb 2-1: Using ep0 maxpacket: 16
[  650.308667][ T7106] usb 2-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  650.339097][ T7106] usb 2-1: config 0 interface 0 has no altsetting 0
[  650.350604][ T7106] usb 2-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  650.360000][ T7106] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  650.397120][ T7106] usb 2-1: config 0 descriptor??
[  650.406301][ T8990] loop3: detected capacity change from 0 to 512
[  650.463626][ T8990] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  650.536602][ T8990] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5920: Corrupt filesystem
[  650.551182][ T8990] EXT4-fs error (device loop3): ext4_dirty_inode:6124: inode #15: comm syz.3.949: mark_inode_dirty error
[  650.613258][ T5770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  650.816485][ T7106] nzxt-smart2 0003:1E71:2009.0003: unknown main item tag 0x0
[  650.839433][ T7106] nzxt-smart2 0003:1E71:2009.0003: unknown main item tag 0x0
[  650.855089][ T7106] nzxt-smart2 0003:1E71:2009.0003: unknown main item tag 0x0
[  650.884301][ T7106] nzxt-smart2 0003:1E71:2009.0003: unknown main item tag 0x0
[  650.909199][ T7106] nzxt-smart2 0003:1E71:2009.0003: unknown main item tag 0x0
[  650.976670][ T9001] tipc: Started in network mode
[  650.981819][ T9001] tipc: Node identity , cluster identity 4711
[  650.988028][ T9001] tipc: Failed to obtain node identity
[  650.993714][ T9001] tipc: Enabling of bearer <eth:ip6gre0> rejected, failed to enable media
[  651.004766][ T9001] Cannot find add_set index 65532 as target
[  651.015030][ T9001] loop0: detected capacity change from 0 to 128
[  651.059890][ T7106] nzxt-smart2 0003:1E71:2009.0003: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.1-1/input0
[  651.073175][ T8999] netlink: 56 bytes leftover after parsing attributes in process `syz.2.952'.
[  651.102387][    C1] usb 2-1: input irq status -75 received
[  651.170510][    C1] hrtimer: interrupt took 59358 ns
[  651.614342][ T7106] usb 2-1: USB disconnect, device number 30
[  652.011665][ T9004] fido_id[9004]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[  652.120816][  T790] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[  652.148093][ T9008] loop2: detected capacity change from 0 to 512
[  652.176888][ T9006] loop0: detected capacity change from 0 to 4096
[  652.197331][ T9010] random: crng reseeded on system resumption
[  652.242510][ T9008] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  652.396248][ T9008] ext4 filesystem being mounted at /226/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  652.424859][  T790] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  652.435693][  T790] usb 4-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  652.452293][ T9006] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  652.494970][  T790] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  652.517180][  T790] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  652.539894][  T790] usb 4-1: Product: syz
[  652.685016][ T9006] netlink: 28 bytes leftover after parsing attributes in process `syz.0.954'.
[  652.720266][ T9006] netlink: 28 bytes leftover after parsing attributes in process `syz.0.954'.
[  652.765020][  T790] usb 4-1: Manufacturer: syz
[  652.769978][  T790] usb 4-1: SerialNumber: syz
[  652.793565][ T9006] ip6gretap0: entered promiscuous mode
[  652.801440][ T9006] syz_tun: entered promiscuous mode
[  655.823088][ T5768] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  657.160330][  T790] cdc_ncm 4-1:1.0: bind() failure
[  657.239432][  T790] cdc_ncm 4-1:1.1: CDC Union missing and no IAD found
[  657.300637][  T790] cdc_ncm 4-1:1.1: bind() failure
[  657.323668][  T790] usb 4-1: USB disconnect, device number 29
[  657.415492][ T5771] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  658.711183][ T9045] random: crng reseeded on system resumption
[  659.779649][ T9052] process 'syz.1.966' launched '/dev/fd/3' with NULL argv: empty string added
[  661.948253][ T9066] sctp: [Deprecated]: syz.3.970 (pid 9066) Use of struct sctp_assoc_value in delayed_ack socket option.
[  661.948253][ T9066] Use struct sctp_sack_info instead
[  662.983193][ T9075] syzkaller0: create flow: hash 44605510 index 1
[  663.024885][ T9074] random: crng reseeded on system resumption
[  663.399192][ T9071] syzkaller0: delete flow: hash 44605510 index 1
[  664.384933][ T7103] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[  664.650687][ T7103] usb 3-1: Using ep0 maxpacket: 16
[  664.720737][ T7103] usb 3-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  664.814519][ T7103] usb 3-1: config 0 interface 0 has no altsetting 0
[  664.872232][ T7103] usb 3-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  664.962442][ T7103] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  665.061501][ T7103] usb 3-1: config 0 descriptor??
[  665.577194][ T7103] nzxt-smart2 0003:1E71:2009.0004: unknown main item tag 0x0
[  665.597661][ T7103] nzxt-smart2 0003:1E71:2009.0004: unknown main item tag 0x0
[  665.616041][ T7103] nzxt-smart2 0003:1E71:2009.0004: unknown main item tag 0x0
[  665.634495][ T7103] nzxt-smart2 0003:1E71:2009.0004: unknown main item tag 0x0
[  665.657516][ T7103] nzxt-smart2 0003:1E71:2009.0004: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.2-1/input0
[  665.768630][    C0] usb 3-1: input irq status -75 received
[  667.543482][  T790] usb 3-1: USB disconnect, device number 31
[  667.653633][ T9112] random: crng reseeded on system resumption
[  668.330712][  T790] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[  668.545031][  T790] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  668.573554][  T790] usb 3-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  668.590201][  T790] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  668.632148][  T790] usb 3-1: config 0 descriptor??
[  668.660707][  T790] pwc: Askey VC010 type 2 USB webcam detected.
[  669.086486][  T790] pwc: recv_control_msg error -32 req 02 val 2b00
[  669.095033][  T790] pwc: recv_control_msg error -32 req 02 val 2700
[  669.116454][  T790] pwc: recv_control_msg error -32 req 02 val 2c00
[  669.124073][  T790] pwc: recv_control_msg error -32 req 04 val 1000
[  669.142223][  T790] pwc: recv_control_msg error -32 req 04 val 1300
[  669.149821][  T790] pwc: recv_control_msg error -32 req 04 val 1400
[  669.168334][  T790] pwc: recv_control_msg error -32 req 02 val 2000
[  669.187679][  T790] pwc: recv_control_msg error -32 req 02 val 2100
[  669.196078][  T790] pwc: recv_control_msg error -32 req 04 val 1500
[  669.213955][  T790] pwc: recv_control_msg error -32 req 02 val 2500
[  670.018281][  T790] pwc: recv_control_msg error -71 req 02 val 2400
[  670.031223][  T790] pwc: recv_control_msg error -71 req 02 val 2600
[  670.052108][  T790] pwc: recv_control_msg error -71 req 02 val 2900
[  670.089442][  T790] pwc: recv_control_msg error -71 req 02 val 2800
[  670.120705][  T790] pwc: recv_control_msg error -71 req 04 val 1100
[  670.135691][  T790] pwc: recv_control_msg error -71 req 04 val 1200
[  670.143844][  T790] pwc: Registered as video103.
[  670.162948][  T790] input: PWC snapshot button as /devices/platform/dummy_hcd.2/usb3/3-1/input/input13
[  670.241070][  T790] usb 3-1: USB disconnect, device number 32
[  671.777863][ T9132] loop2: detected capacity change from 0 to 40427
[  671.902729][ T9132] F2FS-fs (loop2): build fault injection attr: rate: 771, type: 0x7ffff
[  671.951304][ T9132] F2FS-fs (loop2): invalid crc value
[  671.995376][ T9132] F2FS-fs (loop2): Found nat_bits in checkpoint
[  672.259132][ T9132] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  672.508740][ T9132] F2FS-fs (loop2): inject alloc nid in f2fs_alloc_nid of f2fs_new_inode+0x108/0x1030
[  672.511926][ T9133] f2fs_ckpt-7:2: attempt to access beyond end of device
[  672.511926][ T9133] loop2: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  672.565409][ T9132] overlayfs: failed to create directory ./bus/index (errno: 28); mounting read-only
[  672.583404][ T9133] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  672.610695][ T9132] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index.
[  672.652360][ T9133] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  672.746557][ T5768] syz-executor: attempt to access beyond end of device
[  672.746557][ T5768] loop2: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  673.789072][ T9110] bridge0: port 2(erspan0) entered blocking state
[  673.796699][ T9110] bridge0: port 2(erspan0) entered disabled state
[  673.804129][ T9110] erspan0: entered allmulticast mode
[  673.811933][ T9110] erspan0: entered promiscuous mode
[  673.818704][ T9110] bridge0: port 2(erspan0) entered blocking state
[  673.825572][ T9110] bridge0: port 2(erspan0) entered forwarding state
[  675.038571][ T9145] random: crng reseeded on system resumption
[  677.210626][  T789] usb 2-1: new high-speed USB device number 31 using dummy_hcd
[  677.316402][   T11] tipc: Disabling bearer <eth:ip6gre0>
[  677.362952][   T11] tipc: Left network mode
[  677.605186][  T789] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  677.771233][  T789] usb 2-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  677.780591][  T789] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  677.803204][  T789] usb 2-1: config 0 descriptor??
[  677.817622][  T789] pwc: Askey VC010 type 2 USB webcam detected.
[  678.220655][  T789] pwc: recv_control_msg error -32 req 02 val 2b00
[  678.269419][  T789] pwc: recv_control_msg error -32 req 02 val 2700
[  678.300650][  T789] pwc: recv_control_msg error -32 req 02 val 2c00
[  678.362012][  T789] pwc: recv_control_msg error -32 req 04 val 1000
[  678.395455][  T789] pwc: recv_control_msg error -32 req 04 val 1300
[  678.418040][  T789] pwc: recv_control_msg error -32 req 04 val 1400
[  678.459062][ T9174] loop3: detected capacity change from 0 to 512
[  678.466174][  T789] pwc: recv_control_msg error -32 req 02 val 2000
[  678.504573][  T789] pwc: recv_control_msg error -32 req 02 val 2100
[  678.516660][ T9174] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities
[  678.531273][  T789] pwc: recv_control_msg error -32 req 04 val 1500
[  678.550743][  T789] pwc: recv_control_msg error -32 req 02 val 2500
[  678.594978][  T789] pwc: recv_control_msg error -71 req 02 val 2400
[  678.621836][  T789] pwc: recv_control_msg error -71 req 02 val 2600
[  678.838360][  T789] pwc: recv_control_msg error -71 req 02 val 2900
[  678.850689][  T789] pwc: recv_control_msg error -71 req 02 val 2800
[  678.862459][  T789] pwc: recv_control_msg error -71 req 04 val 1100
[  678.880631][  T789] pwc: recv_control_msg error -71 req 04 val 1200
[  678.891161][  T789] pwc: Registered as video103.
[  680.669850][  T789] input: PWC snapshot button as /devices/platform/dummy_hcd.1/usb2/2-1/input/input14
[  680.947937][  T789] usb 2-1: USB disconnect, device number 31
[  680.957487][ T9194] random: crng reseeded on system resumption
[  686.321649][ T9218] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  686.347899][ T9218] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  686.357900][ T9218] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  686.370994][ T9218] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  686.380966][ T9218] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  686.390650][ T9218] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  688.910943][ T5084] Bluetooth: hci0: command tx timeout
[  689.440854][   T11] hsr_slave_0: left promiscuous mode
[  689.491627][   T11] hsr_slave_1: left promiscuous mode
[  689.549168][   T11] batman_adv: batadv0: Removing interface: batadv_slave_0
[  689.573975][   T11] batman_adv: batadv0: Removing interface: batadv_slave_1
[  689.600410][   T11] bridge_slave_1: left allmulticast mode
[  689.615052][   T11] bridge_slave_1: left promiscuous mode
[  689.629787][   T11] bridge0: port 2(bridge_slave_1) entered disabled state
[  689.729599][   T11] bridge_slave_0: left allmulticast mode
[  689.760592][   T11] bridge_slave_0: left promiscuous mode
[  689.766480][   T11] bridge0: port 1(bridge_slave_0) entered disabled state
[  691.030672][ T9249] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1015'.
[  692.025222][ T5084] Bluetooth: hci0: command tx timeout
[  692.312695][ T9257] random: crng reseeded on system resumption
[  692.433476][ T9259] loop1: detected capacity change from 0 to 512
[  693.300751][ T9259] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  693.310757][ T9259] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  693.320602][ T9259] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  693.334724][ T9259] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  693.342768][ T9259] [EXT4 FS bs=4096, gc=2, bpg=35, ipg=32, mo=e040e01c, mo2=0000]
[  693.350793][ T9259] EXT4-fs (loop1): failed to initialize system zone (-117)
[  693.358152][ T9259] EXT4-fs (loop1): mount failed
[  693.531292][   T11] bond1 (unregistering): Released all slaves
[  694.071296][ T5084] Bluetooth: hci0: command tx timeout
[  696.230917][ T5084] Bluetooth: hci0: command tx timeout
[  696.531338][ T7106] usb 4-1: new high-speed USB device number 30 using dummy_hcd
[  696.897255][ T7106] usb 4-1: config 0 has no interfaces?
[  696.903153][ T7106] usb 4-1: New USB device found, idVendor=06cd, idProduct=010f, bcdDevice=d5.1b
[  696.935683][ T7106] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  696.981955][ T7106] usb 4-1: config 0 descriptor??
