last executing test programs:

9m57.858256758s ago: executing program 1 (id=120):
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_status={{0xf, 0x4}, {0x0, 0x0, 0x407}}}, 0x7)
r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x20, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r0, 0xc10c5541, &(0x7f0000000040)=0x1)

9m57.321233356s ago: executing program 1 (id=123):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x6}}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r0}, 0x10)
syz_usb_connect(0x0, 0x2d, &(0x7f00000002c0)=ANY=[@ANYBLOB="12010000091c2f20c81403006c050102030109021b00010000000009040000018ea44300090585"], 0x0)

9m55.277783924s ago: executing program 1 (id=133):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000001040)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWRULE={0x34, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0x2}, [@NFTA_RULE_ID={0x8, 0x9, 0x1, 0x0, 0x1}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x5c}}, 0x0)

9m54.436858852s ago: executing program 1 (id=137):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000240)='./file0\x00', 0xc02, &(0x7f0000009b80)=ANY=[@ANYBLOB='iocharset=macromanian,uid=', @ANYRESHEX=0x0, @ANYBLOB="2c6572726f72733d636f6e74696e75652c757466382c646973636172642c6b6565705f6c6173745f646f74732c666d61736b3d30303030303030303030303030303030303030303331372c6e616d65636173653d312c616c6c6f775f7574696d653d30303030303030303030303030303030303030303030342c696f636861727365743d69736f383835392d322c0036b31d821d64f6269a45f32df22d1ca8bb2f562a2c947b9b1642d15000b2bfe919b892a8b2deb4ead6027b0215761d101255ca823e3e5b3ad9d42af3944b48687df1b9"], 0x1, 0x1521, &(0x7f0000007640)="$eJzs3AuYjtXaOPD7Xms9Y0zS2ySHYa11P7zJYZkkySFJDkmSJElOCUmTbEmoGHJKGpKQHIbkMITkMDFpnM/nQ0KSNEkSklOy/tcUf7td+9t7f7tv+65v7t91Pdes+13PvZ71vPf7vs/hnZlvuw6t1aR29UZEBP8W/PVHMgDEAsBAALgGAAIAKB9fPj67P7fE5H9vI+zP9VDalZ4Bu5K4/jkb1z9n4/rnbFz/nI3rn7Nx/XM2rn/OxvVnLCfbPL3Qtbzk3IXv/+dkfPz/PySrzNgv15a5vhtAzD+bwvXP2bj+/2cF/8xKXP+cjeufU8Ve6Qmw/wX4/Z8T5Pq7PVz/nI3rz1hOdqXvP1/pBSI5+zm40q8/xhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGM5wxl/mQKAS+0rPS/GGGOMMcYYY4z9eXyuKz0DxhhjjDHGGGOM/c9DECBBQQAxkAtiITfEgQCAqyEvXAMRuBbi4TrIB9dDfigABaEQJEBhKAIaDMQAQQhFoRhE4QYoDjdCCSgJpaA0OCgDiXATlIWboRzcAuXhVqgAt0FFqASVoQrcDlXhDqgGd0J1uAtqQE2oBbXhbqgD90BduBfqwX1QH+6HBvAANIQHoRE8BI3hYWgCj0BTeBSaQXNoAS2h1X8r/wV4EV6CntALkqE39IGXoS/0g/4wAAbCKzAIXoXB8BqkwBAYCq/DMHgDhsObMAJGwih4C0bD2zAGxsI4GA+pMAEmwjswCd6FyTAFpsI0SIPpMAPeg5kwC2bD+zAHPoC5MA/mwwJIhw9hISyCDPgIFsPHkAlLYCksg+WwAlbCKlgNa2AtrIP1sAE2wibYDFtgK2yD7bADdsInsAs+hd2wB/bCZ7APPv8X80//TX43BAQUKFChwhiMwViMxTiMwzyYB/NiXoxgBOMxHvNhPsyP+bEgFsQETMAiWAQNGiQkLIpFMYpRLI7FsQSWwFJYCh06TMRELIs3Yzksh+WxPFbAClgRK2ElrIJVsCpWxWpYDatjdayBNbAW1sK78W7sjXWxLtbDelgf61+6PYWNsBE2xsbYBJtgU2yKzbAZtsAW2ApbYWtsjW2wDbbDdtge22MH7IBJmIQdsSN2wk7YGTtjF+yCXbErdsPu2D3rhVyAL+FL2AtriN7YB/tgX0zJ1R8H4AB8BQfhq/gqvoYpOASH4uv4Or6Bw/EUjsCROApHYVXxNo7BsUhiPKZiKk7EiTgJJ+FknIJTcBqm4XScgTNwJs7CWfg+zsEP8AOch/NwAaZjOi7ERZiBGbgYT2MmLsGluAyX4wpcjqtwNa7CtbgO1+IG3ICbcBNuwS24DbfhDtyBn6ACwE9xD+7BFNyH+3A/7scDeAAP4kHMwiw8hIfwMB7GI3gEj+JRPIbH8QQex5N4Ek/haTyDZ/AcnsPz+FzC140/KbkmBUQ2JZSIETEiVsSKOBEn8og8Iq/IKyIiIuJFvMgn8on8Ir8oKAqKBJEgiogiwggjSIQxACCiIiqKi+KihCghSolSwgknEkWiKCvKinKinCgvbhUVxG2ioqgk2roqooqoKtq5auJOUV1UFzVETVFL1Ba1RR1RR9QVdUU9UU/UF/VFA/GAaCh6Y398SGRXpokYgk3FUGwmmgt58ROstRiObURb0U48IUbiCOwgWrsk8bToKMZgJ/EXMRafFV3EeOwqnhfdRHfRQ7wgXhRtXE/RS0zG3qKPmIZ9RT/RXwwQM7GmeB/n5K4lXhMpYogYKl4XC/ANMVy8KUaIkWKUeEuMFm+LMWKsGCfGi1QxQUwU74hJ4l0xWUwRU8U0kSamixniPTFTzBKzxftijvhAzBXzxHyxQKSLD8VCsUhkiI/EYvGxyBRLxFKxTCwXK8RKsUqsFmvEWrFOrBcbxEaxSWwWW8RWsU1sFzvETvGJ2CU+FbvFHrFXfCb2ic/FfvGFOCC+FAfFVyJLfC0OiW/EYfGtOCK+E0fF9+KYOC5OiB/ESfGjOCVOizPirDgnfhLnxc/igvACJEohpVQykDEyl4yVuWWcvErmkcHFZ/daGS+vk/nk9TK/LCALykIyQRaWRaSWRlpJMpRFZTEZlTfI4vJGWUKWlKVkaelkGZkob5Jl5c2ynLxFlpe3ygryNllRVpKVZRV5u6wq75AQ+XUbNWRNWUvWlnfLZLhH1pX3ynryPllf3i8byAdkQ/mgbCQfko3lw7KJfEQ2lY/KZrK5bCFbylbyMdlaPi7byLaynXxCtpdPyg7yKZkkn5Ydpb/4EnlWdpHPya7yedlNdpc95M/ygvSyp+wloTfIPvJl2Vf2k/3lADlQviIHyVflYPmaTJFD5FD5uhwm35DD5ZtyhBwpR8m35Gj5thwjx8pxcrxMlRPkRPmOnCTflZPlFDlVTpNpcrrsf3Gk2VL+w/x3/iB/8C9b3yQ3yy1yq9wmt8sdcqf8RO6Su+RuuVvulXvlPrlP7pf75QF5QB6UB2WWzJKH5CF5WB6WR+QReVQelcfkcXlW/iBPyh/lKXlanpZn5Tl5Tp6/+ByAQiWUVEoFKkblUrEqt4pTV6k86mqVV12jIupaFa+uU/nU9Sq/KqAKqkIqQRVWRZRWRllFKlRFVTEVVTfgxReMKqVKK6fKqER107+Sr4qrG1UJVfI3+Zfml/x35tdKtVKtVWvVRrVR7VQ71V61Vx1UB5WkklRH1VF1Up1UZ9VZdVFdVFfVVXVT3VQP1UO9qF5UPVVPlaySVR/1suqr+qn+aoAaqF5Rg9QgNVgNVikqRQ1VQ9UwNUwNV8PVCDVCjVKj1Gg1Wo1RY9Q4NU6lqlQ1UU1Uk9QkNVlNVlPVVJWm0tQMNUPNVDPVbDVbzVFz1Fw1V81X81W6SlcL1UKVoTLUYrVYZaolaolappapFWqFWqVWqTVqjVqn1qkNaoPKVJvVZrVVbVXb1Xa1U+1Uu9QutVvtVnvVXrVP7VP71X51QB1QB9VBlaWy1CF1SB1Wh9URdUQdVUfVMXVMnVAn1El1Up1Sp9QZdUadU+fUeXVeXVAXsk/7AhGIQAXZR9qYIDaIDeKCuCBPkCfIG+QNIkEkiA/ig3zB9UH+oEBQMCgUJASFgyKBDkxgA3Gx6NHghqB4cGNQIigZlApKBy4oEyQGNwVlg5uDcsEtQfng1qBCcFtQMagUVA6qBLcHVYM7gmrBnUH14K6gRlAzqBXUDu4O6gT3BHWDe4N6wX1B/eD+oEHwQNAweDBoFDwUNA4eDpoEjwRNg0eDZkHzoEXQMmj1p47v/akCj7ueupdO1r11H/2y7qv76f56gB6oX9GD9Kt6sH5Np+gheqh+XQ/Tb+jh+k09Qo/Uo/RberR+W4/RY/U4PV6n6gl6on5HT9Lv6sl6ip6qp+k0PV3P0O/pmXqWnq3f13P0B3qunqfn6wU6XX+oF+pFOkN/pBfrj3WmXqKX6mV6uV6hV+pVerVeo9fqdXq93qA36k16s96it+pterveoXfqT/Qu/anerffovfozvU9/rvfrL/QB/aU+qL/SWfprfUh/ow/rb/UR/Z0+qr/Xx/RxfUL/oE/qH/UpfVqf0Wf1Of2TPq9/1he0zz65zz68G2WUiTExJtbEmjgTZ/KYPCavyWsiJmLiTbzJZ/KZ/Ca/KWgKmgSTYIqYIiYbGTJFTVETNVFT3BQ3JUwJU8qUMs44k2gSTVlT1pQz5Ux5U95UMBVMRVPRVDaVze3mdnOHucPcae40d5m7TE1T09Q2tU0dU8fUNXVNPVPP1Df1TQPTwDQ0DU0j08g0No1NE9PENDVNTTPTzLQwLUwr08q0Nq1NG9PGtDPtTHvT3nQwHUySSTIdTUfTyXQynU1n08V0MV1NV9PNdDM9zKUvQ3uaZJNs+pg+pq/pa/qb/magGWgGmUFmsBlsUkyKGWqGmmFmmBluhpsRZqQZlZ1q3jZjzFgzzow3qSbVTDQTzSQzyUw2k81UM9WkmTQzw8wwM81MM9vMNnPMHDPXzDXzzXyTbtLNQrPQZJgMs9gsNpkm0yw1S81ys9ysNCvNarParDVrzXpYbzaajWaz2Wy2mq1mu9ludpqdZpfZZXab3Wav2Wv2mX1mv9lvDpgD5qA5aLJMljlkDpnD5rA5Yo6Yo+aoOWaOmRPmhDlpTppT5pQ5Y86Yc6bAxeOlN7E2t42zV9k89mqb115j/zYuaAvZBFvYFrHa5rcFfhMba20JW9KWsqWts2Vsor3pd3FFW8lWtlXs7baqvcNW+11cx95j69p7bT17n61t7/5NXN/ebxvYR2xDRADb3Da2LW0T+4htah+1zWxz28K2tO3tk7aDfcom2adtR/vM7+KFdpFdbdfYtXad3W332DP2rD1sv7Xn7E+2p+1lB9pX7CD7qh1sX7Mpdsjv4lH2LTvavm3H2LF2nB3/u3iqnWbT7HQ7w75nZ9pZv4vT7Yd2js2wc+08O98u+CXOnlOG/cguth/bTBvAUrvMLrcr7Eq76v/PdZndYDfaTXaX/dRutdvsdrvD7rx0Imz32L32M7vPfm4P2W/sAfulPWiP2Cz79S9x9v4dsd/Zo/Z7e8wetyfsD/ak/VFdys7e9x/sz/aC9RYICUiSooBiKBfFUm6Ko6soD11NeekaitC1FE/XUT66nvJTASpIhSiBClMR0mTIElFIRakYRekGujS9UlSaHJWhRLqJytLNVI5uofJ0K1Wg26giVaLKVIVup6p0B1WjO6k63UU1qCbVotp0N9Whe6gu3Uv14D6qT/dTA3qAGtKD1Igeosb0MDWhR6gpPUrNqDm1oJbUih6j1vQ4taG21I6eoPb0JHWgpyiJnqaO9Ax1or9QZ3qWutBz1JWep27UnXrQC/QivUQ9qRclU2/qQy9TX+pH/WkADaRXaBC9SoPpNUqhITSUXqdh9AYNpzdpBI2kUfQWjaa3aQyNpXE0nlJpAk2kd2gSvUuTaQpNpWmURtNpBr1HM2kWzab3aQ59QHNpHs2nBZROH9JCWkQZ9BEtpo8pk5bQUlpGy2kFraRVtJrW0FpaR+tpA22kTbSZttBW2kbbaQftpE9oF31Ku2kP7aXPaB99TvvpCzpAX9JB+oqy6Gs6RN/QYfqWjtB3vhd9T8foOJ2gH+gk/Uin6DSdobN0jn6i8/QzXSBPEGIoQhmqMAhjwlxhbJg7jAuvCvOEV4d5w2vCSHhtGB9eF+YLrw/zhwXCgmGhMCEsHBYJdWhCG1IYhkXDYmE0vCEsHt4YlghLhqXC0qELy4SJ4U1h2fDmsFx4S1g+vDWsEN4WVgwrhY/cVyW8Pawa3hFWC+8Mq4d3hTXCmmGtsHZ4d1gnvCesG94b1gvvC8uF94cNwgfChuGDYaPwobBx+HDYJHwkbBo+GjYLm4ctwpZhq/CxsHX4eNgmbBu2C58I24dPhh3Cp8Kk8OmwY/jML/33L/r7/clh77BP+HL4cuj9vXJ+dEE0PfphdGF0UTQj+lF0cfTjaGZ0SXRpdFl0eXRFdGV0VXR1dE10bXRddH10Q3RjdFPU+9q5wKETTjrlAhfjcrlYl9vFuatcHne1y+uucRF3rYt317l87nqX3xVwBV0hl+AKuyJOO+OsIxe6oq6Yi7obXHF3oyvhSrpSrrRzroxLdC1dK9fKtXaPuzaurWvnnnBPuCfdk+4p95R72nV0z7hO7i+us3vWdXHPuefc866b6+56uBfci25C3l/fk8muj+vj+rq+rr/r7wa6gW6QG+QGu8EuxaW4oW6oG+aGueFuuBvhRrhRbpQb7Ua7MW6MG+fGuVSX6ia6iW6Sm+Qmu8luqpvq0lyam+FmuJlupqs669etzHVz3Xw336W7dLfQZZ8zZrjFbrHLdJluqVvqlrvlbqVb6Va71W6tW+vWu/Vuo9voNrvNbqvb6ra77W6n2+l2uV1ut7/m10HdPrff7XcH3AF30H3lstzX7pD7xh1237oj7jt31H3vjrnj7oT7wZ10P7pT7rQ74866c+4nd9797C4471IjEyITI+9EJkXejUyOTIlMjUyLpEWmR2ZE3ovMjMyKzI68H5kT+SAyNzIvMj+yIJIe+TCyMLIokhH5KLI48nEkM7IksjSyLLI8siLifeGtoS/qi/mov8EX9zf6Er6kL+VLe+fL+ER/ky/rb/bl/C2+vL/VV/C3+Yq+kq/sH/XNfHPfwrf0rfxjvrV/3LfxbX07/4Rv75/0HfxTPsk/7Tv6Z3wn/xff2T/ru/jnfFf/vO/mu/se/gX/on/J9/S9fLLv7fv4l31f38/39wP8QP+KH+Rf9YP9az7FD/FD/et+mH/DD/dv+hF+pB8V85YffekSGcb7VD/BT/Tv+En+XbjTT/FT/TSf5qf7Gf49P9PP8rP9+36O/8DP9fP8fL/Ap/sP/UK/yGf4j/xi/7HP9Esu3VT2K/0qv9qv8Wv9Or/eb/Ab/Sa/2W/xW/02v93v8Dv9J36X/9Tv9nv8Xv+Z3+c/9/v9F/6A/9If9F/5LP+1P+S/8Yf9t/6I/84f9d/7Y/64P+F/8Cf9j/6UP+3P+LP+nP/Jn/c/+wv8N2uMMcYYY/+UCZeb4rc9v97O7/0HOeKvVu4DAFdvK5T11/3ZZ5Tr8//a7icS2kcA4OleXR+6tNSokZycfHHdTAlBsXkAl74JyhYDl+Ml0A6ehCRoC2X/cP79RPdz9A/Gj94KEPdXObFwOb48/hcAmPwH4z/2xKiFFcIz8f/F+PMAShS7nJMbLsdLoN0v91faQrm/M/8Crf/B/HN/mQrQ5q9y8sDl+PL8E+FxeAaSfrMmY4wxxhhjjDH2q36icudL15+XfuPzj67PE9TlnFxwOf5H1+eMMcYYY4wxxhi78p7t3uOpx5KS2nb+1xvV/ltZ/3SjKfxPjcyNP2x4D3DpEQUA/+aAANkN+Z/ciy3/kW2lXHzr/G3X8rM+gP8dpfwzGlf4g4kxxhhjjDH2p7t80v/bx9WVmhBjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMZYD/Sf+ndiV3kfGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGPsSvt/AQAA//8aUv8e")
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x12b)
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000300)='configfs\x00', 0x0, 0x0)

9m53.756502243s ago: executing program 1 (id=143):
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
syz_emit_ethernet(0x81, &(0x7f00000002c0)={@local, @remote, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "8a37f2", 0x4b, 0x2c, 0x0, @remote, @local, {[], {{0x600, 0x3, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0x0, 0x2, 0x0, 0x0, {[@exp_fastopen={0xfe, 0x4}]}}, {"258c5a808e0de3b4362e31e3dc7e60bc9f5ad0d4f51e7a52f3b8ee8eae7fe2a876d9683e750c28b8a2c7ccd5d55d55a37f616d"}}}}}}}, 0x0)

9m53.308904666s ago: executing program 1 (id=145):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="1201000014da2108ab12a390eb1e000000010902240001b30000040904410017ff5d810009050f1f01040000000905830300b3"], 0x0)
syz_usb_connect$printer(0x3, 0x2d, &(0x7f00000000c0)=ANY=[@ANYBLOB="fb01"], 0x0)
syz_usb_ep_write$ath9k_ep2(r0, 0x83, 0x8, &(0x7f00000000c0)=ANY=[])

9m51.470197333s ago: executing program 32 (id=145):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000200)=ANY=[@ANYBLOB="1201000014da2108ab12a390eb1e000000010902240001b30000040904410017ff5d810009050f1f01040000000905830300b3"], 0x0)
syz_usb_connect$printer(0x3, 0x2d, &(0x7f00000000c0)=ANY=[@ANYBLOB="fb01"], 0x0)
syz_usb_ep_write$ath9k_ep2(r0, 0x83, 0x8, &(0x7f00000000c0)=ANY=[])

9m41.763910302s ago: executing program 2 (id=210):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x2, 0xbf22, 0x1, 0xffffffffffffffff, 0xfffffffe}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300), &(0x7f0000000400), 0x401, r0, 0x0, 0xa002a0}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000300)={&(0x7f0000000080)="15", &(0x7f0000000140)=""/184, &(0x7f0000000200), &(0x7f0000001540), 0x1, r0}, 0x38)

9m41.206328561s ago: executing program 2 (id=213):
syz_mount_image$vfat(&(0x7f0000000280), &(0x7f00000002c0)='./file0\x00', 0x10000, 0xffffffffffffffff, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000040)='devtmpfs\x00', 0x0, 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x2e40ab, &(0x7f00000000c0)={[{@inode32}, {@nr_inodes={'nr_inodes', 0x3d, [0x70]}}]})

9m40.720810329s ago: executing program 2 (id=216):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000000c0), 0xe2981)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x0, 0x0, 'queue0\x00'})
write$sndseq(r0, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32={[0x2600, 0x0, 0x2000]}}], 0xffc8)

