last executing test programs:

6m23.848009012s ago: executing program 32 (id=6906):
r0 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="5c00000012006bab9e3fe3d86e6c1d0000147ea64e21160af36504b68675f8001d000a00a0e69ee517d34460bc24eab556a705251e6182949a36c23d3b48dfd8cdbf9367b4fa51f60a64c9f408000300060100000800030011000000", 0x5c}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)

5m26.952798916s ago: executing program 33 (id=7645):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newtaction={0x68, 0x30, 0x1, 0x0, 0x0, {0x0, 0x0, 0x1300}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x4}]}, {0xffffffffffffff1f}, {0xc}, {0xfffffffffffffcdc}}}]}]}, 0x68}}, 0x0)

2m57.554699749s ago: executing program 2 (id=9718):
r0 = memfd_create(&(0x7f00000000c0)='\xff\x00l\x1e\xa0</\x00\x8eO4._\x14zC\x8a\xe8\xe0u\xe0\xff\xf1\xb2\xfd\xf6nz\x05-]\xc2Vk\xaeky\xd3\x83\xe2\xc7\xd3\xe6M^\x98ox\x14\t\xe9Q1\x1dK\x9a\x045\xd37\xb22\xfdD(\xd2\xdd\xa0\xff\x0f\x00\x00\x00\x00\x00\x00v\n\xd8?]k\x14N\x18\xf4\xc2j\xed6g\xfd\xd2\xd4\xe3\x1f\xa6 \xa0\x8d\xb5\x9aE<2`]<\x8cR\xd69\x0fO\xbf\xc3\xbd\xb0\x96\x90\x91k\x86\x1a\x10\xd2\xf5\x8b\xfc\xf4\xd0[\x12\xf5+\x1aS\x02/Yx\xf2jJb\x97\x9c/\x1f5i\xc6\x861\x9a\xff\xc3\xe7\xbfU\xd5\xac\xccB=\x8f\xfd\x84\xeepQ\x93nn\x0f\xc6\xa9?\xad\x8b~\x96@i=G\x9ft\x1d\xcc\xc6Ys7\x7f\x8ehv\xd3$\x13s\xa0\xbfi\xfaFS\xa9=Xe\xf8tI\x15\x882\x8b\x8e-X\xb8\xf2\x9du\x15S^\xec\xce\xfaf$S\x9f\xe7Ed\n\x84\\ u\xd2\x16\xc1\xa5\xa0\xaa\xe8.i\xc8\x0e\vt\xe2\xf1lA\x93\xdd\xce\x8f$\x06v\xbe\xe7\x95nN\xc5\xaa\x1ev\xc6P\x9c\\G&y\x8bYA\xc3}\xd9\x86[\xb2\xf3\x0f\x90%\xcb\x81\xe8\xea\xbcs\x95\xe9\x8eXH\x19m\xdfOY\xf1E9-\xc8\xe7\x13^+(\x034\x82\xafiOO\x14\x8f^\x8c', 0x7)
fcntl$addseals(r0, 0x409, 0x6)

2m57.261901208s ago: executing program 2 (id=9722):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x20, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x99ec}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000080)={r0, 0x0, 0x2d, 0x0, @val=@netfilter={0xa, 0x1, 0x353a, 0x1}}, 0x20)

2m57.113203862s ago: executing program 2 (id=9726):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1d, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x4, 0x40, 0x7fff0000}]})
ioctl$SECCOMP_IOCTL_NOTIF_SEND(r0, 0xc0182101, 0x0)

2m56.893476424s ago: executing program 2 (id=9730):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$cgroup(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000480), 0x10000, &(0x7f00000000c0)={[{@subsystem='perf_event'}]})

2m56.649328853s ago: executing program 2 (id=9733):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000800)={r0, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000300)="b9ff038768441a8cb89e14f00800", 0x0, 0x5, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

2m56.404785892s ago: executing program 2 (id=9734):
r0 = openat$comedi(0xffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x2180, 0x0)
ioctl$COMEDI_INSN(r0, 0x8028640c, &(0x7f0000000000)={0x4000000, 0xff92, 0x0, 0x2, 0x4})

2m42.053174304s ago: executing program 34 (id=9734):
r0 = openat$comedi(0xffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x2180, 0x0)
ioctl$COMEDI_INSN(r0, 0x8028640c, &(0x7f0000000000)={0x4000000, 0xff92, 0x0, 0x2, 0x4})

2m20.467987256s ago: executing program 7 (id=10169):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_inet_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000040)={'wlan1\x00', {0x2, 0x4e23, @broadcast}})

2m20.240847433s ago: executing program 7 (id=10172):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000008c0)=[{&(0x7f0000002740)=ANY=[@ANYBLOB="140000001300015b993dde440113e90005"], 0x14}], 0x1}, 0x0)

2m20.200228348s ago: executing program 7 (id=10173):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="5000000020000103feffffff0000000002000000000000000400010008000a000008000005001e"], 0x50}}, 0x4000850)

2m19.843687303s ago: executing program 7 (id=10175):
r0 = syz_open_dev$video4linux(&(0x7f0000001380), 0x5, 0x0)
ioctl$VIDIOC_SUBDEV_G_SELECTION(r0, 0xc040563d, &(0x7f0000000000)={0x0, 0x0, 0x1, 0x0, {0x0, 0x0, 0x0, 0x9}})

2m19.453670915s ago: executing program 7 (id=10180):
r0 = syz_init_net_socket$ax25(0x3, 0x2, 0xca)
shutdown(r0, 0x0)

2m19.172088585s ago: executing program 7 (id=10183):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
pread64(r0, 0x0, 0x0, 0x6)

2m4.731611157s ago: executing program 35 (id=10183):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
pread64(r0, 0x0, 0x0, 0x6)

1m27.702488403s ago: executing program 3 (id=10778):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_TREAD_OLD(r0, 0x40045402, 0x0)

1m27.474256079s ago: executing program 3 (id=10781):
r0 = openat$binfmt_register(0xffffff9c, &(0x7f0000000040), 0x1, 0x0)
write$binfmt_register(r0, &(0x7f0000000140)={0x3a, 'syz1', 0x3a, 'M', 0x3a, 0x1000, 0x3a, '\x94l\\\xec\xd1\xcb\x9a}\xab7\x1f\xde\xb5\x83>\fG\\x00', 0x3a, '/dev\x14bus/usb/00#/00#\x00', 0x3a, './file0'}, 0x51)

1m27.237611223s ago: executing program 3 (id=10785):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
getsockopt$inet6_tcp_buf(r0, 0x6, 0xb, 0x0, &(0x7f0000000300))