[  697.273080][ T7105] usb 4-1: USB disconnect, device number 30
[  697.302550][   T11] team0 (unregistering): Port device team_slave_1 removed
[  697.386566][   T11] team0 (unregistering): Port device team_slave_0 removed
[  697.452774][ T7110] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[  697.552532][   T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  697.628219][   T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  697.649983][ T7110] usb 2-1: config 0 has no interfaces?
[  697.662572][ T7110] usb 2-1: New USB device found, idVendor=06cd, idProduct=010f, bcdDevice=d5.1b
[  697.688725][ T7110] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  697.720656][ T7110] usb 2-1: config 0 descriptor??
[  698.004252][ T7106] usb 2-1: USB disconnect, device number 32
[  698.485495][   T11] bond0 (unregistering): Released all slaves
[  699.119505][ T9313] random: crng reseeded on system resumption
[  700.240370][ T9210] chnl_net:caif_netlink_parms(): no params data found
[  700.609098][ T9210] bridge0: port 1(bridge_slave_0) entered blocking state
[  700.620759][ T9210] bridge0: port 1(bridge_slave_0) entered disabled state
[  700.628173][ T9210] bridge_slave_0: entered allmulticast mode
[  700.636922][ T9210] bridge_slave_0: entered promiscuous mode
[  700.647358][ T9210] bridge0: port 2(bridge_slave_1) entered blocking state
[  700.655281][ T9210] bridge0: port 2(bridge_slave_1) entered disabled state
[  700.662940][ T9210] bridge_slave_1: entered allmulticast mode
[  700.670873][ T9210] bridge_slave_1: entered promiscuous mode
[  700.714396][ T9210] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  700.727461][ T9210] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  700.844961][ T9210] team0: Port device team_slave_0 added
[  700.874168][ T9210] team0: Port device team_slave_1 added
[  700.970766][ T9210] batman_adv: batadv0: Adding interface: batadv_slave_0
[  700.977750][ T9210] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  701.059698][ T9345] loop0: detected capacity change from 0 to 164
[  701.096250][ T9210] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  701.116626][ T9345] ISOFS: Bad logical zone size 25856
[  701.146746][ T9210] batman_adv: batadv0: Adding interface: batadv_slave_1
[  701.170559][ T9210] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  701.207756][ T9347] loop1: detected capacity change from 0 to 512
[  701.249481][ T9210] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  701.296666][ T9347] EXT4-fs (loop1): couldn't mount as ext3 due to feature incompatibilities
[  702.020426][ T9210] hsr_slave_0: entered promiscuous mode
[  702.050391][ T9210] hsr_slave_1: entered promiscuous mode
[  702.077316][ T9210] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  702.100026][ T9210] Cannot create hsr debugfs directory
[  703.481281][ T9210] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  703.515869][ T9210] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  703.566153][ T9210] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  703.606796][ T9210] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  703.952555][ T9210] 8021q: adding VLAN 0 to HW filter on device bond0
[  703.977861][ T9210] 8021q: adding VLAN 0 to HW filter on device team0
[  704.009232][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[  704.016591][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[  704.117230][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[  704.124634][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[  704.427057][ T9210] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  704.438127][ T9210] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  704.525670][ T9396] ufs: You didn't specify the type of your ufs filesystem
[  704.525670][ T9396] 
[  704.525670][ T9396] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  704.525670][ T9396] 
[  704.525670][ T9396] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  704.557150][ T9396] ufs: ufstype=old is supported read-only
[  704.572635][ T9396] ufs: ufs_fill_super(): bad magic number
[  705.677807][ T1293] ieee802154 phy0 wpan0: encryption failed: -22
[  705.685207][ T1293] ieee802154 phy1 wpan1: encryption failed: -22
[  705.887978][ T9210] 8021q: adding VLAN 0 to HW filter on device batadv0
[  708.190912][ T9210] veth0_vlan: entered promiscuous mode
[  708.235150][ T9210] veth1_vlan: entered promiscuous mode
[  708.344773][ T9210] veth0_macvtap: entered promiscuous mode
[  708.380097][ T9210] veth1_macvtap: entered promiscuous mode
[  708.458270][ T9210] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  708.490659][ T9210] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  708.523355][ T9210] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  708.541525][ T9210] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  708.560780][ T9210] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  708.584032][ T9210] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  708.641239][ T9210] batman_adv: batadv0: Interface activated: batadv_slave_0
[  708.668046][ T9210] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  708.710953][ T9210] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  708.727818][ T9210] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  708.767630][ T9210] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  708.801002][ T9210] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  708.830588][ T9210] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  708.984884][ T9210] batman_adv: batadv0: Interface activated: batadv_slave_1
[  709.981235][ T9466] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1057'.
[  710.040413][ T9210] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  710.094301][ T9210] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  710.122181][ T9210] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  710.157371][ T9210] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  710.456918][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  710.478790][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  710.594524][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  710.603226][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  712.068701][ T9520] "syz.3.1066" (9520) uses obsolete ecb(arc4) skcipher
[  713.165363][ T9527] loop1: detected capacity change from 0 to 1024
[  713.231131][ T9527] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  713.364677][ T9527] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  713.969723][ T5769] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  716.850984][ T9576] loop3: detected capacity change from 0 to 4096
[  716.891833][ T9576] EXT4-fs (loop3): can't mount with data_err=abort, fs mounted w/o journal
[  717.005163][ T9579] loop1: detected capacity change from 0 to 512
[  717.106511][ T9579] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  717.116535][ T9579] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  717.127041][ T9579] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  717.167486][ T9579] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  717.175586][ T9579] [EXT4 FS bs=4096, gc=2, bpg=35, ipg=32, mo=e040e01c, mo2=0000]
[  717.185974][ T9579] EXT4-fs (loop1): failed to initialize system zone (-117)
[  717.193775][ T9579] EXT4-fs (loop1): mount failed
[  717.783964][ T8288] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  717.859901][ T9583] bond0: (slave ipvlan2): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  717.971640][ T9583] bond0: (slave ipvlan2): The slave device specified does not support setting the MAC address
[  717.991309][ T9583] bond0: (slave ipvlan2): Error -95 calling set_mac_address
[  718.519371][ T9596] loop0: detected capacity change from 0 to 1024
[  718.527856][ T9596] EXT4-fs: Ignoring removed nobh option
[  718.541644][ T9596] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  718.673358][ T9596] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  720.111471][ T9596] EXT4-fs error (device loop0): ext4_map_blocks:608: inode #2: block 16: comm syz.0.1086: lblock 0 mapped to illegal pblock 16 (length 1)
[  720.639589][ T5771] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  721.760345][ T9632] loop1: detected capacity change from 0 to 512
[  722.678422][ T9632] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  722.688332][ T9632] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  722.698588][ T9632] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  722.859421][ T9632] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  722.867577][ T9632] [EXT4 FS bs=4096, gc=2, bpg=35, ipg=32, mo=e040e01c, mo2=0000]
[  722.876202][ T9632] EXT4-fs (loop1): failed to initialize system zone (-117)
[  722.884389][ T9632] EXT4-fs (loop1): mount failed
[  723.790596][ T7106] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  724.128848][ T9659] Failed to get privilege flags for destination (handle=0x2:0x0)
[  724.301036][ T7106] usb 5-1: Using ep0 maxpacket: 32
[  724.368697][ T7106] usb 5-1: config 0 has an invalid interface number: 188 but max is 0
[  724.414733][ T7106] usb 5-1: config 0 has no interface number 0
[  724.504442][ T7106] usb 5-1: config 0 interface 188 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 32
[  725.739636][ T7106] usb 5-1: New USB device found, idVendor=17ef, idProduct=7203, bcdDevice=2e.36
[  725.749148][ T7106] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  725.759063][ T7106] usb 5-1: Product: syz
[  725.763447][ T7106] usb 5-1: Manufacturer: syz
[  725.768344][ T7106] usb 5-1: SerialNumber: syz
[  725.776768][ T7106] usb 5-1: config 0 descriptor??
[  725.783057][ T9650] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  726.011254][ T9650] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  727.048098][ T7106] asix 5-1:0.188 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[  727.071692][ T7106] asix: probe of 5-1:0.188 failed with error -71
[  727.128374][ T9680] "syz.3.1103" (9680) uses obsolete ecb(arc4) skcipher
[  727.850801][ T7106] usb 5-1: USB disconnect, device number 2
[  728.740102][ T9700] ufs: You didn't specify the type of your ufs filesystem
[  728.740102][ T9700] 
[  728.740102][ T9700] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  728.740102][ T9700] 
[  728.740102][ T9700] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  728.841216][ T9702] loop3: detected capacity change from 0 to 512
[  730.320804][ T9700] ufs: ufstype=old is supported read-only
[  730.327054][ T9700] ufs: ufs_fill_super(): bad magic number
[  730.344788][ T9702] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  730.355335][ T9702] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  730.365221][ T9702] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  730.407955][ T9702] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  730.416354][ T9702] [EXT4 FS bs=4096, gc=2, bpg=35, ipg=32, mo=e040e01c, mo2=0000]
[  730.424421][ T9702] EXT4-fs (loop3): failed to initialize system zone (-117)
[  730.432311][ T9702] EXT4-fs (loop3): mount failed
[  730.774607][ T9710] loop0: detected capacity change from 0 to 512
[  730.866413][ T9710] EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities
[  732.650606][ T9731] "syz.0.1113" (9731) uses obsolete ecb(arc4) skcipher
[  733.258615][ T9741] Failed to get privilege flags for destination (handle=0x2:0x0)
[  733.293237][ T9738] loop0: detected capacity change from 0 to 512
[  733.332869][ T9738] EXT4-fs: Ignoring removed orlov option
[  733.408066][ T9738] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  733.461628][ T9738] EXT4-fs (loop0): orphan cleanup on readonly fs
[  733.538342][ T9738] EXT4-fs error (device loop0): ext4_validate_block_bitmap:439: comm syz.0.1116: bg 0: block 248: padding at end of block bitmap is not set
[  733.565293][ T9738] Quota error (device loop0): write_blk: dquota write failed
[  733.578754][ T9738] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  733.595443][ T9738] EXT4-fs error (device loop0): ext4_acquire_dquot:6949: comm syz.0.1116: Failed to acquire dquot type 1
[  733.663044][ T9738] EXT4-fs (loop0): 1 truncate cleaned up
[  733.696233][ T9738] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  733.774227][ T9738] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  733.900779][ T5862] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[  734.111162][ T5862] usb 2-1: Using ep0 maxpacket: 32
[  734.120282][ T5862] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  734.155764][ T5862] usb 2-1: config 0 has no interfaces?
[  734.163622][ T5862] usb 2-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  734.194652][ T5862] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  734.398157][ T5862] usb 2-1: config 0 descriptor??
[  734.621968][ T9746] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  734.671883][ T9746] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  734.923438][ T9746] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  734.932329][ T9746] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  734.949929][ T7104] usb 2-1: USB disconnect, device number 33
[  735.783994][ T9768] loop0: detected capacity change from 0 to 512
[  735.829844][ T9768] EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities
[  736.651517][ T9778] "syz.1.1124" (9778) uses obsolete ecb(arc4) skcipher
[  738.260636][ T7104] usb 2-1: new high-speed USB device number 34 using dummy_hcd
[  738.472637][ T9796] loop0: detected capacity change from 0 to 16
[  738.555062][ T9796] erofs: (device loop0): mounted with root inode @ nid 36.
[  738.593336][ T9800] Failed to get privilege flags for destination (handle=0x2:0x0)
[  738.602578][ T7104] usb 2-1: Using ep0 maxpacket: 32
[  738.614411][ T7104] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  738.658782][ T7104] usb 2-1: config 0 has no interfaces?
[  738.677814][ T7104] usb 2-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  738.731310][ T7104] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  738.779371][ T7104] usb 2-1: config 0 descriptor??
[  739.514101][ T9791] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  739.539387][ T9791] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  739.854425][ T9805] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  739.863526][ T9805] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  741.032504][  T789] usb 2-1: USB disconnect, device number 34
[  741.137402][ T9819] loop1: detected capacity change from 0 to 512
[  741.197295][ T9819] EXT4-fs (loop1): couldn't mount as ext3 due to feature incompatibilities
[  741.504987][ T7110] usb 1-1: new high-speed USB device number 39 using dummy_hcd
[  742.022949][ T9832] "syz.3.1135" (9832) uses obsolete ecb(arc4) skcipher
[  742.350578][ T7110] usb 1-1: Using ep0 maxpacket: 32
[  742.357958][ T7110] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  742.380530][ T7110] usb 1-1: config 0 has no interfaces?
[  742.386203][ T7110] usb 1-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  742.410529][ T7110] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  742.442105][ T7110] usb 1-1: config 0 descriptor??
[  742.669781][ T9817] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  742.722614][ T9817] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  743.112511][ T9817] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  743.121442][ T9817] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  743.138486][ T7105] usb 1-1: USB disconnect, device number 39
[  744.562750][ T9845] loop4: detected capacity change from 0 to 32768
[  744.570637][ T7104] usb 1-1: new high-speed USB device number 40 using dummy_hcd
[  744.800602][ T7104] usb 1-1: Using ep0 maxpacket: 32
[  744.825876][ T9845] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by syz.4.1139 (9845)
[  744.861704][ T7104] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  744.893407][ T7104] usb 1-1: config 0 has no interfaces?