9m39.989131852s ago: executing program 2 (id=220):
syz_mount_image$exfat(&(0x7f00000009c0), &(0x7f0000000100)='./file1\x00', 0x800800, &(0x7f0000000040)={[{@utf8}, {@iocharset={'iocharset', 0x3d, 'cp950'}}, {@umask={'umask', 0x3d, 0x8}}, {@keep_last_dots}, {@umask={'umask', 0x3d, 0x5}}, {@gid}, {@iocharset={'iocharset', 0x3d, 'cp775'}}, {@iocharset={'iocharset', 0x3d, 'cp932'}}, {@errors_continue}, {@sys_tz}]}, 0x1, 0x152b, &(0x7f0000000a00)="$eJzs3AmYjtXbAPD7Puc8Y0zS2yTLcM65H95kOSZJsiTJkiRJkmRLSJrkLwmJIVvSkIRkGZJlCMkyMWns+74kJEmTJCHZkvNdir/66r8vvuub+3ddzzXnfs9zn+c87/0+8yyzfNN5SI1GNas2ICL4l+AvX5IBIBYABgDANQAQAEDZ+LLxF/pzSkz+1zbC/r0eSrvSM2BXEtc/e+P6Z29c/+yN65+9cf2zN65/9sb1z964/oxlZ5umFbiWl+y78PP/7IzP//+PZJUa88WaUtd3AYj5e1O4/tkb1///reDvWYnrn71x/bOr2Cs9AfZ/AB//2UGOv9jD9c/euP6MZWdX+vnzf36Rf7UfItnhPfgr+88YY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjP0XnPaXKQC41L7S82KMMcYYY4wxxti/j89xpWfAGGOMMcYYY4yx/zwEARIUBBADOSAWckIcCAC4GnLDNRCBayEeroM8cD3khXyQHwpAAhSEQqDBgAWCEApDEYjCDVAUboRiUBxKQElwUAoS4SYoDTdDGbgFysKtUA5ug/JQASpCJbgdKsMdUAXuhKpwF1SD6lADasLdUAvugdpwL9SB+6Au3A/14AGoDw9CA3gIGsLD0AgegcbwKDSBptAMmkOLfyr/BegOL0IP6AnJ0At6w0vQB/pCP+gPA+BlGAivwCB4FVJgMAyB12AovA7D4A0YDiNgJLwJo+AtGA1jYCyMg1QYDxPgbZgI78AkmAxTYCqkwTSYDu/CDJgJs+A9mA3vwxyYC/NgPqTDB7AAFkIGfAiL4CPIhMWwBJbCMlgOK2AlrILVsAbWwjpYDxtgI2yCzbAFtsI22A474GPYCZ/ALtgNe/5cv38k/9Sv8j+FvdAFAQEFClSoMAZjMBZjMQ7jMBfmwtyYGyMYwXiMxzyYB/NiXsyP+TEBE7AQFkKDBgkJC2NhjGIUi2JRLIbFsASWQIcOEzERS+PNWAbLYFksi+WwHJbHClgBK2ElrIyVsQpWwapYFathNayBNfBuvBt7YW2sjXWwDtbFupceT2EDbIANsSE2wkbYGBtjE2yCzbAZtsAW2BJbYitshW2wDbbFttgO22ESJmF7bI8dsAN2xI7YCTthZ+yMXbArds16IQfgi/gi9sRqohf2xt7YB1Ny9MP+2B9fxoH4Cr6Cr2IKDsYh+Bq+hq/jMDyJw3EEjsSRWFm8haNxDJIYh6mYihNwAk7EiTgJJ+NknIppOA2n43ScgTNxJr6Hs/F9fB/n4lycj+mYjgtwIWZgBi7CU5iJi3EJLsVluByX4UpchStxDa7FNbge1+NG3IibcTNuxa24Hbfjx6gA8BPcjbsxBffiXtyH+3A/7scDeACzMAsP4kE8hIfwMB7GI3gEj+IxPI7H8ASewJN4Ck/jaTyLZ/EcPpfwVcOPi69OAXGBEkrEiBgRK2JFnIgTuUQukVvkFhEREfEiXuQReURekVfkF/lFgkgQhUQhYYQRJMIYABBRERVFRVFRTBQTJUQJ4YQTiSJRlBalRRlRRpQVt4py4jZRXlQQrV0lUUlUFm1cFXGnqCqqimqiuqghaoqaopaoJWqL2qKOqCPqirqinnhA1Be9sB8+JC5UppEYjI3FEGwimgp58QhoKYZhK9FatBFPiBE4HNuJli5JPC3ai9HYQfxJjMFnRScxDjuL50UX0VV0Ey+I7qKV6yF6iknYS/QWU7GP6Cv6if5iBlYX7+HsnDXEqyJFDBZDxGtiPr4uhok3xHAxQowUb4pR4i0xWowRY8U4kSrGiwnibTFRvCMmicliipgq0sQ0MV28K2aImWKWeE/MFu+LOWKumCfmi3TxgVggFooM8aFYJD4SmWKxWCKWimViuVghVopVYrVYI9aKdWK92CA2ik1is9gitoptYrvYIT4WO8UnYpfYLfaIT8Ve8ZnYJz4X+8UX4oD4UmSJr8RB8bU4JL4Rh8W34oj4ThwVx8Rx8b04IX4QJ8UpcVqcEWfFj+Kc+EmcF16ARCmklEoGMkbmkLEyp4yTV8lcMrj47l4r4+V1Mo+8XuaV+WR+WUAmyIKykNTSSCtJhrKwLCKj8gZZVN4oi8nisoQsKZ0sJRPlTbK0vFmWkbfIsvJWWU7eJsvLCrKirCRvl5XlHRIiv2yjmqwua8ia8m6ZDPfI2vJeWUfeJ+vK+2U9+YCsLx+UDeRDsqF8WDaSj8jG8lHZRDaVzWRz2UI+JlvKx2Ur2Vq2kU/ItvJJ2U4+JZPk07K99Bc/Is/KTvI52Vk+L7vIrrKb/Emel172kD0l9ALZW74k+8i+sp/sLwfIl+VA+YocJF+VKXKwHCJfk0Pl63KYfEMOlyPkSPmmHCXfkqPlGDlWjpOpcrycIN+WE+U7cpKcLKfIqTJNTpP9Lo40S8q/mf/2r/MvnHrlNDno561vlJvkZrlFbpXb5Ha5Q34sd8qdcpfcJffIPXKv3Cv3yX1yv9wvD8gDMktmyYPyoDwkD8nD8rA8Io/Io/KYPCO/lyfkD/KkPCVPyTPyrDwrz118D0ChEkoqpQIVo3KoWJVTxamrVC51tcqtrlERda2KV9epPOp6lVflU/lVAZWgCqpCSiujrCIVqsKqiIqqG/DiB0aVUCWVU6VUorrpH8lXRdWNqpgq/pv8S/NL/gvza6FaqJaqpWqlWqk2qo1qq9qqdqqdSlJJqr1qrzqoDqqj6qg6qU6qs+qsuqguqpvqprqr7qqH6qGSVbLqrV5SfVRf1U/1VwPUy2qgGqgGqUEqRaWoIWqIGqqGqmFqmBquhquRaqQapUap0Wq0GqvGqlSVqiaoCWqimqgmqUlqipqi0lSamq6mqxlqhpqlZqnZaraao+aoeWqeSlfpaoFaoDJUhlqkFqlMtVgtVkvVUrVcLVcr1Uq1Wq1Wa9VatV6tV5lqk9qktqgtapvapnaoHWqn2ql2qV1qj9qj9qq9ap/ap/ar/eqAOqCyVJY6qA6qQ+qQOqwOqyPqiDqqjqrj6rg6oU6ok+qkOq1Oq7PqrDqnzqnz6ryCQIAIRKACFcQEMUFsEBvEBXFBriBXkDvIHUSCSBAfxAd5guuDvEG+IH9QIEgICgaFAh2YwAbiYtGjwQ1B0eDGoFhQPCgRlAxcUCpIDG4KSgc3B2WCW4Kywa1BueC2oHxQIagYVApuDyoHdwRVgjuDqsFdQbWgelAjqBncHdQK7glqB/cGdYL7grrB/UG94IGgfvBg0CB4KGgYPBw0Ch4JGgePBk2CpkGzoHnQ4t86vvcn8z3ueuieOln30r31S7qP7qv76f56gH5ZD9Sv6EH6VZ2iB+sh+jU9VL+uh+k39HA9Qo/Ub+pR+i09Wo/RY/U4narH6wn6bT1Rv6Mn6cl6ip6q0/Q0PV2/q2fomXqWfk/P1u/rOXqunqfn63T9gV6gF+oM/aFepD/SmXqxXqKX6mV6uV6hV+pVerVeo9fqdXq93qA36k16s96it+pterveoT/WO/UnepferffoT/Ve/Znepz/X+/UX+oD+Umfpr/RB/bU+pL/Rh/W3+oj+Th/Vx/Rx/b0+oX/QJ/UpfVqf0Wf1j/qc/kmf1/7Cxf2F07tRRpkYE2NiTayJM3Eml8llcpvcJmIiJt7Emzwmj8lr8pr8Jr9JMAmmkClkLiBDprApbKImaoqaoqaYKWZKmBLGGWcSTaIpbUqbMqaMKWvKmnKmnClvypuKpqK53dxu7jB3mDvNneYuc5epbqqbmqamqWVqmdqmtqlj6pi6pq6pZ+qZ+qa+aWAamIamoWlkGpnGprFpYpqYZqaZaWFamJampWllWpk2po1pa9qadqadSTJJpr1pbzqYDqaj6Wg6mU6ms+lsupguppvpZrqb7qaH6WGSTbLpbXqbPqaP6Wf6mQFmgBloBppBZpBJMSlmiBlihpqhZpgZZoabEWbkhQtV85YZbcaYsWacSTWpZoKZYCaaiWaSmWSmmCkmzaSZ6Wa6mWFmmFlmlpltZps5Zo6ZZ+aZdJNuFpgFJsNkmEVmkck0mWaJWWKWmWVmhVlhVplVZo1ZY9bBOrPBbDCbzCazxWwx28w2s8PsMDvNTrPL7DJ7zB6z1+w1+8w+s9/sNwfMAZNlssxBc9AcMofMYXPYHDFHzFFz1Bw3x80Jc8KcNCfNaXPanDX5Lp4vvYm1OW2cvcrmslfb3PYa+7/j/LaATbAFbSGrbV6b7zexsdYWs8VtCVvSOlvKJtqbfheXtxVsRVvJ3m4r2ztsld/Ftew9tra919ax99ma9u7fxHXt/baefcTWRwSwTW1D29w2so/YxvZR28Q2tc1sc9vWPmnb2adskn3atrfP/C5eYBfaVXa1XWPX2l12tz1tz9hD9ht71v5oe9iedoB92Q60r9hB9lWbYgf/Lh5p37Sj7Ft2tB1jx9pxv4un2Kk2zU6z0+27doad+bs43X5gZ9sMO8fOtfPs/J/jC3PKsB/aRfYjm2kDWGKX2mV2uV1hV/55rkvtervBbrQ77Sd2i91qt9ntdselC2G72+6xn9q99jN70H5t99sv7AF72GbZr36OL+zfYfutPWK/s0ftMXvcfm9P2B/UpewL+/69/cmet94CIQFJUhRQDOWgWMpJcXQV5aKrKTddQxG6luLpOspD11Neykf5qQAlUEEqRJoMWSIKqTAVoSjdQJemV4JKkqNSlEg3UWm6mcrQLVSWbqVydBuVpwpUkSrR7VSZ7qAqdCdVpbuoGlWnGlST7qZadA/VpnupDt1Hdel+qkcPUH16kBrQQ9SQHqZG9Ag1pkepCTWlZtScWtBj1JIep1bUmtrQE9SWnqR29BQl0dPUnp6hDvQn6kjPUid6jjrT89SFulI3eoG604vUg3pSMvWi3vQS9aG+1I/60wB6mQbSKzSIXqUUGkxD6DUaSq/TMHqDhtMIGklv0ih6i0bTGBpL4yiVxtMEepsm0js0iSbTFJpKaTSNptO7NINm0ix6j2bT+zSH5tI8mk/p9AEtoIWUQR/SIvqIMmkxLaGltIyW0wpaSatoNa2htbSO1tMG2kibaDNtoa20jbbTDvqYdtIntIt20x76lPbSZ7SPPqf99AUdoC8pi76ig/Q1HaJv6DB963vSd3SUjtFx+p5O0A90kk7RaTpDZ+lHOkc/0XnyBCGGIpShCoMwJswRxoY5w7jwqjBXeHWYO7wmjITXhvHhdWGe8Powb5gvzB8WCBPCgmGhUIcmtCGFYVg4LBJGwxvCouGNYbGweFgiLBm6sFSYGN4Ulg5vDsuEt4Rlw1vDcuFtYfmwQvjIfZXC28PK4R1hlfDOsGp4V1gtrB7WCGuGd4e1wnvC2uG9YZ3wvrBMeH9YL3wgrB8+GDYIHwobhg+HjcJHwsbho2GTsGnYLGwetggfC1uGj4etwtZhm/CJsG34ZNgufCpMCp8O24fP/Nx//8K/3J8c9gp7hy+FL4Xe3yvnRedH06MfRBdEF0Yzoh9GF0U/imZGF0eXRJdGl0WXR1dEV0ZXRVdH10TXRtdF10c3RDdGva+ZAxw64aRTLnAxLoeLdTldnLvK5XJXu9zuGhdx17p4d53L4653eV0+l98VcAmuoCvktDPOOnKhK+yKuKi7wRV1N7pirrgr4Uo650q5RNfctXAtXEv3uGvlWrs27gn3hHvSPemeck+5p11794zr4P7kOrpnXSf3nHvOPe+6uK6um3vBdXfjc/9yTCa73q636+P6uH6unxvgBriBbqAb5Aa5FJfihrghbqgb6oa5YW64G+5GupFulBvlRrvRbqwb61JdqpvgJriJbqKb5Ca5KW6KS3Npbrqb7ma4Ga7yzF+2MsfNcfPcPJfu0t0Cd+GaMcMtcotcpst0S9wSt8wtcyvcCrfKrXJr3Bq3zq1zG9wGt8ltclvcFrfNbXM73A630+10u/w1vwzq9rp9bp/b7/a7A+5Ll+W+cgfd1+6Q+8Yddt+6I+47d9Qdc8fd9+6E+8GddKfcaXfGnXU/unPuJ3feeZcaGR+ZEHk7MjHyTmRSZHJkSmRqJC0yLTI98m5kRmRmZFbkvcjsyPuROZG5kXmR+ZH0yAeRBZGFkYzIh5FFkY8imZHFkSWRpZFlkeUR7wtuCX1hX8RH/Q2+qL/RF/PFfQlf0jtfyif6m3xpf7Mv42/xZf2tvpy/zZf3FXxF/6hv4pv6Zr65b+Ef8y39476Vb+3b+Cd8W/+kb+ef8kn+ad/eP+M7+D/5jv5Z38k/5zv7530X39V38y/47v5F38P39Mm+l+/tX/J9fF/fz/f3A/zLfqB/xQ/yr/oUP9gP8a/5of51P8y/4Yf7EX5kzJt+1KVbZBjnU/14P8G/7Sf6d/wkP9lP8VN9mp/mp/t3/Qw/08/y7/nZ/n0/x8/18/x8n+4/8Av8Qp/hP/SL/Ec+0y++9FDSr/Ar/Sq/2q/xa/06v95v8Bv9Jr/Zb/Fb/Ta/3e/wH/ud/hO/y+/2e/ynfq//zO/zn/v9/gt/wH/ps/xX/qD/2h/y3/jD/lt/xH/nj/pj/rj/3p/wP/iT/pQ/7c/4s/5Hf87/5M/z36wxxhhjjP1dxl9uit/2/PI4v9cf5IhfrdwbAK7eWiDr1/0XrijX5f2l3VcktI0AwNM9Oz90aalWLTk5+eK6mRKCInMBLv0k6IIYuBwvhjbwJCRBayj9h/PvK7qepb8xfvRWgLhf5cTC5fjy+J8DYPIfjP/YEyMXlAtPx/+V8ecCFCtyOScnXI4XQ5ufn6+0hjJ/Yf75Wv6N+ef8IhWg1a9ycsHl+PL8E+FxeAaSfrMmY4wxxhhjjDH2i76iYsdL95+XfuPzj+7PE9TlnBxwOf5b9+eMMcYYY4wxxhi78p7t2u2px5KSWnf8xxtV/qmsv7vRGP5TI3PjDxveA1x6RQHAvzggwIWG/G/uxeb/yrZSLh46/7tr2RkfwP+NUv7zjbF/fuUKf2NijDHGGGOM/dtdvvr/7evqSk2IMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhjLhv4b/1fsSu8jY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxdqX9TwAAAP//HmP+kg==")
linkat(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)

9m38.977132717s ago: executing program 2 (id=226):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000100), 0x208e24b)
preadv(r0, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)

9m38.464839455s ago: executing program 2 (id=231):
unshare(0x28000600)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000840)={@map=r0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)

9m36.887563683s ago: executing program 33 (id=231):
unshare(0x28000600)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000840)={@map=r0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)

8m27.385851733s ago: executing program 0 (id=670):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x40400, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000200)={0x0, 0x1, 0x2, 0x2000, &(0x7f0000f9a000/0x2000)=nil})

8m26.810090198s ago: executing program 0 (id=675):
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x800000, &(0x7f0000000680), 0xfe, 0x25f, &(0x7f00000007c0)="$eJzs3T+IHFUcB/DvzO4YL1kkaiOIf0BE9OCInWATG4WAhCAiqBARsVESISbY5cTCxkJrlVSCBLEzWkqaYKMINkZNcTaCHhYeFoqs7M6dnHfrrXd7u3O5+XxgbmZu5s3vDfu+b7eZ3QCtdTjJ0SSdJPNJqiTF+hPurpfDq7sX5q6cTPr9J34thufV+7W1doeSLCZ5KMnlsshL3eTcpWeWfr/62H1vna3u/eDS03MzvclVy0vXHl95//ibnxx78NxX3/x8vMjR9P51X7uvGPG/bpHcMo1ie0TRbboH/B8nXvv4u0Hub01yzzD/VcrUL97bZ264XOWB9/6r7Tu/fH37LPsK7L5+vxq8By72d6LaUStgjyiT9FKUC0nq7bJcWKg/w3/fOVi+fPrMq/Mvnj576oWmZypgt/TybR797MCnhzbk/6dOnX9g/+ol1548cfGHwfZKp+neADNxR70a5H/+ufP3Z5v5/3Ba/QJmZqf5B65/8g/tJf/QXvIP7SX/0F7yD/tYtfVh+Yf2kn9oL/mH9lqffwCgXfoHmn4CGWhK0/MPAAAAAAAAAAAAAAAAAACw2YW5KyfXllnV/OLdZPmRJN1R9TvD3yNObhz+PfhbMTjtH0XdbCLP3jXhBSb00bSfvv7rjS0P3/TjlOuP8eWdzdY/fypZfD3JkW538/grBuNvoiF285jj1fOTXH37ig37Dz812/ob/Xmx2frHriafD+afI6PmnzK3Ddej55/e+K9YHuuVPya8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADPzdwAAAP//z0NueQ==")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents64(r0, 0x0, 0x0)

8m25.869254086s ago: executing program 0 (id=681):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = syz_open_procfs$userns(0xffffffffffffffff, &(0x7f0000000040))
mount_setattr(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000300)={0x1000a4, 0x7a, 0x0, {r0}}, 0x20)

8m25.192550707s ago: executing program 0 (id=686):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc0ed000e, &(0x7f0000000200)={[{@jqfmt_vfsold}, {@orlov}, {@debug}, {@noload}, {@nombcache}, {@noblock_validity}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x8000}}]}, 0xfa, 0x47c, &(0x7f0000000a80)="$eJzs3M1vFOUfAPDvTLulwI9fK+ILCFJFI/GlpeVFDl40mnDQxEQPGE+1LaRSqKE1EUK0esCjIfFu/C+MJ70Y9aKJV70bEmK4gHpZMzsztLS77ZZud4H9fJLZfZ6Z2X2e78w8O8/Ms7sBdK2h7CGJ+F9E/B4RA3n29hWG8qeb1y9N/H390kQS1epbfyW19W5cvzRRrlq+bnueqVaL/JY65V5+N2J8ZmbqfJEfmT/7wcjchYsvTJ8dPz11eurc2PHjRw7v6zs2drQlcWZx3djz8eze3SfeufLGxMkr7/2UpJHHHcviaJWhfOvW9XSrC+uwHUvSSW/22F/k9v+yuKTekUAn9UREtrsqtfY/ED2x9daygXjts45WDthU1Wq1usqn8kIVuI8l0ekaAJ1Rnuiz699yalPX465w7eX8AiiL+2Yx5Ut6I80T+yvLrm9baSgiTi7881U2xSbdhwAAWOq7rP/zfL3+XxoP54m+7OH/xRjKYEQ8EBE7I+LBiNgVEQ9F1NZ9JCIeXWf5y0dIVvZ/0qt3HFwTsv7fS8XY1u39v7RcZbCnyO2oxV9JTk3PTB0qtsnBqGw5NZ1Mja5Sxvev/vZFo2VL+3/ZlJVf9gWLelztXXaDbnJ8fnwjMS917dOIPb314k9q4wJRjOvtjog9d1jG9LO9DZetHf8qGr9t06pfRzyT7/+FWBZ/KWk4Pjn64rGxoyP9MTN1aKQ8Klb6+dfLbzYqf0Pxt0C2/7fVPf5vxT+Y9EfMXbh4pjZeO7f+Mi7/8XnDa5p1Hv8ndhTHf1/ydm1GX7Hgo/H5+fOjEX3J6yvnjy2+W5kv18/iP3igfvvfGYtb4rGI2BsR+yLi8eyisKj7ExHxZEQcWCX+H1956v31x9+esdIs/sm19n8s3f/rT/Sc+eHbtePvj4hG+/9ILXWwmNPM51+zFdzItgMAAIB7Rf4d+CQdXkwnw8P5d/h3xbZ0ZnZu/rlTsx+em8y/Kz8YlbS80zWw5H7oaHFvuMyPLcsfLu4bf9mztZYfnpidmex08NDltq9o/2matf/Mnz2drh2w6Vowjgbco7R/6F7aP3SnZM32X2lbXYD2c/6H7lWv/X/ScO3hbza1MkBbOf9D92qi/S/kT417BcC9yfkfupf2D12p4W/j0w395L/tiX+L/zO8W+pz/ycivSuqcf8nepv+M4tGicrKtlwdyNt/NmdL3Vd1+pMJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgNf4LAAD///R05PQ=")
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x2081413, 0x0, 0x1, 0x0, &(0x7f0000000080))
mount$overlay(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000001100)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './bus'}}], [], 0x2c})

8m22.592850121s ago: executing program 0 (id=701):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000010bd28710000000000000109022400010000000009040100010300000009210200000122050009058103"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000780)={0x24, 0x0, 0x0, &(0x7f0000000700)={0x0, 0x22, 0x5, {[@global=@item_4={0x3, 0x1, 0x9, "a166c153"}]}}, 0x0}, 0x0)

8m21.660850007s ago: executing program 0 (id=707):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x4000)
sendmsg$NFT_MSG_GETRULE(r0, &(0x7f0000000a80)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="2c000000190a01040000000000000000020000000900020073795932000000000900010073797a30"], 0x2c}}, 0x8004)

8m20.082728306s ago: executing program 34 (id=707):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x4000)
sendmsg$NFT_MSG_GETRULE(r0, &(0x7f0000000a80)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)=ANY=[@ANYBLOB="2c000000190a01040000000000000000020000000900020073795932000000000900010073797a30"], 0x2c}}, 0x8004)

4m14.334157583s ago: executing program 7 (id=2189):
r0 = socket$inet6(0x10, 0x3, 0x0)
sendmsg(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000100)="5500000020007fafb72d13b2a4a2719302000000030b43026c26236925000400fe7f0000bd2dca8a9848a3c728f138d509000000000100005ae583de0dd7d8319f98af84fda542e718f94b929ade5b175c0a9b2ce9", 0x55}], 0x1}, 0x0)
write(r0, &(0x7f0000000040)="2400000021002551241c0165ff00fc020200000000100f000ee1000c08000b0000000000", 0x24)

4m12.652818159s ago: executing program 7 (id=2196):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)

4m11.695304366s ago: executing program 7 (id=2200):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)='tracefs\x00', 0x800090, 0x0)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x220483b, &(0x7f00000001c0)={[{}]})

4m11.156907986s ago: executing program 7 (id=2201):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000022c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4056, &(0x7f0000001100)={[{@noload}, {@nombcache}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x3}}, {@errors_remount}, {@lazytime}, {@jqfmt_vfsv0}, {@noquota}, {@usrjquota}]}, 0x1, 0x451, &(0x7f0000000680)="$eJzs28tvG8UfAPDvbh6/X1/EVOXRBzRQEBWPpElL6YELCCQOICHBoRxD4lahboOaINGqgoJQOaJK3BFHpP4FnOCCgBOCK3BGlSrUSwsno7V3G8e1XcdK6jT+fKRtZ3bHmfl6duzZHW8AA2s8+yeJ2B4Rv0fEWD27ssB4/b+b1y/M/nP9wmwS1epbfye1cjeuX5gtihav21ZkhiPSz5LY26LexXPnT81UKuWzeX5y6fT7k4vnzj83f3rmZPlk+cz0sWNHDk+9cHT6+TWJM4vrxp6PFvbtfu2dy2/MHr/87k9XkiL+pji6MXTnIuOdDj5Zra6mug1vR0M6Ge5jQ1iVofowjZHa+B+LoVjuvLF49dO+Ng5YV9Vqtfpg+8NXagWATSoxxGFAFV/02fVvsd2lqceGcO2l+gVQFvfNfKsfGY40LzPSdH27lsYj4vjFf7/Ktmi+D7FlnSoFAAbad9n859lW8780Gu8L3ZevoZQi4v6I2BkRRyNiV0Q8EFEr+1BEPLzK+psXSW6ff6ZXewqsS9n878V8bWvl/K+Y/UVpKM/tqMU/kpyYr5QPZe/Jr/vrJeYr5akOdXz/ym9ftDvWOP/Ltqz+Yi6Yt+Pq8P9WvmZuZmmm54CbXPskYs9wq/iTWysBSUTsjog9PdYx//Q3+9odaxP/aFd/eA3WmapfRzxV7/+L0RR/Iem8Pjn5/6iUD00WZ8Xtfv7l0pvt6r9z/6+vrP+3tjz/i/j/LCWN67WLq6/j0h+ft72m7PX8H03eXrHvw5mlpbNTEaPJ67V8qXH/dFO56eXyWfwHD7Qe/ztj+Z3YGxHZSfxIRDwaEfvztj8WEY9HxIEO8f/48hPv9R7/+srin+vY/9HU/8uJ0Wje0zoxdOqHb1dUWlpN/Fn/H6mlDuZ7uvn866ZdvZ3NAAAAcO9JI2J7JOnErXSaTkzUf8O/K7amlYXFpWdOLHxwZq7+jEApRtLiTtdYw/3QqfyyvshP578tLvKH8/vGXw5tqeUnZhcqc/0OHgbctjbjP/NXFw+5APe45nW0rX1qB3D3eV4TBpfxD4PL+IfB1WL8e/QMBkSr7/+P+9AO4O5rGv8dl/1MDGBzcf0Pg8v4h8Fl/MNAWtwSd35IfnMk0ojYAM3YLIlIN0QzJNYp0e9PJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgLXxXwAAAP//JI/k8w==")
mkdirat(0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './bus'}}], [], 0x2c})

4m9.864720455s ago: executing program 7 (id=2206):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)={{0x14}, [@NFT_MSG_NEWRULE={0x5c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @meta={{0x9}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_META_SREG={0x8, 0x3, 0x1, 0x0, 0x8}, @NFTA_META_KEY={0x8}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_USERDATA={0x5, 0x7, 0x1, 0x0, '\f'}]}], {0x14}}, 0x84}}, 0x0)

4m7.731588782s ago: executing program 7 (id=2211):
getgroups(0x2, &(0x7f0000000000)=[0x0, <r0=>0x0])
setresgid(r0, r0, 0x0)
setregid(0x0, 0x0)

4m4.267171449s ago: executing program 35 (id=2211):
getgroups(0x2, &(0x7f0000000000)=[0x0, <r0=>0x0])
setresgid(r0, r0, 0x0)
setregid(0x0, 0x0)

8.949994281s ago: executing program 6 (id=3178):
syz_mount_image$nilfs2(&(0x7f0000000a40), &(0x7f0000000a80)='./file0\x00', 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="646973636172642c646973636172642c646973636172642c63703d307830303030303030303030303030303033d5572c6f726465723d72656c617865642c6e6f7265636f766572792c6572726f72733d636f6e74696e75652c6f726465723d72656c6178656496368c1ca3c8e27be231046cea4a01155cf56172fa7e7eb7da27f9213c80cda034728d1bf2e7c2ade5ec36e0bed22caabb38e1a3a904c746632007de808821fd0e66e6254462e49cb9ada310e42d252f0b88557b9e1aae0a8337893d0b7510099d"], 0x1, 0xa0d, &(0x7f0000002080)="$eJzs3U1sXEcdAPB5a6/TfJRsSkJNGtqEQls+ajeOCR8RNFVzIWoqbpUqLlGalog0IFIJWvWQ5MSNVlW48iFOvVSAkOgFRT1xqUQjcempcOBAFKRKHKCQGMWeWa//2eXtOonX6/39pPHsvJndmbd++/bte29mEjC2Got/5+enq5Quvv3Gkb8/9LfNN5Y83i7RWvw72ZFqppSqnJ4Mr/fBxFJ87cNXT3SLqzS3+Lek09NX28/dmlI6l/amS6mVdl+8/Pq7c08dO3/0wr733jx05c6sPQAAjJdvXTo0v+svf7pvx0dv3X84bWovL8fnrZzelo/7D+cD/3L830gr01VH6DQVyk3m0AjlJrqU66ynGcpN9qh/Krxus0e5TTX1T3Qs67beMMrKdtxKVWNmRbrRmJlZ+k2eFn/XT1UzZ06dfv7skBoK3Hb/fCCltFcQhHEMC9uHvQcCWBKvF97kXDyzcGvarzbZX/1Xn2h0fz7cBmu9/S+pzg23/mXq///1/+q8PQ63z0bdmsp6lc/RtpyO1xHi/UuDfv7L68XrEc0+29nrOsKoXF/o1c6JNW7HavVqf9wuNqqv57i8D98I+Z2fn/g/HZX/MdDdv5z/F4SxDQvD3gEB61a8b24hK/nxvr6Yv6km/66a/M01+Vtq8rfW5MM4++1LP0mvVcu/8+Nv+kHPh5XzbHfn+GMDtieejxy0/njf76Butf54PzGsZ78//szJrzz37OWl+/+r9vZ/PW/ve3O6lT9bl3KBcr4wnldv3/vfWllPo0e5e0J77u5SfvHxzpXlqp3Lr5M69jM3tWN65fO29yq3Z2W5Vii3OYe7Qnvj8cmW8Lxy/FH2q+X9mgzr2wzrMRXaUfYrO3Ic2wGrUbbHXvf/l+1zOjWr50+dPvlYTpft9I8TzU03lu9f43YDt67f/j/TaWX/n23t5c1G535h+/LyqnO/0ArL53osP5DT5XvuOxObF5fPnPje6edu98rDmDv78ivfPX769MkfeOCBBx60Hwx7zwTcabMvvfj92bMvv/LoqRePv3DyhZNnDhw8eGBu7uBXD8zPLh7Xz3Ye3QMbyfKX/rBbAgAAAAAAAAAAAPTrh0ePXP7zO19+f6n//3L/v9L/v9z5W/r//zj0/4/95Es/+NIPcEeX/MUyYYDVqVCumcPHQ3t3hnp2hed9Isftefxy//9SXRzXtbTn3rA8jt9byoXhBG4aL2UqjEES5wv8dI4v5PiXCYao2tx9cY7rxrcu23oZn8K4FKOp/N/K1lDGMSn9v3uN61T2/zvWoI3cfmvRnXDY6wh09w/jfwvC2IaFBbN4AOvDsOf/LOc9S3zmD9+860Yoxa4+sXJ/GccvhVux3uefVP/Gmv+zPf9d3/u/MGNea3X1/vtnV97vqDbt7rf+uP5lHOidg9X/Ua6/rM3Dqb/6F34R6o8XhPr0n1D/lj7rv2n996yu/v/m+svb9siD/da/1OKqsbId8bxxuf4XzxsX18L6l7E9B17/VU7UeD3XD+NsVOaZHdSozP/bS7wP40s5XXaE5T6HON/JoO0v91eU74Fd4fWrmu838/+Otq/luO7zUOb/Ldtjq0u60ZFudnlvN+q+BkbVB67/CcLYhoWFhTt7QqvGUCtn6O//sH8nDLv+Yb//deL8v/EYPs7/G/Pj/L8xP87/G/Pj/HoxP87/G9/POP9vzL83vG6cH3i6Jv+TNfm7a/Lvq8nfU5P/qZr8fTX599fkP1CTf09N/oM1+Z+pyf9sTf5DNfmP1OR/riZ/oyv9UcZ1/WGcxf55Pv8wPsr1n16f/501+cDo+ulb+5989jffbi31/59qnw8p1/EO53Qz/3b+UU7H696pI30j752c/mvIX+/nO2CcxPEz4vf7wzX5wOgq93n5fMMYqrqP2NPvuFW9jvMZLZ/P8Rdy/MUcP5rjmRzP5nh/jufWqH3cGU/++neHXquWf+9vD/n93k8e+wPFcaIO9NmeeH5g0PvZ4zh+g7rV+lfZHQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGBoGot/5+enq5Quvv3GkWeOnZq9seTxdonW4t/JjlSz/byUHsvxRI5/nh9c+/DVE53x9RxXaS5VqWovT09fbde0NaV0Lu1Nl1Ir7b54+fV35546dv7ohX3vvXnoyp17BwAAAGDj+18AAAD//8xlDh4=")
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x81000)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000300), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0])