1m26.996074121s ago: executing program 3 (id=10789):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x2000800, &(0x7f0000000380)=ANY=[@ANYBLOB='umask=00000000000000000000005,gid=', @ANYRESHEX=0x0, @ANYBLOB="2c6572726f72733d636f6e74696e75652c6572726f72733d636f6e74696e75652c696f636861727365743d63703836342c6572726f72733d72656d6f756e742d726f2c696f636861727365743d6370313235312c6572726f72733d636f6e74696e75652c756d61736b3d303030303030302c757466382c00be3344178f389d7f080d9fe2915a6ad1dc3095743c"], 0x1, 0x152d, &(0x7f0000001f80)="$eJzs3AuYTtUaOPD3XWvtMSS+JrkMa6138yWXZZIklyS5JEklSXJLSJrkSEJiCEkakpBchiSGkFwmJo37/X5JSJImSXLLLVn/Z8Lf6dT5dy79j/OceX/Psx/rtfZa+93f+13W3jPzfddlSK3Gtas3JCL4t+CFf5IAIBYABgBAXgAIAKB8XPm4rP6cEpP+vYOwP9dDqVc6A3Ylcf2zN65/9sb1z964/tkb1z974/pnb1z/7I3rz1h2tnFqoWt4y74b3//Pzvjz/39IZpkxX60uc11XgJh/dAjXP3vj+v/PCv6Rnbj+2RvXP7uKvdIJsP8C/PrPDnL83R6uf/bG9WcsO7vS95+v9AaR/7LH4HDOC4X5T50/Y4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDH2H3DaX6YA4FL7SufFGGOMMcYYY4yxP4/PcaUzYIwxxhhjjDHG2P9/CAIkKAggBnJALOSEXCAA4GrIA3khAtdAHFwL+eA6yA8FoCAUgngoDEVAgwELBCEUhWIQheuhONwAJaAklILS4KAMJMCNUBZugnJwM5SHW6AC3AoVoRJUhipwG1SF26Ea3AHV4U6oATWhFtSGu6AO3A114R6oB/dCfbgP7ocHoAE8CA3hIWgED0NjeASawKPQFJpBc2gBLf+l8S9AD3gRekIvSILe0Adegr7QD/rDyzAAXoGB8CoMgtcgGQbDEHgdhsIbMAzehOEwAkbCWzAK3obRMAbGwjhIgfEwAd6BifAuTIL3YDJMgVSYCtPgfZgOM2AmfACz4EOYDXNgLsyDNPgI5sMCSIePYSF8AhmwCBbDElgKy2A5rICVsApWwxpYC+tgPWyAjbAJNsMW2ArbYDt8CjvgM9gJu2A3fA574It/cvypvxnfFQEBBQpUqDAGYzAWYzEX5sLcmBvzYB6MYATjMA7zYT7Mj/mxIBbEeIzHIlgEDRokJCyKRTGKUSyOxbEElsBSWAodOkzABCyLN2E5LIflsTxWwApYESthJayCVbAqVsVqWA2rY3WsgTWwFtbCu/Au7I11sS7Ww3pYH+tfuj2FDbEhNsJG2BgbYxNsgk2xKTbH5tgSW2IrbIWtsTW2xbbYDtthe2yPiZiIHbADdsSO2Ak7YWfsjF2wC3bFbtgt84UcgC/ii9gLa4je2Af7YF9MztEfX8aX8RUciK/iq/gaJuNgHIKv4+v4Bg7DkzgcR+BIHIlVxds4GscgiXGYgik4ASfgRJyIWYm+h1MwFafiNJyG03EGzsAPcBZ+iB/iHJyD8zAN03A+LsB0TMeFeAozcBEuxiW4FJfhUlyBK3EFrsY1uBrX4TrcgBtwE27CLbgFt+E2/BQVAH6Gu3AXJuMe3IN7cS/uw324H/djJmbiATyAB/EgHsJDeBgP4xE8isfwKJ7AE3gST+FpPI1n8Syew+fiv2n0aclVySCyKKFEjIgRsSJW5BK5RG6RW+QReURERESciBP5RD6RX+QXBUVBES/iRRFRRBhhBIkwBgBEVERFcVFclBAlRClRSjjhRIJIEGVFWVFOlBPlxS2igrhVVBSVRBtXRVQRVUVbV03cIaqL6qKGqClqidqitqgj6oi6oq6oJ+qJ+qK+uF88IBqI3tgfHxJZlWksBmMTMQSbimZCXnwHayWGYWvRRrQVT4gROBzbi1YuUTwtOojR2FH8RYzBZ0VnMQ67iOdFV9FNdBcviB6itespeolJ2Fv0EVOwr+gn+ouXxXSsKT7AWTlriddEshgshojXxTx8QwwTb4rhYoQYKd4So8TbYrQYI8aKcSJFjBcTxDtionhXTBLvicliikgVU8U08b6YLmaImeIDMUt8KGaLOWKumCfSxEdivlgg0sXHYqH4RGSIRWKxWCKWimViuVghVopVYrVYI9aKdWK92CA2ik1is4iFrWKb2C4+FTvEZ2Kn2CV2i8/FHvGF2Cu+FPvEV2K/+Fpkim/EAfGtOCi+E4fE9+Kw+EEcEUfFMXFcnBA/ipPilDgtzoiz4idxTvwszgsvQKIUUkolAxkjc8hYmVPmklfJ3DK4+OheI+PktTKfvE7mlwVkQVlIxsvCsojU0kgrSYayqCwmo/J6WVzeIEvIkrKULC2dLCMT5I2yrLxJlpM3y/LyFllB3iorykqysqwib5NV5e0SIheOUUPWlLVkbXmXTIK7ZV15j6wn75X15X3yfvmAbCAflA3lQ7KRfFg2lo/IJvJR2VQ2k81lC9lSPiZbycdla9lGtpVPyHbySdlePiUT5dOyg/QXnyLPys7yOdlFPi+7ym6yu/xZnpde9pS9JPQG2Ue+JPvKfrJ/LADIV+RA+aocJF+TyXKwHCJfl0PlG3KYfFMOlyPkSPmWHCXflqPlGDlWjpMpcrycIN+RE+W7cpJ8T06WU2SqnCr7ywG/zDRTyj8c/87vjB/0y9E3yI1yk9wst8itcpvcLj+VO+QOuVPulLvlbrlH7pF75V65T+6T++V+mSkz5QF5QB6UB+UheUgeloflEXlUnpHH5Qn5ozwpT8lT8ow8K8/KcxcfA1CohJJKqUDFqBwqVuVUudRVKre6WuVReVVEXaPi1LUqn7pO5VcFVEFVSMWrwqqI0sooq0iFqqgqpqLqerz4hFGlVGnlVBmVoG78Z8ar4uoGVUKV/NX4S/kl/Z38WqqWqpVqpVqr1qqtaqvaqXaqvWqvElWi6qA6qI6qo+qkOqnOqrPqorqorqqr6q66qx6qh+qpeqoklaT6qJdUX9VP9VcvqwHqFTVQDVSD1CCVrJLVEDVEDVVD1TA1TA1Xw9VINVKNUqPUaDVajVVjVYpKURPUBDVRTVST1CQ1WU1WqSpVTVPT1HQ1Xc1UM9UsNUvNVrPVXDVXpak0NV/NV+kqXS1UC1WGWqQWqSVqiVqmlqkVaoVapVapNWqNWqfWqQy1UW1Um9VmtVVtVdvVdrVD7VA7xU61W+1We9QetVftVfvUPrVf7VeZKlMdUAfUQXVQHVKH1GF1WB1RR9QxdUydUCfUSXVSnVan1Vl1Vp1T59R5dT5r2ReIQAQqUEFMEBPEBrFBriBXkDvIHeQJ8gSRIBLEBXFBvuC6IH9QICgYFArig8JBkUAHJrCBuFj0aHB9UDy4ISgRlAxKBaUDF5QJEoIbg7LBTUG54OagfHBLUCG4NagYVAoqB1WC24Kqwe1BteCOoHpwZ1AjqBnUCmoHdwV1gruDusE9Qb3g3qB+cF9wf/BA0CB4MGgYPBQ0Ch4OGgePBE2CR4OmQbOgedAiaPmnzu/9yQKPu566l07SvXUf/ZLuq/vp/vplPUC/ogfqV/Ug/ZpO1oP1EP26Hqrf0MP0m3q4HqFH6rf0KP22Hq3H6LF6nE7R4/UE/Y6eqN/Vk/R7erKeolP1VD1Nv6+n6xl6pv5Az9If6tl6jp6r5+k0/ZGerxfodP2xXqg/0Rl6kV6sl+ileplerlfolXqVXq3X6LV6nV6vN+iNepPerLforXqb3q4/1Tv0Z3qn3qV368/1Hv2F3qu/1Pv0V3q//lpn6m/0Af2tPqi/04f09/qw/kEf0Uf1MX1cn9A/6pP6lD6tz+iz+id9Tv+sz2uftbjP+ng3yigTY2JMrIk1uUwuk9vkNnlMHhMxERNn4kw+k8/kN/lNQVPQxJt4U8QUMVnIkClqipqoiZriprgpYUqYUqaUccaZBJNgypqyppwpZ8qb8qaCqWAqmoqmsqlsbjO3mdvN7eYOc4e509xpapqaprapbeqYOqauqWvqmXqmvqlv7jf3mwamgWloGppGppFpbBqbJqaJaWqamuamuWlpWppWppVpbVqbtqataWfamfamvUk0iaaD6WA6mo6mk+lkOpvOpovpYrqarqa76W56mB6mp+lpkkyS6WP6mL6mr+lv+psBZoAZaAaaQWaQSTbJZogZYoaaoWaYGWaGmxFmZNZC1bxtRpsxZqwZZ1JMiplgJpiJZqKZZCaZyWaySTWpZpqZZqab6WammWlmmVlmtplt5pq5Js2kmflmvkk36WahWWgyTIZZbBabpWapWW6Wm5VmpVltVpu1sNasN+vNRrPRbDabzVaz1Ww3280Os8PsNDvNbrPb7DF7zF6z1+wz+8x+s99kmkxzwBwwB81Bc8gcMofNYXPEHDHHzDFzwpwwJ81Jc9qcNmdNgYufl97E2pw2l73K5rZX2zw2r/3buKAtZONtYVvEapvfFvhVbKy1JWxJW8qWts6WsQn2xt/EFW0lW9lWsbfZqvZ2W+03cR17t61r77H17L22tr3rV3F9e5/NWp00QASwzWwj28I2to/YJvZR29Q2s81tC9vOPmnb26dson3adrDP/CaebxfYlXaVXW3X2J12lz1tz9iD9jt71v5ke9pedoB9xQ60r9pB9jWbbAf/Jh5p37Kj7Nt2tB1jx9pxv4kn2yk21U610+z7drqd8Zs4zX5kZ9l0O9vOsXPtvF/irJzS7cd2of3EZtgAFtsldqldZpfbFZdy9XntOrvebrA77Gd2s91it9ptdvulhbDdZXfbz+0e+4U9YL+1++xXdr89ZDPtN7/EWed3yH5vD9sf7BF71B6zx+0J+6O6NDrr3I/bn+156y0QEpAkRQHFUA6KpZyUi66i3HQ15aG8FKFrKI6upXx0HeWnAlSQClE8FaYipMmQJaKQilIxitL1dCm9UlSaHJWhBLqRytJNVI5upvJ0C1WgW6kiVaLKVIVuo6p0O1WjO6g63Uk1qCbVotp0F9Whu6ku3UP16F6qT/fR/fQANaAHqSE9RI3oYWpMj1ATepSaUjNqTi2oJT1Grehxak1tqC09Qe3oSWpPT1EiPU0d6BnqSH+hTvQsdabnqAs9T12pG3WnF6gHvUg9qRclUW/qQy9RX+pH/ellGkCv0EB6lQbRa5RMg2kIvU5D6Q0aRm/ScBpBI+ktGkVv02gaQ2NpHKXQeJpA79BEepcm0Xs0maZQKk2lafQ+TacZNJM+oFn0Ic2mOTSX5lEafUTzaQGl08e0kD6hDFpEi2kJLaVltJxW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nT6lHfQZ7aRdtJs+pz30BSF9SfvoK9pPX1MmfUMH6Fs6SN/RIfre96If6AgdpWN0nE7Qj3SSTtFpOkNn6Sc6Rz/TefIEIYYilKEKgzAmzBHGhjnDXOFVYe7w6jBPmDeMhNeEceG1Yb7wujB/WCAsGBYK48PCYZFQhya0IYVhWDQsFkbD68Pi4Q1hibBkWCosHbqwTJgQ3hiWDW8Ky4U3h+XDW8IK4a1hxbBS+Mi9VcLbwqrh7WG18I6wenhnWCOsGdYKa4d3hXXCu8O64T1hvfDesFx4X3h/+EDYIHwwbBg+FDYKHw4bh4+ETcJHw6Zhs7B52CJsGT4WtgofD1uHbcK24RNhu/DJsH34VJgYPh12CJ/5pf++BX+/PynsHfYJXwpfCr2/R86NzoumRT+Kzo8uiKZHP44ujH4SzYguii6OLokujS6LLo+uiK6Mroqujq6Jro2ui66Pboh6XzsHOHTCSadc4GJcDhfrcrpc7iqX213t8ri8LuKucXHuWpfPXefyuwKuoCvk4l1hV8RpZ5x15EJX1BVzUXe9K+5ucCVcSVfKlXbOlXEJroVr6Vq6Vu5x19q1cW3dE+4J96R70j3lnnJPuw7uGdfR/cV1cs+6zu4595x73nV13Vx394Lr4cbnufCaTHJ9XB/X1/V1/V1/N8ANcAPdQDfIDXLJLtkNcUPcUDfUDXPD3HA33I10I90oN8qNdqPdWDfWpbgUN8FNcBPdRDfJTXKT3WSX6lLdNDfNTXfTXdUZF44y2812c91cl+bS3HyXtWZMdwvdQpfhMtxit9gtdUvdcrfcrXQr3Wq32q11a916t95tdBvdZrfZbXVb3Xa33e1wO9xOn/fCpG6P2+v2un1un9vvvnaZ7ht3wH3rDrrv3CH3vTvsfnBH3FF3zB13J9yP7qQ75U67M+6s+8mdcz+78867lMj4yITIO5GJkXcjkyLvRSZHpkRSI1Mj0yLvR6ZHZkRmRj6IzIp8GJkdmROZG5kXSYt8FJkfWRBJj3wcWRj5JJIRWRRZHFkSWRpZFvG+8ObQF/XFfNRf74v7G3wJX9KX8qW982V8gr/Rl/U3+XL+Zl/e3+Ir+Ft9RV/JV/aP+qa+mW/uW/iW/jHfyj/uW/s2vq1/wrfzT/r2/imf6J/2HfwzvqP/i+/kn/Wd/XO+i3/ed/XdfHf/gu/hX/Q9fS+f5Hv7Pv4l39f38/39y36Af8UP9K/6Qf41n+wH+yH+dT/Uv+GH+Tf9cD/Cj4x5y4+6dIkM43yKH+8n+Hf8RP+un+Tf85P9FJ/qp/pp/n0/3c/wM/0Hfpb/0M/2c/xcP8+n+Y/8fL/Ap/uP/UL/ic/wiy7dVPbL/Qq/0q/yq/0av9av8+v9Br/Rb/Kb/Ra/1W/z2/2nfof/zO/0u/xu/7nf47/we/2Xfp//Kgf4r32m/8Yf8N/6g/47f8h/7w/7H/wRf9Qf88f9Cf+jP+lP+dP+jD/rf/Ln/M/+PP/NGmOMMcbYP2T85ab4dc+F2/m9f2eM+Kud+wDA1VsKZf51f9aKcm3+C+1+Ir5dBACe7tXloUtbjRpJSUkX982QEBSbA3DpJ0FZYuByvAjawpOQCG2g7O/m3090O0t/MH/0FoBcfzUmFi7Hl+f/EgCTfmf+x54YOb9CeDru/zH/HIASxS6PyQmX40XQ9pf7K22g3N/Jv0CrP8g/51cpAK3/akxuuBxfzj8BHodnIPFXezLGGGOMMcYYYxf0E5U7Xbr+vPQbn793fR6vLo/JAZfjP7o+Z4wxxhhjjDHG2JX3bLfuTz2WmNim0z/fqPbH+6h/beZfGk3gX02MG/9Sw3uA/1s4APg3JwTIasj/5Fls+o8cK/niS+dvu5ae8QH8d5Tyz2hc4TcmxhhjjDHG2J/u8qL/1/+vrlRCjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcZYNvTvfscb/APf0nelz5ExxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhi70v5PAAAA///l6PgG")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)