[  744.911174][ T7104] usb 1-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  744.950829][ T7104] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  744.996930][ T7104] usb 1-1: config 0 descriptor??
[  745.012786][ T9845] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  745.014946][ T9874] Failed to get privilege flags for destination (handle=0x2:0x0)
[  745.056599][ T9845] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  745.071299][ T9845] BTRFS warning (device loop4): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  745.103122][ T9845] BTRFS info (device loop4): trying to use backup root at mount time
[  745.127735][ T9845] BTRFS info (device loop4): setting nodatasum
[  745.158324][ T9845] BTRFS info (device loop4): force zlib compression, level 3
[  745.206917][ T9845] BTRFS info (device loop4): setting nodatacow
[  745.246453][ T9845] BTRFS info (device loop4): turning on flush-on-commit
[  745.265273][ T9863] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  745.320670][ T9845] BTRFS info (device loop4): disabling tree log
[  745.331392][ T9863] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  745.367444][ T9845] BTRFS info (device loop4): using free space tree
[  745.637524][ T9845] workqueue: Failed to create a rescuer kthread for wq "btrfs-delalloc": -EINTR
[  745.717845][ T9879] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  745.736338][ T9879] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  745.759340][ T9845] workqueue: Failed to create a rescuer kthread for wq "btrfs-flush_delalloc": -EINTR
[  745.771724][ T9845] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR
[  745.791650][ T9845] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR
[  745.809342][ T9845] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR
[  745.871874][ T9845] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR
[  745.929744][ T9845] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR
[  745.991360][ T9845] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR
[  746.070416][ T9845] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR
[  746.149600][ T9845] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  746.240290][ T9845] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  746.305893][ T9845] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  746.488064][ T9845] BTRFS error (device loop4): open_ctree failed: -12
[  746.664907][ T8288] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 scanned by udevd (8288)
[  747.995830][ T7105] usb 1-1: USB disconnect, device number 40
[  748.111924][ T9917] "syz.3.1145" (9917) uses obsolete ecb(arc4) skcipher
[  750.011452][  T789] usb 4-1: new high-speed USB device number 31 using dummy_hcd
[  750.023463][ T9945] ufs: You didn't specify the type of your ufs filesystem
[  750.023463][ T9945] 
[  750.023463][ T9945] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  750.023463][ T9945] 
[  750.023463][ T9945] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  750.054482][ T9945] ufs: ufstype=old is supported read-only
[  750.060666][ T9945] ufs: ufs_fill_super(): bad magic number
[  750.429807][  T789] usb 4-1: Using ep0 maxpacket: 32
[  750.446919][  T789] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  750.476573][  T789] usb 4-1: config 0 has no interfaces?
[  750.496225][  T789] usb 4-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  750.515115][ T9949] netlink: 44 bytes leftover after parsing attributes in process `syz.4.1154'.
[  750.534901][  T789] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  750.587359][  T789] usb 4-1: config 0 descriptor??
[  750.817379][ T9930] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  750.844774][ T9930] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  751.074838][ T9930] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  751.083714][ T9930] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  751.096766][ T9957] Failed to get privilege flags for destination (handle=0x2:0x0)
[  751.108261][  T790] usb 4-1: USB disconnect, device number 31
[  752.420814][ T5864] usb 4-1: new high-speed USB device number 32 using dummy_hcd
[  752.700807][ T5864] usb 4-1: Using ep0 maxpacket: 32
[  752.731953][ T5864] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  752.774677][ T5864] usb 4-1: config 0 has no interfaces?
[  752.924874][ T5864] usb 4-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  752.934694][ T5864] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  752.946061][ T5864] usb 4-1: config 0 descriptor??
[  753.167607][ T9963] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  753.188119][ T9963] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  753.424997][ T9976] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  753.434071][ T9976] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  755.221001][ T9993] atomic_op ffff88807d133198 conn xmit_atomic 0000000000000000
[  755.847647][ T9992] tty tty22: ldisc open failed (-12), clearing slot 21
[  755.916788][  T789] usb 4-1: USB disconnect, device number 32
[  757.280550][ T5864] usb 1-1: new high-speed USB device number 41 using dummy_hcd
[  757.448543][T10013] loop1: detected capacity change from 0 to 512
[  757.720572][ T5864] usb 1-1: Using ep0 maxpacket: 32
[  757.802762][T10015] Failed to get privilege flags for destination (handle=0x2:0x0)
[  758.375257][ T5864] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  759.106797][T10013] EXT4-fs (loop1): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  759.116879][T10013] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  759.126915][T10013] EXT4-fs (loop1): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  759.326802][T10013] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  759.334212][ T5864] usb 1-1: config 0 has no interfaces?
[  759.334948][T10013] [EXT4 FS bs=4096, gc=2, bpg=35, ipg=32, mo=e040e01c, mo2=0000]
[  759.340352][ T5864] usb 1-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  759.348653][T10013] EXT4-fs (loop1): failed to initialize system zone (-117)
[  759.364773][T10013] EXT4-fs (loop1): mount failed
[  759.454163][ T5864] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  759.489930][ T5864] usb 1-1: config 0 descriptor??
[  759.510007][ T5864] usb 1-1: can't set config #0, error -71
[  759.530258][ T5864] usb 1-1: USB disconnect, device number 41
[  760.323026][T10031] loop3: detected capacity change from 0 to 16
[  760.349738][T10031] erofs: (device loop3): mounted with root inode @ nid 36.
[  761.071116][T10041] loop0: detected capacity change from 0 to 256
[  761.080039][T10041] exfat: Deprecated parameter 'namecase'
[  761.086144][T10041] exfat: Deprecated parameter 'utf8'
[  761.863795][T10041] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  761.922775][T10028] binder: 10027:10028 ioctl c0306201 200000000180 returned -14
[  762.007054][T10041] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x7f1fc68d, utbl_chksum : 0xe619d30d)
[  762.135888][T10044] loop3: detected capacity change from 0 to 512
[  762.172658][T10044] EXT4-fs (loop3): can't mount with data_err=abort, fs mounted w/o journal
[  763.765834][T10061] Failed to get privilege flags for destination (handle=0x2:0x0)
[  763.767815][ T5864] usb 2-1: new high-speed USB device number 35 using dummy_hcd
[  763.970991][ T5864] usb 2-1: Using ep0 maxpacket: 32
[  763.982484][ T5864] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  764.104965][ T5864] usb 2-1: config 0 has no interfaces?
[  764.144271][ T5864] usb 2-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  764.205079][ T5864] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  764.253721][ T5864] usb 2-1: config 0 descriptor??
[  764.302988][T10070] loop4: detected capacity change from 0 to 512
[  764.322561][T10070] EXT4-fs (loop4): couldn't mount as ext3 due to feature incompatibilities
[  764.565017][T10053] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  764.618432][T10053] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  765.158030][T10053] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  765.166916][T10053] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  765.206979][  T790] usb 2-1: USB disconnect, device number 35
[  767.114995][ T1293] ieee802154 phy0 wpan0: encryption failed: -22
[  767.122578][ T1293] ieee802154 phy1 wpan1: encryption failed: -22
[  767.309389][T10105] loop1: detected capacity change from 0 to 512
[  767.360160][T10105] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  767.493198][T10105] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  767.551716][T10105] ext4 filesystem being mounted at /320/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  767.981004][T10115] Failed to get privilege flags for destination (handle=0x2:0x0)
[  769.176752][ T5769] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  769.503044][T10127] loop4: detected capacity change from 0 to 512
[  769.710272][T10127] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  769.720599][T10127] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  769.730821][T10127] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  769.753077][T10127] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  769.761349][T10127] [EXT4 FS bs=4096, gc=2, bpg=35, ipg=32, mo=e040e01c, mo2=0000]
[  769.770015][T10127] EXT4-fs (loop4): failed to initialize system zone (-117)
[  769.777951][T10127] EXT4-fs (loop4): mount failed
[  769.947457][T10122] loop0: detected capacity change from 0 to 512
[  770.358221][T10122] EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities
[  771.772048][ T5864] usb 2-1: new high-speed USB device number 36 using dummy_hcd
[  771.970730][ T5864] usb 2-1: Using ep0 maxpacket: 32
[  772.027363][ T5864] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  772.198067][ T5864] usb 2-1: config 0 has no interfaces?
[  772.328695][ T5864] usb 2-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  772.539771][ T5864] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  772.621995][ T5864] usb 2-1: config 0 descriptor??
[  772.845673][T10132] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  772.876225][T10167] loop3: detected capacity change from 0 to 128
[  772.879519][T10132] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  773.153881][T10132] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  773.162805][T10132] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  773.174543][  T790] usb 2-1: USB disconnect, device number 36
[  773.185444][T10167] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  773.224573][T10167] ext4 filesystem being mounted at /312/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  773.652766][ T5770] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  774.529019][T10200] ufs: You didn't specify the type of your ufs filesystem
[  774.529019][T10200] 
[  774.529019][T10200] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  774.529019][T10200] 
[  774.529019][T10200] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  774.560048][T10200] ufs: ufstype=old is supported read-only
[  774.567876][T10200] ufs: ufs_fill_super(): bad magic number
[  775.475958][T10205] loop0: detected capacity change from 0 to 512
[  775.546404][T10205] EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities
[  775.718657][T10209] loop3: detected capacity change from 0 to 64
[  776.604919][T10218] netlink: 'syz.3.1209': attribute type 11 has an invalid length.
[  776.613508][T10218] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1209'.
[  776.986974][T10221] ufs: You didn't specify the type of your ufs filesystem
[  776.986974][T10221] 
[  776.986974][T10221] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  776.986974][T10221] 
[  776.986974][T10221] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  777.018004][T10221] ufs: ufstype=old is supported read-only
[  777.026300][T10221] ufs: ufs_fill_super(): bad magic number
[  779.338006][T10235] ufs: You didn't specify the type of your ufs filesystem
[  779.338006][T10235] 
[  779.338006][T10235] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  779.338006][T10235] 
[  779.338006][T10235] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  779.369102][T10235] ufs: ufstype=old is supported read-only
[  779.376671][T10235] ufs: ufs_fill_super(): bad magic number
[  780.380593][ T5817] usb 4-1: new high-speed USB device number 33 using dummy_hcd
[  780.517111][T10243] syzkaller1: entered promiscuous mode
[  780.531100][T10243] syzkaller1: entered allmulticast mode
[  780.590653][ T5817] usb 4-1: Using ep0 maxpacket: 32
[  780.607283][ T5817] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  780.649577][ T5817] usb 4-1: config 0 has no interfaces?
[  780.664683][ T5817] usb 4-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  780.700240][ T5817] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  780.738474][T10245] Failed to get privilege flags for destination (handle=0x2:0x0)
[  780.943694][ T5817] usb 4-1: config 0 descriptor??
[  781.290720][T10237] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  781.351066][T10237] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  781.617680][T10237] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  781.626599][T10237] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  781.644718][ T7104] usb 4-1: USB disconnect, device number 33
[  781.809290][T10250] ufs: You didn't specify the type of your ufs filesystem
[  781.809290][T10250] 
[  781.809290][T10250] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  781.809290][T10250] 
[  781.809290][T10250] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  781.840980][T10250] ufs: ufstype=old is supported read-only
[  781.848518][T10250] ufs: ufs_fill_super(): bad magic number
[  783.293133][T10264] netlink: 'syz.3.1221': attribute type 11 has an invalid length.
[  783.301378][T10264] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1221'.
[  784.248887][T10270] ufs: You didn't specify the type of your ufs filesystem
[  784.248887][T10270] 
[  784.248887][T10270] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  784.248887][T10270] 
[  784.248887][T10270] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  784.279691][T10270] ufs: ufstype=old is supported read-only
[  784.290826][T10270] ufs: ufs_fill_super(): bad magic number
[  784.756531][T10282] "syz.3.1227" (10282) uses obsolete ecb(arc4) skcipher
[  786.158371][T10295] ufs: You didn't specify the type of your ufs filesystem
[  786.158371][T10295] 
[  786.158371][T10295] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  786.158371][T10295] 
[  786.158371][T10295] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  786.189507][T10295] ufs: ufstype=old is supported read-only
[  786.197029][T10295] ufs: ufs_fill_super(): bad magic number
[  787.439052][ T7106] usb 2-1: new high-speed USB device number 37 using dummy_hcd
[  787.505384][T10304] netlink: 'syz.4.1235': attribute type 11 has an invalid length.
[  787.522961][T10304] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1235'.
[  787.640515][ T7106] usb 2-1: Using ep0 maxpacket: 32
[  787.662484][ T7106] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  787.731629][T10308] loop3: detected capacity change from 0 to 512
[  787.797675][ T7106] usb 2-1: config 0 has no interfaces?
[  787.823087][ T7106] usb 2-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  787.909786][T10308] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  787.919825][T10308] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  787.929765][T10308] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  787.949949][T10308] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  787.958160][T10308] [EXT4 FS bs=4096, gc=2, bpg=35, ipg=32, mo=e040e01c, mo2=0000]
[  787.966716][T10308] EXT4-fs (loop3): failed to initialize system zone (-117)
[  787.974429][T10308] EXT4-fs (loop3): mount failed
[  788.056607][ T7106] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  788.289408][ T7106] usb 2-1: config 0 descriptor??