7.789676343s ago: executing program 6 (id=3184):
r0 = socket$inet6(0xa, 0x3, 0xff)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, &(0x7f0000000000)=0x655e, 0x4)
getsockopt$SO_TIMESTAMPING(r0, 0x1, 0x41, 0x0, &(0x7f0000000200))

6.847919716s ago: executing program 8 (id=3188):
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000003e80)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000009c0)="18acf8b1ed479de320cdbff21bc648a4423880b9fb95564f48c38e3fdaea755288c2a91a1ef344702de01af77d599320e22a0ea41b13aa09f1b359b0e2d2e8b6074bb4119ea219d2055df8bab18280f3c3ea8e45510d60a28f7af2a9c471dbe0a88f57ae4580b0b420f5f90b70efb6805d81812d5d64c87c99f9c75e9f656dfd", 0x80}], 0x1}}], 0x1, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
keyctl$dh_compute(0x17, &(0x7f0000000080), 0x0, 0x0, &(0x7f0000000000)={0x0})

6.719484798s ago: executing program 6 (id=3189):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000300)=ANY=[@ANYBLOB="1201000000000040de28421100000000000109022400010000000009040000010300000009210000000122050009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000001c0)={0x2c, &(0x7f0000000e80)=ANY=[@ANYBLOB="0000050000000500b1a748"], 0x0, 0x0, 0x0, 0x0}, 0x0)

5.960022409s ago: executing program 8 (id=3190):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0xc70, 0xf00d, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000003c0)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB='\x00\x00\b'], 0x0, 0x0, 0x0, 0x0}, 0x0)

5.801441805s ago: executing program 5 (id=3191):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000002280)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x10000e3, &(0x7f0000000280)={[{@journal_checksum}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x3}}, {@abort}, {@errors_continue}, {@dioread_nolock}, {@acl}, {@nomblk_io_submit}, {@nobarrier}]}, 0xfe, 0x5f0, &(0x7f0000000f40)="$eJzs3c1vVFUbAPDnTD9oKe/bQoyKC2liDCRKSwsYYlzA1pAGP+LGjZUWRAo0tEaLJpQENybGjTEmrlyI/4US2bLSlQs3rgwJUcPSxDF3em/ptHf6Rdspnd8vGXrvOfdyzu30mXPmzDl3AmhZ/dk/lYj9ETGZInrT7Hxee+SZ/XPHPfj7k7PZI0W1+safKVKeVhyf8p89+cldEfHzTyn2tS0td2rm2sXRiYnxq/n+4PSlycGpmWuHL1waPT9+fvzy8EvDJ44fO35i6Mi6rut6Sdrpm+9/2PvZyNvfffNPGvr+t5EUJ+PV/MCF17FR+qO/9jtJS7N6Tmx0YU3Slv+dLHyKU3vZkR1bVylWrXj+smfnqeiNtnj45PXGp681tXLApqqmiCrQotLq47/ipQJ2kqIfULy3X/w+uNKUXgmwFe6fmhsAWBr/7XNjg9FVGxvY/SDFwmGdFBHrG5mrtyci7t4ZuXnuzsjN2KRxOKDc7I2IeLos/lMt/vuiK/pq8V+pi/+sX3Am/5mlv77O8hcPFYt/2Dpz8d+1bPxHg/h/Z0H8v7vO8vsfbr7XXRf/3eu9JAAAAAAAAGhZt09FxItln/9X5uf/RMn8n56IOLkB5fcv2l/6+X/l3gYUA5S4fyrildL5v5Vi9m9fW771v9p8gI507sLE+JGI+H9EHIqOXdn+0DJlHP5839eN8vrz+X/FIyv/bj4XMK/HvfZd9eeMjU6PPup1AxH3b0Q8Uzr/N823/6mk/c9eDyZXWca+52+daZS3cvwDm6X6bcTB0vb/4V0r0vL35xis9QcGi17BUs9+/MUPjcpfb/yX3mICWJOs/d+9fPz3pYX365laexlHZ9qrjfLW2//vTG/WbjnTmad9NDo9fXUoojOdbstS69KH115n2ImKeCjiJYv/Q88tP/5X1v/vjojZRf93+qt+TXHhyX97fm9UH/1/aJ4s/sfW1P6vfWP4Vt+PjcpfXft/rNbWH8pTjP/BnK+KMO2sTy8Jx/ayrK2uLwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADsBJWI2BOpMjC/XakMDET0RMQTsbsycWVq+oVzVz64PJbl1b7/v1J802/v3H4qvv+/b8H+8KL9oxGxNyK+bOuu7Q+cvTIx1uyLBwAAAAAAAAAAAAAAAAAAgG2ip8H6/8wfbc2uHbDp2ptdAaBpSuL/lzUeDzymxDO0LvEPrUv8Q+sS/9C6xD+0rpL439WMegBbT/sPrUv8AwAAAADAjrL3wO1fU0TMvtxde2Q687yOuj1gp6k0uwJA07jFD7QuU3+gdXWs8ri+Ta4H0DxphfyuhietdOZyJs8+wskAAAAAAAAAAAAA0HIO7l9p/T+wU1n/D63L+n9oXcX6/wNNrgew9bzHB2KFlfyl6/9XPAsAAAAAAAAAAAAA2EhTM9cujk5MjF+18db2qMZWblSr1evZX8F2qc9jvlFMhd8u9Vm0Uaz1W91ZzXtNAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6v0XAAD//66dIu8=")

4.781248049s ago: executing program 3 (id=3194):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @dynset={{0xb}, @val={0x18, 0x2, 0x0, 0x1, [@NFTA_DYNSET_SET_NAME={0x9, 0x1, 'syz2\x00'}, @NFTA_DYNSET_OP={0x8, 0x3, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x80}}, 0x0)

4.481906974s ago: executing program 4 (id=3195):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000880)={0x4c, r1, 0x1, 0x70bd25, 0x25dfdbfc, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x1}, {0x6, 0x11, 0x7f}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4040080}, 0x48000)

4.260968115s ago: executing program 5 (id=3196):
r0 = socket$l2tp6(0xa, 0x2, 0x73)
setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f0000000100)={0x1, 0x74}, 0x8)
close(0x3)

4.22781021s ago: executing program 3 (id=3197):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CAP_EXCEPTION_PAYLOAD(r1, 0x4068aea3, &(0x7f0000000140)={0xa4, 0x0, 0x1})

3.787908729s ago: executing program 4 (id=3198):
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x7)
mount$fuse(0x0, 0x0, 0x0, 0x144c, &(0x7f0000000500)={{}, 0x2c, {'rootmode', 0x3d, 0x4000}})

3.572090753s ago: executing program 5 (id=3199):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f00000002c0), r0)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000600)=ANY=[@ANYBLOB="50020000", @ANYRES16=r1, @ANYBLOB="0100000000000000000001000000080001000000000004000480080002000100000010000c7d0c000b8008000a00b4ed000004000880c8000c8024000900f36aad4208000a156878badf10076800d5441e0f080009002bd49f3b0c00008008000a00697100002c000b8008000a"], 0x250}}, 0x4c000)

3.400844874s ago: executing program 8 (id=3200):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000440)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x7c, 0x7c, 0x2, [@var, @func_proto={0x0, 0x6, 0x0, 0xd, 0x0, [{}, {}, {}, {}, {}, {}]}, @func, @volatile, @volatile, @const={0x0, 0x0, 0x0, 0xa, 0x2}]}}, 0x0, 0x96}, 0x20)
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@struct]}}, 0x0, 0x26, 0x0, 0x1}, 0x28)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x3, &(0x7f0000000200)=ANY=[@ANYBLOB="05000000000000007fa3d1aa000000009500000000000000"], &(0x7f0000000280)='GPL\x00', 0x5, 0xe2, &(0x7f00000002c0)=""/226, 0x0, 0x0, '\x00', 0x0, 0x25, r0, 0x8, 0x0, 0x0, 0x10, &(0x7f00000004c0), 0x2}, 0x80)

3.329155929s ago: executing program 3 (id=3201):
r0 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r0, 0x10e, 0xc, &(0x7f0000000180)={0xffffff}, 0x10)
write(r0, &(0x7f0000000000)="240000001a005f0214f9f407000904008100000000030000000000000800040006020000", 0x24)

2.940462237s ago: executing program 6 (id=3202):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2, 0x0, 0xa}, [@NFTA_RULE_EXPRESSIONS={0x40, 0x4, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x2c, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_TYPE={0x5, 0x2, 0x89}, @NFTA_EXTHDR_OFFSET={0x8}, @NFTA_EXTHDR_LEN={0x8, 0x4, 0x1, 0x0, 0x47}, @NFTA_EXTHDR_FLAGS={0x8, 0x6, 0x1, 0x0, 0x2}, @NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0x13}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x94}}, 0x0)

2.828808887s ago: executing program 4 (id=3203):
r0 = syz_open_dev$I2C(&(0x7f0000000040), 0x0, 0x0)
ioctl$I2C_PEC(r0, 0x708, 0x24000000000000)
ioctl$I2C_SMBUS(r0, 0x720, &(0x7f0000000000)={0x0, 0x0, 0x7, &(0x7f00000000c0)={0x1f, "90f541a5e64f61909103f1fbbc2bd3c9f144d76e44c7b2986eb5e52829e7cb8393"}})

2.637132718s ago: executing program 8 (id=3204):
r0 = socket$inet6(0xa, 0x3, 0x6)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x4e2b, 0x7, @loopback, 0x6}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000000600)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000380)=[@hoplimit_2292={{0x14, 0x29, 0x8, 0x6650b8ff}}], 0x18}}], 0x1, 0x0)

2.537102045s ago: executing program 3 (id=3205):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x1, 0x6}, 0x8080)
readv(r0, &(0x7f0000000080), 0xe)

2.420915892s ago: executing program 5 (id=3206):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000180), r0)
sendmsg$IEEE802154_ADD_IFACE(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000001c0)={0x34, r1, 0x201, 0x70bd2c, 0x25dfdbff, {}, [@IEEE802154_ATTR_PHY_NAME={0x9, 0x1f, 'phy1\x00'}, @IEEE802154_ATTR_DEV_TYPE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0xaaaaaaaaaaaa0302}}]}, 0x34}, 0x1, 0x0, 0x0, 0x4000000}, 0x40800)

2.200522564s ago: executing program 6 (id=3207):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f0000002840)='./file0\x00', &(0x7f0000002880), 0x700, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x1120c6b, 0x0)

2.149028258s ago: executing program 4 (id=3208):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000001c6a000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000500)={{0x14}, [@NFT_MSG_NEWRULE={0x48, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_EXPRESSIONS={0x14, 0x4, 0x0, 0x1, [{0x10, 0x1, 0x0, 0x1, @range={{0xa}, @void}}]}, @NFTA_RULE_USERDATA={0x5, 0x7, 0x1, 0x0, '\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x70}, 0x1, 0x0, 0x0, 0x20008000}, 0x4000890)

1.920697036s ago: executing program 3 (id=3209):
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x3000014, 0x3032, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000f2ffffff0000000000000000850000001700000095"], &(0x7f00000005c0)='GPL\x00'}, 0x80)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000200)={r0, 0x4000000, 0x2000, 0x2000, &(0x7f0000000040)="976d9023d56482cd284a63da539706d7009be646625bd75b025352ebe557df463106baeed6c2d75549b140f143fb8bb67bfe5b308b8d05758115c7ad", &(0x7f0000000180)=""/114, 0x0, 0x0, 0xd8, 0xc4, &(0x7f0000000400)="cf2240e6919817e49555d221b4e6c6ba11c4d974ddab2318db7b52cee499399a00be4b710e9246d7bca28cc8346eb84414e45f3f4633f4acb77bf8cc38c4c16fe035905db79cdc0be634a915662c4cac58ae94706f86ea320f339c21399b5bb7607044916c63c528ab4149718d6215a9a3749113c268e49b2b9dae91ed804e5ac5d4ec7ac9c5fd67a76f9a2b06f7304f6e81221a751008e786e1edde82cf1ecb76cb4cd71cf781ea3a19b917a1e215b1a6c7ee605b32b91eaae38517fde4303d5f2b1e63e9e52ae4b197fd72de1f71801e1f9f1369d1f530", &(0x7f0000000280)="bf049fd184f7b03c21d9bcddc4eef9ebb6a0da3eb91c56454e873dd7336ccf21a1eeb8da7adf80d6e06ef46c7f36222fadaed2103c286468b3f44adee51445bd1bedf8fcc1c0b9fdc8b3829b1bf0c9d2d409cdecb12ad033e299c029331993ae9760345bf7feb91ee96b0eee19454ad3dbce5019b68c114ff1921a9b4665744c7784ac6736101a70592d83c448a84c31ec60bb901d96ea99471d823ee523318878ee704a8d9502b566cad45587cb74ea8259c1c0a926fc09499395b2db5af40bb6f4c526", 0x0, 0x8000}, 0x24)

1.820552993s ago: executing program 8 (id=3210):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
connect$inet6(r0, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1c}, 0xd}, 0x1c)
recvmmsg(r0, &(0x7f0000000140)=[{{0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f00000005c0)=""/96, 0x60}], 0x1}, 0xc06}], 0x1, 0x10002, 0x0)

1.480600091s ago: executing program 6 (id=3211):
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x5, 0x1000086}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
syz_mount_image$btrfs(&(0x7f0000005100), &(0x7f0000000000)='./file1\x00', 0x810, &(0x7f0000000400)={[{@discard}, {@commit={'commit', 0x3d, 0x6}}, {@nobarrier}, {@usebackuproot}, {@skip_balance}, {@autodefrag}, {@ref_verify}, {@barrier}, {@nospace_cache}, {@barrier}, {@discard_sync}]}, 0x3, 0x510e, &(0x7f00000196c0)="$eJzs3U+IVWUfB/Dnzp1x5lVw7isEtsoikGrh4CYioqtMUFF0y8VgBE4tgnThJEi0EMQW/Vt4S4paSK6kFsksjKA2LqQwArehYS7cKAaSi3Yac8957pz7HO+5d0ZtTD8fmTnnOb/zPOe5l7O43+uccwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEEF74/bNDVfVT16bPnJtp7jywZebyvul1p0OodbbX8vqOrc++8ua2HS9OxA6zL2fLRqPfkFnX81ljVc/GhX69P6+HEMaSAer58pk1pVGLq3vKA1a6fnH30U17mxuPH27Xr146e7L80lkwsdITWCn5eXVh8Vxqdn6PJHt024VTr9Zzimb90xPuX3kRAMCSTLU6i+7H0fwjbre9P60n7WbSbift+AmhXWwsRzbuqn7z3JDWV2iezSwqjPedZ1LP3/9uu5X2T9pJ1FjCPHt3zSPNRL95ziX1lZonAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ3kkbdHH6qqn7o2febcTHPngS0zl/dNrzsdQqOzvZaVa6vfP9z869utxw78uPmr4xeef6ye94vL0cLO4be48sRkCG8UKhfisBfXhtDqLXSa4cty4a3OynOxAAAAwN3k/s7vkW47i4NjPe1aJ03WOv+iLCxev7j76Ka9zY3HD7frVy+dPbn88Vp9xmvecLxuu7H4UysE4xh/0/EW63HXPaVxqqUjpnn+8fNTf1f1L+X/RnX+j++c/A8AAMDNkP/TcaoNyv/fvfbHJ1X9S/l/Q88hS/k/zjjm/5GwvPwPAAAAd7Lbnf+bpXGqDcr/4y+NfV3Vv5T/p4bL/6PFaceNv8YJ75oMYWrQ1AEAAIA+4v+7L361EPN69s1BmtefevTguarxSvm/OVz+H7ulrwoAAAC4GUe+2P5wVb2U/1vD5f/x2zprAAAAYCne+XDig6p6Kf/PDpf/V+fL/MqHrNNP8a8QDk2GMLGwMpcVfg7tp7sFAAAA4BaJOf3PT3f+ULVfKf/PVd//P97pIF7/33P/v9L1/4VCdte/J90YAAAAgHtR+Xr+eHv87MkF/Z6/P+z1/w/87+CrVccv5f/9w+X/enF5K5//BwAAAMvwX3v+3/bSONUG3f//vo/e/aWqfyn/t4fL/3G5pvjyTtRq2fvz3mQI6xdW8rsJfhMPtyspzI8VCh2tpMe22CMvzI8XCh1zSY/NkyE8uLCyPyn8PxbaSeHK2rxwJCmcjoX8fOgWjiWFE/FM+3xtPt208H0s5BdYzMcrKNZ0L4lIelzt12OhcMMeZ7sHBwAAuKfE8Jxn2bHeZkij7Hxt0A6rB+0wMmiH+qAdRpMd0h37bQ+zvYW4vX1m49Ke/39kuPwf34pV2aLf9f8hXv+fP9ewe/3/bCw0ksJ8LLTSOwa04jGysPtxPEajlfe4sr5bAAAAgLta/F6gvsLzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5h715j5KruA4CffY734d2FpAqhUbJJahw38Xptk4daqqwpVSPSNOuGBlVRGht7TRYv2LFNiVGIjE1EIwSlDVLyoQijKKr5ALUCEUkB4SLFESqPiKoogEChNURBpJQkIk2Q4mr23jN759ydhx9rvPT3k7xzZv7ncc+Zh+fce+dcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4/+HQV67622bxh397wdPPXTxx2d51F798zQVnPh7C5OzjHVm4o//6Wyd+fuf5d+29b81t9xy58P29ebk8HgaqfzrzO9fFWo8sDeHejhC608DKwSzQk98fjPW9YzCEM8JcoFZiqj8rkTYcvt8Xwv4wF6hV9b2+EAYLgYueeOjBG6uJW/pCWBZCqKRtPFvJ2uhLA+f0ZoH+NLCtOwv86mimFvhuZxaAExbfDLUX/cHJ+gwj85dr8PrrOWkb9sZKu9cVEyON8/1s3QJvVEFv+sDkCT1tpepYEKW3xyHvtkXwbiuN882etuIXqfwbytG5UCV0bp7asvHKmV3xkc4wNtbVqKYFep6fevVLm44lvWheh3EDRk7K6/Cmx5bd2bXiE4/es3LZiwc+sO+lE93MHxWGtJheaJWQv+YWzfMYTfg8WQRvv9K3pFFfukIIWz7/e59sFi/N/0eaz//jyznedtbljrW+PpTNzeMjgzHxylA2NwcAAIBFYzHsNd029sBHCsWHK0l9pfn/aHvH/+Mh/3wyn/X2UAgTs4l9wyGcNft4FrgjNnfJcAjvnk1N1gfWJYFDIbx9NrGiVlVSYkksMZoEfjKUByaSwOEYmEwC34qBm5PAdTFwMAlsioFDSeD8GAjT9f34/aG8H20H+mJgQzaIB+NZCL8Yiq0lY/VMrSoAAICTJJ8d9tTfLZzrcKIZ4vTyYF+rDPEM7IYZKkkN6Qy2Nq1qWEN3qxo6W9VQ6/ee5t0v1dzRqubSaRgd9Rlu/eXffCo0UZr/jzef/1fm2ZCO0vH/ENbP/o25O/PITC2+YbIuAwAAAHACBv73+W82i5fm/xPtnf8f94l0FTKHR+JuiK3DIYzXB7Jq/7AcyI56D+QBAAAAWAxqx+Nrx8Kn89vsFO10Pl3OP3mM+eOB/4l58/ceun9Ds+0tzf8n2zv/v7/+NtuIw3ErvjYcwpJC4AdxK6uBWaMx8OOP1gfy/h+OA3BDrCo/MaFW1Q2xxIYYGE8C+xuV+GGtxFn1gfzJqjW+r9aP6bxEIQAAAACnXNwdEI/Lx/P/3/ObNVc1K1ea/284tvP/Z+fBpdP7ZwZCWNUdQlf6w4BH+rOFAWNgsCNPPNCf1dWVVnVtfwjnVTuWVvV8vv5/d7rG4BN9WVUxcNZ7Drx6TjXxzb4QVhUDT37m9g9WE7uSQK3xv+wL4V3V3qaNf2dJ1nhP2vjXl4TwzkKgVtUlS0KoNtabVvVQJb+OQVrVP1dCeEshUKvqQ5UQdgcAFqn4X+nm4oM7d1+9dePMzNSOBUzEffh9Ycv0zNTYpm0zmysNtmlzss11yxhdW+5Tu1e+eSZfoujTd68fbCdd+53geLGtfD9+6cTB/H78LtQz2881PXV316Zdft97y02EwjepRl3uXOAu9xcrmXsSS/XH/L1hICy5cufUjrEvbty1a8fq7G+72ddkf+NhpmysVqdj1T/ftrXx8mi4WlbieMdqebGSVbsu375q5+6rV05fvvHSqUunrlj9oTXj546vHf/wuauqvRrP/rbo6vL5qk66evT2Nvt1Ert6dnehklPxqSEhIbHYEtsGljf9P7k0/9/efP4fP3XiJ3++PkOj4/8j8TB/9vjcYf4NMbC/3eP/I42O5tdODBhNAntiYI/D/AAAALw5xEl+3JsZ90r/dMV3XmxWrjT/39Pe7/9P0vr/taXrL2y0zP+KWGK80fr/6TL/tfX/9zRa/z9d5r+2/v/+N2D9/ytrgWRIfmH9fwAA4M3g1K3/33J5//QCAaUMLZf3Ty8QUMrQchn/di8QcMzr/z/7n3/136GJ0vz/5vbm/xbuBwAAgNPHl//sqt9pFi/N//e3N/8/9ev/hUbn/482Ckw2WhjQ+n8AAAAsUo3W/xu5vv9zzcqV5v8H25v/x9MuOutyx1pfH8rWtAvpmnavDNV+MgAAAACLQ2cYG+tpM2/dyqjrjr/Np/KlQJuli57/kyPHdv7/ofbm/3W/y7jpsWV3dq34xKOv37Ny2YsHPrDvpbnj/wAAAMDCaXe/BAAAAAAAAAAAAAAA8MZ7/j/2rm0WL/3+P6yffbzR7//jdf/i7wveWpc71tp6/b/8/kUfv2v37JKFjwyF8N5iYOverWeE/Nr8y4uBBz+74m3VxN60xP3Pnf9CNfG5NPCxlWe+Vk2clwQ2xEUS354G4lUVX1uaBOLyiv+eBuJ4HEwDvXngq0uzfnSkY/XTwWysOtKxenowhOFCoDZW9w5mbXSkHbwlCdQ6+IU0EDv453mgM92quwayrYqBwVj0toFsqwAAOG3Fb4E9Ycv0zNR4/Aofb8/urr+N6pYsu7ZcbUebzT+TL0326bvXD7aT7kq/i85da7wnVKpdWF36ulrM0jHby5NTS4uhe2uDLrda7a2zQbnUsQ5db+Me9WU9Gtu0bWZzT8uOr22dZU13yyyrS5OdYpbO2SFto5Y2tqWNHrU5Nm1scrzfGcbGupJcfxCDI6FOq1dEu7/XL67z1+hVUMxzxZF9v2pWX2n+P9Le/L9S7Ndr+cUA9sQr6/3dsGX+AQAAYGF9dd2vvxH/fer6h59slrc0/x9tb/4f92Dlh4KzvR2H4vX/9w2HMHtp/ZEscEds7pLhEN49m5qMJbIL6l8YS4xngTviDpMVscSGyfqqlsTAwSTwk6E8cCgJHI6BfC/FgZDvyvn7oRA+OJtaX19ieywxkgQ+GQOjSWAsBsaTwNIYmEgCLy/NA5NJ4N9iIEzXj9XdS/OxAgAAOBb5PKun/m5I53kHu1tl6GiVob9Vhs5WGSpNM/SEg416Ee9/O2bo6SiPQnyoJ222L6mllCFeDL/hhrcc3drh/x/W50wLlpqO5x/UzjfoqM9w30e6K6GJ0vx/vL35f3/9bdb64Tj/n7v+Xxb4Qdy8r8VTx0dj4McfrQ/kOwYOx8nuDbWqJvMS+aT9hlhiIgZGk8D2GJhIAhvW54H9b6sP5DPtWuP7ao1P5yUKAQAAADjl4g6CuJsmzv9v2/mVgWblSvP/ifbm/7G9gWJj18VajywN4d6Oua2pBVYOZoG4H2Mw/jz+HYMhnFHYwVErMdWflehNGg7f78t+od6bVvW9vuzHB/H+RU889OCN1cQtfSEsK+x9qbXxbCVroy8NnNObBfrTwLbuLBD3/NQC3+3MAnDCansF4wsqP9WlZmT+cg1ef2+Wa4Km3SvtA50n33y/uVoopR2u+T7VmmN72pruv+WkKb09Dnm3LcZ324h3W/GLVP4N5ehcqBI6N09t2XjlzK74SPGXrCUL9DwXf6XaTvokvA73HP/WtlZJN2A8+fgYn7/c/K/DjljdTY8tu7NrxScevWflshcPfGDfS21vRgPxh8IPXfOvgz8qDO9Cq4T8NbfoPk8mfZ4siv8Gknf3qKcthLD+5a/f0Cxemv9Ptjf/705uZ/06DubO4RDeVxjcR+Lw//Fw9jlYCGSfkm8pB7JD7v811PCTEwAAAE622u6O2v6C6fw2OyE8nSeX80+GcHT4GPLH/RUT8+Zvd7v7//qzy5rFS/P/Dc3n/0uSzXT83/F/Fojj//M63XdFL0kf2HNCu6JL1bEgHP+f1+n+bnP8f16O/zv+Px/H/1tw/H9ep/vTVvqWtN2XrhDCi3/0wNPN4qX5//b25v/W/5t/0b7a+n8bGq3/t73R+n97rP8HAAAsqAYLzaXzvNLqfaUM6ep9pQwtFwhsucRg8/X/mqyz96ZZ/680qK3W/3vh7Gd/E5oozf/3tDf/jy+HgWLri2X9v9H1Daq6OQa2WxgQAACA01GjfRMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC8se77h//Z3Cz+8G8vePq5iycu27vu4pevueDMx0OYnn28Iwt39F9/68TP7zz/rr33rbntniMXvr+Sl+vJb3+3Lnes9fWhEPYXHhmMiVeGqnfmAhd9/K7d3dXEI0MhvLcY2Lp36xnVxLeGQlheDDz42RVvqyb2piXuf+78F6qJz6WBj60887Vq4rw80JFu7j8uzTa3I93cG5eGMFwI1Db3sqX1VdXa+NM80Jm28U+DWRsxMBiLfmMwayMGZmKJ6SUhrOoOoSut6uFKVlVXWtW/VLKqutKqvlwJ4bwQQnda1XO9WVXdac8f782qioGz3nPg1XOqif29IawqBp78zO0frCa+kARqjf9Fbwjvqr5k0sa/3ZM13pM2fktPCO8MIfSmJX7ZnZXoTUs83x3CWwqBWuOf7w5hd+BNIX741H2i7dx99daNMzNTOxYw0Zu31Re2TM9MjW3aNrO5kmxTIx2F9NFrj7/vz7z6pU3V20/fvX6wnXR3Xq5ndpPX9NTdXXu6b33crv5iJXPPR6n+mL83DIQlV+6c2jH2xY27du1Ynf1tN/ua7G9XHs3GavViGavlxUpW7bp8+6qdu69eOX35xkunLp26YvWH1oyfO752/MPnrqr2ajz7ezK6evup7+rZ3YVKTsUHgISExGJLdNZ9uo2f7h/kpS/6cxvaEyqzH9ClaUUxS8dsL09Gp9cdZ4+P53tKyx6tLk0cSlnWzJPl2vosa0uTibla+rIss9/rSpPDYmOds0Ma73eGsbGuRuMwUn+3OLw/O4HhfSofunbTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP+xAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhR04EAAAAAAA8n9thKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqirswLEAAAAAgDB/6zB6NgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAD//56HJTY=")