1m26.390539614s ago: executing program 3 (id=10794):
r0 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000001080)=ANY=[@ANYBLOB="380000000314010002070000000000000900020073797a25000000000800410072786500140033"], 0x38}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

1m25.409319434s ago: executing program 3 (id=10803):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r0, 0x8b04, &(0x7f0000000000)={'wlan1\x00', @random="0200"})

1m24.945717637s ago: executing program 36 (id=10803):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r0, 0x8b04, &(0x7f0000000000)={'wlan1\x00', @random="0200"})

1m24.677469322s ago: executing program 5 (id=10810):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="3800000010005fba00000000fdffffff00000000", @ANYRES32=0x0, @ANYBLOB="800002000800000008001b0000000000080029006edc000008002800a2ec0008"], 0x38}}, 0x0)

1m24.103172497s ago: executing program 5 (id=10817):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=@newlink={0x48, 0x10, 0xffffff1f, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xffffff81}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}, @IFLA_GSO_MAX_SIZE={0x8, 0x29, 0x128d1}, @IFLA_BROADCAST={0xa, 0x2, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}}]}, 0x48}, 0x1, 0x0, 0x0, 0x800}, 0x20048010)

1m23.798894698s ago: executing program 5 (id=10821):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
setsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, 0x0, 0x0)

1m23.490921823s ago: executing program 5 (id=10824):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$nfs(&(0x7f00000001c0)='..\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x85000, 0x0)

1m23.134121567s ago: executing program 5 (id=10829):
r0 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$SIOCX25SFACILITIES(r0, 0x89e3, &(0x7f0000000000)={0x40000062, 0xaba, 0x5, 0xc, 0x8e0, 0x81})

1m17.681289861s ago: executing program 5 (id=10867):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f00000023c0)='/dev/comedi2\x00', 0x149040, 0x0)
ppoll(&(0x7f0000002540)=[{r0, 0x200}], 0x1, &(0x7f0000002580)={0x0, 0x989680}, 0x0, 0x0)

1m16.78304198s ago: executing program 37 (id=10867):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f00000023c0)='/dev/comedi2\x00', 0x149040, 0x0)
ppoll(&(0x7f0000002540)=[{r0, 0x200}], 0x1, &(0x7f0000002580)={0x0, 0x989680}, 0x0, 0x0)

4.134437353s ago: executing program 6 (id=11637):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=@getnexthop={0x20, 0x6a, 0xb0d, 0x0, 0x0, {0x3, 0x0, 0x0, 0x2}, [@NHA_MASTER={0x8, 0xe}]}, 0x20}}, 0x0)

3.888134863s ago: executing program 6 (id=11642):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
setxattr(&(0x7f0000001100)='./file0\x00', &(0x7f0000001140)=@random={'security.', 'ext4\x00'}, &(0x7f0000001180)='contention_begin\x00', 0x1001, 0x1)

3.547538538s ago: executing program 1 (id=11647):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFNL_MSG_ACCT_NEW(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000280)={0x74, 0x0, 0x7, 0x201, 0x0, 0x0, {0x3, 0x0, 0x8}, [@NFACCT_NAME={0x9, 0x1, 'syz1\x00'}, @NFACCT_FILTER={0x13, 0x7, 0x0, 0x1, [@NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x46e}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x3}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x7fff}, @NFACCT_FILTER_MASK, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x2c40}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x1}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x880}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x7}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x51c2b6cf}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x1}]}]}, 0x74}}, 0x28000)

3.119238877s ago: executing program 6 (id=11653):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x1d, 0xf, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x565}, {{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x6}, {}, {0x85, 0x0, 0x0, 0x39}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x9f}}}, &(0x7f0000000980)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @lsm=0x1c, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

3.116728844s ago: executing program 1 (id=11654):
r0 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000001080), 0x1, 0x0)
write$vga_arbiter(r0, &(0x7f00000010c0)=@target={'target ', {'PCI:', '17', ':', '9', ':', 'e', '.', '0'}}, 0x14)

2.626416562s ago: executing program 1 (id=11660):
r0 = openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi1\x00', 0x2180, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f0000000300)={'pcl816\x00', [0x2f00, 0x5, 0xd09a, 0x1002, 0x3, 0xfffffffe, 0x20000004, 0x6, 0xffe, 0x9, 0x10, 0x3, 0x4, 0xaba5, 0xffff, 0x100006, 0x5, 0x8, 0x830, 0x40, 0x10000, 0xa, 0x801, 0xe2df, 0x40000002, 0x0, 0x7, 0xb, 0x4, 0x5, 0x800]})

2.538040727s ago: executing program 6 (id=11662):
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000100)={[{@umask={'umask', 0x3d, 0x4}}, {}, {@nls={'nls', 0x3d, 'cp857'}}, {@uid}, {@nobarrier}, {@nobarrier}]}, 0x20, 0x6de, &(0x7f0000000840)="$eJzs3U9sW3cdAPDvsx0n7qTMG+1WEFKjVVSwQpvEjBYJiYIQymGCSlx2DW26RnWyKslQWiHqAYMjnFAPOwyhcNgJcUAa4oAYZyQk7r1X4sCt4oDRe34vsZ3Esds4abvPR3p+v+f3+/N9X//es/3SygF8ai28FROtSGLh/Jub6faDrUbzwVZjpShHxGRElCIqnVUkqxHJJxFXorPEZ9Mn8+6S/cZ54+HHH5y7/1Gjs1XJl6x+aVC7He0BI7TyJWYiopyvR1TZr79re/R3b6Suk+2404SdLRIHx629S2uU5kOct8DT7l5EeWKP5+sRJyJiKv8cEPnVoXTE4R26ka5yAAAA8HQqH1ThxUfxKDZj+mjCAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOdD0vnNwCRfSkV5JpL89/+/n1fLVKvHG+4BvnzA/vdvHFEgAAAAAAAAAHD4JnaKZx7Fo9iM6WK7nWR/838t2ziZPb4Q78Z6LMVaXIjNWIyN2Ii1mIuYmO7qs7q5uLGxNre75W8ibdlut+/lLecjor6r5fyYjxkAAAAAAAAAnm8/jYWYPu4gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgWxJR7qyy5WRRrkepEhFTEVFN67Ui/lKUn2V/Pe4AAAAAYPxq+Xo6+V+n0E6y7/yvZN/7p+LdWI2NWI6NaMZSXM/uBXS+9Zf+2Wo0H2w1VtJld8ff+vdIcWQ9RkQ53ttn5NmsxqntFgvx3fhBnI+ZuBprsRw/isXYiKWYiVp6ELEYSdRrnbsX9SLO3njLeVdXekK52h/bmb7t01kktbgRy1lsF+JateitlNVI4nTXaH+qRvRl6L00O8k3c0Pm6HrX6/Xr/L5Mrv3ikH2MRz078ontjMymuc+z8dLeuS+MOE/6R5qL0vY9qJM7o6Sb/SMVOf/hKDk/ka/TXP+iN+eHbcRbaf2ZmI9SPvsiXunN+e0v3H+5t/GX/vW3qzdLq7du3lg/P8ZDGquJotCfiUZXJl4dPPvyTDTTTLSGz8RE/xNTT3Ach6iaZ6NzYRvuavmdrLQYr3VNwXfieizFpZiNubgcs/H1mI9Gzww71ZPXSmOlNyfZuVbafX2rDQj+7Be7Kv3ygMpHK83LS1157b7S1bN9+TNXfhWzXVl6efDse5x3gcrn8kI6xs+233GeBj2ZyK/NRXTFG9Q+mfhtO31cb67eWru5eHvI8c7l6/S0fb/32vy7Jz6YJ5LOl/SKW8m2spzUivmS7vvMdrS9+armf3HptCvt2ndqe189pmM5vrfvmVrNP8Pt7qmz79U99zWyfae79vV8yol3opl9CukzczRZBWBoJ14/Ua09rP2j9mHt57WbtTenvj15efLz1Zj4e+XP5T+Ufl/6RvJ6fBg/ienjjhQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ4H63fu3lpsNpfWxlioPuZYUTqwztYLw3UY9YjBYyV5oTrubDwFhf9MDcxGLcY0+h8jYkCd6hMPkYx/PqcT+VA6LH44LXumXR6heaVotXedSqxP7fcKTu687lG/tdj8b7unTi26ThngOXdxY+X2xfU7d7+yvLL49tLbS6vzly9dvtT42txXL95Ybi7Ndh6PO0pgHNbv3C0fdwwAAAAAAAAAAADAaPJ//b/x2P+ZoXJAnera+t4jnznqQwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACeUQtvxUQrkpibvTCbbj/YajTTpSjv1KxERCkikh9HJJ9EXInOEvWu7pL9xnnj4ccfnLv/UWOnr0pRvzSo3XBa+RIzEVHO1web3KOb3f1d6+qv9VjhJdtHmCbsbJE4OG7/DwAA//9tSfWT")
mount$nfs(&(0x7f00000001c0)='\xb2\x83\x87J9I\xc3i\xe4\x81\xc5:\xccLD\x9d\xd8\xc7\x90v\x8b\x82\x90\xa4\xdd\x98\xb8\rQh#\xfacl\x01\x8cC\x1f|\xa5\xcb\x8f\xe5WJ\x00>\xf2\xd6\t\xf4IE\xcb\x15A\xb5\xbbG\xa0\xea\xc4\x03\xf2\xf5\xf4\xa1\x98', &(0x7f0000000240)='./file0\x00', 0x0, 0x201008, 0x0)

2.461698594s ago: executing program 0 (id=11664):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000380), 0x200, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'team0\x00', 0x1000})

2.326291479s ago: executing program 1 (id=11665):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x800, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f0000000980)={0x2, @pix_mp={0xa, 0x81, 0x50565559, 0x7, 0xb, [{0x8f, 0x1}, {0xfffffff7, 0x9}, {0x5, 0x5}, {0x0, 0x4}, {0x8, 0x9da}, {0x10, 0x4}, {0x4fb8, 0x80000000}, {0xfffff000, 0xffffffff}], 0xc3, 0x9, 0x8, 0x4, 0x4}})

2.195643163s ago: executing program 8 (id=11666):
r0 = openat$proc_mixer(0xffffffffffffff9c, &(0x7f0000000000)='/proc/asound/card0/oss_mixer\x00', 0x1, 0x0)
write$proc_mixer(r0, 0x0, 0x39)

2.183369499s ago: executing program 9 (id=11667):
ioperm(0x0, 0x2, 0x7e)
syz_clone3(&(0x7f0000001240)={0x2d000000, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, &(0x7f0000001200)=[0x0], 0x1}, 0x58)

2.169648486s ago: executing program 4 (id=11668):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x4, 0x5, &(0x7f0000000240)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x9b}, @call={0x85, 0x0, 0x0, 0x5}]}, &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x1e00, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x28, 0x0, &(0x7f0000000900)="e02742e8680d85ff9782762f86dd", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