[  788.607644][T10287] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  788.631096][T10287] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  788.662496][T10287] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  788.671453][T10287] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  788.690552][ T7110] usb 2-1: USB disconnect, device number 37
[  789.119395][T10313] ufs: You didn't specify the type of your ufs filesystem
[  789.119395][T10313] 
[  789.119395][T10313] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  789.119395][T10313] 
[  789.119395][T10313] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  789.150683][T10313] ufs: ufstype=old is supported read-only
[  789.159661][T10313] ufs: ufs_fill_super(): bad magic number
[  790.242920][T10324] "syz.3.1239" (10324) uses obsolete ecb(arc4) skcipher
[  792.700678][ T7104] usb 4-1: new high-speed USB device number 34 using dummy_hcd
[  793.154129][ T7104] usb 4-1: Using ep0 maxpacket: 32
[  793.239492][ T7104] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  793.271013][ T7104] usb 4-1: config 0 has no interfaces?
[  793.276605][ T7104] usb 4-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  793.316740][ T7104] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  793.347866][ T7104] usb 4-1: config 0 descriptor??
[  793.842677][T10354] ufs: You didn't specify the type of your ufs filesystem
[  793.842677][T10354] 
[  793.842677][T10354] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  793.842677][T10354] 
[  793.842677][T10354] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  793.873850][T10354] ufs: ufstype=old is supported read-only
[  794.087624][T10356] "syz.4.1249" (10356) uses obsolete ecb(arc4) skcipher
[  794.147462][T10354] ufs: ufs_fill_super(): bad magic number
[  794.450841][T10344] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  794.504735][T10344] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  794.752475][T10344] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  794.761407][T10344] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  794.773348][  T789] usb 4-1: USB disconnect, device number 34
[  794.899216][T10363] syz.0.1251 (10363): /proc/10357/oom_adj is deprecated, please use /proc/10357/oom_score_adj instead.
[  797.381697][ T7104] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  797.480798][T10389] ufs: You didn't specify the type of your ufs filesystem
[  797.480798][T10389] 
[  797.480798][T10389] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  797.480798][T10389] 
[  797.480798][T10389] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  797.512158][T10389] ufs: ufstype=old is supported read-only
[  797.519521][T10389] ufs: ufs_fill_super(): bad magic number
[  797.638745][ T7104] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  797.755670][ T7104] usb 5-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  798.104200][ T7104] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  798.129373][ T7104] usb 5-1: config 0 descriptor??
[  798.203099][T10393] ufs: You didn't specify the type of your ufs filesystem
[  798.203099][T10393] 
[  798.203099][T10393] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  798.203099][T10393] 
[  798.203099][T10393] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  798.233843][    C0] vkms_vblank_simulate: vblank timer overrun
[  798.240889][T10393] ufs: ufstype=old is supported read-only
[  798.248434][T10393] ufs: ufs_fill_super(): bad magic number
[  798.425725][ T7110] usb 4-1: new high-speed USB device number 35 using dummy_hcd
[  798.740666][ T7110] usb 4-1: Using ep0 maxpacket: 32
[  798.750977][ T7110] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  798.767675][ T7110] usb 4-1: config 0 has no interfaces?
[  798.773702][ T7110] usb 4-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  798.787898][ T7110] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  798.818604][ T7110] usb 4-1: config 0 descriptor??
[  798.881731][ T7104] pwc: Askey VC010 type 2 USB webcam detected.
[  798.950697][ T7103] usb 2-1: new high-speed USB device number 38 using dummy_hcd
[  799.037736][T10388] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  799.059005][T10388] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  799.075201][T10388] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  799.084307][T10388] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  799.106438][ T5862] usb 4-1: USB disconnect, device number 35
[  799.150607][ T7103] usb 2-1: Using ep0 maxpacket: 32
[  799.158461][ T7103] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  799.174045][ T7103] usb 2-1: config 0 has no interfaces?
[  799.179836][ T7103] usb 2-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  799.195938][ T7103] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  799.218689][ T7103] usb 2-1: config 0 descriptor??
[  799.438237][T10395] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  799.458605][T10395] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  799.612106][ T7104] pwc: recv_control_msg error -32 req 02 val 2b00
[  799.644346][ T7104] pwc: recv_control_msg error -32 req 02 val 2700
[  799.658512][ T7104] pwc: recv_control_msg error -32 req 02 val 2c00
[  799.669622][ T7104] pwc: recv_control_msg error -32 req 04 val 1000
[  799.682612][ T7104] pwc: recv_control_msg error -32 req 04 val 1300
[  799.692666][ T7104] pwc: recv_control_msg error -32 req 04 val 1400
[  799.703791][ T7104] pwc: recv_control_msg error -32 req 02 val 2000
[  799.752857][T10395] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  799.762125][T10395] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  799.780077][ T7103] usb 2-1: USB disconnect, device number 38
[  799.940670][ T7104] pwc: recv_control_msg error -71 req 04 val 1500
[  799.958744][ T7104] pwc: recv_control_msg error -71 req 02 val 2500
[  799.969132][ T7104] pwc: recv_control_msg error -71 req 02 val 2400
[  799.985051][ T7104] pwc: recv_control_msg error -71 req 02 val 2600
[  800.004566][ T7104] pwc: recv_control_msg error -71 req 02 val 2900
[  800.020834][ T7104] pwc: recv_control_msg error -71 req 02 val 2800
[  800.036717][T10404] loop0: detected capacity change from 0 to 16
[  800.042134][ T7104] pwc: recv_control_msg error -71 req 04 val 1100
[  800.053859][ T7104] pwc: recv_control_msg error -71 req 04 val 1200
[  800.068864][T10404] erofs: (device loop0): mounted with root inode @ nid 36.
[  800.102898][ T7104] pwc: Registered as video103.
[  800.120682][ T7104] input: PWC snapshot button as /devices/platform/dummy_hcd.4/usb5/5-1/input/input15
[  800.200923][ T7104] usb 5-1: USB disconnect, device number 3
[  801.251820][T10421] loop4: detected capacity change from 0 to 1024
[  801.344050][T10421] EXT4-fs (loop4): Using encoding defined by superblock: utf8-12.1.0 with flags 0x0
[  801.372012][T10421] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  801.392200][T10421] EXT4-fs (loop4): can't mount with both data=journal and delalloc
[  801.980697][ T7106] usb 1-1: new high-speed USB device number 42 using dummy_hcd
[  802.180779][ T7106] usb 1-1: Using ep0 maxpacket: 32
[  802.188382][ T7106] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  802.209128][ T7106] usb 1-1: config 0 has no interfaces?
[  802.226519][ T7106] usb 1-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  802.238478][ T7106] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  802.261019][ T7106] usb 1-1: config 0 descriptor??
[  802.282619][T10421] loop4: detected capacity change from 0 to 32768
[  802.341503][T10421] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  802.423488][T10421] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[  802.432794][T10421] BTRFS info (device loop4): turning off barriers
[  802.439463][T10421] BTRFS info (device loop4): setting nodatasum
[  802.446011][T10421] BTRFS info (device loop4): force zlib compression, level 3
[  802.484029][T10432] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  802.494970][ T7104] usb 2-1: new high-speed USB device number 39 using dummy_hcd
[  802.504366][T10421] BTRFS info (device loop4): use no compression
[  802.512710][T10432] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  802.521186][T10421] BTRFS info (device loop4): turning on flush-on-commit
[  802.528389][T10421] BTRFS info (device loop4): unrecognized rescue option 'imetacsums'
[  802.662069][T10421] BTRFS error (device loop4): unrecognized rescue value imetacsums
[  802.761960][T10421] BTRFS error (device loop4): open_ctree failed: -22
[  802.834368][T10444] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  802.851104][ T7104] usb 2-1: Using ep0 maxpacket: 32
[  802.851107][T10444] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  802.863153][ T7104] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  802.885356][ T7104] usb 2-1: config 0 has no interfaces?
[  802.903937][ T7104] usb 2-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  802.919738][ T7104] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  802.938010][ T7104] usb 2-1: config 0 descriptor??
[  803.157109][T10437] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  803.201008][T10437] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  803.523439][T10437] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  803.534375][T10437] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  803.577199][ T7104] usb 2-1: USB disconnect, device number 39
[  804.078910][T10451] loop3: detected capacity change from 0 to 16
[  804.197198][T10451] erofs: (device loop3): mounted with root inode @ nid 36.
[  805.236395][ T7106] usb 1-1: USB disconnect, device number 42
[  805.444674][T10468] loop1: detected capacity change from 0 to 8
[  805.562212][T10468] SQUASHFS error: Failed to read block 0x106: -5
[  806.370030][   T28] audit: type=1800 audit(1769314619.978:14): pid=10468 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1284" name="file2" dev="loop1" ino=6 res=0 errno=0
[  806.601099][ T7103] IPVS: starting estimator thread 0...
[  806.819802][T10480] IPVS: using max 16 ests per chain, 38400 per kthread
[  807.193553][T10485] ufs: You didn't specify the type of your ufs filesystem
[  807.193553][T10485] 
[  807.193553][T10485] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  807.193553][T10485] 
[  807.193553][T10485] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  807.225851][T10485] ufs: ufstype=old is supported read-only
[  807.233622][T10485] ufs: ufs_fill_super(): bad magic number
[  808.764425][T10499] ufs: You didn't specify the type of your ufs filesystem
[  808.764425][T10499] 
[  808.764425][T10499] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  808.764425][T10499] 
[  808.764425][T10499] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  808.796486][T10499] ufs: ufstype=old is supported read-only
[  808.802683][T10499] ufs: ufs_fill_super(): bad magic number
[  810.233952][ T5084] Bluetooth: hci0: command 0x0406 tx timeout
[  810.266009][ T7105] usb 4-1: new high-speed USB device number 36 using dummy_hcd
[  810.621500][ T7105] usb 4-1: Using ep0 maxpacket: 32
[  810.628708][ T7105] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  810.639689][ T7105] usb 4-1: config 0 has no interfaces?
[  810.645601][ T7105] usb 4-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  810.655477][ T7105] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  810.671463][ T7105] usb 4-1: config 0 descriptor??
[  810.776624][T10520] sd 0:0:1:0: device reset
[  810.936279][T10503] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  811.111718][T10503] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  811.604193][T10523] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  811.629968][T10523] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  811.910915][ T7104] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  812.105739][ T7104] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  812.115611][ T7104] usb 5-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00
[  812.124886][ T7104] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  812.135664][ T7104] usb 5-1: config 0 descriptor??
[  812.578000][ T7104] lenovo 0003:17EF:6047.0005: hidraw0: USB HID v0.00 Device [HID 17ef:6047] on usb-dummy_hcd.4-1/input0
[  812.767692][ T7105] usb 4-1: USB disconnect, device number 36
[  814.040227][ T7104] lenovo 0003:17EF:6047.0005: Sensitivity setting failed: -71
[  814.233655][ T7104] usb 5-1: USB disconnect, device number 4
[  814.897411][T10552] loop0: detected capacity change from 0 to 512
[  814.917088][T10552] EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities
[  819.620991][T10554] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -12
[  819.631092][T10554] platform regulatory.0: Direct firmware load for regulatory.db failed with error -12
[  819.644436][T10554] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  820.000811][T10578] random: crng reseeded on system resumption
[  820.120551][ T5862] usb 4-1: new high-speed USB device number 37 using dummy_hcd
[  820.341203][ T5862] usb 4-1: Using ep0 maxpacket: 32
[  820.380178][ T5862] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  820.398896][ T5862] usb 4-1: config 0 has no interfaces?
[  820.406018][ T5862] usb 4-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  820.418591][ T5862] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  820.437870][ T5862] usb 4-1: config 0 descriptor??
[  820.668410][T10575] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  820.689748][T10575] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  820.882954][T10583] loop4: detected capacity change from 0 to 32768
[  820.930803][T10583] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.1321 (10583)
[  821.106275][T10583] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  821.129959][T10583] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  821.187444][T10583] BTRFS info (device loop4): force clearing of disk cache
[  821.197135][T10587] "syz.0.1322" (10587) uses obsolete ecb(arc4) skcipher
[  821.263564][T10583] BTRFS info (device loop4): enabling auto defrag
[  821.376163][T10583] BTRFS info (device loop4): max_inline at 727
[  821.469408][T10583] BTRFS info (device loop4): enabling disk space caching
[  821.577195][T10583] BTRFS info (device loop4): disk space caching is enabled
[  822.018355][T10583] BTRFS info (device loop4): enabling ssd optimizations
[  822.087496][T10583] BTRFS info (device loop4): rebuilding free space tree
[  822.426099][T10583] BTRFS info (device loop4): disabling free space tree
[  822.562903][T10583] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  822.724164][T10583] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  823.319655][T10612] loop0: detected capacity change from 0 to 512
[  823.351203][T10612] EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities
[  823.517733][ T5084] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  823.529144][ T5084] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  823.539888][ T5084] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  823.548419][ T5084] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  823.567783][ T5084] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  823.575864][ T5084] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  824.384498][   T49] BTRFS info (device loop4): qgroup scan completed (inconsistency flag cleared)
[  824.477866][ T5862] IPVS: starting estimator thread 0...