1.321731359s ago: executing program 4 (id=3212):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f00000006c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_RESET_LINK_STATS(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000740)={&(0x7f0000000700)={0x28, r1, 0x1, 0x70bd2d, 0x25dfdbfb, {{}, {}, {0xc, 0x14, 'syz0\x00'}}}, 0x28}, 0x1, 0x0, 0x0, 0x51}, 0x40000)

1.281200638s ago: executing program 5 (id=3213):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000040)={0x1, &(0x7f0000000400)=[{0x6, 0x0, 0xff, 0x4}]}, 0x10)
syz_emit_ethernet(0xfdef, &(0x7f0000000440)={@broadcast, @empty, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0xfffffffffffffdaa, 0x0, 0x0, 0x0, 0x88, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @parameter_prob={0xc, 0x0, 0x0, 0x0, 0x0, 0x3, {0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @rand_addr, @multicast2}}}}}}, 0x0)

91.323528ms ago: executing program 8 (id=3214):
r0 = memfd_create(&(0x7f0000000280)='/dev/loop#\x00', 0x3)
fallocate(r0, 0x0, 0x0, 0x200401)
fallocate(r0, 0x0, 0x0, 0x4)

61.222451ms ago: executing program 5 (id=3215):
syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000980)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="6e6f626172726965722c63726561746f723d5c5d07842c63726561746f723dbd3cfff52c6e6c733d63703433372c756d61736b3d3030303030303030303030303030000000000000dc599bad22eebebb0002372c6e6f6465000000000000000000"], 0x1, 0x6a4, &(0x7f0000001380)="$eJzs3U9sHFcdB/DvbDbrbJBS918aEFKtRqqgEYmdVUmQkBoQQjlEKIJLr1biNFY2aeW4KK0Q2QAFiRMn1AOHIhQOPSGEkMoJUc5ISFw4+R6JG4ccAKOZnV2v7Y1jJ7HXbT8faTzv7Zv33m9+nT+7s402wGfW+ddzsJci509cuFXWV+52uit3O9cH5SRTSRpJs79K0U6Kj5Nz6S/5fPliPVzxoHlevfdR0Xz/w06/1qyXavvGVv02GbtlLzk0rBxIMtMv/mfbw24ar1qqcS6tjfeIimHcZcKODxIHk7a6SW+tsfHQ7ts/b4F963b/vrnJdHI4/btr+T4g9dXh4VeGydvy2tTbuzgAAABgt4z9LD/qqfu5n1s5sjfhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKdD0f/NwKJeGoPyTIrB7/+3Rn5TvzXhcB/Te1eq1XefmnQgAAAAAAAAAPBYXryf+7mVI4P6alF95/9SVXmu+vu5vJ2bWchSTuZW5rOc5SxlLsn0yECtW/PLy0tzm3v+MmXP1dXV23XP02N7nl4fV29joOP+T4NNGwEAAAAAAADAZ9aPcn7t+38AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANgPiuRAf1Utzw3K02k0kxxK0ipmhpu3JhrsE/DnSQcAAAAAu69dr48U/+sXVovqM//R6nP/obydG1nOYpbTzUIuV88C+p/6G3/vdbordzvXy2XzwN/4147iqEZM/9nD+Jlnqy2eH/Y4n2/nezmRmVzMUhbz/cxnOQuZybeq0nyKTNdPL6ZX7rYziHVzvOfW1S5ujO3FkXIZ37EqknauZLGK7WQutQahN+rtjo3M9sdWsmHGO2V2itdq28zR5Xpd7tEv6vX+MF3t+cFhRmbr3JfZeHo075tzv8PjZONMc2kMn0E9tzZLWd040yPl/HC9LnP9093N+Q4fpa3PRO/nZW1w9B3dOufJl//xl4tXGzeuXb1y88T+OYwe0cZjojOSiRe2lYlumYneY2Ti0OPE/+S06mz0r6I7u1q+VPU9ksV8J2/mchZyJrOZy9nM5ms5nU5Oj+T1+a3zWp1rjZ2da8e/VBfKe9LPRu5Ne2bqQQ1lXp8eyevolW66aht9ZS1Lz2wjS0Ur47P0z7GhNL9QF8o5fjxyx5m8jZmYG8nEs1tn4tf/XU1ys3vj2tLV+be2Od/L9bo8bd9bf23+zRPZoZ2rd7c8Xp4p/2Olf9sYPTrKtmcHbRvy1aq/cWnWg61ra6U6n/ttDztTy5GO3hk3Ur/thbGzdKq2YyNt697l5M10h+9CANjHDr9yuNW+1/5b+4P2T9pX2xcOfXPq7NQXWzn41+afDvyu8dvG14tX8kF+mCOTjhQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4Nbr7z7rX5bndhaR8W0njCA94Z2zRIRf+V1v7Y909qYWqrI+r3Sbbo3ppEzO0k+yJ1ae7BXFMZ03Rh+Eo7aQzjSXJtn/zAHbAbTi1ff+vUzXfe/cri9fk3Ft5YuHH67JnXznS+Onf71JXF7sJs/++kowR2w9rbgElHAgAAAAAAAAAAAGzXXvzzhjHTFr0J7CsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwyXT+9Rzspcjc7MnZsr5yt9Mtl0F5bctmkkaS4gdJ8XFyLv0l0yPDFQ+a59V7H/3q5fc/7KyN1Rxs39jQ7w//Xl3d4V706iUzSQ7U64eb2tZ4l0bG6+0wsL5iuIdlwo4PEgeT9v8AAAD//x5LB84=")
mkdir(&(0x7f0000000280)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0xc4)
rename(&(0x7f0000000000)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', &(0x7f0000000f40)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

9.279028ms ago: executing program 4 (id=3216):
r0 = syz_usb_connect$uac1(0x2, 0xa5, &(0x7f00000002c0)=ANY=[@ANYBLOB="12010000000000106b1d010140000102030109029300030100000009040000000101"], 0x0)
syz_usb_control_io$uac1(r0, &(0x7f00000001c0)={0x14, 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="00030400000004030204253a284b"]}, 0x0)
syz_usb_control_io(r0, &(0x7f00000002c0)={0x2c, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="000375000000750341ff6a3f30b24c44fe463a9418cc22e1862d60d4de75b1093087561322b8f4e12ef5fef811c490aa073237eb4b4d10675a"], 0x0, 0x0, 0x0}, 0x0)

0s ago: executing program 3 (id=3217):
r0 = add_key$user(&(0x7f0000000000), &(0x7f0000000100)={'syz', 0x2}, &(0x7f0000000080)="01", 0x1, 0xffffffffffffffff)
r1 = add_key$user(&(0x7f0000000140), &(0x7f00000007c0)={'syz', 0x0}, &(0x7f0000000280)="f40fc24077021c9b084c60ffc26fd06301176d36c2f546f1162626edb4a5e1cc09ed8c58ca4fe84b94a7b700000000000000000100000000000000dd3d0df936a10285ecc1ad2243d878dde6cfd6ea08d5abcb00bb35436929ddabce530b63fab525337057438cf64a506d54d5c83e3e593d1d53ad0e6a44168fe8cfc6ad98b653d80636e4ddc1f2ab58762b57f5b606a43e50874c90143034142cd5e1bd9b4d27d8b57fbccb69ba4376b97b7feb75b9138dde818a3c6b96dd80000000000000", 0xc0, 0xfffffffffffffffb)
keyctl$dh_compute(0x17, &(0x7f0000001340)={r1, r1, r0}, &(0x7f0000003f00)=""/4101, 0x1005, 0x0)

kernel console output (not intermixed with test programs):