2.072930246s ago: executing program 6 (id=11669):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_buf(r0, 0x29, 0x20, &(0x7f00000000c0)="0bbb268dd6ffa80800000000000000000000210d0000aaa8fa017242ba9380d440fe000000000000290000003b000000", 0xfe60)

2.069059996s ago: executing program 0 (id=11670):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_GET(r0, &(0x7f0000002900)={0x0, 0x0, &(0x7f00000028c0)={&(0x7f0000002840)={0x24, 0x4, 0x8, 0x201, 0x0, 0x0, {0x3, 0x0, 0x7}, [@CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x2f}, @CTA_TIMEOUT_L3PROTO={0x6, 0x2, 0x1, 0x0, 0xf6}]}, 0x24}, 0x1, 0x0, 0x0, 0x4000080}, 0x40000d0)

1.944705645s ago: executing program 1 (id=11671):
r0 = syz_open_dev$vbi(&(0x7f0000000000), 0x3, 0x2)
ioctl$VIDIOC_DV_TIMINGS_CAP(r0, 0xc0905664, &(0x7f0000000040)={0x0, 0x0, '\x00', @bt={0x7fffffff, 0x9, 0x7, 0x6, 0x800, 0x3fc00000000, 0xa, 0x2}})

1.792755366s ago: executing program 0 (id=11672):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file2\x00', 0x200001f, &(0x7f00000011c0)={[{@barrier_val={'barrier', 0x3d, 0xad}}, {@errors_remount}, {@journal_dev}, {@noinit_itable}]}, 0xfe, 0x4e5, &(0x7f0000000980)="$eJzs3UFrHG0dAPD/THZ9mzavm6qHWrAttpIU7SZpbBs8VAXRU0Gt9xqTbQjZZEuyaZtQNMUPIIio4EVPXgQ/gCD9CCIU9C4qimirBw/Vkd2djWm6m6R0s8ub/f3gycwzOzv/559lnp1nZtgJYGhdiojJiMiyLLsaEaV8eZqX2GmVxnovXzxZaJQksuzu35NI8mXtbb2XT8/kbzsVEV//SsS3kjfjbmxtr8xXq5X1vD5VX01eZdn2teXV+aXKUmVtdnbm5tytuRtz0z3Jczwibn/pzz/83s+/fPvXn3n0h3t/nfx2K8GWvXn0Uiv1YvN/0VaIiPXjCDYghWaGLTcG3BYAAA7WON7/SER8MiKuRilGmkdzAAAAwEmSfX4sXiWt638AAADAyZRGxFgkaTm/33cs0rRcbt3D+7E4nVZrG/VPZ6Xd8wXjUUzvL1cr0/m9A+NRTBr1mfwe23b9+r76bEScjYgflEab9fJCrbo40DMfAAAAMDzO7Bv//6vUGv8DAAAAJ8z4oBsAAAAAHDvjfwAAADj5jP8BAADgRPvqnTuNkrWff734cGtzpfbw2mJlY6W8urlQXqitPygv1WpLzd/sWz1se9Va7cFnY23z8VS9slGf2tjavrda21yr31t+7RHYAAAAQB+dvfjs90lE7HxuNI2ILNnzWjEiG9m7cqH/7QOOT/o2K//p+NoB9N/IoBsADIxDehhexUE3ABi4w/qBrjfv/Kb3bQEAAI7HxMd3r/83CzA88uv/STLohgB95/o/DC/X/2F4FQ86AjAogBMvPcKu/u7X/7PsrRoFAAD03FizJGk5HweMRZqWyxHvNx8LUEzuL1cr0xHx4Yj4Xan4XqM+03xn4vQAAAAAAAAAAAAAAAAAAAAAAAAAABxRliWRdTG6uw4AAADwQRaR/iXJn/81Uboytv/8wIeSf5ea04h49JO7P3o8X6+vzzSW/2N3ef3H+fLr/T57AQAAAHTSHqe3x/EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0EsvXzxZaJd+xv3bFyNivFP8QpxqTk9FMSJO/zOJwp73JREx0oP4O08j4lyn+EmjWTGet2J//DQiRgcc/0wP4sMwe9bof77Qaf9L41Jz2nn/K+TlXXXv/9Ld/m+kS//3fqcNpm8uOv/8l1Nd4z+NOF/o3P+04ydd4l8+Yo7f/Mb2drfXsp9FTHT8/kleizWVFB5MbWxtX1tenV+qLFXWZmdnbs7dmrsxNz11f7layf92jPH9T/zqvwflf7pL/PFD8r9yxPz/8/zxi4+2Zov7XirGT7Ns8nLnz/9cl/jt775P5R93oz7Rnt9pze914Re/vXDxgPwXu+R/2Oc/ecT8r37tu3884qoAQB9sbG2vzFerlXUzZo5tZjT6GHQ+DlqnfRDbh/Z8Jw/1rtvJSoPYTwfYKQEAAMfi/wf9g24JAAAAAAAAAAAAAAAAAAAADK/DfgYsevBzYvtj7gwmVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA/0vAAD//+XXyps=")
listxattr(&(0x7f0000000100)='./file2\x00', 0x0, 0x0)