[  824.610614][T10623] IPVS: using max 18 ests per chain, 43200 per kthread
[  824.679677][T10614] chnl_net:caif_netlink_parms(): no params data found
[  824.690240][ T9210] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  824.712772][ T5864] usb 4-1: USB disconnect, device number 37
[  824.963772][T10614] bridge0: port 1(bridge_slave_0) entered blocking state
[  825.019642][T10614] bridge0: port 1(bridge_slave_0) entered disabled state
[  825.185899][T10614] bridge_slave_0: entered allmulticast mode
[  825.226138][T10614] bridge_slave_0: entered promiscuous mode
[  825.282205][T10637] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1327'.
[  825.292515][T10637] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1327'.
[  825.301785][T10637] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1327'.
[  825.311217][T10637] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1327'.
[  825.320796][T10614] bridge0: port 2(bridge_slave_1) entered blocking state
[  825.328438][T10614] bridge0: port 2(bridge_slave_1) entered disabled state
[  825.352583][T10614] bridge_slave_1: entered allmulticast mode
[  825.388102][T10614] bridge_slave_1: entered promiscuous mode
[  825.465998][T10638] random: crng reseeded on system resumption
[  825.670640][ T5084] Bluetooth: hci4: command tx timeout
[  825.845329][T10614] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  825.935973][T10614] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  826.955985][T10614] team0: Port device team_slave_0 added
[  826.971957][T10648] loop4: detected capacity change from 0 to 512
[  826.991260][T10648] EXT4-fs (loop4): couldn't mount as ext3 due to feature incompatibilities
[  827.041691][T10614] team0: Port device team_slave_1 added
[  827.248930][T10614] batman_adv: batadv0: Adding interface: batadv_slave_0
[  827.324712][T10614] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  827.890083][ T5084] Bluetooth: hci4: command tx timeout
[  827.900996][T10614] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  827.958980][T10614] batman_adv: batadv0: Adding interface: batadv_slave_1
[  827.988933][T10614] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  828.029650][T10614] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  828.334297][T10614] hsr_slave_0: entered promiscuous mode
[  828.364463][T10614] hsr_slave_1: entered promiscuous mode
[  828.401056][T10614] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  828.445520][T10614] Cannot create hsr debugfs directory
[  828.565847][ T1293] ieee802154 phy0 wpan0: encryption failed: -22
[  828.576824][ T1293] ieee802154 phy1 wpan1: encryption failed: -22
[  828.650253][T10658] loop4: detected capacity change from 0 to 1024
[  829.783979][T10658] hfsplus: inconsistency in B*Tree (9,1,255,1,0)
[  829.810741][T10658] hfsplus: xattr search failed
[  829.911145][ T5084] Bluetooth: hci4: command tx timeout
[  829.989767][T10614] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  830.041668][   T76] hfsplus: b-tree write err: -5, ino 4
[  830.041690][T10614] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  830.083466][T10614] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  830.117038][T10614] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  830.342899][T10614] 8021q: adding VLAN 0 to HW filter on device bond0
[  830.380155][T10614] 8021q: adding VLAN 0 to HW filter on device team0
[  830.458954][T10619] bridge0: port 1(bridge_slave_0) entered blocking state
[  830.466244][T10619] bridge0: port 1(bridge_slave_0) entered forwarding state
[  830.595105][  T745] bridge0: port 2(bridge_slave_1) entered blocking state
[  830.602424][  T745] bridge0: port 2(bridge_slave_1) entered forwarding state
[  831.606702][T10682] random: crng reseeded on system resumption
[  831.614552][T10685] loop0: detected capacity change from 0 to 512
[  831.700639][T10685] EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities
[  832.002424][ T5084] Bluetooth: hci4: command tx timeout
[  832.605570][T10614] 8021q: adding VLAN 0 to HW filter on device batadv0
[  833.819690][T10706] random: crng reseeded on system resumption
[  835.289114][T10718] ufs: You didn't specify the type of your ufs filesystem
[  835.289114][T10718] 
[  835.289114][T10718] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  835.289114][T10718] 
[  835.289114][T10718] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  835.320254][T10718] ufs: ufstype=old is supported read-only
[  835.327708][T10718] ufs: ufs_fill_super(): bad magic number
[  837.044685][T10614] veth0_vlan: entered promiscuous mode
[  837.276207][T10614] veth1_vlan: entered promiscuous mode
[  837.323631][T10614] veth0_macvtap: entered promiscuous mode
[  837.357853][T10614] veth1_macvtap: entered promiscuous mode
[  837.437743][T10614] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  837.516551][T10614] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  837.541154][T10614] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  837.565456][T10614] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  837.627080][T10614] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  837.677572][T10614] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  837.702584][T10614] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  837.714000][T10614] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  837.725771][T10614] batman_adv: batadv0: Interface activated: batadv_slave_0
[  837.738259][T10614] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  837.749280][T10614] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  837.759582][T10614] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  837.781484][T10614] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  837.837303][T10734] "syz.0.1351" (10734) uses obsolete ecb(arc4) skcipher
[  837.974241][T10614] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  838.185418][T10614] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  838.320515][T10614] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  838.366354][T10614] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  838.428213][T10614] batman_adv: batadv0: Interface activated: batadv_slave_1
[  838.615322][T10614] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  838.671439][T10614] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  838.703784][T10614] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  838.727914][T10614] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  838.768689][T10740] random: crng reseeded on system resumption
[  840.451779][T10619] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  840.488226][T10619] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  841.468005][ T1127] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  841.509033][ T1127] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  842.529376][T10763] random: crng reseeded on system resumption
[  844.215807][T10779] ufs: You didn't specify the type of your ufs filesystem
[  844.215807][T10779] 
[  844.215807][T10779] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  844.215807][T10779] 
[  844.215807][T10779] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  844.247268][T10779] ufs: ufstype=old is supported read-only
[  844.256883][T10779] ufs: ufs_fill_super(): bad magic number
[  845.083783][T10783] loop5: detected capacity change from 0 to 1024
[  845.092463][T10783] EXT4-fs: Ignoring removed nomblk_io_submit option
[  845.171470][T10783] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  846.322522][T10614] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  846.787061][T10806] loop3: detected capacity change from 0 to 512
[  846.834821][ T7106] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  846.850294][T10806] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  846.880356][T10806] ext4 filesystem being mounted at /358/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  847.052156][ T7106] usb 5-1: Using ep0 maxpacket: 16
[  847.060729][ T7106] usb 5-1: config 0 has an invalid interface number: 132 but max is 0
[  847.073213][ T5770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  847.086918][ T7106] usb 5-1: config 0 has no interface number 0
[  847.132072][ T7106] usb 5-1: New USB device found, idVendor=05ac, idProduct=0291, bcdDevice=43.25
[  847.145898][ T7106] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  847.154359][ T7106] usb 5-1: Product: syz
[  847.167171][ T7106] usb 5-1: Manufacturer: syz
[  847.178618][ T7106] usb 5-1: SerialNumber: syz
[  847.223511][ T7106] usb 5-1: config 0 descriptor??
[  847.242485][ T7106] hub 5-1:0.132: bad descriptor, ignoring hub
[  847.248656][ T7106] hub: probe of 5-1:0.132 failed with error -5
[  847.284034][ T7106] input: bcm5974 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.132/input/input16
[  847.820205][T10818] loop5: detected capacity change from 0 to 512
[  847.873668][T10818] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  847.884309][T10818] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  847.894363][T10818] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  847.943022][T10818] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  847.951441][T10818] [EXT4 FS bs=4096, gc=2, bpg=35, ipg=32, mo=e040e01c, mo2=0000]
[  847.959595][T10818] EXT4-fs (loop5): failed to initialize system zone (-117)
[  847.967274][T10818] EXT4-fs (loop5): mount failed
[  848.112919][T10820] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  848.601060][T10820] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  848.714744][T10822] usb 5-1: USB disconnect, device number 5
[  849.067837][T10827] ufs: You didn't specify the type of your ufs filesystem
[  849.067837][T10827] 
[  849.067837][T10827] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  849.067837][T10827] 
[  849.067837][T10827] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  849.099001][T10827] ufs: ufstype=old is supported read-only
[  849.106410][T10827] ufs: ufs_fill_super(): bad magic number
[  849.209147][T10826] loop5: detected capacity change from 0 to 16
[  849.378432][T10826] erofs: (device loop5): mounted with root inode @ nid 36.
[  849.949489][T10830] loop3: detected capacity change from 0 to 512
[  850.116495][T10830] EXT4-fs (loop3): 1 orphan inode deleted
[  850.145612][  T745] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  850.194943][T10830] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  850.229200][  T745] EXT4-fs error (device loop3): ext4_release_dquot:6985: comm kworker/u4:5: Failed to release dquot type 1
[  850.416931][T10830] ext4 filesystem being mounted at /361/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  851.889060][   T76] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  851.906600][T10845] random: crng reseeded on system resumption
[  851.996307][   T76] EXT4-fs error (device loop3): ext4_release_dquot:6985: comm kworker/u4:4: Failed to release dquot type 1
[  852.175083][ T5770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  852.858589][T10839] syzkaller0: entered promiscuous mode
[  852.967630][T10839] syzkaller0: entered allmulticast mode
[  853.371850][T10860] loop5: detected capacity change from 0 to 2048
[  854.223336][T10860] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  854.425415][   T28] audit: type=1800 audit(1769314668.218:15): pid=10860 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1383" name="bus" dev="loop5" ino=18 res=0 errno=0
[  854.603726][T10614] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  856.135450][T10881] netlink: 'syz.4.1388': attribute type 11 has an invalid length.
[  856.143725][T10881] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1388'.
[  856.432796][T10884] loop3: detected capacity change from 0 to 512
[  856.771052][T10884] EXT4-fs (loop3): 1 orphan inode deleted
[  856.816138][T10619] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  856.908769][T10884] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  856.970083][T10619] EXT4-fs error (device loop3): ext4_release_dquot:6985: comm kworker/u4:2: Failed to release dquot type 1
[  857.095932][T10884] ext4 filesystem being mounted at /364/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  859.219308][T10896] loop5: detected capacity change from 0 to 128
[  859.510533][   T28] audit: type=1800 audit(1769314673.298:16): pid=10896 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1393" name="bus" dev="loop5" ino=1048613 res=0 errno=0
[  859.712884][T10899] syz.5.1393: attempt to access beyond end of device
[  859.712884][T10899] loop5: rw=2049, sector=665, nr_sectors = 376 limit=128
[  859.925431][ T5770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  860.327728][T10905] loop5: detected capacity change from 0 to 512
[  860.338346][T10905] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  860.348680][T10905] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  860.358753][T10905] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  860.391003][T10905] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  860.399124][T10905] [EXT4 FS bs=4096, gc=2, bpg=35, ipg=32, mo=e040e01c, mo2=0000]
[  860.407255][T10905] EXT4-fs (loop5): failed to initialize system zone (-117)
[  860.414870][T10905] EXT4-fs (loop5): mount failed
[  863.706846][T10930] netlink: 'syz.3.1399': attribute type 11 has an invalid length.
[  863.715195][T10930] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1399'.
[  864.359903][T10937] random: crng reseeded on system resumption
[  865.544271][T10944] loop5: detected capacity change from 0 to 512
[  865.640309][T10944] EXT4-fs (loop5): 1 orphan inode deleted
[  865.661834][T10944] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  865.691987][ T5971] Quota error (device loop5): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  865.723492][T10944] ext4 filesystem being mounted at /14/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  865.744807][ T5971] EXT4-fs error (device loop5): ext4_release_dquot:6985: comm kworker/u4:11: Failed to release dquot type 1
[  865.865718][T10940] loop3: detected capacity change from 0 to 32768
[  866.061269][T10940] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  866.610772][T10940] XFS (loop3): Ending clean mount
[  866.755805][T10614] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  866.937831][ T5770] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  866.990867][T10964] loop5: detected capacity change from 0 to 512
[  867.009835][T10964] EXT4-fs (loop5): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  867.019964][T10964] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  867.029825][T10964] EXT4-fs (loop5): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  867.053025][T10964] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  867.061525][T10964] [EXT4 FS bs=4096, gc=2, bpg=35, ipg=32, mo=e040e01c, mo2=0000]
[  867.069665][T10964] EXT4-fs (loop5): failed to initialize system zone (-117)
[  867.077199][T10964] EXT4-fs (loop5): mount failed
[  869.765814][T10985] loop5: detected capacity change from 0 to 512
[  870.742445][T10985] EXT4-fs (loop5): 1 orphan inode deleted
[  870.786888][T10619] Quota error (device loop5): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  870.811307][T10985] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  870.856916][T10985] ext4 filesystem being mounted at /17/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  870.868627][T10619] EXT4-fs error (device loop5): ext4_release_dquot:6985: comm kworker/u4:2: Failed to release dquot type 1
[  870.997572][  T789] usb 4-1: new high-speed USB device number 38 using dummy_hcd
[  871.194957][  T789] usb 4-1: Using ep0 maxpacket: 8
[  872.002475][T10614] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  874.867021][  T789] usb 4-1: unable to get BOS descriptor or descriptor too short
[  874.891451][  T789] usb 4-1: unable to read config index 0 descriptor/start: -71
[  874.899211][  T789] usb 4-1: can't read configurations, error -71
[  875.988424][T11026] "syz.0.1423" (11026) uses obsolete ecb(arc4) skcipher
[  878.318936][T11043] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1430'.
[  880.639107][T11057] loop0: detected capacity change from 0 to 16
[  880.667954][T11057] erofs: (device loop0): mounted with root inode @ nid 36.