ed filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  594.917157][T10874] ext4 filesystem being mounted at /424/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  595.021717][ T6355] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  595.146598][T10882] loop3: detected capacity change from 0 to 1024
[  595.266652][T10882] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  595.355827][ T5801] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  595.740716][ T5805] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  596.043903][T10897] CUSE: DEVNAME unspecified
[  596.091145][T10899] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2140'.
[  596.342664][ T1854] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  596.521567][ T1854] usb 4-1: Using ep0 maxpacket: 32
[  596.551509][ T1854] usb 4-1: config 0 has an invalid interface number: 12 but max is 0
[  596.560485][ T1854] usb 4-1: config 0 has no interface number 0
[  596.569724][ T1854] usb 4-1: config 0 interface 12 has no altsetting 0
[  596.661551][ T1854] usb 4-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  596.674172][ T1854] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  596.685229][ T1854] usb 4-1: Product: syz
[  596.689635][ T1854] usb 4-1: Manufacturer: syz
[  596.694598][ T1854] usb 4-1: SerialNumber: syz
[  596.859777][ T1854] usb 4-1: config 0 descriptor??
[  597.471642][T10908] loop6: detected capacity change from 0 to 32768
[  597.508004][T10908] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.2144 (10908)
[  597.537340][T10908] BTRFS info (device loop6 state S): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  597.548712][T10908] BTRFS info (device loop6 state S): using crc32c (crc32c-x86_64) checksum algorithm
[  597.568264][T10908] BTRFS info (device loop6 state S): using free-space-tree
[  597.594797][ T1854] f81534 4-1:0.12: f81534_get_register: reg: 1003 failed: -71
[  597.605677][ T1854] f81534 4-1:0.12: f81534_find_config_idx: read failed: -71
[  597.615980][ T1854] f81534 4-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  597.624203][ T1854] f81534 4-1:0.12: probe with driver f81534 failed with error -71
[  597.701311][ T6910] BTRFS warning (device loop6 state S): checksum verify failed on logical 1052672 mirror 1 wanted 0x37e030f7 found 0x3a96e814 level 0, ignored
[  597.727886][T10908] BTRFS error (device loop6 state S): devid 1 uuid ffe9ff7f-0000-0000-0000-9003f3eadbc4 is missing
[  597.739240][T10908] BTRFS error (device loop6 state S): failed to read chunk tree: -2
[  597.773045][T10908] BTRFS error (device loop6 state S): open_ctree failed: -2
[  597.798617][ T1854] usb 4-1: USB disconnect, device number 13
[  599.804109][T10953] loop3: detected capacity change from 0 to 512
[  599.832147][T10951] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2158'.
[  599.837206][T10942] DRBG: could not allocate CTR cipher TFM handle: ctr(aes)
[  600.090791][T10953] EXT4-fs error (device loop3): ext4_iget_extra_inode:5035: inode #15: comm syz.3.2156: corrupted in-inode xattr: invalid ea_ino
[  600.241023][T10953] EXT4-fs error (device loop3): ext4_orphan_get:1398: comm syz.3.2156: couldn't read orphan inode 15 (err -117)
[  600.277833][T10953] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  600.491802][T10961] loop7: detected capacity change from 0 to 64
[  600.844192][ T5805] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  600.997178][T10966] loop4: detected capacity change from 0 to 256
[  601.106995][T10966] exfat: Deprecated parameter 'utf8'
[  601.119873][T10966] exfat: Deprecated parameter 'utf8'
[  601.138545][T10966] exfat: Deprecated parameter 'utf8'
[  601.421406][T10966] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xdc42f586, utbl_chksum : 0xe619d30d)
[  601.433425][T10970] netlink: 104 bytes leftover after parsing attributes in process `syz.6.2165'.
[  602.827499][T10988] loop3: detected capacity change from 0 to 256
[  602.939611][T10988] exfat: Deprecated parameter 'utf8'
[  603.187616][T10988] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d)
[  603.268301][T10987] loop6: detected capacity change from 0 to 4096
[  603.287125][T10987] ntfs3(loop6): Different NTFS sector size (1024) and media sector size (512).
[  603.417308][   T11] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  603.641466][   T11] usb 5-1: Using ep0 maxpacket: 8
[  603.731604][T10987] ntfs3(loop6): ino=19, mi_enum_attr
[  603.737480][T10987] ntfs3(loop6): Mark volume as dirty due to NTFS errors
[  603.750593][   T11] usb 5-1: unable to get BOS descriptor or descriptor too short
[  603.780257][   T11] usb 5-1: config index 0 descriptor too short (expected 274, got 18)
[  603.788848][   T11] usb 5-1: config 4 interface 0 has no altsetting 0
[  603.869546][   T11] usb 5-1: string descriptor 0 read error: -22
[  603.881295][   T11] usb 5-1: New USB device found, idVendor=058f, idProduct=6610, bcdDevice=48.05
[  603.900289][   T11] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  604.000361][   T11] usb 5-1: dvb_usb_v2: found a 'Sigmatek DVB-110' in warm state
[  604.094490][   T11] usb 5-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  604.106115][   T11] dvbdev: DVB: registering new adapter (Sigmatek DVB-110)
[  604.127823][   T11] usb 5-1: media controller created
[  604.248431][   T11] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  604.433569][   T11] zl10353_read_register: readreg error (reg=127, ret==0)
[  604.961643][T11003] loop3: detected capacity change from 0 to 128
[  605.083410][T11003] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  605.295217][   T11] usb 5-1: USB disconnect, device number 15
[  605.570121][T11003] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  606.203559][T11008] loop5: detected capacity change from 0 to 40427
[  606.279405][T11008] F2FS-fs (loop5): Invalid segment/section count (31, 24 x 1)
[  606.293550][T11008] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock
[  606.305631][T11008] F2FS-fs (loop5): invalid crc value
[  606.710778][T11008] F2FS-fs (loop5): Try to recover 2th superblock, ret: 0
[  606.723663][T11008] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  607.109918][T11019] loop6: detected capacity change from 0 to 512
[  607.210202][T11017] loop7: detected capacity change from 0 to 512
[  607.436802][T11017] EXT4-fs: Ignoring removed oldalloc option
[  607.484603][T11017] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  607.597742][T11019] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  607.617905][T11019] ext4 filesystem being mounted at /375/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  607.680386][T11019] EXT4-fs error (device loop6): ext4_map_blocks:780: inode #2: block 3: comm syz.6.2185: lblock 8 mapped to illegal pblock 3 (length 26)
[  607.728518][T11017] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2856c018, mo2=0002]
[  607.729097][T11017] System zones: 1-3, 19-19, 35-38
[  607.781063][T11017] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  607.781461][T11017] ext4 filesystem being mounted at /270/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  608.146416][ T7653] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  608.264648][ T6553] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  608.978599][T11036] netlink: 'syz.7.2189': attribute type 4 has an invalid length.
[  608.986907][T11036] netlink: 17 bytes leftover after parsing attributes in process `syz.7.2189'.
[  611.058338][T11050] loop4: detected capacity change from 0 to 512
[  611.151973][T11050] EXT4-fs error (device loop4): ext4_orphan_get:1393: inode #15: comm syz.4.2198: casefold flag without casefold feature
[  611.231346][T11050] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.2198: couldn't read orphan inode 15 (err -117)
[  611.319468][T11048] loop3: detected capacity change from 0 to 2048
[  611.347488][T11050] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  611.517510][T11059] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  611.615956][   T30] audit: type=1800 audit(1751494571.215:75): pid=11048 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2197" name="file2" dev="loop3" ino=16 res=0 errno=0
[  611.729032][T11048] NILFS (loop3): vblocknr = 12 has abnormal lifetime: start cno (= 150994946) > current cno (= 3)
[  611.742915][T11048] NILFS error (device loop3): nilfs_bmap_propagate: broken bmap (inode number=16)
[  611.770864][T11061] loop7: detected capacity change from 0 to 512
[  611.840075][T11048] Remounting filesystem read-only
[  611.845603][T11061] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  611.877962][T11053] loop6: detected capacity change from 0 to 4096
[  611.918242][ T5801] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  611.941125][T11061] EXT4-fs (loop7): 1 truncate cleaned up
[  611.949372][T11061] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  612.068478][T11053] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  612.081773][T11063] overlayfs: failed to create directory ./file0/work (errno: 117); mounting read-only
[  612.094133][ T5805] NILFS (loop3): disposed unprocessed dirty file(s) when stopping log writer
[  612.167453][T11053] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  612.530448][ T6553] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  612.591573][ T7653] EXT4-fs error (device loop7): ext4_readdir:264: inode #11: block 54: comm syz-executor: path (unknown): bad entry in directory: rec_len is smaller than minimal - offset=0, inode=0, rec_len=0, size=1024 fake=0
[  612.686169][T11072] netlink: 256 bytes leftover after parsing attributes in process `syz.3.2204'.
[  612.696528][T11072] netlink: 72 bytes leftover after parsing attributes in process `syz.3.2204'.
[  612.697074][ T7653] EXT4-fs (loop7): Remounting filesystem read-only
[  612.712115][ T1854] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  612.931415][ T1854] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  612.939968][ T1854] usb 6-1: config 0 has no interface number 0
[  612.951520][ T1854] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  612.963295][ T1854] usb 6-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  612.978684][ T1854] usb 6-1: config 0 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  612.992117][ T1854] usb 6-1: New USB device found, idVendor=28bd, idProduct=0042, bcdDevice= 0.00
[  613.001633][ T1854] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  613.060994][ T1854] usb 6-1: config 0 descriptor??
[  614.258269][T11074] loop4: detected capacity change from 0 to 32768
[  614.313808][ T1854] uclogic 0003:28BD:0042.0014: failed retrieving string descriptor #100: -71
[  614.328323][ T1854] uclogic 0003:28BD:0042.0014: failed retrieving pen parameters: -71
[  614.336997][ T1854] uclogic 0003:28BD:0042.0014: pen probing failed: -71
[  614.345147][ T1854] uclogic 0003:28BD:0042.0014: failed probing parameters: -71
[  614.365771][ T1854] uclogic 0003:28BD:0042.0014: probe with driver uclogic failed with error -71
[  614.442003][ T7653] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  614.543452][ T1899] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  614.691562][ T1854] usb 6-1: USB disconnect, device number 14
[  614.787859][T11074] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,metadata_target=invalid label 246,noinodes_use_key_cache,journal_flush_delay=3,journal_reclaim_delay=1000,nocow
[  614.788062][T11074]   allowing incompatible features above 0.0: (unknown version)
[  614.788148][T11074]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  614.841789][T11074] bcachefs (loop4): Using encoding defined by superblock: utf8-12.1.0
[  614.854617][T11074] bcachefs (loop4): initializing new filesystem
[  614.889966][T11074] bcachefs (loop4): going read-write
[  614.949726][ T1899] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  615.101932][T11074] bcachefs (loop4): marking superblocks
[  615.163084][T11074] bcachefs (loop4): initializing freespace
[  615.201841][T11074] bcachefs (loop4): done initializing freespace
[  615.230606][T11074] bcachefs (loop4): reading snapshots table
[  615.237080][T11074] bcachefs (loop4): reading snapshots done
[  615.339261][ T1899] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  615.464050][T11074] bcachefs (loop4): done starting filesystem
[  615.645052][ T1899] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  615.691559][ T5801] bcachefs (loop4): shutting down
[  615.702067][ T5801] bcachefs (loop4): going read-only
[  615.707731][ T5801] bcachefs (loop4): finished waiting for writes to stop
[  615.770785][ T5801] bcachefs (loop4): flushing journal and stopping allocators, journal seq 9
[  615.939796][ T5851] usb 4-1: new full-speed USB device number 14 using dummy_hcd
[  616.229000][ T5851] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  616.250938][ T5851] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  616.265972][ T5851] usb 4-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[  616.289922][ T5851] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  616.341751][T11094] loop5: detected capacity change from 0 to 1024
[  616.344718][ T1899] bridge_slave_1: left allmulticast mode
[  616.357462][ T1899] bridge_slave_1: left promiscuous mode
[  616.367172][ T1899] bridge0: port 2(bridge_slave_1) entered disabled state
[  616.390208][T11094] EXT4-fs: Ignoring removed nobh option
[  616.397884][ T5851] usb 4-1: config 0 descriptor??
[  616.409065][T11094] EXT4-fs: Ignoring removed bh option
[  616.437542][ T5801] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 13
[  616.487035][ T5801] bcachefs (loop4): clean shutdown complete, journal seq 14
[  616.537646][ T1899] bridge_slave_0: left allmulticast mode
[  616.539477][ T5801] bcachefs (loop4): marking filesystem clean
[  616.546626][ T1899] bridge_slave_0: left promiscuous mode
[  616.556586][ T1899] bridge0: port 1(bridge_slave_0) entered disabled state
[  616.628988][T11094] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  616.786585][ T5801] bcachefs (loop4): shutdown complete
[  616.878685][ T5851] isku 0003:1E7D:319C.0015: item fetching failed at offset 5/7
[  616.906325][ T5851] isku 0003:1E7D:319C.0015: parse failed
[  616.908753][T11094] EXT4-fs error (device loop5): ext4_xattr_inode_iget:437: comm syz.5.2212: inode #327696: comm syz.5.2212: iget: illegal inode #
[  616.917274][ T5851] isku 0003:1E7D:319C.0015: probe with driver isku failed with error -22
[  617.074327][T11094] EXT4-fs (loop5): Remounting filesystem read-only
[  617.081340][T11094] EXT4-fs warning (device loop5): ext4_xattr_inode_inc_ref_all:1129: inode #18: comm syz.5.2212: cleanup dec ref error -30
[  617.099890][T11094] EXT4-fs warning (device loop5): ext4_xattr_block_set:2190: inode #18: comm syz.5.2212: dec ref error=-30
[  617.133170][ T1854] usb 4-1: USB disconnect, device number 14
[  617.473236][ T6355] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  618.570131][ T1899] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  618.648787][T11102] loop5: detected capacity change from 0 to 128
[  618.689687][ T1899] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  618.700497][T11104] loop3: detected capacity change from 0 to 512
[  618.730023][T11102] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[  618.758149][T11104] EXT4-fs: Ignoring removed nomblk_io_submit option
[  618.789841][T11104] EXT4-fs (loop3): Test dummy encryption mode enabled
[  618.810590][ T1899] bond0 (unregistering): Released all slaves
[  618.943234][T11102] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  618.968416][T11104] EXT4-fs (loop3): 1 truncate cleaned up
[  618.983712][T11104] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  619.261635][ T5086] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  619.279303][ T5086] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  619.337436][ T5086] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  619.349756][ T1899] tipc: Left network mode
[  619.380223][ T5086] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  619.419208][ T5086] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  619.756185][ T5805] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  620.120157][T11107] hsr0 speed is unknown, defaulting to 1000
[  620.553308][ T1899] hsr_slave_0: left promiscuous mode
[  620.597105][ T1899] hsr_slave_1: left promiscuous mode
[  620.615806][ T1899] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  620.623783][ T1899] batman_adv: batadv0: Removing interface: batadv_slave_0
[  620.691038][ T1899] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  620.712032][ T1899] batman_adv: batadv0: Removing interface: batadv_slave_1
[  620.832551][ T1899] veth1_macvtap: left promiscuous mode
[  620.838355][ T1899] veth0_macvtap: left promiscuous mode
[  620.847329][ T1899] veth1_vlan: left promiscuous mode
[  620.855755][ T1899] veth0_vlan: left promiscuous mode
[  621.186955][T11120] loop6: detected capacity change from 0 to 1024
[  621.257508][T11120] EXT4-fs (loop6): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  621.464020][T11120] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  621.577463][T11120] EXT4-fs error (device loop6): ext4_xattr_inode_iget:437: inode #11: comm syz.6.2222: missing EA_INODE flag
[  621.620719][ T5086] Bluetooth: hci1: command tx timeout
[  621.733909][T11120] EXT4-fs (loop6): Remounting filesystem read-only
[  622.456812][ T6553] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  622.621753][ T1899] team0 (unregistering): Port device team_slave_1 removed
[  622.777553][ T1899] team0 (unregistering): Port device team_slave_0 removed
[  623.760622][ T5086] Bluetooth: hci1: command tx timeout
[  624.536457][ T1899] IPVS: stop unused estimator thread 0...
[  624.567262][T11107] chnl_net:caif_netlink_parms(): no params data found
[  625.117181][T11157] mkiss: ax0: crc mode is auto.
[  625.297509][T11161] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2235'.
[  625.775431][ T5086] Bluetooth: hci1: command tx timeout
[  626.461409][T11172] netlink: 20 bytes leftover after parsing attributes in process `syz.6.2239'.
[  626.812082][T11107] bridge0: port 1(bridge_slave_0) entered blocking state
[  626.822699][T11107] bridge0: port 1(bridge_slave_0) entered disabled state
[  626.830535][T11107] bridge_slave_0: entered allmulticast mode
[  626.845677][T11107] bridge_slave_0: entered promiscuous mode
[  627.089136][T11107] bridge0: port 2(bridge_slave_1) entered blocking state
[  627.101175][T11107] bridge0: port 2(bridge_slave_1) entered disabled state
[  627.111676][T11107] bridge_slave_1: entered allmulticast mode
[  627.123979][T11107] bridge_slave_1: entered promiscuous mode
[  627.291980][T11107] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  627.350882][T11107] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  627.740526][T11182] loop4: detected capacity change from 0 to 2048
[  627.795994][T11107] team0: Port device team_slave_0 added
[  627.817404][T11107] team0: Port device team_slave_1 added
[  627.829593][T11182] UDF-fs: error (device loop4): udf_process_sequence: Primary Volume Descriptor not found!
[  627.860689][ T5086] Bluetooth: hci1: command tx timeout
[  627.876415][T11182] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  628.167321][T11107] batman_adv: batadv0: Adding interface: batadv_slave_0
[  628.177662][T11107] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  628.213006][T11107] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  628.459047][T11107] batman_adv: batadv0: Adding interface: batadv_slave_1
[  628.466438][T11107] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  628.501599][T11107] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  629.174993][T11107] hsr_slave_0: entered promiscuous mode
[  629.190239][T11107] hsr_slave_1: entered promiscuous mode
[  629.202867][T11107] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  629.210685][T11107] Cannot create hsr debugfs directory
[  630.477658][T11201] loop6: detected capacity change from 0 to 40427
[  630.513536][T11201] F2FS-fs (loop6): Unrecognized mount option "grpquota=" or missing value
[  632.770076][T11107] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  632.910368][T11107] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  633.060119][T11107] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  633.177682][T11107] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  633.517024][T11230] loop4: detected capacity change from 0 to 1024
[  633.838483][T11230] hfsplus: request for non-existent node 16777216 in B*Tree
[  633.851495][T11230] hfsplus: request for non-existent node 16777216 in B*Tree
[  633.887204][T11236] netlink: 'syz.6.2269': attribute type 1 has an invalid length.
[  633.943164][T11237] syz_tun: refused to change device tx_queue_len
[  635.108533][T11107] 8021q: adding VLAN 0 to HW filter on device bond0
[  635.491011][T11107] 8021q: adding VLAN 0 to HW filter on device team0
[  635.593497][ T3492] bridge0: port 1(bridge_slave_0) entered blocking state
[  635.601118][ T3492] bridge0: port 1(bridge_slave_0) entered forwarding state
[  635.701927][ T3492] bridge0: port 2(bridge_slave_1) entered blocking state
[  635.709598][ T3492] bridge0: port 2(bridge_slave_1) entered forwarding state
[  636.617199][T11259] netlink: 5 bytes leftover after parsing attributes in process `syz.4.2280'.
[  636.691373][T11258] loop3: detected capacity change from 0 to 1024
[  636.851601][T11258] hfsplus: bad catalog entry type
[  637.349985][ T6910] hfsplus: b-tree write err: -5, ino 4
[  637.528427][T11268] can0: slcan on ptm0.
[  637.719485][T11268] can0 (unregistered): slcan off ptm0.
[  638.591923][T11277] loop6: detected capacity change from 0 to 128
[  638.716456][T11277] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=256, location=256
[  638.844812][T11107] 8021q: adding VLAN 0 to HW filter on device batadv0
[  638.968515][T11277] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  640.028704][T11288] netlink: 96 bytes leftover after parsing attributes in process `syz.5.2299'.
[  640.045578][T11288] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2299'.
[  640.101094][T11288] vlan3: entered allmulticast mode
[  640.118630][T11288] gretap0: entered allmulticast mode
[  641.015084][T11285] loop4: detected capacity change from 0 to 32768
[  641.102177][T11285] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  641.112158][T11285] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  641.161902][T11285] gfs2: fsid=syz:syz.s: journal 0 mapped with 5 extents in 0ms
[  641.868470][T11285] gfs2: fsid=syz:syz.s: first mount done, others may mount
[  643.969990][T11107] veth0_vlan: entered promiscuous mode
[  644.131171][T11107] veth1_vlan: entered promiscuous mode
[  644.718554][T11107] veth0_macvtap: entered promiscuous mode
[  644.787539][T11107] veth1_macvtap: entered promiscuous mode
[  645.061064][T11107] batman_adv: batadv0: Interface activated: batadv_slave_0
[  645.267663][T11107] batman_adv: batadv0: Interface activated: batadv_slave_1
[  645.350470][T11107] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  645.366949][T11107] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  645.380772][T11107] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  645.400876][T11107] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  645.809492][T11321] loop3: detected capacity change from 0 to 64
[  645.927095][T11321] BFS-fs: bfs_fill_super(): loop3 is unclean, continuing
[  646.070106][T11327] loop4: detected capacity change from 0 to 128
[  646.258988][T11327] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  646.306282][T11327] ext4 filesystem being mounted at /455/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  646.947965][ T5801] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  649.493602][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  649.500482][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  650.067154][T11372] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2317'.
[  650.276673][T11376] loop5: detected capacity change from 0 to 256
[  651.489210][T11388] loop5: detected capacity change from 0 to 1024
[  652.104786][T11397] netlink: 144 bytes leftover after parsing attributes in process `syz.3.2329'.
[  653.622006][   T73] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  653.633235][   T73] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  653.892035][ T3435] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  653.910995][ T3435] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  654.554112][T11422] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2338'.
[  655.588376][T11432] loop5: detected capacity change from 0 to 1024
[  655.633472][T11437] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2345'.
[  659.086264][T11466] loop3: detected capacity change from 0 to 40427
[  659.146295][T11466] F2FS-fs (loop3): heap/no_heap options were deprecated
[  660.173893][T11477] loop4: detected capacity change from 0 to 2048
[  660.297402][T11477] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  661.502141][T11494] loop4: detected capacity change from 0 to 512
[  661.665906][T11494] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  661.685859][T11494] ext4 filesystem being mounted at /472/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  662.034657][T11494] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #2: comm syz.4.2369: corrupted inode contents
[  662.119428][T11494] EXT4-fs error (device loop4): ext4_dirty_inode:6459: inode #2: comm syz.4.2369: mark_inode_dirty error
[  662.243150][T11494] EXT4-fs error (device loop4): ext4_do_update_inode:5568: inode #2: comm syz.4.2369: corrupted inode contents
[  662.322046][T11494] EXT4-fs error (device loop4): __ext4_ext_dirty:206: inode #2: comm syz.4.2369: mark_inode_dirty error
[  662.395056][T11505] loop6: detected capacity change from 0 to 1024
[  662.603752][   T30] audit: type=1800 audit(1751494622.215:76): pid=11505 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.2385" name="file1" dev="loop6" ino=20 res=0 errno=0
[  662.732170][T11505] hfsplus: request for non-existent node 16777216 in B*Tree
[  662.739986][T11505] hfsplus: request for non-existent node 16777216 in B*Tree
[  662.768679][ T5801] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  663.729657][T11520] loop4: detected capacity change from 0 to 1024
[  663.769347][T11523] loop6: detected capacity change from 0 to 256
[  663.890295][T11520] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  663.996100][T11529] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2383'.
[  664.008114][T11529] netlink: 5 bytes leftover after parsing attributes in process `syz.5.2383'.