1.791108749s ago: executing program 4 (id=11673):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f0000000300)={[{@iocharset={'iocharset', 0x3d, 'maccenteuro'}}, {@gid}, {@gid}, {@keep_last_dots}, {@iocharset={'iocharset', 0x3d, 'macroman'}}, {@fmask={'fmask', 0x3d, 0x8}}, {@namecase}, {@umask={'umask', 0x3d, 0x1}}, {@iocharset={'iocharset', 0x3d, 'cp1251'}}, {@iocharset={'iocharset', 0x3d, 'macgreek'}}]}, 0x1, 0x1534, &(0x7f0000001f40)="$eJzs3AuYjtX6MPD7Xms9Y0i8TXIY1lr3w5sclkmSHJLkkCSVJMkpITHJloTEEJI0JCE5DEkMITlMTBrn8/mQkCRNkoTklKzvmvDZ7dpf7b37tv/1n/t3Xc816571rPXcz3u/h/U818z7bdehtRrXrt6QiOA/ghd+JAFALAAMBIC8ABAAQPm48nFZ/TklJv1nB2F/rYdSr3QG7Eri+mdvXP/sjeufvXH9szeuf/bG9c/euP7ZG9efsexs07RC1/CWfTe+/5+d8ef//yKZZcZ+uabMdd0AYv7sEK5/9sb1/18r+DM7cf2zN65/dhV7pRNg/wPw6z87yPFPe7j+2RvXn7Hs7Erff77SG0T+gsdAwV+X05GcFwrz3zp/xhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGPsv+C0v0wBwKX2lc6LMcYYY4wxxhhjfx2f40pnwBhjjDHGGGOMsf//EARIUBBADOSAWMgJuUAAwNWQB/JCBK6BOLgW8sF1kB8KQEEoBPFQGIqABgMWCEIoCsUgCtdDcbgBSkBJKAWlwUEZSIAboSzcBOXgZigPt0AFuBUqQiWoDFXgNqgKt0M1uAOqw51QA2pCLagNd0EduBvqwj1QD+6F+nAf3A8PQAN4EBrCQ9AIHobG8Ag0gUehKTSD5tACWv5b45+HnvAC9ILekAR9oC+8CP2gPwyAl2AgvAyD4BUYDK9CMgyBofAaDIPXYTi8ASNgJIyCN2E0vAVjYCyMg/GQAhNgIrwNk+AdmAzvwhSYCqkwDabDezADZsIseB9mwwcwB+bCPJgPafAhLICFkA4fwSL4GDJgMSyBpbAMlsMKWAmrYDWsgbWwDtbDBtgIm2AzbIGtsA22ww74BHbCp7ALdsMe+Az2wuf/4vhT/zC+GwICChSoUGEMxmAsxmIuzIW5MTfmwTwYwQjGYRzmw3yYH/NjQSyI8RiPRbAIGjRISFgUi2IUo1gci2MJLIGlsBQ6dJiACVgWb8JyWA7LY3msgBWwIlbCSlgFq2BVrIrVsBpWx+pYA2tgLayFd+Fd2AfrYl2sh/WwPta/dHsKG2JDbISNsDE2xibYBJtiU2yOzbEltsRW2ApbY2tsi22xHbbD9tgeEzERO2JH7ISdsDN2xi7YBbtiV+yG3bF75vM5AF/AF7A31hB9sC/2xX6YnGMAvoQv4cs4CF/BV/BVTMYhOBRfw9fwdRyOJ3EEjsRROAqrirdwDI5FEuMxBVNwIk7ESTgJsxJ9F6diKk7D6TgdZ+BMnInv42z8AD/AuTgX52MapuECXIjpmI6L8BRm4GJcgktxGS7HZbgSV+FKXINrcQ2ux/W4ETfiZtyMW3Erbsft+AkqAPwUd+NuTMa9uBf34T7cj/vxAB7ATMzEg3gQD+EhPIyH8QgewaN4DI/jMTyBJ/AknsLTeBrP4lk8h8/Gf93ok5Krk0FkUUKJGBEjYkWsyCVyidwit8gj8oiIiIg4ESfyiXwiv8gvCoqCIl7EiyKiiDDCCBJhDACIqIiK4qK4KCFKiFKilHDCiQSRIMqKsqKcKCfKi1tEBXGrqCgqiTauiqgiqoq2rpq4Q1QX1UUNUVPUErVFbVFH1BF1RV1RT9QT9UV9cb94QDQQfXAAPiSyKtNYDMEmYig2Fc2EvPgO1koMx9aijWgrnhAjcQS2F61conhKdBRjsJP4mxiLz4guYjx2Fc+JbqK76CGeFz1Fa9dL9BaTsY/oK6ZiP9FfDBAviRlYU7yPs3PWEq+KZDFEDBWvifn4uhgu3hAjxEgxSrwpRou3xBgxVowT40WKmCAmirfFJPGOmCzeFVPEVJEqponp4j0xQ8wUs8T7Yrb4QMwRc8U8MV+kiQ/FArFQpIuPxCLxscgQi8USsVQsE8vFCrFSrBKrxRqxVqwT68UGsVFsEpvFFhEL28R2sUN8InaKT8UusVvsEZ+JveJzsU98IfaLL8UB8ZXIFF+Lg+IbcUh8Kw6L78QR8b04Ko6J4+IHcUL8KE6KU+K0OCPOip/EOfGzOC+8AIlSSCmVDGSMzCFjZU6ZS14lc8vg4qN7jYyT18p88jqZXxaQBWUhGS8LyyJSSyOtJBnKorKYjMrrZXF5gywhS8pSsrR0soxMkDfKsvImWU7eLMvLW2QFeausKCvJyrKKvE1WlbdLiFw4Rg1ZU9aSteVdMgnulnXlPbKevFfWl/fJ++UDsoF8UDaUD8lG8mHZWD4im8hHZVPZTDaXLWRL+ZhsJR+XrWUb2VY+IdvJJ2V72UEmyqdkR+kvPkWekV3ks7KrfE52k91lD/mzPC+97CV7S+gDsq98UfaT/eWAWACQL8tB8hU5WL4qk+UQOVS+JofJ1+Vw+YYcIUfKUfJNOVq+JcfIsXKcHC9T5AQ5Ub4tJ8l35GT5rpwip8pUOU0OkAN/mWmWlH84/u3fGT/4l6NvlJvkZrlFbpXb5Ha5Q34id8qdcpfcJffIPXKv3Cv3yX1yv9wvD8gDMlNmyoPyoDwkD8nD8rA8Io/Io/KYPCN/kCfkj/KkPCVPyTPyrDwrz118DEChEkoqpQIVo3KoWJVT5VJXqdzqapVH5VURdY2KU9eqfOo6lV8VUAVVIRWvCqsiSiujrCIVqqKqmIqq6/HiE0aVUqWVU2VUgrrxXxmviqsbVAlV8lfjL+WX9E/ya6laqlaqlWqtWqu2qq1qp9qp9qq9SlSJqqPqqDqpTqqz6qy6qC6qq+qa9XxQPVQP1VP1VL1UL5WkklRf9aLqp/qrAeolNVC9rAapQWqwGqySVbIaqoaqYWqYGq6GqxFqhBqlRqnRarQao8aocWqcSlEpaqKaqCapSWqymqymqCkqVaWq6Wq6mqFmqFlqlpqtZqs5ao6ap+apNJWmFqgFKl2lq0VqkcpQi9VitVQtVcvVcrVSrVSr1Wq1Vq1V69V6laE2qU1qi9qitqltaofaoXaqnWqX2KX2qD1qr9qr9ql9ar/arw6oAypTZaqD6qA6pA6pw+qwOqKOqKPqqDqujqsT6oQ6qU6q0+q0OqvOqnPqnDqvzmct+wIRiEAFKogJYoLYIDbIFeQKcge5gzxBniASRIK4IC7IF1wX5A8KBAWDQkF8UDgoEujABDYQF4seDa4Pigc3BCWCkkGpoHTggjJBQnBjUDa4KSgX3ByUD24JKgS3BhWDSkHloEpwW1A1uD2oFtwRVA/uDGoENYNaQe3grqBOcHdQN7gnqBfcG9QP7gvuDx4IGgQPBg2Dh4JGwcNB4+CRoEnwaNA0aBY0D1oELf/S+b0/WeBx10v31km6j+6rX9T9dH89QL+kB+qX9SD9ih6sX9XJeogeql/Tw/Trerh+Q4/QI/Uo/aYerd/SY/RYPU6P1yl6gp6o39aT9Dt6sn5XT9FTdaqepqfr9/QMPVPP0u/r2foDPUfP1fP0fJ2mP9QL9EKdrj/Si/THOkMv1kv0Ur1ML9cr9Eq9Sq/Wa/RavU6v1xv0Rr1Jb9Zb9Fa9TW/XO/Qneqf+VO/Su/Ue/Zneqz/X+/QXer/+Uh/QX+lM/bU+qL/Rh/S3+rD+Th/R3+uj+pg+rn/QJ/SP+qQ+pU/rM/qs/kmf0z/r89pnLe6zPt6NMsrEmBgTa2JNLpPL5Da5TR6Tx0RMxMSZOJPP5DP5TX5T0BQ08SbeFDFFTBYyZIqaoiZqoqa4KW5KmBKmlCllnHEmwSSYsqasKWfKmfKmvKlgKpiKpqKpbCqb28xt5nZzu7nD3GHuNHeamqamqW1qmzqmjqlr6pp6pp6pb+qb+839poFpYBqahqaRaWQam8amiWlimpqmprlpblqalqaVaWVam9amrWlr2pl2pr1pbxJNouloOppOppPpbDqbLqaL6Wq6mm6mm+lhepiepqfpZXqZJJNk+pq+pp/pZwaYAWagGWgGmUFmsBlskk2yGWqGmmFmmBluhpsRZqQZlbVQNW+ZMWasGWfGmxSTYiaaiWaSmWQmm8lmipliUk2qmW6mmxlmhpllZpnZZraZY+aYeWaeSTNpZoFZYNJNullkFpkMk2GWmCVmmVlmVpgVZpVZZdaYNWYdrDMbzAazyWwyW8wWs81sMzvMDrPT7DS7zC6zx+wxe81es8/sM/vNfnPAHDCZJtMcNAfNIXPIHDaHzRFzxBw1R81xc9ycMCfMSXPSnDanzVlT4OLnpTexNqfNZa+yue3VNo/Na/8xLmgL2Xhb2Bax2ua3BX4VG2ttCVvSlrKlrbNlbIK98TdxRVvJVrZV7G22qr3dVvtNXMfebevae2w9e6+tbe/6VVzf3mezVicNEAFsM9vItrCN7SO2iX3UNrXNbHPbwrazT9r2toNNtE/Zjvbp38QL7EK7yq62a+xau8vutqftGXvIfmvP2p9sL9vbDrQv20H2FTvYvmqT7ZDfxKPsm3a0fcuOsWPtODv+N/EUO9Wm2ml2un3PzrAzfxOn2Q/tbJtu59i5dp6d/0uclVO6/cgush/bDBvAErvULrPL7Qq78lKuPq9dbzfYjXan/dRusVvtNrvd7ri0ELa77R77md1rP7cH7Td2v/3SHrCHbab9+pc46/wO2+/sEfu9PWqP2eP2B3vC/qgujc469x/sz/a89RYICUiSooBiKAfFUk7KRVdRbrqa8lBeitA1FEfXUj66jvJTASpIhSieClMR0mTIElFIRakYRel6upReKSpNjspQAt1IZekmKkc3U3m6hSrQrVSRKlFlqkK3UVW6narRHVSd7qQaVJNqUW26i+rQ3VSX7qF6dC/Vp/vofnqAGtCD1JAeokb0MDWmR6gJPUpNqRk1pxbUkh6jVvQ4taY21JaeoHb0JLWnDpRIT1FHepo60d+oMz1DXehZ6krPUTfqTj3oeepJL1Av6k1J1If60ovUj/rTAHqJBtLLNIheocH0KiXTEBpKr9Ewep2G0xs0gkbSKHqTRtNbNIbG0jgaTyk0gSbS2zSJ3qHJ9C5NoamUStNoOr1HM2gmzaL3aTZ9QHNoLs2j+ZRGH9ICWkjp9BEtoo8pgxbTElpKy2g5raCVtIpW0xpaS+toPW2gjbSJNtMW2krbaDvtoE9oJ31Ku2g37aHPaC99Tkhf0H76kg7QV5RJX9NB+oYO0bd0mL7zvel7OkrH6Dj9QCfoRzpJp+g0naGz9BOdo5/pPHmCEEMRylCFQRgT5ghjw5xhrvCqMHd4dZgnzBtGwmvCuPDaMF94XZg/LBAWDAuF8WHhsEioQxPakMIwLBoWC6Ph9WHx8IawRFgyLBWWDl1YJkwIbwzLhjeF5cKbw/LhLWGF8NawYlgpfOTeKuFtYdXw9rBaeEdYPbwzrBHWDGuFtcO7wjrh3WHd8J6wXnhvWC68L7w/fCBsED4YNgwfChuFD4eNw0fCJuGjYdOwWdg8bBG2DB8LW4WPh63DNmHb8ImwXfhk2D7sECaGT4Udw6d/6b9v4T/vTwr7hH3DF8MXQ+/vkfOi86Np0Q+jC6ILo+nRj6KLoh9HM6KLo0uiS6PLosujK6Iro6uiq6Nromuj66LroxuiG6Pe184BDp1w0ikXuBiXw8W6nC6Xu8rldle7PC6vi7hrXJy71uVz17n8roAr6Aq5eFfYFXHaGWcdudAVdcVc1F3virsbXAlX0pVypZ1zZVyCa+FaupaulXvctXZtXFv3hHvCPemedB1cB/eU6+iedp3c31xn94zr4p51z7rnXDfX3fVwz7uebkKeC6/JJNfX9XX9XD83wA1wA91AN8gNcoPdYJfskt1QN9QNc8PccDfcjXAj3Cg3yo12o90YN8aNc+NciktxE91EN8lNcpPdZDfFTXGpLtVNd9PdDDfDVZ154Shz3Bw3z81zaS7NLXBZa8Z0t8gtchkuwy1xS9wyt8ytcCvcKrfKrXFr3Dq3zm1wG9wmt8ltcVvcNrfN7XA73E630+3yeS9M6va6fW6f2+/2uwPuK5fpvnYH3TfukPvWHXbfuSPue3fUHXPH3Q/uhPvRnXSn3Gl3xp11P7lz7md33nmXEpkQmRh5OzIp8k5kcuTdrFkjqZFpkemR9yIzIjMjsyLvR2ZHPojMicyNzIvMj6RFPowsiCyMpEc+iiyKfBzJiCyOLIksjSyLLI94X3hL6Iv6Yj7qr/fF/Q2+hC/pS/nS3vkyPsHf6Mv6m3w5f7Mv72/xFfytvqKv5Cv7R31T38w39y18S/+Yb+Uf9619G9/WP+Hb+Sd9e9/BJ/qnfEf/tO/k/+Y7+2d8F/+s7+qf8918d9/DP+97+hd8L9/bJ/k+vq9/0ffz/f0A/5If6F/2g/wrfrB/1Sf7IX6of80P86/74f4NP8KP9KNi3vSjL10iw3if4if4if5tP8m/4yf7d/0UP9Wn+ml+un/Pz/Az/Sz/vp/tP/Bz/Fw/z8/3af5Dv8Av9On+I7/If+wz/OJLN5X9Cr/Sr/Kr/Rq/1q/z6/0Gv9Fv8pv9Fr/Vb/Pb/Q7/id/pP/W7/G6/x3/m9/rP/T7/hd/vv/QH/Fc+03/tD/pv/CH/rT/sv/NH/Pf+qD/mj/sf/An/oz/pT/nT/ow/63/y5/zP/jz/zxpjjDHG2J8y4XJT/Lrnwu38Pr8zRvzdzn0B4OqthTL/vj9rRbku/4V2fxHfLgIAT/Xu+tClrUaNpKSki/tmSAiKzc1ad18eHwOX48XQFp6ERGgDZX83//6i+1n6g/mjtwDk+rsxsXA5vjz/FwCY9DvzP/bEqAUVwtNx/4/55wKUKHZ5TE64HC+Gtr/cX2kD5f5J/gVa/UH+Ob9MAWj9d2Nyw+X4cv4J8Dg8DYm/2pMxxhhjjDHGGLugv6jc+dL156W/+Py96/N4dXlMDrgc/9H1OWOMMcYYY4wxxq68Z7r36PBYYmKbzv96o9of76P+3IQxv9fVBP7dxLjxbzW8B/i/hQOA/3BCgKyG/G+exeb/yrGSL750/rFr2RkfQI8O8D+glH9F4wq/MTHGGGOMMcb+cpcX/b/+vbpSCTHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY9nQf/odb/AnvqXvSp8jY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxdqX9nwAAAP//2Xj1/A==")
openat(0xffffffffffffff9c, &(0x7f00000000c0)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x42, 0x194)

1.709362961s ago: executing program 8 (id=11674):
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x3, &(0x7f0000000080)=0x9, 0x8, 0x0)
mremap(&(0x7f000008f000/0x2000)=nil, 0x2000, 0x1000, 0x3, &(0x7f0000486000/0x1000)=nil)