[  881.912955][T11066] netlink: 'syz.0.1439': attribute type 3 has an invalid length.
[  888.178460][T11087] random: crng reseeded on system resumption
[  888.235336][T11089] autofs4:pid:11089:autofs_fill_super: called with bogus options
[  889.262870][T11103] loop0: detected capacity change from 0 to 512
[  889.302370][T11103] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  889.312319][T11103] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  889.322159][T11103] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  889.338526][T11103] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  889.346596][T11103] [EXT4 FS bs=4096, gc=2, bpg=35, ipg=32, mo=e040e01c, mo2=0000]
[  889.355282][T11103] EXT4-fs (loop0): failed to initialize system zone (-117)
[  889.362769][T11103] EXT4-fs (loop0): mount failed
[  890.010191][ T1293] ieee802154 phy0 wpan0: encryption failed: -22
[  890.020564][ T1293] ieee802154 phy1 wpan1: encryption failed: -22
[  892.595277][T11136] "syz.3.1459" (11136) uses obsolete ecb(arc4) skcipher
[  892.864959][T11139] random: crng reseeded on system resumption
[  893.021963][T11142] autofs4:pid:11142:autofs_fill_super: called with bogus options
[  893.880792][T11151] sd 0:0:1:0: device reset
[  894.814221][T11158] netlink: 'syz.3.1468': attribute type 28 has an invalid length.
[  894.877928][T11160] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1467'.
[  895.840003][T11171] ufs: You didn't specify the type of your ufs filesystem
[  895.840003][T11171] 
[  895.840003][T11171] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  895.840003][T11171] 
[  895.840003][T11171] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  895.870867][T11171] ufs: ufstype=old is supported read-only
[  895.876954][T11171] ufs: ufs_fill_super(): bad magic number
[  897.422034][T11176] loop5: detected capacity change from 0 to 16
[  897.438056][T11176] erofs: (device loop5): mounted with root inode @ nid 36.
[  898.401272][T11213] ufs: You didn't specify the type of your ufs filesystem
[  898.401272][T11213] 
[  898.401272][T11213] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  898.401272][T11213] 
[  898.401272][T11213] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  898.432040][    C1] vkms_vblank_simulate: vblank timer overrun
[  898.438613][T11213] ufs: ufstype=old is supported read-only
[  898.446182][T11213] ufs: ufs_fill_super(): bad magic number
[  899.320292][T11238] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1477'.
[  900.117882][T11255] "syz.5.1481" (11255) uses obsolete ecb(arc4) skcipher
[  900.138332][T11256] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1482'.
[  900.167108][T11256] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1482'.
[  900.188690][T11256] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1482'.
[  900.200057][T11256] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1482'.
[  900.428240][T11261] "syz.0.1483" (11261) uses obsolete ecb(arc4) skcipher
[  902.702216][T11283] random: crng reseeded on system resumption
[  903.143966][  T790] usb 4-1: new full-speed USB device number 40 using dummy_hcd
[  903.476166][  T790] usb 4-1: device descriptor read/64, error -71
[  903.502301][T11297] ufs: You didn't specify the type of your ufs filesystem
[  903.502301][T11297] 
[  903.502301][T11297] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  903.502301][T11297] 
[  903.502301][T11297] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  903.533457][T11297] ufs: ufstype=old is supported read-only
[  903.541001][T11297] ufs: ufs_fill_super(): bad magic number
[  903.840624][  T790] usb 4-1: new full-speed USB device number 41 using dummy_hcd
[  904.223990][  T790] usb 4-1: device descriptor read/64, error -71
[  904.478788][T11308] netlink: 4356 bytes leftover after parsing attributes in process `syz.5.1497'.
[  905.151668][  T790] usb usb4-port1: attempt power cycle
[  905.596549][  T790] usb 4-1: new full-speed USB device number 42 using dummy_hcd
[  905.746591][T11316] random: crng reseeded on system resumption
[  906.145022][  T790] usb 4-1: device descriptor read/8, error -71
[  906.398920][T11330] loop0: detected capacity change from 0 to 512
[  906.529465][T11330] EXT4-fs (loop0): 1 orphan inode deleted
[  906.554556][T11330] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  906.568324][T11210] Quota error (device loop0): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  906.608508][T11330] ext4 filesystem being mounted at /391/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  906.620606][T11210] EXT4-fs error (device loop0): ext4_release_dquot:6985: comm kworker/u4:8: Failed to release dquot type 1
[  906.863202][T11338] ufs: You didn't specify the type of your ufs filesystem
[  906.863202][T11338] 
[  906.863202][T11338] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  906.863202][T11338] 
[  906.863202][T11338] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  906.894842][T11338] ufs: ufstype=old is supported read-only
[  906.901016][T11338] ufs: ufs_fill_super(): bad magic number
[  907.679558][T11343] x_tables: ip_tables: policy.0 match: invalid size 312 (kernel) != (user) 320
[  907.703670][ T5771] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  907.733533][T11346] loop5: detected capacity change from 0 to 16
[  907.755496][T11345] loop4: detected capacity change from 0 to 512
[  907.775457][T11346] erofs: (device loop5): mounted with root inode @ nid 36.
[  907.796788][T11345] EXT4-fs (loop4): couldn't mount as ext3 due to feature incompatibilities
[  908.095617][T11352] netlink: 'syz.0.1510': attribute type 11 has an invalid length.
[  908.104682][T11352] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1510'.
[  908.211165][T11356] "syz.3.1512" (11356) uses obsolete ecb(arc4) skcipher
[  909.770878][T11363] random: crng reseeded on system resumption
[  911.062663][T11373] ufs: You didn't specify the type of your ufs filesystem
[  911.062663][T11373] 
[  911.062663][T11373] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  911.062663][T11373] 
[  911.062663][T11373] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  911.093410][    C0] vkms_vblank_simulate: vblank timer overrun
[  911.100320][T11373] ufs: ufstype=old is supported read-only
[  911.107819][T11373] ufs: ufs_fill_super(): bad magic number
[  911.821377][T11378] loop5: detected capacity change from 0 to 512
[  911.956285][T11378] EXT4-fs (loop5): 1 orphan inode deleted
[  911.989263][T11223] Quota error (device loop5): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  912.011721][T11378] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  912.063790][T11385] ufs: You didn't specify the type of your ufs filesystem
[  912.063790][T11385] 
[  912.063790][T11385] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  912.063790][T11385] 
[  912.063790][T11385] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  912.095502][T11385] ufs: ufstype=old is supported read-only
[  912.103098][T11385] ufs: ufs_fill_super(): bad magic number
[  912.144876][T11378] ext4 filesystem being mounted at /46/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  912.260758][T11223] EXT4-fs error (device loop5): ext4_release_dquot:6985: comm kworker/u4:16: Failed to release dquot type 1
[  914.312004][T11392] loop3: detected capacity change from 0 to 16
[  914.336594][T11392] erofs: (device loop3): mounted with root inode @ nid 36.
[  914.377072][T10614] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  914.598616][T11397] "syz.4.1521" (11397) uses obsolete ecb(arc4) skcipher
[  914.607309][T11396] random: crng reseeded on system resumption
[  916.211763][T11413] loop0: detected capacity change from 0 to 512
[  916.328603][T11414] ufs: You didn't specify the type of your ufs filesystem
[  916.328603][T11414] 
[  916.328603][T11414] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  916.328603][T11414] 
[  916.328603][T11414] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  916.359818][T11414] ufs: ufstype=old is supported read-only
[  916.368712][T11414] ufs: ufs_fill_super(): bad magic number
[  916.725029][T11413] EXT4-fs (loop0): 1 orphan inode deleted
[  916.843086][T11413] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  916.920952][T11413] ext4 filesystem being mounted at /398/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  917.025820][T11234] Quota error (device loop0): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  917.140513][T11234] EXT4-fs error (device loop0): ext4_release_dquot:6985: comm kworker/u4:20: Failed to release dquot type 1
[  917.958277][T11210] Quota error (device loop0): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  918.000643][T11210] EXT4-fs error (device loop0): ext4_release_dquot:6985: comm kworker/u4:8: Failed to release dquot type 1
[  918.035342][ T5771] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  918.350066][T11429] loop0: detected capacity change from 0 to 512
[  918.399175][T11429] EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities
[  918.628152][T11431] loop4: detected capacity change from 0 to 512
[  918.770153][T11431] EXT4-fs (loop4): 1 orphan inode deleted
[  918.794815][T11431] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  918.814751][T11234] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  918.848651][T11431] ext4 filesystem being mounted at /108/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  918.865057][T11234] EXT4-fs error (device loop4): ext4_release_dquot:6985: comm kworker/u4:20: Failed to release dquot type 1
[  920.468810][ T9210] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  921.408322][T11451] ufs: You didn't specify the type of your ufs filesystem
[  921.408322][T11451] 
[  921.408322][T11451] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  921.408322][T11451] 
[  921.408322][T11451] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  921.439680][T11451] ufs: ufstype=old is supported read-only
[  921.445867][T11451] ufs: ufs_fill_super(): bad magic number
[  922.253064][T11457] loop0: detected capacity change from 0 to 512
[  922.356542][T11457] EXT4-fs (loop0): 1 orphan inode deleted
[  922.377215][T11223] Quota error (device loop0): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  922.404841][T11457] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  922.419956][T11463] loop4: detected capacity change from 0 to 16
[  922.438450][T11223] EXT4-fs error (device loop0): ext4_release_dquot:6985: comm kworker/u4:16: Failed to release dquot type 1
[  922.453227][T11463] erofs: (device loop4): mounted with root inode @ nid 36.
[  922.476529][T11457] ext4 filesystem being mounted at /401/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  923.832961][T11210] Quota error (device loop0): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  923.849293][T11210] EXT4-fs error (device loop0): ext4_release_dquot:6985: comm kworker/u4:8: Failed to release dquot type 1
[  923.872139][ T5771] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  924.006114][T11474] loop3: detected capacity change from 0 to 512
[  924.028689][T11476] random: crng reseeded on system resumption
[  924.087406][T11478] loop0: detected capacity change from 0 to 512
[  924.113410][T11478] EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities
[  924.188032][T11481] autofs4:pid:11481:autofs_fill_super: called with bogus options
[  924.215075][T11474] EXT4-fs (loop3): 1 orphan inode deleted
[  924.233190][T11223] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  924.252535][T11474] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  924.261557][T11223] EXT4-fs error (device loop3): ext4_release_dquot:6985: comm kworker/u4:16: Failed to release dquot type 1
[  924.294600][T11474] ext4 filesystem being mounted at /400/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  926.111240][ T5770] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  926.900462][T11495] sd 0:0:1:0: device reset
[  927.558083][T11500] loop3: detected capacity change from 0 to 512
[  927.621115][T11500] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities
[  928.754466][T11508] loop5: detected capacity change from 0 to 512
[  928.823222][T11508] EXT4-fs (loop5): 1 orphan inode deleted
[  928.870754][T11215] Quota error (device loop5): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  928.900667][T11508] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  928.919713][T11215] EXT4-fs error (device loop5): ext4_release_dquot:6985: comm kworker/u4:12: Failed to release dquot type 1
[  929.041066][T11508] ext4 filesystem being mounted at /55/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  929.537732][ T5971] Quota error (device loop5): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  929.710668][ T5971] EXT4-fs error (device loop5): ext4_release_dquot:6985: comm kworker/u4:11: Failed to release dquot type 1
[  929.761895][T10614] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  929.964093][T11523] loop5: detected capacity change from 0 to 512
[  929.998913][T11523] EXT4-fs (loop5): couldn't mount as ext3 due to feature incompatibilities
[  930.241814][T11525] random: crng reseeded on system resumption
[  931.047304][T11530] loop5: detected capacity change from 0 to 512
[  931.779026][T11537] sd 0:0:1:0: device reset
[  931.873819][T11530] EXT4-fs (loop5): 1 orphan inode deleted
[  931.892683][ T5971] Quota error (device loop5): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  932.061867][T11530] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  932.088995][ T5971] EXT4-fs error (device loop5): ext4_release_dquot:6985: comm kworker/u4:11: Failed to release dquot type 1
[  932.141037][T11530] ext4 filesystem being mounted at /57/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  933.708542][T11210] Quota error (device loop5): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  933.739787][T11210] EXT4-fs error (device loop5): ext4_release_dquot:6985: comm kworker/u4:8: Failed to release dquot type 1
[  933.775446][T10614] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  933.956484][T11567] loop5: detected capacity change from 0 to 512
[  933.973417][T11567] EXT4-fs (loop5): couldn't mount as ext3 due to feature incompatibilities
[  934.201129][T11570] random: crng reseeded on system resumption
[  934.246393][T11573] netlink: 'syz.4.1569': attribute type 10 has an invalid length.