[  664.568272][ T5801] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  665.721980][T11547] program syz.4.2392 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  666.457889][T11553] loop3: detected capacity change from 0 to 1024
[  666.638859][T11559] netlink: 4083 bytes leftover after parsing attributes in process `syz.4.2396'.
[  666.686984][   T30] audit: type=1800 audit(1751494626.275:77): pid=11553 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2394" name="file1" dev="loop3" ino=20 res=0 errno=0
[  666.758960][T11558] netlink: 4083 bytes leftover after parsing attributes in process `syz.4.2396'.
[  666.797197][T11553] hfsplus: request for non-existent node 16777216 in B*Tree
[  666.811864][T11553] hfsplus: request for non-existent node 16777216 in B*Tree
[  667.979656][T11562] loop5: detected capacity change from 0 to 4096
[  669.011385][T11583] loop8: detected capacity change from 0 to 64
[  669.079705][T11583] BFS-fs: bfs_fill_super(): loop8 is unclean, continuing
[  670.001299][   T30] audit: type=1326 audit(1751494629.615:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11591 comm="syz.3.2414" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fb15f18e929 code=0x0
[  670.406109][T11598] loop5: detected capacity change from 0 to 256
[  671.019232][T11603] can0: slcan on ptm0.
[  671.155547][T11603] can0 (unregistered): slcan off ptm0.
[  672.129368][    T9] IPVS: starting estimator thread 0...
[  672.277722][T11613] IPVS: using max 240 ests per chain, 12000 per kthread
[  672.469072][   T30] audit: type=1326 audit(1751494632.085:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11617 comm="syz.3.2425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb15f18e929 code=0x7ffc0000
[  672.498131][   T30] audit: type=1326 audit(1751494632.085:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11617 comm="syz.3.2425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb15f18e929 code=0x7ffc0000
[  672.769302][   T30] audit: type=1326 audit(1751494632.175:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11617 comm="syz.3.2425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb15f18e929 code=0x7ffc0000
[  672.797633][   T30] audit: type=1326 audit(1751494632.175:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11617 comm="syz.3.2425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb15f18e929 code=0x7ffc0000
[  672.820970][   T30] audit: type=1326 audit(1751494632.175:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11617 comm="syz.3.2425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb15f18e929 code=0x7ffc0000
[  672.848831][   T30] audit: type=1326 audit(1751494632.185:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11617 comm="syz.3.2425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=77 compat=0 ip=0x7fb15f18e929 code=0x7ffc0000
[  672.875188][   T30] audit: type=1326 audit(1751494632.185:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11617 comm="syz.3.2425" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb15f18e929 code=0x7ffc0000
[  673.347411][T11628] loop3: detected capacity change from 0 to 512
[  673.395553][T11628] EXT4-fs error (device loop3): ext4_orphan_get:1419: comm syz.3.2428: bad orphan inode 15
[  673.431053][T11628] ext4_test_bit(bit=14, block=18) = 1
[  673.444111][T11628] is_bad_inode(inode)=0
[  673.448576][T11628] NEXT_ORPHAN(inode)=1023
[  673.457100][T11628] max_ino=32
[  673.460508][T11628] i_nlink=0
[  673.471229][T11628] EXT4-fs error (device loop3): ext4_xattr_delete_inode:2962: inode #15: comm syz.3.2428: corrupted xattr block 19: invalid header
[  673.489117][T11628] EXT4-fs warning (device loop3): ext4_evict_inode:274: xattr delete (err -117)
[  673.503517][T11628] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0009-000000000000 r/w without journal. Quota mode: none.
[  673.519726][T11628] ext4 filesystem being mounted at /525/éq‰Y’3aK supports timestamps until 2038-01-19 (0x7fffffff)
[  673.687888][T11627] loop6: detected capacity change from 0 to 4096
[  673.707400][ T5805] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0009-000000000000.
[  674.891022][T11634] loop5: detected capacity change from 0 to 32768
[  675.089694][T11634] (syz.5.2430,11634,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xd019cb8, computed 0x1ee055ff. Applying ECC.
[  675.109545][T11634] (syz.5.2430,11634,1):ocfs2_block_check_validate:416 ERROR: Fixed CRC32 failed: stored: 0xd019cb8, computed 0x1ee055ff
[  675.122719][T11634] (syz.5.2430,11634,1):ocfs2_verify_volume:2331 ERROR: status = -5
[  675.130898][T11634] (syz.5.2430,11634,1):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  675.145580][T11634] (syz.5.2430,11634,1):ocfs2_fill_super:1177 ERROR: status = -5
[  676.138124][T11636] loop3: detected capacity change from 0 to 32768
[  676.260098][T11636] gfs2: fsid=#ãvúSÖñ^Ñ°Õ~oó»Á$®: Trying to join cluster "lock_nolock", "#ãvúSÖñ^Ñ°Õ~oó»Á$®"
[  676.278664][T11636] gfs2: fsid=#ãvúSÖñ^Ñ°Õ~oó»Á$®: Now mounting FS (format 1801)...
[  676.301591][T11636] gfs2: fsid=#ãvúSÖñ^Ñ°Õ~oó»Á$®.s: fatal: filesystem consistency error - inode = 1 19, function = gfs2_jdesc_check, file = fs/gfs2/super.c, line = 119
[  676.333961][T11636] gfs2: fsid=#ãvúSÖñ^Ñ°Õ~oó»Á$®.s: G:  s:SH n:2/13 f:aqob t:SH d:EX/0 a:0 v:0 r:2 m:20 p:1
[  676.352489][T11636] gfs2: fsid=#ãvúSÖñ^Ñ°Õ~oó»Á$®.s:  H: s:SH f:eEcH e:0 p:11636 [syz.3.2432] init_journal+0x332e/0x3a30
[  676.371950][T11636] gfs2: fsid=#ãvúSÖñ^Ñ°Õ~oó»Á$®.s:  I: n:1/19 t:8 f:0x00 d:0x00000200 s:8388608 p:0
[  676.386909][T11636] gfs2: fsid=#ãvúSÖñ^Ñ°Õ~oó»Á$®.s: about to withdraw this file system
[  676.407527][T11636] gfs2: fsid=#ãvúSÖñ^Ñ°Õ~oó»Á$®.s: Journal recovery skipped for jid 0 until next mount.
[  676.427769][T11636] gfs2: fsid=#ãvúSÖñ^Ñ°Õ~oó»Á$®.s: Glock dequeues delayed: 0
[  676.449410][T11636] gfs2: fsid=#ãvúSÖñ^Ñ°Õ~oó»Á$®.s: File system withdrawn
[  676.468298][T11636] CPU: 0 UID: 0 PID: 11636 Comm: syz.3.2432 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(undef) 
[  676.468447][T11636] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  676.468524][T11636] Call Trace:
[  676.468570][T11636]  <TASK>
[  676.468620][T11636]  __dump_stack+0x26/0x30
[  676.468784][T11636]  dump_stack_lvl+0x1df/0x270
[  676.468932][T11636]  dump_stack+0x1e/0x25
[  676.469070][T11636]  gfs2_withdraw+0x1d26/0x22e0
[  676.469302][T11636]  gfs2_consist_inode_i+0x1b2/0x250
[  676.469446][T11636]  gfs2_jdesc_check+0x170/0x440
[  676.469603][T11636]  check_journal_clean+0x1b6/0x4c0
[  676.469789][T11636]  ? init_journal+0x332e/0x3a30
[  676.469917][T11636]  ? kmsan_get_metadata+0xfb/0x160
[  676.470095][T11636]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  676.470278][T11636]  init_journal+0x332e/0x3a30
[  676.470434][T11636]  ? init_inodes+0x124/0x510
[  676.470564][T11636]  ? init_inodes+0x124/0x510
[  676.470688][T11636]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  676.470884][T11636]  init_inodes+0x124/0x510
[  676.471016][T11636]  gfs2_fill_super+0x384a/0x3f50
[  676.471151][T11636]  ? init_locking+0xed/0x500
[  676.471313][T11636]  get_tree_bdev_flags+0x6e6/0x920
[  676.471493][T11636]  ? __pfx_gfs2_fill_super+0x10/0x10
[  676.471624][T11636]  ? __pfx_gfs2_fill_super+0x10/0x10
[  676.471753][T11636]  ? __pfx_gfs2_get_tree+0x10/0x10
[  676.471876][T11636]  get_tree_bdev+0x38/0x50
[  676.472042][T11636]  gfs2_get_tree+0x57/0x350
[  676.472167][T11636]  ? __pfx_gfs2_get_tree+0x10/0x10
[  676.472294][T11636]  vfs_get_tree+0xb3/0x5c0
[  676.472459][T11636]  ? mount_capable+0x99/0x100
[  676.472616][T11636]  do_new_mount+0x738/0x1610
[  676.472802][T11636]  ? kmsan_get_metadata+0xfb/0x160
[  676.472977][T11636]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  676.473184][T11636]  path_mount+0x6db/0x1e90
[  676.473361][T11636]  ? user_path_at+0x32d/0x3d0
[  676.473531][T11636]  __se_sys_mount+0x6eb/0x7d0
[  676.473717][T11636]  ? kmsan_internal_unpoison_memory+0x14/0x20
[  676.473909][T11636]  __x64_sys_mount+0xe4/0x150
[  676.474103][T11636]  x64_sys_call+0xfa7/0x3db0
[  676.474272][T11636]  do_syscall_64+0xd9/0x210
[  676.474405][T11636]  ? irqentry_exit+0x16/0x60
[  676.474578][T11636]  ? clear_bhb_loop+0x40/0x90
[  676.474733][T11636]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  676.474876][T11636] RIP: 0033:0x7fb15f1900ca
[  676.474977][T11636] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  676.475091][T11636] RSP: 002b:00007fb15cff5e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  676.475219][T11636] RAX: ffffffffffffffda RBX: 00007fb15cff5ef0 RCX: 00007fb15f1900ca
[  676.475318][T11636] RDX: 0000200000000400 RSI: 0000200000012500 RDI: 00007fb15cff5eb0
[  676.475414][T11636] RBP: 0000200000000400 R08: 00007fb15cff5ef0 R09: 0000000000200001
[  676.475505][T11636] R10: 0000000000200001 R11: 0000000000000246 R12: 0000200000012500
[  676.475595][T11636] R13: 00007fb15cff5eb0 R14: 00000000000125bb R15: 0000200000000f00
[  676.475765][T11636]  </TASK>
[  676.792312][T11636] gfs2: fsid=#ãvúSÖñ^Ñ°Õ~oó»Á$®.s: Error checking journal for spectator mount.
[  678.596949][T11649] loop8: detected capacity change from 0 to 32768
[  678.839546][T11649] bcachefs (loop8): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names,read_only
[  678.839698][T11649]   allowing incompatible features above 0.0: (unknown version)
[  678.839783][T11649]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  678.902060][T11649] bcachefs (loop8): Using encoding defined by superblock: utf8-12.1.0
[  678.910724][T11649] bcachefs (loop8): initializing new filesystem
[  678.948535][T11649] bcachefs (loop8): going read-write
[  679.031317][T11649] bcachefs (loop8): marking superblocks
[  679.061076][T11667] loop3: detected capacity change from 0 to 256
[  679.091927][T11649] bcachefs (loop8): initializing freespace
[  679.123366][T11649] bcachefs (loop8): done initializing freespace
[  679.147921][T11649] bcachefs (loop8): reading snapshots table
[  679.154428][T11649] bcachefs (loop8): reading snapshots done
[  679.300005][T11649] bcachefs (loop8): going read-only
[  679.305665][T11649] bcachefs (loop8): finished waiting for writes to stop
[  679.350706][T11649] bcachefs (loop8): flushing journal and stopping allocators, journal seq 2
[  679.429612][T11667] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  679.610658][T11649] bcachefs (loop8): flushing journal and stopping allocators complete, journal seq 2
[  679.660136][T11649] bcachefs (loop8): clean shutdown complete, journal seq 3
[  679.675228][T11649] bcachefs (loop8): marking filesystem clean
[  679.730949][T11649] bcachefs (loop8): done starting filesystem
[  680.136571][T11107] bcachefs (loop8): shutting down
[  680.327709][T11107] bcachefs (loop8): shutdown complete
[  681.015749][T11686] loop5: detected capacity change from 0 to 47
[  681.186893][T11686] MINIX-fs: deleted inode referenced: 9
[  681.274370][T11686] MINIX-fs: deleted inode referenced: 9
[  682.566042][ T1854] IPVS: starting estimator thread 0...
[  682.705153][T11703] IPVS: using max 240 ests per chain, 12000 per kthread
[  683.091595][T11699] loop4: detected capacity change from 0 to 2048
[  683.186753][T11699] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[  683.336449][T11699] syz.4.2458: attempt to access beyond end of device
[  683.336449][T11699] loop4: rw=524288, sector=33554430, nr_sectors = 2 limit=2048
[  683.357583][T11710] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  683.930358][T11708] loop3: detected capacity change from 0 to 4096
[  684.118526][T11708] NILFS error (device loop3): nilfs_bmap_lookup_at_level: broken bmap (inode number=6)
[  684.129799][T11714] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  684.178903][T11708] NILFS (loop3): mounting fs with errors
[  685.097564][T11722] netlink: 224 bytes leftover after parsing attributes in process `syz.4.2468'.
[  685.109693][T11722] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2468'.
[  685.755733][T11731] loop5: detected capacity change from 0 to 512
[  685.819883][T11731] EXT4-fs (loop5): orphan cleanup on readonly fs
[  685.833660][T11731] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -13
[  685.900243][T11731] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  685.969082][T11731] EXT4-fs error (device loop5): ext4_clear_blocks:876: inode #13: comm syz.5.2471: attempt to clear invalid blocks 2 len 1
[  686.001629][T11731] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.2471: invalid indirect mapped block 1819239214 (level 0)
[  686.059053][T11731] EXT4-fs error (device loop5): ext4_free_branches:1023: inode #13: comm syz.5.2471: invalid indirect mapped block 1819239214 (level 1)
[  686.121375][T11731] EXT4-fs (loop5): 1 truncate cleaned up
[  686.129523][T11731] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  686.554377][T11731] EXT4-fs error (device loop5): __ext4_remount:6736: comm syz.5.2471: Abort forced by user
[  686.609857][T11731] EXT4-fs (loop5): Remounting filesystem read-only
[  686.621711][T11731] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000.
[  687.115945][ T6355] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  687.830994][T11754] loop8: detected capacity change from 0 to 47
[  687.997497][T11757] MINIX-fs: deleted inode referenced: 9
[  688.057835][T11757] MINIX-fs: deleted inode referenced: 9
[  689.130578][T11758] loop3: detected capacity change from 0 to 40427
[  689.157778][T11758] F2FS-fs (loop3): Image doesn't support compression
[  689.165975][T11758] F2FS-fs (loop3): Invalid gid value -1
[  690.255318][T11772] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2490'.
[  692.125526][T11796] atomic_op ffff8880503fc528 conn xmit_atomic 0000000000000000
[  692.297173][T11799] loop6: detected capacity change from 0 to 512
[  692.360285][T11799] EXT4-fs (loop6): mounting ext3 file system using the ext4 subsystem
[  692.411875][T11799] EXT4-fs (loop6): invalid journal inode
[  692.418208][T11799] EXT4-fs (loop6): can't get journal size
[  692.636639][T11799] EXT4-fs (loop6): 1 truncate cleaned up
[  692.649834][T11799] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  693.081256][T11810] loop3: detected capacity change from 0 to 512
[  693.132153][T11810] EXT4-fs: Ignoring removed bh option
[  693.152840][T11810] EXT4-fs: Ignoring removed mblk_io_submit option
[  693.159771][T11810] EXT4-fs: Ignoring removed nobh option
[  693.263809][ T6553] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  693.452094][T11810] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  693.477278][T11810] ext4 filesystem being mounted at /538/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  694.049256][T11821] overlay: filesystem on ./file0/file0 not supported
[  694.081857][ T5805] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  694.083518][T11823] loop6: detected capacity change from 0 to 512
[  694.255480][T11823] EXT4-fs: Ignoring removed bh option
[  694.308494][T11823] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  694.438884][T11823] EXT4-fs error (device loop6): ext4_iget_extra_inode:5035: inode #15: comm syz.6.2512: corrupted in-inode xattr: bad e_name length
[  694.551452][T11823] EXT4-fs error (device loop6): ext4_orphan_get:1398: comm syz.6.2512: couldn't read orphan inode 15 (err -117)
[  694.594730][T11823] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  694.976797][T11832] atomic_op ffff888050d72528 conn xmit_atomic 0000000000000000
[  695.444372][T11830] loop3: detected capacity change from 0 to 32768
[  695.469629][T11830] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.2514 (11830)
[  695.561704][T11830] BTRFS info (device loop3 state S): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  695.575954][T11830] BTRFS info (device loop3 state S): using crc32c (crc32c-x86_64) checksum algorithm
[  695.590622][T11830] BTRFS info (device loop3 state S): using free-space-tree
[  695.691031][ T6553] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  695.880123][ T3458] BTRFS warning (device loop3 state S): checksum verify failed on logical 1052672 mirror 1 wanted 0x37e030f7 found 0x3a96e814 level 0, ignored
[  695.907957][T11830] BTRFS error (device loop3 state S): devid 1 uuid ffe9ff7f-0000-0000-0000-9003f3eadbc4 is missing
[  695.926599][T11830] BTRFS error (device loop3 state S): failed to read chunk tree: -2
[  696.647795][T11850] loop4: detected capacity change from 0 to 32768
[  696.700728][T11830] BTRFS error (device loop3 state S): open_ctree failed: -2
[  696.756643][T11850] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  696.995249][ T5801] ocfs2: Unmounting device (7,4) on (node local)
[  698.477722][T11866] loop6: detected capacity change from 0 to 512
[  698.599703][T11866] EXT4-fs error (device loop6): ext4_iget_extra_inode:5035: inode #15: comm syz.6.2523: corrupted in-inode xattr: invalid ea_ino
[  698.657884][T11866] EXT4-fs error (device loop6): ext4_orphan_get:1398: comm syz.6.2523: couldn't read orphan inode 15 (err -117)
[  698.699989][T11866] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  699.239565][ T6553] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  699.974462][T11883] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2521'.
[  700.895112][T11896] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2535'.
[  701.374095][T11899] loop5: detected capacity change from 0 to 512
[  701.383424][T11899] EXT4-fs: Ignoring removed bh option
[  701.389117][T11899] EXT4-fs: Ignoring removed mblk_io_submit option
[  701.405448][T11899] EXT4-fs: Ignoring removed nobh option
[  701.533227][T11902] loop6: detected capacity change from 0 to 512
[  701.555214][T11902] EXT4-fs: Ignoring removed oldalloc option
[  701.622973][T11902] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  701.716400][T11899] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  701.734893][T11899] ext4 filesystem being mounted at /480/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  702.040051][T11905] loop4: detected capacity change from 0 to 4096
[  702.089845][T11902] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2856c018, mo2=0002]
[  702.151121][T11902] System zones: 1-3, 19-19, 35-38
[  702.311605][T11905] ntfs3(loop4): Different NTFS sector size (1024) and media sector size (512).
[  702.380255][T11902] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  702.400999][T11902] ext4 filesystem being mounted at /450/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  702.933853][ T6355] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  702.980635][T11912] loop8: detected capacity change from 0 to 40427
[  703.009300][T11912] F2FS-fs (loop8): Invalid segment/section count (31, 24 x 1)
[  703.017321][T11912] F2FS-fs (loop8): Can't find valid F2FS filesystem in 2th superblock
[  703.057155][T11912] F2FS-fs (loop8): invalid crc value
[  703.379120][T11905] ntfs3(loop4): ino=19, mi_enum_attr
[  703.390946][T11905] ntfs3(loop4): Mark volume as dirty due to NTFS errors
[  703.461969][ T6553] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  703.501308][T11912] F2FS-fs (loop8): Try to recover 2th superblock, ret: 0
[  703.509673][T11912] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[  704.451584][T11926] option changes via remount are deprecated (pid=11925 comm=syz.6.2547)
[  705.379951][T11936] loop5: detected capacity change from 0 to 512
[  705.754821][T11936] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  705.778735][T11936] ext4 filesystem being mounted at /483/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  705.998109][T11936] EXT4-fs error (device loop5): ext4_map_blocks:780: inode #2: block 3: comm syz.5.2554: lblock 8 mapped to illegal pblock 3 (length 26)
[  706.560080][ T6355] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  707.222535][T11946] loop6: detected capacity change from 0 to 32768
[  707.460576][T11946] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  707.678497][ T6553] ocfs2: Unmounting device (7,6) on (node local)
[  710.177896][T11974] loop3: detected capacity change from 0 to 1024
[  710.279454][T11974] EXT4-fs (loop3): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  710.556243][T11974] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  710.559194][T11969] loop4: detected capacity change from 0 to 40427
[  710.612696][T11969] F2FS-fs (loop4): Invalid segment/section count (31, 24 x 1)
[  710.620471][T11969] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[  710.676904][T11969] F2FS-fs (loop4): invalid crc value
[  710.706768][T11974] EXT4-fs error (device loop3): ext4_xattr_inode_iget:437: inode #11: comm syz.3.2565: missing EA_INODE flag
[  710.821180][T11974] EXT4-fs (loop3): Remounting filesystem read-only
[  710.939596][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  710.951587][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  711.269796][T11969] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0
[  711.284167][T11969] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  711.509442][ T5805] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  713.248973][T12001] loop5: detected capacity change from 0 to 2048
[  713.318921][T12001] UDF-fs: error (device loop5): udf_process_sequence: Primary Volume Descriptor not found!
[  713.431322][T12006] loop6: detected capacity change from 0 to 2048
[  713.469185][T12001] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  713.581382][T12008] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  713.675082][   T30] audit: type=1800 audit(1751494673.295:86): pid=12006 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.2575" name="file2" dev="loop6" ino=16 res=0 errno=0
[  713.891187][T12006] NILFS (loop6): vblocknr = 12 has abnormal lifetime: start cno (= 150994946) > current cno (= 3)
[  713.905201][T12006] NILFS error (device loop6): nilfs_bmap_propagate: broken bmap (inode number=16)
[  714.030822][T12006] Remounting filesystem read-only
[  714.426744][ T6553] NILFS (loop6): disposed unprocessed dirty file(s) when stopping log writer
[  716.637273][T12039] loop3: detected capacity change from 0 to 1024
[  716.785893][T12039] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  717.696274][ T5805] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  717.840160][    T9] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  717.907727][T12046] loop6: detected capacity change from 0 to 32768
[  718.037276][    T9] usb 6-1: Using ep0 maxpacket: 8
[  718.081442][    T9] usb 6-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  718.101891][    T9] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  718.117021][    T9] usb 6-1: Product: syz
[  718.119138][T12046] bcachefs (loop6): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,metadata_target=invalid label 246,noinodes_use_key_cache,journal_flush_delay=3,journal_reclaim_delay=1000,nocow
[  718.121353][    T9] usb 6-1: Manufacturer: syz
[  718.150468][T12046]   allowing incompatible features above 0.0: (unknown version)
[  718.150569][T12046]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  718.150734][T12046] bcachefs (loop6): Using encoding defined by superblock: utf8-12.1.0
[  718.150885][T12046] bcachefs (loop6): initializing new filesystem
[  718.170066][T12046] bcachefs (loop6): going read-write
[  718.238077][    T9] usb 6-1: SerialNumber: syz
[  718.299114][T12046] bcachefs (loop6): marking superblocks
[  718.303031][    T9] usb 6-1: config 0 descriptor??
[  718.360555][T12046] bcachefs (loop6): initializing freespace
[  718.379459][T12051] loop8: detected capacity change from 0 to 2048
[  718.398016][T12046] bcachefs (loop6): done initializing freespace
[  718.417701][T12046] bcachefs (loop6): reading snapshots table
[  718.424222][T12046] bcachefs (loop6): reading snapshots done
[  718.488758][T12046] bcachefs (loop6): done starting filesystem
[  718.590534][    T9] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  718.611016][T12065] NILFS (loop8): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  718.626881][    T9] usb 6-1: setting power ON
[  718.631713][    T9] dvb-usb: bulk message failed: -22 (2/0)
[  718.648087][    T9] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  718.762145][    T9] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  718.766362][   T30] audit: type=1800 audit(1751494678.385:87): pid=12051 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.2592" name="file2" dev="loop8" ino=16 res=0 errno=0
[  718.808002][    T9] usb 6-1: media controller created
[  718.906678][ T1854] usb 5-1: new full-speed USB device number 16 using dummy_hcd
[  718.933089][    T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  719.071408][ T6553] bcachefs (loop6): shutting down
[  719.081523][ T6553] bcachefs (loop6): going read-only
[  719.091787][ T6553] bcachefs (loop6): finished waiting for writes to stop
[  719.149527][ T1854] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  719.161190][ T1854] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  719.177222][ T1854] usb 5-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[  719.180326][    T9] usb 6-1: selecting invalid altsetting 6
[  719.186782][ T1854] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  719.224882][    T9] usb 6-1: digital interface selection failed (-22)
[  719.238127][    T9] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  719.262623][ T6553] bcachefs (loop6): flushing journal and stopping allocators, journal seq 8
[  719.281050][ T1854] usb 5-1: config 0 descriptor??
[  719.410929][    T9] usb 6-1: setting power OFF
[  719.426495][    T9] dvb-usb: bulk message failed: -22 (2/0)
[  719.442603][    T9] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  719.457656][    T9] (NULL device *): no alternate interface
[  719.689757][ T6553] bcachefs (loop6): flushing journal and stopping allocators complete, journal seq 11
[  719.782006][ T6553] bcachefs (loop6): clean shutdown complete, journal seq 12
[  719.821843][ T1854] isku 0003:1E7D:319C.0016: item fetching failed at offset 5/7
[  719.861638][ T1854] isku 0003:1E7D:319C.0016: parse failed
[  719.873337][ T1854] isku 0003:1E7D:319C.0016: probe with driver isku failed with error -22
[  719.889054][ T6553] bcachefs (loop6): marking filesystem clean
[  719.958926][ T6553] bcachefs (loop6): shutdown complete
[  720.060824][ T1854] usb 5-1: USB disconnect, device number 16
[  720.359765][    T9] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  720.459609][    T9] usb 6-1: USB disconnect, device number 15
[  720.469347][T12073] netlink: 'syz.3.2602': attribute type 1 has an invalid length.
[  721.357850][T12081] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2605'.
[  721.496779][T12082] [U] vÔ3¸Âfù¾"SçÁ/Éê4:ÃXTz“W¡t‘’lWµ«=
[  721.503658][T12082] [U] J"—e:ÀÆ"