1.646471274s ago: executing program 6 (id=11675):
syz_mount_image$ocfs2(&(0x7f0000000000), &(0x7f0000004480)='./file0\x00', 0x210040, &(0x7f00000000c0)={[{@journal_async_commit}, {@noacl}, {@coherency_full}, {@heartbeat_none}, {@journal_async_commit}, {@user_xattr}, {@journal_async_commit}, {@localflocks}]}, 0x1, 0x4451, &(0x7f0000008940)="$eJzs101vG3kdB/DfTJLGSZPiQg9BcIgEEhWgkOSE4ACIh6oSIlWgCBGkyHloG3DikDgohx5A6pFDEZw4c2TPe1qpb2BX2jew+wJ299A9dPe0Xnk8Tj2x3WR3bafNfj6HjOf/MP+f8/WM/05z9Qc7h/M7h/OVvfna5r3D5fm/1apHu9uRjshFr8/5DCMn2V+clZ//6re/X47Yf7S81mg0GhER5ehtqeP1s6cPNzuPbempOc3r9rncgPwxIm501dU0FhF/eD0iiYgkf1NpfpzKZzX7/vTXb/8zSoOp5u/rb838//j2D1679+Y3nr238rjvwCTiv9Wvf//+7vvfGvvxu98dzOoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwsW6trty9s7gUT5Jydr7/aHmts3+ynL8o9Z7faAy9RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgJXdrdeXuncWleJJE6cPJiP1Hy2ud/ePl/EW59/zGT0ZQJENz+zcrv/jl4lKWe6ORdPX/MG/64GdjcT0inj19uBmF4zuzneOTU5+T05+nfNTA6m/Xl5SvtK+dLnTUUY40XViISI5b53PJdFqtHda/d692tLc1sDJeWcX806ytkE6r6QX5t44nw8+V/yB9revTlJ3PDXfVy+J5/jNrjcZY33H/+0fSzr8UL8h/7ALy/7wmB1rHq6l4/49nbcX7qRVoM/9/jZ99/4+PKP9rzT+lrNZS5xOguYdptvfbr1BUzH8ia+uXf6/n/8en8p/onf+dfw/tHfR5/u8PbcFLpZh/aw9V/H+2NgBZ/unZ9/+Vl+X7f364q14Wxfxb34inIsz+ned9/k+OKP9yu85rSdcnIGsvRcwOY+FLpph/qav/+e+/9Fz7/9IF/f5rr9t+B+3fITeT1u8/eivmP9V33Hnv/6kRP/9b+79zmBhmFa+uYv7TWdsX2f9Pjyj/bFfSY///SXv/fzyMVS+fYv5Xs7biU+Bx9jfb/yXduX90Kv+rL8H+L6v/5nBXvSyK+c/0HdfM/+1zfP/PjDz/iOnPPKN7n/NlVcw/3zG/0T0uu/9LZ+c/O+L8vzPMiwMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwNGm5dSxHki4UztN0YSFiLD+fi+lko7K1vlGtbf7lMGI8b5+Pryb3q7WNSnV9Z6+2tb1eqVZrmxETef+NKCWH1Vp9fbeyf+XkWlPJg+3KQX1ju1KPiMm8/Zsx277Wxk59t7IfEaWTvq+ktYP9B5W99a2dgx8tLi4uxtRJDdeT7eP69l69tXqrN2L6ZG456Sgu6756UstM8ufa0cFepZq1z3TMqdY2K9WOObN533/ielI/ONrbrNS316u1++31epsaTFBn+Gl+TG+v/m7110vdA+by/vJIygEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+JRdObRhEAyiAHxtKrtBh6huukCrOkIdM+BgBCRDwAA4FoBF8FgQPwSN/77kknt5DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABO6d+vOiJuKV0j4rM/l3TlUhxldP/x3uTfZ5sNj3n6VdsOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFZ24EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsEvvqgkEURiAZyZFLtU+RqplN1XaQEJIkxXBytIXsLSw9HUt7KxElFmQdRdF0Or7mr2cOZwD8wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANzkd9xMRlUdQgwvu+cQ5quP6Wn9rcgvi/7+pwfsyP38/TffP1Wd7z2e1T/zr/VXOla3m+Us9DxbsZOTbp7yqcuLDeRtaL92bhFiKg/fObfvMaWy7Ot8vW4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADs2YEDAQAAAABB/tYrDFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwFIAAAD//9Z5nlo=")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x15)

1.595548846s ago: executing program 1 (id=11676):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="130100002add1e20ef050a023691010203010902240001000000000904000002ea1998000905a6a70023000000090507", @ANYRES32], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000780)={0x84, &(0x7f0000000180)=ANY=[@ANYBLOB="0005010000004f"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

1.420759203s ago: executing program 9 (id=11677):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000740)=@updsa={0x104, 0x1a, 0xa21, 0x70bd29, 0x0, {{@in=@remote, @in=@dev={0xac, 0x14, 0x14, 0x27}, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x6c}, {@in, 0x4d2, 0x3c}, @in6=@private0={0xfc, 0x0, '\x00', 0x1}, {0xffffffffffffffff, 0x4, 0x0, 0x0, 0x2000000000000, 0x0, 0x7}, {0x0, 0x0, 0x4}, {}, 0x0, 0xffffffff, 0xa, 0x1, 0x0, 0x39}, [@coaddr={0x14, 0xe, @in=@loopback}]}, 0x104}}, 0x810)

1.418396331s ago: executing program 8 (id=11678):
r0 = socket$inet(0x2, 0x3, 0x30)
getsockopt$inet_mreqsrc(r0, 0x0, 0x53, &(0x7f0000000000)={@dev, @local, @broadcast}, &(0x7f00000000c0)=0x7)

1.261309781s ago: executing program 4 (id=11679):
r0 = openat$vimc2(0xffffffffffffff9c, &(0x7f00000016c0), 0x2, 0x0)
ioctl$VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000001700)={0x81, 0x8, 0x3, 0x0, 0x8})

1.259929345s ago: executing program 8 (id=11680):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000005780)={0x0, 0x0, &(0x7f0000005740)={&(0x7f0000000900)=ANY=[@ANYBLOB="140000001000010000000000000000000210000a20000000000a01080000000000000000070000040900010073797a300000000014000000020a010100000000000000000000000320000000000a01010016000000000000070000090900010073797a300000000024000000160a01020000000000000000020000080800074000000002080007400000000110020000160a01040000000000000000070000020900020073797a32000000000800074014ee0001480103800800024000000008080002400002000908000240000000080800024000000a1108000140000000000800014000000000900003801400010069703665727370616e30000000000000140001007663616e3000000000000000000000001400010076657468315f746f5f7465616d000000140001006272696467653000000000000000000014000100766972745f7769666930000000007a412b200100766c616e3000000000000000000000001400010064766d7270310000000000000000000008000240000000047c000380140001006d6163766c616e3100000000000000001400010076657468305f746f5f626f6e64000000140001007465616d5f736c6176655f30000000001400010076657404315f766972745f77696669001400010076657468305f746f5f7465616d0000001400010069703665727370616e300000000000000900010073797a30"], 0x2b0}}, 0x20000080)

1.047745513s ago: executing program 9 (id=11681):
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
getsockopt$sock_buf(r0, 0x1, 0x1c, &(0x7f0000000140)=""/48, &(0x7f0000000200)=0x30)

904.343982ms ago: executing program 0 (id=11682):
r0 = syz_open_procfs(0x0, &(0x7f0000001380))
getdents(r0, 0x0, 0x0)

902.604654ms ago: executing program 4 (id=11683):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000380)=@newtaction={0x68, 0x30, 0x871a15abc695fa3d, 0x2000, 0x25dfdbff, {}, [{0x54, 0x1, [@m_ctinfo={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_CTINFO_ACT={0x18, 0x3, {0x80000000, 0x8, 0x10000000, 0x20001, 0xa}}, @TCA_CTINFO_PARMS_CPMARK_MASK={0x8, 0x7, 0xa}]}, {0xfffffffffffffd8e}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x4}}}}]}]}, 0x68}, 0x1, 0x0, 0x0, 0x8800}, 0x4040000)

666.351492ms ago: executing program 9 (id=11684):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)={0x88, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @dev={0xac, 0x14, 0x14, 0x27}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TIMEOUT={0x8, 0x7, 0x1, 0x0, 0x7}, @CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast2=0xe0000001}, {0x8, 0x2, @dev}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_MASTER={0x24, 0xe, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @dev={0xac, 0x14, 0x14, 0xd}}, {0x8, 0x2, @initdev={0xac, 0x1e, 0x1, 0x0}}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x2f}}]}]}, 0x88}, 0x1, 0x0, 0x0, 0x8000}, 0x10)

633.673651ms ago: executing program 8 (id=11685):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)=@newlink={0x44, 0x10, 0x401, 0x2000000, 0x0, {0x0, 0x0, 0x0, 0x0, 0x13101}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @ip6erspan={{0xe}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GRE_IKEY={0x8, 0x4, 0xffffffff}, @IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x10}, 0x48010)

426.608403ms ago: executing program 0 (id=11686):
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
futex(&(0x7f000000cffc)=0x2, 0x3, 0x801, 0x0, &(0x7f0000000040), 0xfffffffc)

426.22354ms ago: executing program 4 (id=11687):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000640)=@framed={{0x18, 0x2, 0x0, 0x0, 0x2}, [@call={0x85, 0x0, 0x0, 0x13}, @printk={@ld, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x6}}]}, &(0x7f0000000080)='GPL\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f0000000000)="e0b9547ed387dbe9abc89b6f4bec", 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

334.81846ms ago: executing program 9 (id=11688):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000300)={'dummy0\x00', &(0x7f0000000280)=@ethtool_ts_info})

310.018587ms ago: executing program 8 (id=11689):
syz_read_part_table(0x1050, &(0x7f0000000000)="$eJzsz7ENwjAUBNAzBKIIlJJlWIKGeWAeWhagYhx6OmQHhQ2A4r3COn+fLTn81P4+XLOtqSSbdZs9kxxKl+wWc6/vkpxqGLJq5ZLcprPy7tT2Mo/+MznXC1Ps2n6s6zi/erx8448AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8O9eAQAA///LcAfF")
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040ed5000410"], 0x11)

199.904453ms ago: executing program 0 (id=11690):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
getsockopt$inet6_tcp_int(r0, 0x6, 0x24, 0x0, &(0x7f00000001c0))

49.428021ms ago: executing program 4 (id=11691):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001ac0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x7}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x74, 0x9, 0xa, 0x401, 0x0, 0x0, {0x7}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0xd}, @NFTA_SET_EXPRESSIONS={0x30, 0x12, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @quota={{0xa}, @val={0x10, 0x2, 0x0, 0x1, [@NFTA_QUOTA_BYTES={0xc, 0x1, 0x1, 0x0, 0x80000001}]}}}, {0xc, 0x1, 0x0, 0x1, @ct={{0x7}, @void}}]}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x110}]}], {0x14, 0x10, 0x1, 0x0, 0x0, {0x7, 0x84}}}, 0xbc}}, 0x20050800)