[  934.678403][T11573] 8021q: adding VLAN 0 to HW filter on device bond0
[  934.700817][T11573] team0: Port device bond0 added
[  935.687228][T11586] sd 0:0:1:0: device reset
[  936.450128][T11596] loop4: detected capacity change from 0 to 512
[  937.259217][T11596] EXT4-fs (loop4): 1 orphan inode deleted
[  937.304480][T11596] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  937.412008][T11223] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  937.425166][T11596] ext4 filesystem being mounted at /121/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  937.450828][T11223] EXT4-fs error (device loop4): ext4_release_dquot:6985: comm kworker/u4:16: Failed to release dquot type 1
[  937.713398][T11610] loop3: detected capacity change from 0 to 512
[  938.918787][T11614] ufs: You didn't specify the type of your ufs filesystem
[  938.918787][T11614] 
[  938.918787][T11614] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  938.918787][T11614] 
[  938.918787][T11614] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  938.949730][T11614] ufs: ufstype=old is supported read-only
[  938.955950][T11614] ufs: ufs_fill_super(): bad magic number
[  939.205228][T11210] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  939.217257][T11610] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities
[  939.226687][   T28] audit: type=1107 audit(1769314752.998:17): pid=11615 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='�O�l�JѴ
[  939.226687][   T28] �3NxH��}>���ʼ��eԭ�Y�����"�me�-�;���e1m�=�Yu�p�	�Ք�JZ`��
2�=x�@n�F���I��rO��޸${$���,�3�ĕh*Gէ��x�̫��#<碩�$�=�Es����y�.G�����F��\\�ը��F�p"�֬�%aBmԢ=ihM��ʃ�)��1�R�����Ž:p��Ω$�u�Qߛd+%�����(U2�-A�����uz�r�+�v֩6N�&��c����f%�q%�p0�@5��B�w	�ŝ���������B�f��\�U��`�;F3mo����Qp�D��!�r����𼖪)����^�����2̖�x�+l�Vִ7:�gѰ��Q�r����~'�_�����'��1���MA��~�R���(���-�Fa&�`�Xְ������-���.�q�T?%���E���6���鏜���`G3񐱦!�:�Y�k3eC��^T"����Q��‰�Vi��J��ע?=��0rq�~���w}����id�Y�E[gm%i���T�,�'��W(t�X/F����q)��g��8�Q�Q6���fh�do�+"e�CM…!?4߿���l��Gyn~
[  939.226687][   T28] W��4�"��(Ih�+�5�y�_O��	h^|,���v+��z�GmSJ��+���Na�9T�H?�3��o�`>�*�K�� ������
�^~B���ٷx�'f�3]����kR��i����V�N'���)ʟ�����6��:�H�%>$A��W�I�����
[  939.226687][   T28] b�j�r��,��`t�\�4rjk����Lb�9�
"c�xo�1xpM!al��Y �:(L������ʅ��"�H'C8T���)��i�����2�'$M��
[  939.273907][T11210] EXT4-fs error (device loop4): ext4_release_dquot:6985: comm kworker/u4:8: Failed to release dquot type 1
[  939.371279][    C0] vkms_vblank_simulate: vblank timer overrun
[  939.538389][ T9210] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  940.633931][T11639] ufs: You didn't specify the type of your ufs filesystem
[  940.633931][T11639] 
[  940.633931][T11639] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  940.633931][T11639] 
[  940.633931][T11639] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  940.665539][T11639] ufs: ufstype=old is supported read-only
[  940.671688][T11639] ufs: ufs_fill_super(): bad magic number
[  941.887504][T11649] netlink: 80 bytes leftover after parsing attributes in process `syz.0.1591'.
[  941.935476][T11649] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  942.465741][T11659] ufs: You didn't specify the type of your ufs filesystem
[  942.465741][T11659] 
[  942.465741][T11659] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  942.465741][T11659] 
[  942.465741][T11659] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  942.496789][T11659] ufs: ufstype=old is supported read-only
[  942.503602][T11659] ufs: ufs_fill_super(): bad magic number
[  943.067218][T11661] loop0: detected capacity change from 0 to 512
[  943.110971][T11661] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 1 overlaps superblock
[  943.122261][T11661] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 1 overlaps superblock
[  943.127597][T11663] random: crng reseeded on system resumption
[  943.134705][T11661] EXT4-fs (loop0): ext4_check_descriptors: Inode table for group 1 overlaps superblock
[  943.168109][T11661] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  943.215438][T11661] [EXT4 FS bs=4096, gc=2, bpg=35, ipg=32, mo=e040e01c, mo2=0000]
[  943.254934][T11661] EXT4-fs (loop0): failed to initialize system zone (-117)
[  943.318809][T11661] EXT4-fs (loop0): mount failed
[  943.746633][T11672] ufs: You didn't specify the type of your ufs filesystem
[  943.746633][T11672] 
[  943.746633][T11672] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  943.746633][T11672] 
[  943.746633][T11672] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  943.777448][    C0] vkms_vblank_simulate: vblank timer overrun
[  943.783885][T11672] ufs: ufstype=old is supported read-only
[  943.790016][T11672] ufs: ufs_fill_super(): bad magic number
[  943.944242][T11671] "syz.3.1594" (11671) uses obsolete ecb(arc4) skcipher
[  946.167347][T11690] loop5: detected capacity change from 0 to 512
[  946.315079][T11690] EXT4-fs (loop5): 1 orphan inode deleted
[  946.330799][T11210] Quota error (device loop5): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  946.355705][T11690] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  946.407607][T11210] EXT4-fs error (device loop5): ext4_release_dquot:6985: comm kworker/u4:8: Failed to release dquot type 1
[  946.498072][T11690] ext4 filesystem being mounted at /72/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  946.844353][T11700] ufs: You didn't specify the type of your ufs filesystem
[  946.844353][T11700] 
[  946.844353][T11700] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  946.844353][T11700] 
[  946.844353][T11700] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  946.875252][T11700] ufs: ufstype=old is supported read-only
[  946.881431][T11700] ufs: ufs_fill_super(): bad magic number
[  947.690823][   T49] Quota error (device loop5): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  947.728727][   T49] EXT4-fs error (device loop5): ext4_release_dquot:6985: comm kworker/u4:3: Failed to release dquot type 1
[  947.748596][T11705] random: crng reseeded on system resumption
[  947.756344][T10614] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  948.060341][T11709] ufs: You didn't specify the type of your ufs filesystem
[  948.060341][T11709] 
[  948.060341][T11709] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  948.060341][T11709] 
[  948.060341][T11709] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  948.091364][    C0] vkms_vblank_simulate: vblank timer overrun
[  948.097605][T11709] ufs: ufstype=old is supported read-only
[  948.103824][T11709] ufs: ufs_fill_super(): bad magic number
[  948.391606][ T9218] Bluetooth: hci4: command 0x0406 tx timeout
[  948.553653][T11713] "syz.5.1610" (11713) uses obsolete ecb(arc4) skcipher
[  948.868846][T11720] loop4: detected capacity change from 0 to 512
[  948.969670][T11720] EXT4-fs (loop4): 1 orphan inode deleted
[  949.011097][T11215] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  949.025661][T11720] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  949.051000][T11215] EXT4-fs error (device loop4): ext4_release_dquot:6985: comm kworker/u4:12: Failed to release dquot type 1
[  949.096484][T11720] ext4 filesystem being mounted at /129/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  950.141689][T11210] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  950.179444][T11210] EXT4-fs error (device loop4): ext4_release_dquot:6985: comm kworker/u4:8: Failed to release dquot type 1
[  950.239060][ T9210] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  950.314523][T11736] ufs: You didn't specify the type of your ufs filesystem
[  950.314523][T11736] 
[  950.314523][T11736] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  950.314523][T11736] 
[  950.314523][T11736] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  950.346031][T11736] ufs: ufstype=old is supported read-only
[  950.352856][T11736] ufs: ufs_fill_super(): bad magic number
[  950.626351][T11741] random: crng reseeded on system resumption
[  951.062946][T11746] loop0: detected capacity change from 0 to 512
[  951.128957][T11746] EXT4-fs (loop0): couldn't mount as ext3 due to feature incompatibilities
[  951.436135][ T1293] ieee802154 phy0 wpan0: encryption failed: -22
[  951.442646][ T1293] ieee802154 phy1 wpan1: encryption failed: -22
[  952.090219][T11751] ufs: You didn't specify the type of your ufs filesystem
[  952.090219][T11751] 
[  952.090219][T11751] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  952.090219][T11751] 
[  952.090219][T11751] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  952.121118][T11751] ufs: ufstype=old is supported read-only
[  952.127621][T11751] ufs: ufs_fill_super(): bad magic number
[  953.823840][T11767] loop5: detected capacity change from 0 to 512
[  953.856952][T11768] netlink: 'syz.4.1627': attribute type 11 has an invalid length.
[  953.864953][T11768] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1627'.
[  953.949297][T11767] EXT4-fs (loop5): 1 orphan inode deleted
[  953.962147][T11767] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  953.980112][T11220] Quota error (device loop5): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  954.004948][T11220] EXT4-fs error (device loop5): ext4_release_dquot:6985: comm kworker/u4:15: Failed to release dquot type 1
[  954.028836][T11767] ext4 filesystem being mounted at /76/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  955.117591][   T49] Quota error (device loop5): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  955.151927][   T49] EXT4-fs error (device loop5): ext4_release_dquot:6985: comm kworker/u4:3: Failed to release dquot type 1
[  955.188512][T10614] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  955.502967][T11787] ufs: You didn't specify the type of your ufs filesystem
[  955.502967][T11787] 
[  955.502967][T11787] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  955.502967][T11787] 
[  955.502967][T11787] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  955.534577][T11787] ufs: ufstype=old is supported read-only
[  955.542488][T11787] ufs: ufs_fill_super(): bad magic number
[  956.147357][T11793] "syz.3.1631" (11793) uses obsolete ecb(arc4) skcipher
[  957.073332][T11801] loop4: detected capacity change from 0 to 512
[  957.127776][T11801] EXT4-fs (loop4): 1 orphan inode deleted
[  957.142102][T11801] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  957.161149][T11210] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  957.212342][T11801] ext4 filesystem being mounted at /136/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  957.234177][T11210] EXT4-fs error (device loop4): ext4_release_dquot:6985: comm kworker/u4:8: Failed to release dquot type 1
[  957.268759][T11806] loop5: detected capacity change from 0 to 512
[  957.358011][T11806] EXT4-fs (loop5): couldn't mount as ext3 due to feature incompatibilities
[  957.847577][T11811] Failed to get privilege flags for destination (handle=0x2:0x0)
[  958.124666][T11813] netlink: 'syz.3.1640': attribute type 11 has an invalid length.
[  958.132659][T11813] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1640'.
[  958.313253][T11223] Quota error (device loop4): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  958.339531][T11223] EXT4-fs error (device loop4): ext4_release_dquot:6985: comm kworker/u4:16: Failed to release dquot type 1
[  958.386027][ T9210] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  959.712141][T11827] ufs: You didn't specify the type of your ufs filesystem
[  959.712141][T11827] 
[  959.712141][T11827] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  959.712141][T11827] 
[  959.712141][T11827] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  959.743289][T11827] ufs: ufstype=old is supported read-only
[  959.751187][T11827] ufs: ufs_fill_super(): bad magic number
[  961.106012][   T29] INFO: task syz-executor:5769 blocked for more than 143 seconds.