[  724.580545][T12104] loop8: detected capacity change from 0 to 32768
[  724.590288][T12104] xfs: Bad value for 'swidth'
[  725.849355][T12113] loop8: detected capacity change from 0 to 512
[  725.915959][T12117] loop4: detected capacity change from 0 to 128
[  725.930100][T12113] EXT4-fs: Ignoring removed nomblk_io_submit option
[  726.011783][T12117] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  726.029974][T12113] EXT4-fs (loop8): Test dummy encryption mode enabled
[  726.099681][T12120] loop3: detected capacity change from 0 to 1024
[  726.161135][T12120] EXT4-fs: Ignoring removed nobh option
[  726.167389][T12117] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  726.197072][T12120] EXT4-fs: Ignoring removed bh option
[  726.247736][T12113] EXT4-fs (loop8): 1 truncate cleaned up
[  726.268512][T12113] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  726.372947][T12120] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  726.539569][T12120] EXT4-fs error (device loop3): ext4_xattr_inode_iget:437: comm syz.3.2622: inode #327696: comm syz.3.2622: iget: illegal inode #
[  726.589856][T12120] EXT4-fs (loop3): Remounting filesystem read-only
[  726.602623][T12120] EXT4-fs warning (device loop3): ext4_xattr_inode_inc_ref_all:1129: inode #18: comm syz.3.2622: cleanup dec ref error -30
[  726.616186][T12120] EXT4-fs warning (device loop3): ext4_xattr_block_set:2190: inode #18: comm syz.3.2622: dec ref error=-30
[  726.731810][T11107] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  727.185102][ T5805] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  727.697539][T12138] loop6: detected capacity change from 0 to 64
[  727.935904][T12139] loop4: detected capacity change from 0 to 2048
[  728.151071][T12139]  loop4: p1 p2 p3
[  728.585946][T12144] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2629'.
[  731.722054][T12172] loop6: detected capacity change from 0 to 4096
[  731.997327][T12182] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  732.847339][T12188] can0: slcan on ttyprintk.
[  733.050098][T12186] can0 (unregistered): slcan off ttyprintk.
[  735.067085][T12207] loop3: detected capacity change from 0 to 32768
[  735.220321][T12216] mmap: syz.5.2658 (12216) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  735.271733][T12207] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_disabled,fsck,fix_errors=yes,norecovery,version_upgrade=incompatible
[  735.271877][T12207]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  735.317279][T12207] bcachefs (loop3): Using encoding defined by superblock: utf8-12.1.0
[  735.333139][T12207] bcachefs (loop3): invalid bkey in superblock btree=deleted_inodes level=1: u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 1db8f60c84bb244c written 8 min_key POS_MIN durability: 0 (invalid extent entry 0000000000008000)
[  735.333285][T12207]   invalid extent entry type (got 15, max 7), deleting
[  735.368351][T12207] bcachefs (loop3): recovering from clean shutdown, journal seq 10
[  735.377259][T12207] bcachefs (loop3): Doing compatible version upgrade from 1.7: mi_btree_bitmap to 1.28: inode_has_case_insensitive
[  735.377259][T12207]   running recovery passes: check_allocations,check_extents_to_backpointers,check_inodes
[  735.399248][    C1] vkms_vblank_simulate: vblank timer overrun
[  735.416418][T12207] bcachefs (loop3): Now allowing incompatible features up to 1.28: inode_has_case_insensitive, previously allowed up to 1.7: mi_btree_bitmap
[  735.416418][T12207] 
[  735.484151][T12219] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2660'.
[  735.633700][T12207] bcachefs (loop3): accounting_read... done
[  735.649340][T12207] bcachefs (loop3): alloc_read... done
[  735.657376][T12207] bcachefs (loop3): snapshots_read... done
[  735.666074][T12207] bcachefs (loop3): Fixed errors, running fsck a second time to verify fs is clean
[  735.682929][T12207] bcachefs (loop3): done starting filesystem
[  735.914439][ T5805] bcachefs (loop3): shutting down
[  736.052893][ T5805] bcachefs (loop3): shutdown complete
[  736.410066][T12228] loop6: detected capacity change from 0 to 64
[  736.592786][ T1854] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  736.804165][ T1854] usb 6-1: Using ep0 maxpacket: 32
[  736.871238][ T1854] usb 6-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[  736.887172][ T1854] usb 6-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  736.900790][ T1854] usb 6-1: config 0 interface 0 has no altsetting 0
[  736.907858][ T1854] usb 6-1: New USB device found, idVendor=0755, idProduct=2626, bcdDevice= 0.00
[  736.922562][ T1854] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  737.025672][ T1854] usb 6-1: config 0 descriptor??
[  737.505941][ T1854] aureal 0003:0755:2626.0017: item fetching failed at offset 4/5
[  737.585530][ T1854] aureal 0003:0755:2626.0017: probe with driver aureal failed with error -22
[  737.712084][    T9] usb 6-1: USB disconnect, device number 16
[  738.435007][T12244] loop4: detected capacity change from 0 to 1024
[  738.473870][T12244] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  738.521649][T12246] loop8: detected capacity change from 0 to 256
[  738.660805][T12244] EXT4-fs error (device loop4): ext4_ext_check_inode:523: inode #11: comm syz.4.2671: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  738.775826][T12244] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.2671: couldn't read orphan inode 11 (err -117)
[  738.810480][T12244] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  738.811625][T12246] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  739.574225][ T5801] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  740.505211][T12251] loop5: detected capacity change from 0 to 32768
[  740.541656][T12251] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.2674 (12251)
[  740.585075][T12251] BTRFS info (device loop5 state S): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  740.608518][T12251] BTRFS info (device loop5 state S): using crc32c (crc32c-x86_64) checksum algorithm
[  740.686871][   T30] audit: type=1326 audit(1751494700.305:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12257 comm="syz.4.2675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24b178e929 code=0x7ffc0000
[  740.770165][   T30] audit: type=1326 audit(1751494700.375:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12257 comm="syz.4.2675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=261 compat=0 ip=0x7f24b178e929 code=0x7ffc0000
[  740.800169][   T30] audit: type=1326 audit(1751494700.375:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12257 comm="syz.4.2675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24b178e929 code=0x7ffc0000
[  740.834786][   T30] audit: type=1326 audit(1751494700.375:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12257 comm="syz.4.2675" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f24b178e929 code=0x7ffc0000
[  740.945780][ T1899] BTRFS warning (device loop5 state S): checksum verify failed on logical 1052672 mirror 1 wanted 0x37e030f7 found 0xf6479a7e level 0, ignored
[  740.978481][ T6910] BTRFS warning (device loop5 state S): checksum verify failed on logical 5332992 mirror 1 wanted 0x0a5e5d25 found 0xbeadaddc level 0, ignored
[  741.071717][ T6910] BTRFS warning (device loop5 state S): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0x32c165c1 level 0, ignored
[  741.231519][T12274] sp0: Synchronizing with TNC
[  741.260812][ T6910] BTRFS warning (device loop5 state CS): checksum verify failed on logical 5328896 mirror 1 wanted 0x51ec978b found 0x0bc7de37 level 0, ignored
[  741.311329][T12251] BTRFS error (device loop5 state CS): logical 6881280 len 1638400 found bg but no related chunk
[  741.529000][ T6355] BTRFS info (device loop5 state CS): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  742.575860][ T1854] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[  742.601302][T12284] loop6: detected capacity change from 0 to 2048
[  742.789858][ T1854] usb 5-1: config 0 has an invalid interface number: 242 but max is 29
[  742.798992][ T1854] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 30
[  742.811146][ T1854] usb 5-1: config 0 has no interface number 0
[  742.820251][ T1854] usb 5-1: config 0 interface 242 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  742.832070][ T1854] usb 5-1: config 0 interface 242 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  742.847971][ T1854] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  742.857499][ T1854] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  742.950127][T12284]  loop6: p1 p2 p3
[  743.151394][ T1854] usb 5-1: config 0 descriptor??
[  743.167190][    T9] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  743.418929][    T9] usb 4-1: config 0 interface 0 altsetting 185 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  743.437670][    T9] usb 4-1: config 0 interface 0 altsetting 185 endpoint 0x81 has invalid wMaxPacketSize 0
[  743.452820][    T9] usb 4-1: config 0 interface 0 has no altsetting 0
[  743.459750][    T9] usb 4-1: New USB device found, idVendor=05ac, idProduct=029f, bcdDevice= 0.00
[  743.476398][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  743.600789][    T9] usb 4-1: config 0 descriptor??
[  743.628381][ T1854] uclogic 0003:256C:006D.0018: interface is invalid, ignoring
[  743.702120][ T5086] Bluetooth: hci1: command 0x0406 tx timeout
[  743.807677][ T1854] usb 5-1: USB disconnect, device number 17
[  744.070598][    T9] apple 0003:05AC:029F.0019: unknown main item tag 0x0
[  744.085466][    T9] apple 0003:05AC:029F.0019: unknown main item tag 0x0
[  744.219222][    T9] apple 0003:05AC:029F.0019: hidraw0: USB HID v8.00 Device [HID 05ac:029f] on usb-dummy_hcd.3-1/input0
[  744.335902][ T1854] usb 4-1: USB disconnect, device number 15
[  744.469203][T12296] loop6: detected capacity change from 0 to 1024
[  744.581340][T12296] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  744.613839][T12298] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2687'.
[  744.750056][T12296] EXT4-fs error (device loop6): ext4_ext_check_inode:523: inode #11: comm syz.6.2686: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  744.818556][T12296] EXT4-fs error (device loop6): ext4_orphan_get:1398: comm syz.6.2686: couldn't read orphan inode 11 (err -117)
[  744.929604][T12296] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  745.480404][   T30] audit: type=1326 audit(1751494705.085:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12305 comm="syz.5.2690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc87538e929 code=0x7ffc0000
[  745.510454][   T30] audit: type=1326 audit(1751494705.085:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12305 comm="syz.5.2690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7fc87538e929 code=0x7ffc0000
[  745.544109][   T30] audit: type=1326 audit(1751494705.085:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12305 comm="syz.5.2690" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc87538e929 code=0x7ffc0000
[  745.645431][ T6553] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  746.440003][T12316] sp0: Synchronizing with TNC
[  747.080805][T12325] loop5: detected capacity change from 0 to 2048
[  747.207075][T12325]  loop5: p1 p2 p3
[  747.549545][T12331] loop3: detected capacity change from 0 to 1024
[  747.672990][T12331] EXT4-fs: Ignoring removed bh option
[  747.849278][T12331] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  748.491108][ T5805] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  748.579887][T12345] loop8: detected capacity change from 0 to 2048
[  748.629464][T12345] NILFS (loop8): broken superblock, retrying with spare superblock (blocksize = 1024)
[  748.793127][T12347] NILFS (loop8): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  749.831894][T12359] sp0: Synchronizing with TNC
[  750.590446][   T30] audit: type=1326 audit(1751494710.205:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12367 comm="syz.6.2726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facebf8e929 code=0x7ffc0000
[  750.621269][   T30] audit: type=1326 audit(1751494710.205:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12367 comm="syz.6.2726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facebf8e929 code=0x7ffc0000
[  750.771274][T12373] loop8: detected capacity change from 0 to 512
[  750.817860][T12373] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  750.877685][   T30] audit: type=1326 audit(1751494710.305:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12367 comm="syz.6.2726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7facebf8e929 code=0x7ffc0000
[  750.908526][   T30] audit: type=1326 audit(1751494710.305:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12367 comm="syz.6.2726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facebf8e929 code=0x7ffc0000
[  750.938758][   T30] audit: type=1326 audit(1751494710.305:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12367 comm="syz.6.2726" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7facebf8e929 code=0x7ffc0000
[  750.939538][T12368] loop3: detected capacity change from 0 to 2048
[  751.044510][T12373] EXT4-fs (loop8): 1 truncate cleaned up
[  751.070210][T12373] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  751.188334][T12368]  loop3: p1 p2 p3
[  751.511710][T11107] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  751.989592][T12380] loop4: detected capacity change from 0 to 4096
[  752.107807][T12387] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  752.533548][ T1854] usb 4-1: new full-speed USB device number 16 using dummy_hcd
[  752.889180][ T1854] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 199, using maximum allowed: 30
[  752.904477][ T1854] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  752.921140][ T1854] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 199
[  752.934752][ T1854] usb 4-1: New USB device found, idVendor=056e, idProduct=011c, bcdDevice= 0.00
[  752.949358][ T1854] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  753.180859][ T1854] usb 4-1: config 0 descriptor??
[  753.715592][ T1854] elecom 0003:056E:011C.001A: hidraw0: USB HID v10.00 Device [HID 056e:011c] on usb-dummy_hcd.3-1/input0
[  753.889011][    T9] usb 4-1: USB disconnect, device number 16
[  754.208298][T12405] loop6: detected capacity change from 0 to 1024
[  754.373187][T12405] EXT4-fs (loop6): Test dummy encryption mode enabled
[  754.400532][T12405] EXT4-fs (loop6): stripe (9) is not aligned with cluster size (16), stripe is disabled
[  754.645925][T12405] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  755.200238][ T6553] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  755.649329][T12421] loop8: detected capacity change from 0 to 4096
[  755.826135][T12429] NILFS (loop8): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  756.210173][T12430] loop6: detected capacity change from 0 to 2048
[  756.296412][T12430] NILFS (loop6): broken superblock, retrying with spare superblock (blocksize = 1024)
[  756.788604][T12437] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2747'.
[  756.809832][T12437] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2747'.
[  756.825166][T12437] netlink: 'syz.4.2747': attribute type 6 has an invalid length.
[  757.297348][T12433] loop3: detected capacity change from 0 to 32768
[  757.339013][T12441] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  757.372533][T12433] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.2745 (12433)
[  757.430380][T12433] BTRFS info (device loop3 state S): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  757.442407][T12433] BTRFS info (device loop3 state S): using crc32c (crc32c-x86_64) checksum algorithm
[  757.596545][ T2960] BTRFS warning (device loop3 state S): checksum verify failed on logical 1052672 mirror 1 wanted 0x37e030f7 found 0xf6479a7e level 0, ignored
[  757.649615][ T2960] BTRFS warning (device loop3 state S): checksum verify failed on logical 5332992 mirror 1 wanted 0x0a5e5d25 found 0xbeadaddc level 0, ignored
[  757.697191][ T2960] BTRFS warning (device loop3 state S): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0x32c165c1 level 0, ignored
[  757.762008][ T3492] BTRFS warning (device loop3 state CS): checksum verify failed on logical 5328896 mirror 1 wanted 0x51ec978b found 0x0bc7de37 level 0, ignored
[  757.965630][T12433] BTRFS error (device loop3 state CS): logical 6881280 len 1638400 found bg but no related chunk
[  758.130849][ T5805] BTRFS info (device loop3 state CS): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  758.690112][T12466] loop6: detected capacity change from 0 to 256
[  758.868356][T12466] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  759.119513][T12471] loop4: detected capacity change from 0 to 128
[  759.422046][   T30] audit: type=1800 audit(1751494719.035:100): pid=12471 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2757" name="file2" dev="loop4" ino=1048810 res=0 errno=0
[  760.772164][T12478] loop8: detected capacity change from 0 to 4096
[  760.919858][T12486] loop3: detected capacity change from 0 to 1024
[  760.953043][T12486] EXT4-fs (loop3): Test dummy encryption mode enabled
[  760.963227][T12483] loop5: detected capacity change from 0 to 2048
[  760.972019][T12486] EXT4-fs (loop3): stripe (9) is not aligned with cluster size (16), stripe is disabled
[  761.021450][T12489] NILFS (loop8): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  761.050244][T12483] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[  761.149796][T12486] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  761.168685][T12492] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  761.888051][ T5805] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  762.594249][T12502] loop8: detected capacity change from 0 to 2048
[  762.850927][T12505]  loop8: p1 p2 p3
[  763.160322][T12502]  loop8: p1 p2 p3
[  763.327727][    T9] usb 6-1: new full-speed USB device number 17 using dummy_hcd
[  763.620393][    T9] usb 6-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  763.636503][    T9] usb 6-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[  763.658666][    T9] usb 6-1: config 0 interface 0 has no altsetting 0
[  763.673917][    T9] usb 6-1: New USB device found, idVendor=044e, idProduct=120b, bcdDevice= 0.00
[  763.691867][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  763.840592][    T9] usb 6-1: config 0 descriptor??
[  764.358440][    T9] hid-alps 0003:044E:120B.001B: unknown main item tag 0x0
[  764.370972][    T9] hid-alps 0003:044E:120B.001B: unknown main item tag 0x0
[  764.391693][    T9] hid-alps 0003:044E:120B.001B: unknown main item tag 0x0
[  764.405726][    T9] hid-alps 0003:044E:120B.001B: unknown main item tag 0x0
[  764.420741][    T9] hid-alps 0003:044E:120B.001B: unknown main item tag 0x0
[  764.432930][    T9] hid-alps 0003:044E:120B.001B: unknown main item tag 0x0
[  764.440382][    T9] hid-alps 0003:044E:120B.001B: unknown main item tag 0x0
[  764.455197][    T9] hid-alps 0003:044E:120B.001B: unknown main item tag 0x0
[  764.467709][    T9] hid-alps 0003:044E:120B.001B: unknown main item tag 0x0
[  764.484098][    T9] hid-alps 0003:044E:120B.001B: unknown main item tag 0x0
[  764.491563][    T9] hid-alps 0003:044E:120B.001B: unknown main item tag 0x0
[  764.786879][    T9] hid-alps 0003:044E:120B.001B: hidraw0: USB HID v0.00 Device [HID 044e:120b] on usb-dummy_hcd.5-1/input0
[  764.819814][    T9] usb 6-1: USB disconnect, device number 17
[  766.523861][ T1854] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  766.712791][ T1854] usb 6-1: Using ep0 maxpacket: 32
[  766.720445][T12546] netlink: 48 bytes leftover after parsing attributes in process `syz.6.2787'.
[  766.774160][ T1854] usb 6-1: config 0 has an invalid interface number: 51 but max is 0
[  766.785415][ T1854] usb 6-1: config 0 has no interface number 0
[  766.882032][ T1854] usb 6-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  766.894541][ T1854] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  766.905620][ T1854] usb 6-1: Product: syz
[  766.910064][ T1854] usb 6-1: Manufacturer: syz
[  766.917772][ T1854] usb 6-1: SerialNumber: syz
[  767.101496][ T1854] usb 6-1: config 0 descriptor??
[  767.129510][ T1854] quatech2 6-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  767.387711][T12556] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2792'.
[  767.410403][ T1854] usb 6-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  767.500309][ T1854] usb 6-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  767.789084][    C1] usb 6-1: qt2_read_bulk_callback - non-zero urb status: -71
[  767.801172][ T1854] usb 6-1: USB disconnect, device number 18
[  767.882489][ T1854] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  767.968629][ T1854] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  767.981815][ T1854] quatech2 6-1:0.51: device disconnected
[  768.098952][T12559] netdevsim netdevsim3 netdevsim0: set [1, 1] type 2 family 0 port 20001 - 0
[  768.108395][T12559] netdevsim netdevsim3 netdevsim1: set [1, 1] type 2 family 0 port 20001 - 0
[  768.123263][T12559] netdevsim netdevsim3 netdevsim2: set [1, 1] type 2 family 0 port 20001 - 0
[  768.132617][T12559] netdevsim netdevsim3 netdevsim3: set [1, 1] type 2 family 0 port 20001 - 0
[  769.360303][T12571] loop3: detected capacity change from 0 to 2048
[  769.641297][T12576] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  770.574602][T12591] netlink: 44 bytes leftover after parsing attributes in process `syz.5.2805'.
[  770.589098][T12591] netlink: 'syz.5.2805': attribute type 6 has an invalid length.
[  770.597451][T12591] netlink: 'syz.5.2805': attribute type 5 has an invalid length.
[  770.605595][T12591] netlink: 'syz.5.2805': attribute type 4 has an invalid length.
[  772.382038][T12608] netlink: 28 bytes leftover after parsing attributes in process `syz.3.2813'.
[  772.447964][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  772.459720][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  772.596357][T12605] loop4: detected capacity change from 0 to 32768
[  772.600126][T12601] loop6: detected capacity change from 0 to 4096
[  772.628992][T12605] bcachefs (/dev/loop4): error reading default superblock: checksum error, type none: got  should be 
[  772.646427][T12605] bcachefs (/dev/loop4): error reading superblock: Invalid superblock layout: superblocks overlap
[  772.646427][T12605]   (sb 0 ends at 6144 next starts at 4096
[  772.668641][T12605] bcachefs: bch2_fs_get_tree() error: invalid_sb_layout_superblocks_overlap
[  773.550700][T12601] ntfs3(loop6): Mark volume as dirty due to NTFS errors
[  774.467327][T12616] loop3: detected capacity change from 0 to 32768
[  774.484414][T12616] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.2816 (12616)
[  774.525837][T12616] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  774.541656][T12616] BTRFS info (device loop3): using crc32c (crc32c-x86_64) checksum algorithm
[  774.551080][T12616] BTRFS info (device loop3): disk space caching is enabled
[  774.558660][T12616] BTRFS warning (device loop3): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  774.861472][T12616] BTRFS info (device loop3): rebuilding free space tree
[  774.899597][T12616] BTRFS info (device loop3): disabling free space tree
[  774.911971][T12616] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  774.926637][T12616] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  774.967803][T12616] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  775.246950][T12640] loop6: detected capacity change from 0 to 64
[  775.469400][T12641] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2822'.
[  775.715926][   T30] audit: type=1800 audit(1751494735.325:101): pid=12640 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.2819" name="file2" dev="loop6" ino=6 res=0 errno=0
[  776.586463][T12654] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2825'.
[  778.158226][T12671] loop8: detected capacity change from 0 to 512
[  778.289384][T12671] EXT4-fs: EXT4-fs: inode_readahead_blks must be 0 or a power of 2 smaller than 2^31
[  778.887356][T12682] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2838'.
[  779.430000][T12689] loop3: detected capacity change from 0 to 1024
[  779.611500][T12689] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  779.751911][T12698] loop5: detected capacity change from 0 to 256
[  780.560564][ T5805] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  780.713393][T12707] overlayfs: conflicting options: nfs_export=on,index=off
[  781.125052][T12713] loop3: detected capacity change from 0 to 8
[  781.650304][T12718] loop8: detected capacity change from 0 to 256
[  782.710829][T12725] loop3: detected capacity change from 0 to 4096
[  782.977524][T12735] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  784.695629][ T1854] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  784.878068][ T1854] usb 4-1: Using ep0 maxpacket: 32
[  784.926495][ T1854] usb 4-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  784.938650][ T1854] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  784.981334][T12757] loop6: detected capacity change from 0 to 1024
[  785.012020][ T1854] usb 4-1: config 0 descriptor??
[  785.038812][T12757] EXT4-fs: Ignoring removed bh option
[  785.102858][ T1854] gspca_main: sunplus-2.14.0 probing 041e:400b
[  785.170673][T12757] EXT4-fs (loop6): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  785.848817][ T1854] gspca_sunplus: reg_r err -71
[  785.854371][ T1854] sunplus 4-1:0.0: probe with driver sunplus failed with error -71
[  785.945152][ T1854] usb 4-1: USB disconnect, device number 17
[  786.189353][T12768] vivid-001: disconnect
[  786.242031][T12767] vivid-001: reconnect
[  786.286047][T12757] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  786.517432][T12757] EXT4-fs error (device loop6): ext4_find_dest_de:2052: inode #12: block 7: comm syz.6.2873: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=56 fake=0
[  786.671956][T12757] EXT4-fs (loop6): Remounting filesystem read-only
[  786.790700][T12764] loop4: detected capacity change from 0 to 32768
[  786.847013][T12764] (syz.4.2875,12764,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  786.877251][T12764] (syz.4.2875,12764,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  786.939047][T12764] (syz.4.2875,12764,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xaeb6429d, computed 0x25dcbe1. Applying ECC.
[  786.959953][T12764] (syz.4.2875,12764,0):ocfs2_block_check_validate:416 ERROR: Fixed CRC32 failed: stored: 0xaeb6429d, computed 0x94b78885
[  786.977625][T12764] (syz.4.2875,12764,0):ocfs2_validate_inode_block:1393 ERROR: Checksum failed for dinode 20
[  786.995219][T12764] (syz.4.2875,12764,0):ocfs2_read_locked_inode:535 ERROR: status = -5
[  787.012929][T12764] (syz.4.2875,12764,0):_ocfs2_get_system_file_inode:144 ERROR: status = -5
[  787.037755][T12764] (syz.4.2875,12764,0):ocfs2_init_global_system_inodes:465 ERROR: status = -22
[  787.051741][T12764] (syz.4.2875,12764,0):ocfs2_init_global_system_inodes:467 ERROR: Unable to load system inode 1, possibly corrupt fs?
[  787.051918][T12764] (syz.4.2875,12764,0):ocfs2_init_global_system_inodes:476 ERROR: status = -22
[  787.083716][T12764] (syz.4.2875,12764,0):ocfs2_initialize_super:2198 ERROR: status = -22
[  787.095326][T12764] (syz.4.2875,12764,0):ocfs2_fill_super:1177 ERROR: status = -22
[  787.131189][T12770] loop8: detected capacity change from 0 to 4096
[  787.295346][T12770] ntfs3(loop8): Different NTFS sector size (4096) and media sector size (512).
[  787.429349][ T6553] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  787.631931][T12774] sg_write: data in/out 124/1 bytes for SCSI command 0x1c-- guessing data in;
[  787.631931][T12774]    program syz.3.2879 not setting count and/or reply_len properly
[  787.873609][T12770] ntfs3(loop8): ino=1a, mi_enum_attr
[  787.879229][T12770] ntfs3(loop8): Mark volume as dirty due to NTFS errors
[  787.963804][T12770] ntfs3(loop8): Failed to initialize $Extend/$ObjId.
[  788.430569][T12780] loop4: detected capacity change from 0 to 128
[  788.484625][T12780] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[  788.844639][T12783] loop5: detected capacity change from 0 to 2048
[  788.968283][T12783] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[  788.985383][T12783] NILFS (loop5): mounting unchecked fs
[  789.174153][T12783] NILFS (loop5): recovery complete
[  789.249589][T12786] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  790.133766][T12796] netlink: 20 bytes leftover after parsing attributes in process `syz.4.2890'.
[  790.511856][T12800] loop5: detected capacity change from 0 to 512
[  790.617319][T12800] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  790.800874][T12806] loop6: detected capacity change from 0 to 2048
[  790.866302][T12800] EXT4-fs error (device loop5): ext4_get_branch:178: inode #11: block 4294967295: comm syz.5.2889: invalid block
[  790.935908][T12806] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  790.970022][T12800] EXT4-fs (loop5): Remounting filesystem read-only
[  791.037391][T12800] EXT4-fs (loop5): 2 truncates cleaned up
[  791.057555][T12800] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  791.500760][ T6355] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  791.654866][ T1854] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  791.757268][T12816] loop3: detected capacity change from 0 to 128
[  791.848984][T12816] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  791.864659][ T1854] usb 9-1: Using ep0 maxpacket: 16
[  791.885491][ T1854] usb 9-1: config 0 has an invalid interface number: 1 but max is 0
[  791.889028][T12816] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  791.896544][ T1854] usb 9-1: config 0 has no interface number 0
[  791.975721][ T1854] usb 9-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[  791.987775][ T1854] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  791.999027][ T1854] usb 9-1: Product: syz
[  792.003647][ T1854] usb 9-1: Manufacturer: syz
[  792.008493][ T1854] usb 9-1: SerialNumber: syz
[  792.128038][ T1854] usb 9-1: config 0 descriptor??
[  792.190072][ T1854] gspca_main: spca1528-2.14.0 probing 04fc:1528
[  792.778292][ T1854] gspca_spca1528: reg_w err -71
[  792.806903][ T1854] spca1528 9-1:0.1: probe with driver spca1528 failed with error -71
[  792.873032][ T1854] usb 9-1: USB disconnect, device number 2
[  792.915800][ T5845] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[  793.125408][ T5845] usb 5-1: Using ep0 maxpacket: 16
[  793.174188][ T5845] usb 5-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[  793.187357][ T5845] usb 5-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  793.199289][ T5845] usb 5-1: Product: syz
[  793.203844][ T5845] usb 5-1: Manufacturer: syz
[  793.208788][ T5845] usb 5-1: SerialNumber: syz
[  793.397080][ T5845] usb 5-1: config 0 descriptor??
[  793.772567][ T5845] usb 5-1: USB disconnect, device number 18
[  795.222479][T11112] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[  795.447147][T11112] usb 5-1: Using ep0 maxpacket: 32
[  795.465753][T11112] usb 5-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  795.486516][T11112] usb 5-1: config 0 interface 0 has no altsetting 0
[  795.498203][T11112] usb 5-1: New USB device found, idVendor=0403, idProduct=97c1, bcdDevice= 0.00
[  795.514582][T11112] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  795.539261][T11112] usb 5-1: config 0 descriptor??
[  796.047627][T11112] hid-retrode 0003:0403:97C1.001C: item fetching failed at offset 4/5
[  796.087183][T11112] hid-retrode 0003:0403:97C1.001C: probe with driver hid-retrode failed with error -22
[  796.260798][ T5845] usb 5-1: USB disconnect, device number 19
[  796.705667][T12860] loop6: detected capacity change from 0 to 2048
[  796.870334][T12860] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  797.459224][ T6553] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  798.252032][   T30] audit: type=1800 audit(1751494757.865:102): pid=12882 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.2928" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0
[  799.029448][T12876] loop4: detected capacity change from 0 to 32768
[  799.061728][T12876] bcachefs (/dev/loop4): error validating superblock: Invalid superblock section members_v2: device 0: bucket size 0 smaller than block size 8
[  799.061728][T12876] members_v2 (size 152):
[  799.061728][T12876] Device:                        0
[  799.061728][T12876]   Label:                       (none)
[  799.061728][T12876]   UUID:                        7af6772b-00de-4159-84cd-1faead05aceb
[  799.061728][T12876]   Size:                        0
[  799.061728][T12876]   read errors:                 0
[  799.061728][T12876]   write errors:                0
[  799.061728][T12876]   checksum errors:             0
[  799.061728][T12876]   seqread iops:                0
[  799.061728][T12876]   seqwrite iops:               0
[  799.061728][T12876]   randread iops:               0
[  799.061728][T12876]   randwrite iops:              0
[  799.061728][T12876]   Bucket size:                 0
[  799.061728][T12876]   First bucket:                0
[  799.061728][T12876]   Buckets:                     128
[  799.061728][T12876]   Last mount:                  1714681267
[  799.061728][T12876]   Last superblock write:       42
[  799.061728][T12876]   State:                       rw
[  799.061728][T12876]   Data allowed:                journal,btree,user
[  799.061728][T12876]   Has data:                    (none)
[  799.061728][T12876]   Btree allocated bitmap blocksize:256
[  799.061728][T12876]   Btree allocated bitmap:      0000000000000000000001000010000010011000000000000000000000000000
[  799.061728][T12876]   Durability:       
[  799.067287][T12876] bcachefs: bch2_fs_get_tree() error: invalid_sb_members
[  799.679569][T12889] loop3: detected capacity change from 0 to 512
[  799.881654][T12889] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  799.900510][T12889] ext4 filesystem being mounted at /620/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  800.098779][T12894] loop8: detected capacity change from 0 to 512
[  800.260751][T12894] EXT4-fs (loop8): revision level too high, forcing read-only mode
[  800.273884][T12894] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=e040e018, mo2=0002]
[  800.343037][T12894] System zones: 0-1, 15-15, 18-18, 34-34
[  800.398024][T12894] EXT4-fs (loop8): orphan cleanup on readonly fs
[  800.410262][T12894] Quota error (device loop8): v2_read_header: Failed header read: expected=8 got=0
[  800.424977][T12894] EXT4-fs warning (device loop8): ext4_enable_quotas:7168: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  800.446687][T12894] EXT4-fs (loop8): Cannot turn on quotas: error -22
[  800.485614][T12894] EXT4-fs error (device loop8): ext4_orphan_get:1419: comm syz.8.2931: bad orphan inode 16
[  800.526962][T12894] ext4_test_bit(bit=15, block=18) = 1
[  800.537853][T12894] is_bad_inode(inode)=0
[  800.542492][T12894] NEXT_ORPHAN(inode)=0
[  800.546755][T12894] max_ino=32
[  800.550136][T12894] i_nlink=2
[  800.556132][T12894] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  800.689332][T12894] fscrypt (loop8, inode 16): Error -61 getting encryption context
[  800.692166][ T5805] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  800.758229][T12899] loop6: detected capacity change from 0 to 512
[  800.807462][T11112] usb 5-1: new full-speed USB device number 20 using dummy_hcd
[  801.001070][T12899] EXT4-fs (loop6): 1 orphan inode deleted
[  801.009355][T12899] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  801.043669][ T2960] Quota error (device loop6): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  801.059227][ T2960] EXT4-fs error (device loop6): ext4_release_dquot:6969: comm kworker/u8:12: Failed to release dquot type 1
[  801.074391][T11107] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  801.107366][T11112] usb 5-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  801.121448][T11112] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  801.151790][T12899] ext4 filesystem being mounted at /525/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  801.177333][T11112] usb 5-1: config 0 descriptor??