0s ago: executing program 9 (id=11692):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000002f80)={0x0, 0x0, &(0x7f0000002f40)={&(0x7f00000002c0)=@newtaction={0x68, 0x30, 0x9, 0x0, 0x0, {}, [{0x54, 0x1, [@m_skbedit={0x50, 0x1, 0x0, 0x0, {{0xc}, {0x24, 0x2, 0x0, 0x1, [@TCA_SKBEDIT_PARMS={0x18, 0x2, {0x0, 0x40, 0x10414c120245311d, 0xff4c, 0x9}}, @TCA_SKBEDIT_PTYPE={0x6, 0x7, 0x3}]}, {0x4}, {0xc, 0xa, {0x0, 0x1}}, {0xc, 0x9, {0x3b}}}}]}]}, 0x68}}, 0x0)

kernel console output (not intermixed with test programs):

ptor of length 0, skipping remainder of the config
[  982.245082][T32456] loop5: detected capacity change from 0 to 32768
[  982.279869][ T8986] usb 5-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80
[  982.304147][T32493] bridge_slave_0: entered promiscuous mode
[  982.313304][ T8986] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  982.322250][T32456] (syz.5.10288,32456,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  982.329254][T32493] bridge_slave_0: entered allmulticast mode
[  982.356164][ T8986] usb 5-1: Product: syz
[  982.360334][ T8986] usb 5-1: Manufacturer: syz
[  982.364929][ T8986] usb 5-1: SerialNumber: syz
[  982.386810][T32456] (syz.5.10288,32456,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  982.426147][ T8986] usb 5-1: config 0 descriptor??
[  982.457746][ T8986] usb 5-1: bad CDC descriptors
[  982.474735][T32456] JBD2: Ignoring recovery information on journal
[  982.491979][ T8986] usb 5-1: unsupported MDLM descriptors
[  982.645611][T26358] usb 5-1: USB disconnect, device number 117
[  982.653032][T32456] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  982.865962][T32512] loop3: detected capacity change from 0 to 256
[  983.016898][T32512] FAT-fs (loop3): Directory bread(block 64) failed
[  983.032433][T32512] FAT-fs (loop3): Directory bread(block 65) failed
[  983.039905][ T5842] ocfs2: Unmounting device (7,5) on (node local)
[  983.080187][T32512] FAT-fs (loop3): Directory bread(block 66) failed
[  983.109279][T32512] FAT-fs (loop3): Directory bread(block 67) failed
[  983.115892][T32512] FAT-fs (loop3): Directory bread(block 68) failed
[  983.195548][T32512] FAT-fs (loop3): Directory bread(block 69) failed
[  983.202358][T32512] FAT-fs (loop3): Directory bread(block 70) failed
[  983.251934][T32512] FAT-fs (loop3): Directory bread(block 71) failed
[  983.302389][T32512] FAT-fs (loop3): Directory bread(block 72) failed
[  983.334107][T32512] FAT-fs (loop3): Directory bread(block 73) failed
[  984.042170][T32566] netlink: 'syz.3.10314': attribute type 9 has an invalid length.
[  984.314638][T32582] binder: BC_ATTEMPT_ACQUIRE not supported
[  984.350220][T32582] binder: 32579:32582 ioctl c0306201 2000000001c0 returned -22
[  984.663273][T32598] macsec0: entered promiscuous mode
[  984.668632][T32598] macsec0: entered allmulticast mode
[  984.713646][T32598] veth1_macvtap: entered allmulticast mode
[  984.812859][T32607] netlink: 'syz.6.10328': attribute type 1 has an invalid length.
[  984.977467][T32613] overlayfs: missing 'lowerdir'
[  985.073841][T32616] tmpfs: User quota inode hardlimit too large.
[  985.127525][T32554] loop8: detected capacity change from 0 to 32768
[  985.219000][T32554] XFS (loop8): DAX unsupported by block device. Turning off DAX.
[  985.291405][T32554] XFS (loop8): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  985.443478][T32554] XFS (loop8): Ending clean mount
[  985.581460][T32645] netlink: 'syz.6.10337': attribute type 21 has an invalid length.
[  985.728523][T30492] XFS (loop8): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  986.013576][T24247] usb 6-1: new high-speed USB device number 122 using dummy_hcd
[  986.176032][T24247] usb 6-1: Using ep0 maxpacket: 8
[  986.207330][T24247] usb 6-1: New USB device found, idVendor=0471, idProduct=0313, bcdDevice=81.d5
[  986.223780][T24247] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  986.242480][T24247] usb 6-1: Product: syz
[  986.249621][T32672] xt_TPROXY: Can be used only with -p tcp or -p udp
[  986.252186][T24247] usb 6-1: Manufacturer: syz
[  986.280688][T24247] usb 6-1: SerialNumber: syz
[  986.307431][T24247] usb 6-1: config 0 descriptor??
[  986.332687][T24247] pwc: Philips PCVC720K/40 (ToUCam XS) USB webcam detected.
[  986.332782][T32606] loop4: detected capacity change from 0 to 32768
[  986.505806][T32606] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  986.551678][T24247] pwc: send_video_command error -71
[  986.579325][T24247] pwc: Failed to set video mode VGA@30 fps; return code = -71
[  986.604483][T24247] Philips webcam 6-1:0.0: probe with driver Philips webcam failed with error -71
[  986.637278][T32606] XFS (loop4): Ending clean mount
[  986.643106][T24247] usb 6-1: USB disconnect, device number 122
[  986.684333][T32606] XFS (loop4): Quotacheck needed: Please wait.
[  986.717098][T32705] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  986.876418][T32606] XFS (loop4): Quotacheck: Done.
[  987.015900][ T5833] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  987.255051][T32718] can0: slcan on pty36.
[  987.301875][T32728] netlink: 6 bytes leftover after parsing attributes in process `syz.3.10356'.
[  987.311357][ T5854] Bluetooth: hci7: unexpected cc 0x0c03 length: 249 > 1
[  987.320939][ T5854] Bluetooth: hci7: unexpected cc 0x1003 length: 249 > 9
[  987.329039][ T5854] Bluetooth: hci7: unexpected cc 0x1001 length: 249 > 9
[  987.342335][ T5854] Bluetooth: hci7: unexpected cc 0x0c23 length: 249 > 4
[  987.356548][ T5854] Bluetooth: hci7: unexpected cc 0x0c38 length: 249 > 2
[  987.361446][T32728] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  987.452426][T32736] netlink: 16 bytes leftover after parsing attributes in process `syz.5.10358'.
[  987.514629][T32717] can0 (unregistered): slcan off pty36.
[  987.582509][T32729] C speed is unknown, defaulting to 1000
[  988.180992][  T302] openvswitch: netlink: Actions may not be safe on all matching packets
[  988.339279][  T314] netlink: 32 bytes leftover after parsing attributes in process `syz.3.10369'.
[  988.418295][  T314] netlink: 32 bytes leftover after parsing attributes in process `syz.3.10369'.
[  988.634404][  T327] netlink: 8 bytes leftover after parsing attributes in process `syz.8.10372'.
[  988.924758][  T341] netlink: 'syz.4.10377': attribute type 10 has an invalid length.
[  988.977004][  T341] netlink: 40 bytes leftover after parsing attributes in process `syz.4.10377'.
[  988.989535][T32729] wlan0 speed is unknown, defaulting to 1000
[  989.102614][  T341] team0: Port device geneve0 added
[  989.302453][ T5839] Bluetooth: hci7: command tx timeout
[  989.396932][  T371] loop5: detected capacity change from 0 to 4096
[  989.740222][  T425] loop4: detected capacity change from 0 to 47
[  990.235809][T32729] chnl_net:caif_netlink_parms(): no params data found
[  990.779385][T32729] bridge0: port 1(bridge_slave_0) entered blocking state
[  990.825023][T32729] bridge0: port 1(bridge_slave_0) entered disabled state
[  990.856921][T32729] bridge_slave_0: entered allmulticast mode
[  990.892911][T32729] bridge_slave_0: entered promiscuous mode
[  990.924568][T32729] bridge0: port 2(bridge_slave_1) entered blocking state
[  990.948384][T32729] bridge0: port 2(bridge_slave_1) entered disabled state
[  990.996761][T32729] bridge_slave_1: entered allmulticast mode
[  991.026198][T32729] bridge_slave_1: entered promiscuous mode
[  991.100681][  T584] loop4: detected capacity change from 0 to 64
[  991.287188][ T5839] Bluetooth: hci7: command tx timeout
[  991.296894][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  991.304157][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  991.318987][T32729] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  991.332289][T32729] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  991.405788][  T470] loop8: detected capacity change from 0 to 32768
[  991.463443][  T470] (syz.8.10391,470,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  991.550205][  T470] (syz.8.10391,470,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  991.653307][  T470] JBD2: Ignoring recovery information on journal
[  991.694049][T32729] team0: Port device team_slave_0 added
[  991.718266][  T516] loop3: detected capacity change from 0 to 32768
[  991.792319][  T516] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.10396 (516)
[  991.816229][T32729] team0: Port device team_slave_1 added
[  991.846341][  T470] ocfs2: Mounting device (7,8) on (node local, slot 0) with ordered data mode.
[  991.969522][  T516] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  992.027480][  T516] BTRFS info (device loop3): using sha256 (sha256-lib) checksum algorithm
[  992.341397][T32729] batman_adv: batadv0: Adding interface: batadv_slave_0
[  992.367124][T30492] ocfs2: Unmounting device (7,8) on (node local)
[  992.381462][  T516] BTRFS info (device loop3): enabling ssd optimizations
[  992.408525][T32729] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  992.454476][  T516] BTRFS info (device loop3): turning on async discard
[  992.461690][  T516] BTRFS info (device loop3): enabling free space tree
[  992.570175][  T722] tmpfs: Bad value for 'mpol'
[  992.597784][T32729] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  992.643756][T32729] batman_adv: batadv0: Adding interface: batadv_slave_1
[  992.643778][T32729] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  992.643811][T32729] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  992.713796][  T727] x_tables: ip_tables: rpfilter match: used from hooks OUTPUT, but only valid from PREROUTING
[  992.784597][ T5841] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  993.109044][T32729] hsr_slave_0: entered promiscuous mode
[  993.159528][T32729] hsr_slave_1: entered promiscuous mode
[  993.165909][T32729] debugfs: 'hsr0' already exists in 'hsr'
[  993.214347][T32729] Cannot create hsr debugfs directory
[  993.263157][ T5839] Bluetooth: hci7: command tx timeout
[  993.758120][T26358] usb 7-1: new low-speed USB device number 12 using dummy_hcd
[  993.950669][T26358] usb 7-1: config index 0 descriptor too short (expected 1307, got 27)
[  993.996265][T26358] usb 7-1: config 0 has an invalid interface number: 0 but max is -1
[  994.004819][T26358] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 0
[  994.045975][T26358] usb 7-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30
[  994.080263][T26358] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt
[  994.143276][T26358] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  994.191061][T26358] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246
[  994.249504][  T871] usb usb8: usbfs: process 871 (syz.8.10433) did not claim interface 0 before use
[  994.253861][  T867] loop3: detected capacity change from 0 to 1024
[  994.280372][T26358] usb 7-1: string descriptor 0 read error: -22
[  994.297974][  T867] EXT4-fs: Ignoring removed orlov option
[  994.304394][T26358] usb 7-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de
[  994.338689][  T867] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (24670!=35945)
[  994.357575][T26358] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  994.387348][  T867] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  994.402305][T26358] usb 7-1: config 0 descriptor??
[  994.430670][  T867] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  994.453228][  T867] EXT4-fs (loop3): Can't support bigalloc feature without extents feature
[  994.453228][  T867] 
[  994.493264][T26358] hub 7-1:0.0: bad descriptor, ignoring hub