[  961.186702][   T29]       Not tainted syzkaller #0
[  961.246069][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  961.365039][   T29] task:syz-executor    state:D stack:21320 pid:5769  ppid:1      flags:0x00004006
[  961.491671][   T29] Call Trace:
[  961.533241][   T29]  <TASK>
[  961.584487][   T29]  __schedule+0x1553/0x45a0
[  961.651828][   T29]  ? asan.module_dtor+0x20/0x20
[  961.735009][   T29]  ? mark_lock+0x94/0x320
[  961.807195][   T29]  ? lock_chain_count+0x20/0x20
[  961.929088][   T29]  ? _raw_spin_lock_irq+0xbb/0xf0
[  962.042056][   T29]  ? _raw_spin_lock_irqsave+0x100/0x100
[  962.199262][   T29]  schedule+0xbd/0x170
[  962.309989][   T29]  io_schedule+0x80/0xd0
[  962.436255][   T29]  folio_wait_bit_common+0x714/0xfa0
[  962.604551][   T29]  ? folio_wait_bit+0x30/0x30
[  962.949498][   T29]  ? _compound_head+0x120/0x120
[  963.140032][   T29]  truncate_inode_pages_range+0xa8e/0xfb0
[  963.146006][   T29]  ? mapping_evict_folio+0x510/0x510
[  963.151800][   T29]  ? _raw_spin_lock_irq+0xbb/0xf0
[  963.156899][   T29]  ? _raw_spin_unlock_irq+0x23/0x50
[  963.162293][   T29]  ? lockdep_hardirqs_on+0x98/0x150
[  963.167652][   T29]  evict+0x4dd/0x8d0
[  963.171686][   T29]  ? schedule_preempt_disabled+0x20/0x20
[  963.177570][   T29]  ? proc_nr_inodes+0x230/0x230
[  963.182671][   T29]  ? do_raw_spin_unlock+0x121/0x230
[  963.190583][   T29]  ? preempt_schedule_thunk+0x1a/0x30
[  963.196162][   T29]  evict_inodes+0x468/0x6a0
[  963.200895][   T29]  ? clear_inode+0x150/0x150
[  963.205561][   T29]  generic_shutdown_super+0x97/0x2b0
[  963.211051][   T29]  kill_block_super+0x44/0x90
[  963.215909][   T29]  deactivate_locked_super+0x97/0x100
[  963.221495][   T29]  cleanup_mnt+0x43b/0x4d0
[  963.225983][   T29]  task_work_run+0x1d4/0x260
[  963.230790][   T29]  ? task_work_cancel+0x220/0x220
[  963.236007][   T29]  ? exit_to_user_mode_loop+0x3b/0x110
[  963.241694][   T29]  exit_to_user_mode_loop+0xe6/0x110
[  963.247146][   T29]  exit_to_user_mode_prepare+0xee/0x180
[  963.252845][   T29]  syscall_exit_to_user_mode+0x1a/0x50
[  963.258475][   T29]  do_syscall_64+0x61/0xa0
[  963.263045][   T29]  ? clear_bhb_loop+0x40/0x90
[  963.267880][   T29]  ? clear_bhb_loop+0x40/0x90
[  963.273001][   T29]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  963.278972][   T29] RIP: 0033:0x7f2a0859bf17
[  963.300518][   T29] RSP: 002b:00007ffefc298088 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  963.330423][   T29] RAX: 0000000000000000 RBX: 00007f2a0860471f RCX: 00007f2a0859bf17
[  963.366017][   T29] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffefc298140
[  963.381118][   T29] RBP: 00007ffefc298140 R08: 00007ffefc299140 R09: 00000000ffffffff
[  963.389153][   T29] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffefc2991d0
[  963.440686][   T29] R13: 00007f2a0860471f R14: 00000000000c4c3d R15: 00007ffefc299210
[  963.448781][   T29]  </TASK>
[  963.470663][   T29] 
[  963.470663][   T29] Showing all locks held in the system:
[  963.506923][   T29] 1 lock held by khungtaskd/29:
[  963.560497][   T29]  #0: ffffffff8d131fe0 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x290
[  963.610661][   T29] 2 locks held by getty/5529:
[  963.615426][   T29]  #0: ffff88802ceab0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  963.640424][   T29]  #1: ffffc9000326e2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x433/0x1390
[  963.672689][   T29] 1 lock held by syz-executor/5769:
[  963.677974][   T29]  #0: ffff88807a9f60e0 (&type->s_umount_key#105){+.+.}-{3:3}, at: deactivate_super+0xa4/0xe0
[  963.713238][   T29] 3 locks held by kworker/1:10/7105:
[  963.718624][   T29]  #0: ffff888017c70938 ((wq_completion)events){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[  963.790464][   T29]  #1: ffffc90005167d00 (free_ipc_work){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[  963.810523][   T29]  #2: ffffffff8d1379b8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x306/0x880
[  963.830429][   T29] 2 locks held by kworker/1:11/7106:
[  963.835803][   T29]  #0: ffff888017c72538 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[  963.890449][   T29]  #1: ffffc90005177d00 ((work_completion)(&rew->rew_work)){+.+.}-{0:0}, at: process_scheduled_works+0x96f/0x15d0
[  963.920682][   T29] 1 lock held by syz-executor/10604:
[  963.926059][   T29] 4 locks held by syz-executor/10614:
[  963.937269][   T29]  #0: ffff88802f190e70 (&hdev->req_lock){+.+.}-{3:3}, at: hci_unregister_dev+0x212/0x500
[  963.949397][   T29]  #1: ffff88802f1900b8 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_close_sync+0x4c9/0xfa0
[  963.964138][   T29]  #2: ffffffff8e52d328 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xa1/0x220
[  963.985499][   T29]  #3: ffff88802ee16b38 (&conn->lock#2){+.+.}-{3:3}, at: l2cap_conn_del+0x70/0x660
[  963.996411][   T29] 1 lock held by syz.4.1642/11818:
[  964.007790][   T29]  #0: ffffffff97689d18 (nfnl_subsys_ipset){+.+.}-{3:3}, at: call_ad+0x28d/0xb40
[  964.040656][   T29] 1 lock held by syz.0.1645/11837:
[  964.045860][   T29]  #0: ffffffff8d1379b8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x3da/0x880
[  964.068917][   T29] 
[  964.071401][   T29] =============================================
[  964.071401][   T29] 
[  964.079949][   T29] NMI backtrace for cpu 0
[  964.084323][   T29] CPU: 0 PID: 29 Comm: khungtaskd Not tainted syzkaller #0
[  964.091581][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  964.101691][   T29] Call Trace:
[  964.105017][   T29]  <TASK>
[  964.107991][   T29]  dump_stack_lvl+0x18c/0x250
[  964.112733][   T29]  ? preempt_count_add+0x91/0x1a0
[  964.117841][   T29]  ? show_regs_print_info+0x20/0x20
[  964.123109][   T29]  ? load_image+0x400/0x400
[  964.127689][   T29]  nmi_cpu_backtrace+0x3a6/0x3e0
[  964.132729][   T29]  ? nmi_trigger_cpumask_backtrace+0x2f0/0x2f0
[  964.138949][   T29]  ? _printk+0xde/0x130
[  964.143160][   T29]  ? load_image+0x400/0x400
[  964.147726][   T29]  ? load_image+0x400/0x400
[  964.152280][   T29]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  964.158415][   T29]  nmi_trigger_cpumask_backtrace+0x17a/0x2f0
[  964.164463][   T29]  watchdog+0xf3d/0xf80
[  964.168683][   T29]  ? watchdog+0x1e1/0xf80
[  964.173067][   T29]  kthread+0x2fa/0x390
[  964.177217][   T29]  ? hungtask_pm_notify+0x90/0x90
[  964.182300][   T29]  ? kthread_blkcg+0xd0/0xd0
[  964.186940][   T29]  ret_from_fork+0x48/0x80
[  964.191403][   T29]  ? kthread_blkcg+0xd0/0xd0
[  964.196026][   T29]  ret_from_fork_asm+0x11/0x20
[  964.200859][   T29]  </TASK>
[  964.205187][   T29] Sending NMI from CPU 0 to CPUs 1:
[  964.211382][    C1] NMI backtrace for cpu 1
[  964.211394][    C1] CPU: 1 PID: 5128 Comm: klogd Not tainted syzkaller #0
[  964.211411][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  964.211421][    C1] RIP: 0010:__this_cpu_preempt_check+0x0/0x20
[  964.211449][    C1] Code: 48 89 da e8 12 6a f4 ff 48 8b 74 24 30 48 c7 c7 60 81 1c 8b e8 01 6a f4 ff e8 4c 80 ff ff eb a8 e8 e5 e8 ff ff 0f 1f 44 00 00 <f3> 0f 1e fa 48 89 fe 48 c7 c7 e0 80 1c 8b e9 dd fe ff ff cc cc cc
[  964.211464][    C1] RSP: 0018:ffffc90003207468 EFLAGS: 00000006
[  964.211478][    C1] RAX: 0000000080000003 RBX: 0000000000000001 RCX: 0000000000000000
[  964.211489][    C1] RDX: 0000000000000001 RSI: 0000000000000000 RDI: ffffffff8ad3e600
[  964.211500][    C1] RBP: 0000000000000000 R08: 0000000000000001 R09: 0000000000000000
[  964.211509][    C1] R10: dffffc0000000000 R11: fffffbfff1d15b3e R12: 0000000000041e80
[  964.211521][    C1] R13: dffffc0000000000 R14: 0000000000000000 R15: ffff88813fffa700
[  964.211533][    C1] FS:  00007f71581d0c80(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  964.211548][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  964.211559][    C1] CR2: 00007ffe6552cf4c CR3: 00000000308a8000 CR4: 00000000003506e0
[  964.211575][    C1] Call Trace:
[  964.211581][    C1]  <TASK>
[  964.211586][    C1]  __mod_zone_page_state+0x9a/0x140
[  964.211616][    C1]  __free_one_page+0xf9/0xc30
[  964.211658][    C1]  free_pcppages_bulk+0x306/0x5d0
[  964.211691][    C1]  free_unref_page+0x17e/0x2e0
[  964.211718][    C1]  __unfreeze_partials+0x1cf/0x210
[  964.211738][    C1]  put_cpu_partial+0x17c/0x250
[  964.211753][    C1]  ? put_cpu_partial+0x6e/0x250
[  964.211770][    C1]  __slab_free+0x319/0x400
[  964.211787][    C1]  ? _raw_spin_unlock+0x40/0x40
[  964.211804][    C1]  ? __phys_addr+0xba/0x170
[  964.211828][    C1]  qlist_free_all+0x75/0xd0
[  964.211853][    C1]  kasan_quarantine_reduce+0x143/0x160
[  964.211891][    C1]  __kasan_slab_alloc+0x22/0x80
[  964.211910][    C1]  slab_post_alloc_hook+0x6e/0x4b0
[  964.211939][    C1]  kmem_cache_alloc_node+0x14c/0x320
[  964.211963][    C1]  ? __alloc_skb+0x103/0x2c0
[  964.212063][    C1]  __alloc_skb+0x103/0x2c0
[  964.212114][    C1]  alloc_skb_with_frags+0xca/0x7b0
[  964.212143][    C1]  ? do_syscall_64+0x55/0xa0
[  964.212185][    C1]  sock_alloc_send_pskb+0x883/0x9a0
[  964.212217][    C1]  ? sock_kzfree_s+0x50/0x50
[  964.212236][    C1]  ? do_raw_spin_lock+0x11f/0x2c0
[  964.212267][    C1]  ? __rwlock_init+0x150/0x150
[  964.212295][    C1]  ? do_raw_spin_unlock+0x121/0x230
[  964.212320][    C1]  unix_dgram_sendmsg+0x5a2/0x16d0
[  964.212382][    C1]  ? syslog_print+0x595/0x630
[  964.212403][    C1]  ? aa_sk_perm+0x83c/0x970
[  964.212437][    C1]  ? unix_dgram_poll+0x680/0x680
[  964.212461][    C1]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[  964.212482][    C1]  ? aa_sock_msg_perm+0x94/0x150
[  964.212503][    C1]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  964.212526][    C1]  ? security_socket_sendmsg+0x80/0xa0
[  964.212546][    C1]  __sys_sendto+0x4a9/0x6b0
[  964.212594][    C1]  ? __ia32_sys_getpeername+0x90/0x90
[  964.212631][    C1]  ? log_buf_vmcoreinfo_setup+0x450/0x450
[  964.212658][    C1]  ? lockdep_hardirqs_on_prepare+0x40d/0x770
[  964.212678][    C1]  ? lock_chain_count+0x20/0x20
[  964.212700][    C1]  __x64_sys_sendto+0xde/0xf0
[  964.212726][    C1]  do_syscall_64+0x55/0xa0
[  964.212749][    C1]  ? clear_bhb_loop+0x40/0x90
[  964.212767][    C1]  ? clear_bhb_loop+0x40/0x90
[  964.212785][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  964.212802][    C1] RIP: 0033:0x7f7158320407
[  964.212816][    C1] Code: 48 89 fa 4c 89 df e8 38 aa 00 00 8b 93 08 03 00 00 59 5e 48 83 f8 fc 74 1a 5b c3 0f 1f 84 00 00 00 00 00 48 8b 44 24 10 0f 05 <5b> c3 0f 1f 80 00 00 00 00 83 e2 39 83 fa 08 75 de e8 23 ff ff ff
[  964.212830][    C1] RSP: 002b:00007ffdd4d96b80 EFLAGS: 00000202 ORIG_RAX: 000000000000002c
[  964.212846][    C1] RAX: ffffffffffffffda RBX: 00007f71581d0c80 RCX: 00007f7158320407
[  964.212858][    C1] RDX: 0000000000000039 RSI: 00007ffdd4d96cc0 RDI: 0000000000000003
[  964.212869][    C1] RBP: 00007ffdd4d970f0 R08: 0000000000000000 R09: 0000000000000000
[  964.212879][    C1] R10: 0000000000004000 R11: 0000000000000202 R12: 00007ffdd4d97108
[  964.212890][    C1] R13: 00007ffdd4d96cc0 R14: 000000000000001e R15: 00007ffdd4d96cc0
[  964.212909][    C1]  </TASK>
[  964.308985][   T29] Kernel panic - not syncing: hung_task: blocked tasks
[  964.309037][   T29] CPU: 0 PID: 29 Comm: khungtaskd Not tainted syzkaller #0
[  964.309089][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  964.309120][   T29] Call Trace:
[  964.309133][   T29]  <TASK>
[  964.309153][   T29]  dump_stack_lvl+0x18c/0x250
[  964.309241][   T29]  ? show_regs_print_info+0x20/0x20
[  964.309312][   T29]  ? load_image+0x400/0x400
[  964.309402][   T29]  panic+0x2dc/0x730
[  964.309454][   T29]  ? schedule_preempt_disabled+0x20/0x20
[  964.309535][   T29]  ? bpf_jit_dump+0xd0/0xd0
[  964.309608][   T29]  ? __irq_work_queue_local+0x13a/0x3b0
[  964.309683][   T29]  ? nmi_trigger_cpumask_backtrace+0x2a4/0x2f0
[  964.309769][   T29]  watchdog+0xf7c/0xf80
[  964.309834][   T29]  ? watchdog+0x1e1/0xf80
[  964.309924][   T29]  kthread+0x2fa/0x390
[  964.309967][   T29]  ? hungtask_pm_notify+0x90/0x90
[  964.310070][   T29]  ? kthread_blkcg+0xd0/0xd0
[  964.310136][   T29]  ret_from_fork+0x48/0x80
[  964.310201][   T29]  ? kthread_blkcg+0xd0/0xd0
[  964.310247][   T29]  ret_from_fork_asm+0x11/0x20
[  964.310363][   T29]  </TASK>
[  964.316815][   T29] Kernel Offset: disabled
[  964.734924][   T29] Rebooting in 86400 seconds..