[  801.458531][T12899] EXT4-fs warning (device loop6): ext4_resize_begin:82: There are errors in the filesystem, so online resizing is not allowed
[  801.778177][T11112] appleir 0003:05AC:8241.001D: item fetching failed at offset 2/5
[  801.821437][T11112] appleir 0003:05AC:8241.001D: parse failed
[  801.840019][T11112] appleir 0003:05AC:8241.001D: probe with driver appleir failed with error -22
[  801.904352][ T6553] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  801.990625][ T5845] usb 5-1: USB disconnect, device number 20
[  802.298529][T12915] loop3: detected capacity change from 0 to 256
[  802.777797][T12915] FAT-fs (loop3): Directory bread(block 64) failed
[  802.789751][T12915] FAT-fs (loop3): Directory bread(block 65) failed
[  802.808505][T12915] FAT-fs (loop3): Directory bread(block 66) failed
[  802.819908][T12915] FAT-fs (loop3): Directory bread(block 67) failed
[  802.831633][T12915] FAT-fs (loop3): Directory bread(block 68) failed
[  802.845540][T12915] FAT-fs (loop3): Directory bread(block 69) failed
[  802.857273][T12915] FAT-fs (loop3): Directory bread(block 70) failed
[  802.868713][T12915] FAT-fs (loop3): Directory bread(block 71) failed
[  802.892067][T12915] FAT-fs (loop3): Directory bread(block 72) failed
[  802.900375][T12915] FAT-fs (loop3): Directory bread(block 73) failed
[  805.417734][T12954] loop4: detected capacity change from 0 to 64
[  805.424893][ T5845] hid-generic 0000:0000:0000.001E: unknown main item tag 0x0
[  805.458251][ T5845] hid-generic 0000:0000:0000.001E: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  806.407261][T12966] Bluetooth: MGMT ver 1.23
[  807.080242][T12973] netdevsim netdevsim6 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  807.096579][T12973] netdevsim netdevsim6 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  807.110362][T12973] netdevsim netdevsim6 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  807.126512][T12973] netdevsim netdevsim6 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  807.340540][T12976] loop8: detected capacity change from 0 to 256
[  807.839585][T11112] IPVS: starting estimator thread 0...
[  808.009930][T12984] IPVS: using max 240 ests per chain, 12000 per kthread
[  808.561516][T12992] veth1_macvtap: left promiscuous mode
[  808.570500][T12992] macsec0: entered promiscuous mode
[  808.577393][T12992] macsec0: entered allmulticast mode
[  808.588710][T12994] loop5: detected capacity change from 0 to 512
[  808.661430][T12995] veth1_macvtap: entered promiscuous mode
[  808.662930][T12994] EXT4-fs: Ignoring removed orlov option
[  808.667907][T12995] veth1_macvtap: entered allmulticast mode
[  808.685791][T12995] macsec0: left promiscuous mode
[  808.691816][T12995] macsec0: left allmulticast mode
[  808.697472][T12995] veth1_macvtap: left allmulticast mode
[  808.717453][ T5845] usb 4-1: new full-speed USB device number 18 using dummy_hcd
[  808.795310][ T1854] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  808.901916][T12994] EXT4-fs error (device loop5): ext4_orphan_get:1393: inode #15: comm syz.5.2978: casefold flag without casefold feature
[  808.934391][ T5845] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  808.948651][ T5845] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  808.961675][ T5845] usb 4-1: New USB device found, idVendor=0b43, idProduct=0003, bcdDevice= 0.00
[  808.971181][ T5845] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  808.990316][ T5845] usb 4-1: config 0 descriptor??
[  809.002469][ T1854] usb 5-1: Using ep0 maxpacket: 8
[  809.008578][T12994] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.2978: couldn't read orphan inode 15 (err -117)
[  809.077156][ T1854] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  809.094068][ T1854] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  809.104677][ T1854] usb 5-1: New USB device found, idVendor=0c70, idProduct=f0b6, bcdDevice= 0.00
[  809.115486][T12994] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  809.137148][ T1854] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  809.190455][ T1854] usb 5-1: config 0 descriptor??
[  809.498924][ T5845] smartjoyplus 0003:0B43:0003.001F: unknown main item tag 0x2
[  809.547455][ T5845] smartjoyplus 0003:0B43:0003.001F: hidraw0: USB HID v0.00 Device [HID 0b43:0003] on usb-dummy_hcd.3-1/input0
[  809.560174][ T5845] smartjoyplus 0003:0B43:0003.001F: no output reports found
[  809.751218][ T5845] usb 4-1: USB disconnect, device number 18
[  809.765822][ T1854] aquacomputer_d5next 0003:0C70:F0B6.0020: unknown main item tag 0x0
[  809.777753][ T1854] aquacomputer_d5next 0003:0C70:F0B6.0020: unknown main item tag 0x0
[  809.789068][ T1854] aquacomputer_d5next 0003:0C70:F0B6.0020: unknown main item tag 0x0
[  809.797847][ T1854] aquacomputer_d5next 0003:0C70:F0B6.0020: unknown main item tag 0x0
[  809.808973][ T1854] aquacomputer_d5next 0003:0C70:F0B6.0020: unknown main item tag 0x0
[  809.943487][ T6355] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  810.030834][ T1854] aquacomputer_d5next 0003:0C70:F0B6.0020: hidraw0: USB HID v0.00 Device [HID 0c70:f0b6] on usb-dummy_hcd.4-1/input0
[  810.043626][T13002] loop6: detected capacity change from 0 to 4096
[  810.188486][ T1854] usb 5-1: USB disconnect, device number 21
[  810.277398][T13002] NILFS error (device loop6): nilfs_bmap_lookup_at_level: broken bmap (inode number=6)
[  810.290525][T13004] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  810.376695][T13002] NILFS (loop6): mounting fs with errors
[  812.053124][T13013] loop4: detected capacity change from 0 to 32768
[  812.080358][T13013] bcachefs (/dev/loop4): error validating superblock: Invalid superblock section members_v2: device 0: not enough buckets (got 0, max 64)
[  812.080358][T13013] members_v2 (size 152):
[  812.080358][T13013] nr_devices mismatch: have 27 entries, should be 1Device:0
[  812.080358][T13013]   Label:                       (none)
[  812.080358][T13013]   UUID:                        7af6772b-0000-0000-0000-000000000000
[  812.080358][T13013]   Size:                        0
[  812.080358][T13013]   read errors:                 0
[  812.080358][T13013]   write errors:                0
[  812.080358][T13013]   checksum errors:             0
[  812.080358][T13013]   seqread iops:                0
[  812.080358][T13013]   seqwrite iops:               0
[  812.080358][T13013]   randread iops:               0
[  812.080358][T13013]   randwrite iops:              0
[  812.080358][T13013]   Bucket size:                 0
[  812.080358][T13013]   First bucket:                0
[  812.080358][T13013]   Buckets:                     0
[  812.080358][T13013]   Last mount:                  (never)
[  812.080358][T13013]   Last superblock write:       0
[  812.080358][T13013]   State:                       rw
[  812.080358][T13013]   Data allowed:                (none)
[  812.080358][T13013]   Has data:                    (none)
[  812.080358][T13013]   Btree allocated bitmap blocksize:1
[  812.080358][T13013]   Btree allocated bitmap:      0000000000000000000000000000000000000000000000000000000000000000
[  812.080358][T13013]   Durability:       
[  812.081215][T13013] bcachefs: bch2_fs_get_tree() error: invalid_sb_members
[  813.510585][T13029] loop6: detected capacity change from 0 to 1024
[  813.906363][ T3492] hfsplus: b-tree write err: -5, ino 4
[  814.337648][T13039] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2997'.
[  814.351425][T13039] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2997'.
[  814.367633][T13039] netlink: 'syz.4.2997': attribute type 19 has an invalid length.
[  814.714595][T13043] loop6: detected capacity change from 0 to 16
[  814.791809][T13043] erofs (device loop6): mounted with root inode @ nid 36.
[  814.819069][T13018] Bluetooth: hci2: Opcode 0x0c1a failed: -110
[  814.826959][T11672] Bluetooth: hci2: command 0x0406 tx timeout
[  814.833819][T13018] Bluetooth: hci2: Opcode 0x0406 failed: -110
[  814.881901][T13043] erofs (device loop6): inline data across blocks @ nid 36
[  814.897133][T13043] syz.6.2999: attempt to access beyond end of device
[  814.897133][T13043] loop6: rw=524288, sector=34359738360, nr_sectors = 1976 limit=16
[  815.272836][T13018] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  815.279295][T13018] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  815.339776][T13018] Bluetooth: hci4: Opcode 0x0c1a failed: -4
[  815.351688][T13018] Bluetooth: hci4: Opcode 0x0406 failed: -4
[  815.421157][T13018] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  815.427737][T13018] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  816.369966][T13058] netlink: 14 bytes leftover after parsing attributes in process `syz.4.3007'.
[  816.614979][   T30] audit: type=1326 audit(1751494776.205:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13062 comm="syz.8.3009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0add8e929 code=0x7ffc0000
[  816.640779][   T30] audit: type=1326 audit(1751494776.225:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13062 comm="syz.8.3009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=282 compat=0 ip=0x7fe0add8e929 code=0x7ffc0000
[  816.668869][   T30] audit: type=1326 audit(1751494776.235:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13062 comm="syz.8.3009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0add8e929 code=0x7ffc0000
[  816.691761][   T30] audit: type=1326 audit(1751494776.235:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13062 comm="syz.8.3009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=439 compat=0 ip=0x7fe0add8e929 code=0x7ffc0000
[  816.723186][   T30] audit: type=1326 audit(1751494776.235:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13062 comm="syz.8.3009" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe0add8e929 code=0x7ffc0000
[  816.933518][T11672] Bluetooth: hci2: command 0x0406 tx timeout
[  816.973357][T11672] Bluetooth: hci3: command 0x0406 tx timeout
[  817.378078][T11672] Bluetooth: hci4: command 0x0406 tx timeout
[  817.452607][T11672] Bluetooth: hci1: command 0x0406 tx timeout
[  817.780991][T13074] loop3: detected capacity change from 0 to 256
[  817.908944][   T30] audit: type=1800 audit(1751494777.525:108): pid=13074 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.3015" name="file2" dev="loop3" ino=1048823 res=0 errno=0
[  819.057072][T11672] Bluetooth: hci3: command 0x0406 tx timeout
[  819.453285][T11672] Bluetooth: hci4: command 0x0406 tx timeout
[  819.527889][T13096] loop4: detected capacity change from 0 to 256
[  819.537672][T11672] Bluetooth: hci1: command 0x0406 tx timeout
[  819.546262][T13096] exfat: Unknown parameter '0xffffffffffffffff'
[  819.835605][ T1854] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  820.016623][ T1854] usb 5-1: Using ep0 maxpacket: 16
[  820.066880][ T1854] usb 5-1: config 0 has an invalid interface number: 64 but max is 0
[  820.081635][ T1854] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  820.093545][ T1854] usb 5-1: config 0 has no interface number 0
[  820.099952][ T1854] usb 5-1: New USB device found, idVendor=0bd3, idProduct=0555, bcdDevice= 0.5b
[  820.114598][ T1854] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  820.363388][ T1854] usb 5-1: config 0 descriptor??
[  820.387596][ T1854] usb 5-1: Found UVC 0.00 device <unnamed> (0bd3:0555)
[  820.400078][ T1854] usb 5-1: No valid video chain found.
[  820.629441][ T1854] usb 5-1: USB disconnect, device number 22
[  821.480248][T11112] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  821.659659][T11112] usb 6-1: Using ep0 maxpacket: 16
[  821.681011][T11112] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  821.699557][T11112] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  821.715010][T11112] usb 6-1: New USB device found, idVendor=05ac, idProduct=024b, bcdDevice= 0.00
[  821.735167][T11112] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  821.838133][T11112] usb 6-1: config 0 descriptor??
[  822.321829][T11112] apple 0003:05AC:024B.0021: unknown main item tag 0x6
[  822.348519][T11112] apple 0003:05AC:024B.0021: ignoring exceeding usage max
[  822.381322][T11112] apple 0003:05AC:024B.0021: invalid report_size 18680
[  822.396257][T11112] apple 0003:05AC:024B.0021: item 0 2 1 7 parsing failed
[  822.468185][T13123] loop6: detected capacity change from 0 to 1024
[  822.611867][T11112] apple 0003:05AC:024B.0021: parse failed
[  822.625813][T11112] apple 0003:05AC:024B.0021: probe with driver apple failed with error -22
[  822.708446][T13123] hfsplus: bad catalog entry type
[  822.776125][T11112] usb 6-1: USB disconnect, device number 19
[  822.902056][T13129] loop4: detected capacity change from 0 to 64
[  823.021411][   T57] hfsplus: b-tree write err: -5, ino 4
[  823.317287][T13131] loop8: detected capacity change from 0 to 256
[  824.464191][T13141] hugetlbfs: Bad value 'ßø‰ó@' for mount option 'size'
[  824.464191][T13141] 
[  824.511296][T13136] loop5: detected capacity change from 0 to 4096
[  824.643931][T13143] loop3: detected capacity change from 0 to 128
[  824.691544][T13144] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  824.769517][   T30] audit: type=1800 audit(1751494784.385:109): pid=13143 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.3046" name="file2" dev="loop3" ino=1048824 res=0 errno=0
[  826.171984][T13159] loop5: detected capacity change from 0 to 512
[  826.296494][T13159] EXT4-fs (loop5): orphan cleanup on readonly fs
[  826.348218][T13159] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.3052: bg 0: block 248: padding at end of block bitmap is not set
[  826.365000][T13157] loop6: detected capacity change from 0 to 2048
[  826.399809][T13159] Quota error (device loop5): write_blk: dquota write failed
[  826.408251][T13159] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[  826.418854][T13159] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.3052: Failed to acquire dquot type 1
[  826.468909][T13159] EXT4-fs (loop5): 1 truncate cleaned up
[  826.479292][T13159] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  826.618589][T13167] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  826.918156][ T6355] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  827.115852][T13169] syz.3.3057: attempt to access beyond end of device
[  827.115852][T13169] nbd3: rw=0, sector=0, nr_sectors = 1 limit=0
[  827.134321][T13169] (syz.3.3057,13169,1):ocfs2_get_sector:1714 ERROR: status = -5
[  827.146643][T13169] (syz.3.3057,13169,1):ocfs2_sb_probe:753 ERROR: status = -5
[  827.158471][T13169] (syz.3.3057,13169,1):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  827.170155][T13169] (syz.3.3057,13169,1):ocfs2_fill_super:1177 ERROR: status = -5
[  828.129913][T13183] loop4: detected capacity change from 0 to 256
[  828.288767][T13183] exFAT-fs (loop4): failed to load upcase table (idx : 0x00011f41, chksum : 0x2f9e4978, utbl_chksum : 0xe619d30d)
[  828.499411][T13187] vim2m vim2m.0: vidioc_s_fmt queue busy
[  828.627534][T13190] loop5: detected capacity change from 0 to 512
[  828.790141][T13190] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  828.926763][T13190] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  829.032031][T13190] EXT4-fs (loop5): 1 truncate cleaned up
[  829.051904][T13190] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  829.477416][T11112] usb 5-1: new full-speed USB device number 23 using dummy_hcd
[  829.655477][ T6355] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  829.732970][T11112] usb 5-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  829.749759][T11112] usb 5-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid wMaxPacketSize 0
[  829.760104][T11112] usb 5-1: config 0 interface 0 has no altsetting 0
[  829.769284][T11112] usb 5-1: New USB device found, idVendor=044e, idProduct=120b, bcdDevice= 0.00
[  829.785856][T11112] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  830.070385][T11112] usb 5-1: config 0 descriptor??
[  830.531224][T11112] hid-alps 0003:044E:120B.0022: unknown main item tag 0x0
[  830.546306][T11112] hid-alps 0003:044E:120B.0022: unknown main item tag 0x0
[  830.564367][T11112] hid-alps 0003:044E:120B.0022: unknown main item tag 0x0
[  830.571876][T11112] hid-alps 0003:044E:120B.0022: unknown main item tag 0x0
[  830.586561][T11112] hid-alps 0003:044E:120B.0022: unknown main item tag 0x0
[  830.598631][T11112] hid-alps 0003:044E:120B.0022: unknown main item tag 0x0
[  830.610746][T11112] hid-alps 0003:044E:120B.0022: unknown main item tag 0x0
[  830.624968][T11112] hid-alps 0003:044E:120B.0022: unknown main item tag 0x0
[  830.642159][T11112] hid-alps 0003:044E:120B.0022: unknown main item tag 0x0
[  830.700386][T11112] hid-alps 0003:044E:120B.0022: unknown main item tag 0x0
[  830.712697][T11112] hid-alps 0003:044E:120B.0022: unknown main item tag 0x0
[  830.939244][T11112] hid-alps 0003:044E:120B.0022: hidraw0: USB HID v0.00 Device [HID 044e:120b] on usb-dummy_hcd.4-1/input0
[  831.069739][T11112] usb 5-1: USB disconnect, device number 23
[  831.303134][ T1854] usb 9-1: new low-speed USB device number 3 using dummy_hcd
[  831.548652][ T1854] usb 9-1: config 179 has an invalid interface number: 65 but max is 0
[  831.563004][ T1854] usb 9-1: config 179 has an invalid descriptor of length 0, skipping remainder of the config
[  831.573821][ T1854] usb 9-1: config 179 has no interface number 0
[  831.580393][ T1854] usb 9-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  831.595008][ T1854] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  832.037135][T13217] netlink: 12 bytes leftover after parsing attributes in process `syz.8.3076'.
[  832.108639][ T1854] usb 9-1: USB disconnect, device number 3
[  832.341615][T13221] loop3: detected capacity change from 0 to 4096
[  832.898698][T13221] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  833.801771][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  833.816392][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  834.077871][T13245] loop6: detected capacity change from 0 to 64
[  834.294092][T13245] syz.6.3091: attempt to access beyond end of device
[  834.294092][T13245] loop6: rw=0, sector=268435468, nr_sectors = 2 limit=64
[  834.315501][T13245] Buffer I/O error on dev loop6, logical block 134217734, async page read
[  834.590610][T13255] loop4: detected capacity change from 0 to 128
[  834.637414][T13255] vfat: Unknown parameter 'rscard'
[  834.811399][T13252] Trying to free block not in datazone
[  836.444022][T13275] loop6: detected capacity change from 0 to 512
[  836.539964][T13275] EXT4-fs (loop6): 1 orphan inode deleted
[  836.550921][T13275] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  836.730961][ T6553] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  837.303432][T13288] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  839.067155][T13302] loop4: detected capacity change from 0 to 2048
[  839.150318][T13302] UDF-fs: error (device loop4): udf_process_sequence: Primary Volume Descriptor not found!
[  839.199755][T13302] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  840.275813][T13316] loop3: detected capacity change from 0 to 1024
[  840.474594][T13316] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  840.490107][T13316] ext4 filesystem being mounted at /655/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  840.722058][ T5805] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  842.855842][T13341] loop4: detected capacity change from 0 to 4096
[  842.947851][T13341] NILFS error (device loop4): nilfs_bmap_lookup_at_level: broken bmap (inode number=6)
[  842.958468][T13351] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  843.025972][T13341] Remounting filesystem read-only
[  843.036531][T13354] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3140'.
[  843.307588][T13357] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3138'.
[  846.631753][T13375] loop8: detected capacity change from 0 to 4096
[  846.883673][T13375] ntfs3(loop8): It is recommened to use chkdsk.
[  846.933781][T13375] ntfs3(loop8): try to read out of volume at offset 0x3fffffc0c00
[  846.942031][T13375] ntfs3(loop8): try to read out of volume at offset 0x3fffffc0c00
[  846.950567][T13375] ntfs3(loop8): try to read out of volume at offset 0x3fffffc0c00
[  846.964085][T13375] ntfs3(loop8): try to read out of volume at offset 0x3fffffc0c00
[  846.972855][T13375] ntfs3(loop8): try to read out of volume at offset 0x3fffffc1c00
[  846.981044][T13375] ntfs3(loop8): try to read out of volume at offset 0x3fffffc2c00
[  846.991894][T13375] ntfs3(loop8): try to read out of volume at offset 0x3fffffc4c00
[  847.002973][T13375] ntfs3(loop8): try to read out of volume at offset 0x3fffffc8c00
[  847.015911][T13375] ntfs3(loop8): try to read out of volume at offset 0x3fffffd0c00
[  847.461289][T13385] loop4: detected capacity change from 0 to 1024
[  848.011565][ T6910] hfsplus: b-tree write err: -5, ino 4
[  849.190891][T13395] loop5: detected capacity change from 0 to 512
[  849.217430][T13395] EXT4-fs: Ignoring removed i_version option
[  849.368457][T13395] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  849.384593][T13395] ext4 filesystem being mounted at /601/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  849.601131][T13395] EXT4-fs error (device loop5): ext4_get_first_dir_block:3533: inode #12: block 32: comm syz.5.3157: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  849.662801][T13395] EXT4-fs error (device loop5): ext4_get_first_dir_block:3536: inode #12: comm syz.5.3157: directory missing '.'
[  850.411006][ T6355] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  851.498689][T13419] loop3: detected capacity change from 0 to 16
[  851.965431][T13421] loop9: detected capacity change from 0 to 7
[  852.040676][T13421] Buffer I/O error on dev loop9, logical block 0, async page read
[  852.049296][T13421] Buffer I/O error on dev loop9, logical block 0, async page read
[  852.060339][T13421] Buffer I/O error on dev loop9, logical block 0, async page read
[  852.071117][T13421] Buffer I/O error on dev loop9, logical block 0, async page read
[  852.079765][T13421] Buffer I/O error on dev loop9, logical block 0, async page read
[  852.090505][T13421] Buffer I/O error on dev loop9, logical block 0, async page read
[  852.101313][T13421] Buffer I/O error on dev loop9, logical block 0, async page read
[  852.109553][T13421] ldm_validate_partition_table(): Disk read failed.
[  852.119080][T13421] Buffer I/O error on dev loop9, logical block 0, async page read
[  852.135049][T13421] Buffer I/O error on dev loop9, logical block 0, async page read
[  852.147431][T13421] Buffer I/O error on dev loop9, logical block 0, async page read
[  852.158302][T13421] Dev loop9: unable to read RDB block 0
[  852.164506][T13421]  loop9: unable to read partition table
[  852.370736][T13421] loop9: partition table beyond EOD, truncated
[  852.382099][T13421] loop_reread_partitions: partition scan of loop9 (þ被xüŸÑø éÚ¼§ÎdG¤´à–ƒÝ¡¯ �â·û
[  852.382099][T13421] 
) failed (rc=-5)
[  853.288921][T13434] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  853.829239][T13442] loop6: detected capacity change from 0 to 2048
[  853.841656][T13442] nilfs2: Bad value for 'cp'
[  855.559794][T13458] loop5: detected capacity change from 0 to 256
[  855.601425][T13458] exfat: Deprecated parameter 'utf8'
[  855.704813][ T1854] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  855.881390][T13458] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d)
[  855.925237][ T1854] usb 5-1: Using ep0 maxpacket: 8
[  855.995657][ T1854] usb 5-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  856.009140][ T1854] usb 5-1: config 0 interface 0 has no altsetting 0
[  856.022607][ T1854] usb 5-1: New USB device found, idVendor=20a0, idProduct=4287, bcdDevice= 0.00
[  856.031960][ T1854] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  856.176472][ T1854] usb 5-1: config 0 descriptor??
[  856.208138][T13462] loop3: detected capacity change from 0 to 2048
[  856.779060][ T1854] hid-u2fzero 0003:20A0:4287.0023: hidraw0: USB HID v0.03 Device [HID 20a0:4287] on usb-dummy_hcd.4-1/input0
[  856.796442][ T1854] hid-u2fzero 0003:20A0:4287.0023: NitroKey U2F LED initialised
[  856.807287][ T1854] hid-u2fzero 0003:20A0:4287.0023: NitroKey U2F RNG initialised
[  856.931652][ T1854] usb 5-1: USB disconnect, device number 24
[  857.170114][T11112] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  857.187908][T13471] loop5: detected capacity change from 0 to 1024
[  857.370698][T11112] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  857.389505][T11112] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  857.404482][T11112] usb 9-1: New USB device found, idVendor=0c70, idProduct=f00d, bcdDevice= 0.00
[  857.420956][T11112] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  857.439207][T11112] usb 9-1: config 0 descriptor??
[  857.950541][T11112] aquacomputer_d5next 0003:0C70:F00D.0024: unknown main item tag 0x0
[  857.969592][T11112] aquacomputer_d5next 0003:0C70:F00D.0024: unknown main item tag 0x0
[  857.987380][T11112] aquacomputer_d5next 0003:0C70:F00D.0024: unknown main item tag 0x0
[  858.000117][T11112] aquacomputer_d5next 0003:0C70:F00D.0024: unknown main item tag 0x0
[  858.013314][T11112] aquacomputer_d5next 0003:0C70:F00D.0024: unknown main item tag 0x0
[  858.101826][T11112] aquacomputer_d5next 0003:0C70:F00D.0024: hidraw0: USB HID v0.00 Device [HID 0c70:f00d] on usb-dummy_hcd.8-1/input0
[  858.283782][T11112] usb 9-1: USB disconnect, device number 4
[  859.258785][T13485] netlink: 332 bytes leftover after parsing attributes in process `syz.5.3199'.
[  859.271247][T13485] netlink: 'syz.5.3199': attribute type 9 has an invalid length.
[  859.279803][T13485] netlink: 108 bytes leftover after parsing attributes in process `syz.5.3199'.
[  859.291913][T13485] netlink: 32 bytes leftover after parsing attributes in process `syz.5.3199'.
[  862.788796][T13510] loop6: detected capacity change from 0 to 32768
[  862.797950][T13510] btrfs: Deprecated parameter 'usebackuproot'
[  862.804519][T13510] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  862.828519][T13510] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.3211 (13510)
[  862.860105][T13510] BTRFS info (device loop6): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  862.878053][T13510] BTRFS info (device loop6): using crc32c (crc32c-x86_64) checksum algorithm
[  862.931190][T13521] loop5: detected capacity change from 0 to 1024
[  863.002702][ T1854] usb 5-1: new full-speed USB device number 25 using dummy_hcd
[  863.139762][ T2960] BTRFS warning (device loop6): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0
[  863.160574][T13510] BTRFS error (device loop6): failed to load root extent
[  863.166597][T13521] =====================================================
[  863.172742][T13510] BTRFS warning (device loop6): try to load backup roots slot 1
[  863.177740][T13521] BUG: KMSAN: uninit-value in hfsplus_rename_cat+0x1173/0x17e0
[  863.194435][T13521]  hfsplus_rename_cat+0x1173/0x17e0
[  863.199879][T13521]  hfsplus_rename+0x1fc/0x2f0
[  863.211672][T13521]  vfs_rename+0x1e87/0x2460
[  863.216759][T13521]  do_renameat2+0x175e/0x1d70
[  863.221614][T13521]  __x64_sys_rename+0xd7/0x140
[  863.226718][T13521]  x64_sys_call+0x3553/0x3db0
[  863.231612][T13521]  do_syscall_64+0xd9/0x210
[  863.241402][T13521]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  863.243275][ T2960] BTRFS warning (device loop6): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0
[  863.247637][T13521] 
[  863.247663][T13521] Uninit was stored to memory at:
[  863.269503][T13510] BTRFS warning (device loop6): couldn't read tree root
[  863.273951][T13521]  hfsplus_rename_cat+0x10a9/0x17e0
[  863.274085][T13521]  hfsplus_rename+0x1fc/0x2f0
[  863.274209][T13521]  vfs_rename+0x1e87/0x2460
[  863.274350][T13521]  do_renameat2+0x175e/0x1d70
[  863.274438][T13521]  __x64_sys_rename+0xd7/0x140
[  863.274538][T13521]  x64_sys_call+0x3553/0x3db0
[  863.274679][T13521]  do_syscall_64+0xd9/0x210
[  863.274776][T13521]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  863.274887][T13521] 
[  863.274911][T13521] Uninit was stored to memory at:
[  863.275070][T13521]  hfsplus_create_cat+0x18fb/0x1910
[  863.275195][T13521]  hfsplus_mknod+0x208/0x560
[  863.275314][T13521]  hfsplus_mkdir+0x5a/0x80
[  863.275430][T13521]  vfs_mkdir+0x4e7/0x850
[  863.275558][T13521]  do_mkdirat+0x41a/0xf30
[  863.275683][T13521]  __x64_sys_mkdir+0x9a/0xf0
[  863.275812][T13521]  x64_sys_call+0x29b6/0x3db0
[  863.275946][T13521]  do_syscall_64+0xd9/0x210
[  863.276040][T13521]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  863.276148][T13521] 
[  863.276171][T13521] Uninit was stored to memory at:
[  863.276327][T13521]  hfsplus_create_cat+0x18fb/0x1910
[  863.276470][T13521]  hfsplus_fill_super+0x212e/0x2740
[  863.276573][T13521]  get_tree_bdev_flags+0x6e6/0x920
[  863.276719][T13521]  get_tree_bdev+0x38/0x50
[  863.276860][T13521]  hfsplus_get_tree+0x35/0x40
[  863.276954][T13521]  vfs_get_tree+0xb3/0x5c0
[  863.277092][T13521]  do_new_mount+0x738/0x1610
[  863.277231][T13521]  path_mount+0x6db/0x1e90
[  863.277362][T13521]  __se_sys_mount+0x6eb/0x7d0
[  863.277506][T13521]  __x64_sys_mount+0xe4/0x150
[  863.277647][T13521]  x64_sys_call+0xfa7/0x3db0
[  863.277779][T13521]  do_syscall_64+0xd9/0x210
[  863.277877][T13521]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  863.277985][T13521] 
[  863.278009][T13521] Uninit was stored to memory at:
[  863.278167][T13521]  hfsplus_create_cat+0x18fb/0x1910
[  863.278282][T13521]  hfsplus_fill_super+0x212e/0x2740
[  863.278382][T13521]  get_tree_bdev_flags+0x6e6/0x920
[  863.278518][T13521]  get_tree_bdev+0x38/0x50
[  863.278645][T13521]  hfsplus_get_tree+0x35/0x40
[  863.278736][T13521]  vfs_get_tree+0xb3/0x5c0
[  863.278867][T13521]  do_new_mount+0x738/0x1610
[  863.278997][T13521]  path_mount+0x6db/0x1e90
[  863.279125][T13521]  __se_sys_mount+0x6eb/0x7d0
[  863.279259][T13521]  __x64_sys_mount+0xe4/0x150
[  863.279395][T13521]  x64_sys_call+0xfa7/0x3db0
[  863.279532][T13521]  do_syscall_64+0xd9/0x210
[  863.279628][T13521]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  863.279738][T13521] 
[  863.279761][T13521] Uninit was created at:
[  863.279942][T13521]  __alloc_frozen_pages_noprof+0x689/0xf00
[  863.297156][T13510] BTRFS warning (device loop6): try to load backup roots slot 2
[  863.628148][T13521]  alloc_pages_mpol+0x328/0x860
[  863.633456][T13521]  alloc_frozen_pages_noprof+0xf7/0x200
[  863.639264][T13521]  allocate_slab+0x24d/0x1220
[  863.644334][T13521]  ___slab_alloc+0xfec/0x3480
[  863.649230][T13521]  kmem_cache_alloc_lru_noprof+0x922/0xed0
[  863.660565][T13521]  hfsplus_alloc_inode+0x5a/0xd0
[  863.665891][T13521]  alloc_inode+0x87/0x4a0
[  863.670449][T13521]  iget_locked+0x239/0x12d0
[  863.675868][T13521]  hfsplus_iget+0x5c/0xb80
[  863.680458][T13521]  hfsplus_btree_open+0x134/0x1d00
[  863.690980][T13521]  hfsplus_fill_super+0x1161/0x2740
[  863.701441][T13521]  get_tree_bdev_flags+0x6e6/0x920
[  863.708327][T13521]  get_tree_bdev+0x38/0x50
[  863.718082][T13521]  hfsplus_get_tree+0x35/0x40
[  863.723151][T13521]  vfs_get_tree+0xb3/0x5c0
[  863.727791][T13521]  do_new_mount+0x738/0x1610
[  863.732783][T13521]  path_mount+0x6db/0x1e90
[  863.737414][T13521]  __se_sys_mount+0x6eb/0x7d0
[  863.747482][T13521]  __x64_sys_mount+0xe4/0x150
[  863.752590][T13521]  x64_sys_call+0xfa7/0x3db0
[  863.757397][T13521]  do_syscall_64+0xd9/0x210
[  863.762086][T13521]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  863.768483][T13521] 
[  863.770925][T13521] CPU: 1 UID: 0 PID: 13521 Comm: syz.5.3215 Not tainted 6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(undef) 
[  863.772412][ T2960] BTRFS error (device loop6): level verify failed on logical 5255168 mirror 1 wanted 0 found 1
[  863.788524][T13521] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  863.809991][T13510] BTRFS warning (device loop6): couldn't read tree root
[  863.819388][T13521] =====================================================
[  863.830752][T13510] BTRFS warning (device loop6): try to load backup roots slot 3
[  863.834371][T13521] Disabling lock debugging due to kernel taint
[  863.834426][T13521] Kernel panic - not syncing: kmsan.panic set ...
[  863.834506][T13521] CPU: 1 UID: 0 PID: 13521 Comm: syz.5.3215 Tainted: G    B               6.16.0-rc4-syzkaller-00049-gb4911fb0b060 #0 PREEMPT(undef) 
[  863.834655][T13521] Tainted: [B]=BAD_PAGE
[  863.834695][T13521] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  863.834757][T13521] Call Trace:
[  863.834798][T13521]  <TASK>
[  863.834836][T13521]  __dump_stack+0x26/0x30
[  863.834977][T13521]  dump_stack_lvl+0x53/0x270
[  863.835108][T13521]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  863.835273][T13521]  dump_stack+0x1e/0x25
[  863.835393][T13521]  panic+0x4bd/0xd50
[  863.835587][T13521]  kmsan_report+0x31c/0x320
[  863.835734][T13521]  ? __msan_memcpy+0x108/0x1c0
[  863.835860][T13521]  ? __msan_warning+0x1b/0x30
[  863.835989][T13521]  ? hfsplus_rename_cat+0x1173/0x17e0
[  863.836132][T13521]  ? hfsplus_rename+0x1fc/0x2f0
[  863.836263][T13521]  ? vfs_rename+0x1e87/0x2460
[  863.836410][T13521]  ? do_renameat2+0x175e/0x1d70
[  863.836511][T13521]  ? __x64_sys_rename+0xd7/0x140
[  863.836608][T13521]  ? x64_sys_call+0x3553/0x3db0
[  863.836748][T13521]  ? do_syscall_64+0xd9/0x210
[  863.836852][T13521]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  863.836973][T13521]  ? kmsan_get_metadata+0xfb/0x160
[  863.837123][T13521]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  863.837292][T13521]  ? hfsplus_bnode_dump+0x50a/0x560
[  863.837455][T13521]  ? kmsan_get_metadata+0xfb/0x160
[  863.837606][T13521]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  863.837772][T13521]  ? hfsplus_brec_remove+0x92f/0xa60
[  863.837945][T13521]  ? kmsan_get_metadata+0xfb/0x160
[  863.838105][T13521]  __msan_warning+0x1b/0x30
[  863.838235][T13521]  hfsplus_rename_cat+0x1173/0x17e0
[  863.838397][T13521]  ? kfree+0x121/0xec0
[  863.838492][T13521]  ? filter_irq_stacks+0x49/0x190
[  863.838608][T13521]  ? stack_depot_save_flags+0x35/0x7b0
[  863.838735][T13521]  ? kmsan_get_metadata+0xfb/0x160
[  863.838881][T13521]  ? kmsan_get_metadata+0xfb/0x160
[  863.839031][T13521]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  863.839177][T13521]  ? kmsan_get_metadata+0xfb/0x160
[  863.839328][T13521]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  863.839489][T13521]  ? kmsan_get_metadata+0xfb/0x160
[  863.839639][T13521]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  863.839831][T13521]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  863.839995][T13521]  hfsplus_rename+0x1fc/0x2f0
[  863.840134][T13521]  ? __pfx_hfsplus_rename+0x10/0x10
[  863.840271][T13521]  vfs_rename+0x1e87/0x2460
[  863.840436][T13521]  ? end_current_label_crit_section+0x112/0x290
[  863.840628][T13521]  do_renameat2+0x175e/0x1d70
[  863.840795][T13521]  __x64_sys_rename+0xd7/0x140
[  863.840906][T13521]  x64_sys_call+0x3553/0x3db0
[  863.841054][T13521]  do_syscall_64+0xd9/0x210
[  863.841180][T13521]  ? irqentry_exit+0x16/0x60
[  863.841324][T13521]  ? clear_bhb_loop+0x40/0x90
[  863.841436][T13521]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  863.841550][T13521] RIP: 0033:0x7fc87538e929
[  863.841624][T13521] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  863.841725][T13521] RSP: 002b:00007fc876237038 EFLAGS: 00000246 ORIG_RAX: 0000000000000052
[  863.841822][T13521] RAX: ffffffffffffffda RBX: 00007fc8755b5fa0 RCX: 00007fc87538e929
[  863.841903][T13521] RDX: 0000000000000000 RSI: 0000200000000f40 RDI: 0000200000000000
[  863.841975][T13521] RBP: 00007fc875410b39 R08: 0000000000000000 R09: 0000000000000000
[  863.842042][T13521] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  863.842105][T13521] R13: 0000000000000000 R14: 00007fc8755b5fa0 R15: 00007ffc8bb5f698
[  863.842213][T13521]  </TASK>
[  863.849279][T13521] Kernel Offset: disabled