[  994.499902][T26358] hub 7-1:0.0: probe with driver hub failed with error -5
[  994.510064][T32729] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  994.530188][  T867] EXT4-fs (loop3): Skipping orphan cleanup due to unknown ROCOMPAT features
[  994.557248][  T867] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  994.591464][T32729] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  994.615203][  T867] EXT4-fs error (device loop3): ext4_search_dir:1474: inode #2: block 16: comm syz.3.10434: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0
[  994.625677][T26358] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/input/input84
[  994.661392][T32729] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  994.698405][T32729] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  994.733477][  T867] EXT4-fs (loop3): Remounting filesystem read-only
[  994.791937][T26358] usb 7-1: USB disconnect, device number 12
[  994.807548][  T817] loop5: detected capacity change from 0 to 32768
[  994.825981][  T903] netlink: 8 bytes leftover after parsing attributes in process `syz.8.10436'.
[  994.837073][ T6066] udevd[6066]: setting owner of /dev/input/mouse1 to uid=0, gid=104 failed: No such file or directory
[  994.851132][  T817] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.10429 (817)
[  994.934094][  T817] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  994.951668][ T5841] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  994.970665][  T817] BTRFS info (device loop5): using sha256 (sha256-lib) checksum algorithm
[  995.150475][  T937] loop8: detected capacity change from 0 to 8
[  995.188346][T32729] 8021q: adding VLAN 0 to HW filter on device bond0
[  995.236541][T32729] 8021q: adding VLAN 0 to HW filter on device team0
[  995.244279][ T5839] Bluetooth: hci7: command tx timeout
[  995.265736][  T817] BTRFS info (device loop5): enabling ssd optimizations
[  995.274470][ T6004] bridge0: port 1(bridge_slave_0) entered blocking state
[  995.281663][ T6004] bridge0: port 1(bridge_slave_0) entered forwarding state
[  995.335372][  T817] BTRFS info (device loop5): turning on async discard
[  995.367943][  T817] BTRFS info (device loop5): enabling free space tree
[  995.396248][ T6004] bridge0: port 2(bridge_slave_1) entered blocking state
[  995.403428][ T6004] bridge0: port 2(bridge_slave_1) entered forwarding state
[  995.613206][T32729] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  995.670732][ T5842] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  995.721143][  T848] loop4: detected capacity change from 0 to 40427
[  995.781632][  T848] F2FS-fs: heap/no_heap options were deprecated
[  995.787047][  T965] loop6: detected capacity change from 0 to 1024
[  995.877730][  T848] F2FS-fs (loop4): invalid crc value
[  995.893852][  T848] F2FS-fs (loop4): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root and reserve_node
[  995.922900][  T965] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  996.033056][  T848] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  996.065881][  T965] EXT4-fs error (device loop6): ext4_empty_dir:3084: inode #11: block 32: comm syz.6.10441: bad entry in directory: inode out of bounds - offset=0, inode=695563, rec_len=1024, size=1024 fake=1
[  996.134355][  T848] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  996.206909][  T965] EXT4-fs (loop6): Remounting filesystem read-only
[  996.291279][  T965] EXT4-fs warning (device loop6): ext4_empty_dir:3087: inode #11: comm syz.6.10441: directory missing '.'
[  996.328406][  T986] xt_CT: You must specify a L4 protocol and not use inversions on it
[  996.640167][T21899] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  996.843712][ T1006] syz.3.10451 uses old SIOCAX25GETINFO
[  996.918880][T32729] 8021q: adding VLAN 0 to HW filter on device batadv0
[  997.411338][ T1032] loop8: detected capacity change from 0 to 1764
[  997.959222][ T1068] loop3: detected capacity change from 0 to 1024
[  998.197064][ T6045] hfsplus: b-tree write err: -5, ino 4
[  998.327718][ T1092] loop6: detected capacity change from 0 to 128
[  998.727638][ T1072] bridge0: port 2(bridge_slave_1) entered disabled state
[  998.735040][ T1072] bridge0: port 1(bridge_slave_0) entered disabled state
[  998.873700][    T9] usb 6-1: new full-speed USB device number 123 using dummy_hcd
[  999.017947][    T9] usb 6-1: config 0 has an invalid interface number: 120 but max is 0
[  999.034001][    T9] usb 6-1: config 0 has no interface number 0
[  999.055281][    T9] usb 6-1: config 0 interface 120 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  999.101805][    T9] usb 6-1: config 0 interface 120 altsetting 0 endpoint 0x83 has invalid maxpacket 27256, setting to 64
[  999.123333][ T1119] loop6: detected capacity change from 0 to 4096
[  999.140254][    T9] usb 6-1: New USB device found, idVendor=16e3, idProduct=f9e9, bcdDevice= 0.58
[  999.149301][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  999.161855][ T1119] ntfs3(loop6): ino=3, Correct links count -> 2.
[  999.193679][    T9] usb 6-1: config 0 descriptor??
[  999.214248][ T1106] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  999.273433][ T1119] ntfs3(loop6): ino=1a, mi_enum_attr
[  999.279623][    T9] input: USB Touchscreen 16e3:f9e9 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.120/input/input85
[  999.316349][ T1119] ntfs3(loop6): Mark volume as dirty due to NTFS errors
[  999.609196][ T1106] loop5: detected capacity change from 0 to 2048
[  999.658719][ T5970] usb 6-1: USB disconnect, device number 123
[ 1000.408353][ T1164] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10481'.
[ 1000.451411][ T1072] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1000.760619][ T1172] netlink: 'syz.5.10484': attribute type 1 has an invalid length.
[ 1000.783738][ T1172] netlink: 'syz.5.10484': attribute type 2 has an invalid length.
[ 1001.901366][ T1178] netlink: 32 bytes leftover after parsing attributes in process `syz.5.10486'.
[ 1001.949214][ T6294] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1002.008378][ T6294] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1002.050734][ T6294] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1002.225180][T32729] veth0_vlan: entered promiscuous mode
[ 1002.282451][T32729] veth1_vlan: entered promiscuous mode
[ 1002.369189][ T5970] usb 7-1: new low-speed USB device number 13 using dummy_hcd
[ 1002.376838][ T1201] netlink: 20 bytes leftover after parsing attributes in process `syz.4.10492'.
[ 1002.391696][T32729] veth0_macvtap: entered promiscuous mode
[ 1002.416481][ T1201] netlink: 8 bytes leftover after parsing attributes in process `syz.4.10492'.
[ 1002.430918][T32729] veth1_macvtap: entered promiscuous mode
[ 1002.510199][T32729] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1002.528059][ T1208] loop5: detected capacity change from 0 to 512
[ 1002.571114][ T5970] usb 7-1: config 0 has an invalid interface number: 121 but max is 0
[ 1002.600441][T32729] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1002.614929][ T5970] usb 7-1: config 0 has no interface number 0
[ 1002.625097][ T1208] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a84ec118, mo2=0002]
[ 1002.633357][ T5970] usb 7-1: config 0 interface 121 altsetting 0 endpoint 0x6 has invalid maxpacket 64, setting to 8
[ 1002.648285][ T1208] System zones: 0-2, 18-18, 34-35
[ 1002.669274][ T5970] usb 7-1: New USB device found, idVendor=2184, idProduct=0030, bcdDevice=c0.8e
[ 1002.680782][ T6294] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1002.699016][ T1208] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1002.714018][ T5970] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1002.745566][ T6294] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1002.751094][ T5970] usb 7-1: config 0 descriptor??
[ 1002.765953][ T1208] ext4 filesystem being mounted at /1859/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1002.789496][ T1189] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1002.801001][ T6294] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1002.831299][ T5970] cp210x 7-1:0.121: cp210x converter detected
[ 1002.901677][   T13] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1003.024073][ T5970] cp210x 7-1:0.121: failed to get vendor val 0x370b size 1: -71
[ 1003.046992][ T1234] loop4: detected capacity change from 0 to 256
[ 1003.052781][ T5970] cp210x 7-1:0.121: querying part number failed
[ 1003.085538][ T1239] netlink: 200 bytes leftover after parsing attributes in process `syz.8.10499'.
[ 1003.108928][ T5842] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1003.149344][ T5970] usb 7-1: cp210x converter now attached to ttyUSB0
[ 1003.188617][ T5970] usb 7-1: USB disconnect, device number 13
[ 1003.199189][ T1234] FAT-fs (loop4): Directory bread(block 64) failed
[ 1003.205723][ T1234] FAT-fs (loop4): Directory bread(block 65) failed
[ 1003.256380][ T5970] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[ 1003.265368][ T1234] FAT-fs (loop4): Directory bread(block 66) failed
[ 1003.312655][ T5970] cp210x 7-1:0.121: device disconnected
[ 1003.322529][ T1234] FAT-fs (loop4): Directory bread(block 67) failed
[ 1003.330272][ T1234] FAT-fs (loop4): Directory bread(block 68) failed
[ 1003.350126][ T3502] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1003.374759][ T3502] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1003.376380][ T1234] FAT-fs (loop4): Directory bread(block 69) failed
[ 1003.480870][ T1234] FAT-fs (loop4): Directory bread(block 70) failed
[ 1003.533296][ T1234] FAT-fs (loop4): Directory bread(block 71) failed
[ 1003.544210][ T1234] FAT-fs (loop4): Directory bread(block 72) failed
[ 1003.551052][ T1234] FAT-fs (loop4): Directory bread(block 73) failed
[ 1003.592056][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1003.611597][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1003.859380][ T1293] loop8: detected capacity change from 0 to 256
[ 1004.024256][ T1293] FAT-fs (loop8): Directory bread(block 64) failed
[ 1004.048262][ T1304] binder: 1303:1304 ioctl 400c620e 0 returned -14
[ 1004.075119][ T1293] FAT-fs (loop8): Directory bread(block 65) failed
[ 1004.118391][ T1293] FAT-fs (loop8): Directory bread(block 66) failed
[ 1004.154039][ T1293] FAT-fs (loop8): Directory bread(block 67) failed
[ 1004.200826][ T1293] FAT-fs (loop8): Directory bread(block 68) failed
[ 1004.229667][ T1293] FAT-fs (loop8): Directory bread(block 69) failed
[ 1004.236290][ T1293] FAT-fs (loop8): Directory bread(block 70) failed
[ 1004.290295][ T1293] FAT-fs (loop8): Directory bread(block 71) failed
[ 1004.312531][ T1293] FAT-fs (loop8): Directory bread(block 72) failed
[ 1004.359978][ T1293] FAT-fs (loop8): Directory bread(block 73) failed
[ 1004.667814][ T1334] loop5: detected capacity change from 0 to 128
[ 1004.854120][ T1343] loop6: detected capacity change from 0 to 512
[ 1004.900103][ T1343] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[ 1004.968578][ T1343] EXT4-fs warning (device loop6): ext4_expand_extra_isize_ea:2857: Unable to expand inode 15. Delete some EAs or run e2fsck.
[ 1005.094747][ T1343] EXT4-fs (loop6): 1 truncate cleaned up
[ 1005.121176][ T1343] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1005.210552][ T1343] cifs: Unknown parameter 'quota'
[ 1005.235710][ T1343] CIFS mount error: No usable UNC path provided in device string!
[ 1005.235710][ T1343] 
[ 1005.254317][ T1374] loop5: detected capacity change from 0 to 256
[ 1005.327593][ T1343] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1005.420257][ T1379] loop8: detected capacity change from 0 to 512
[ 1005.440404][ T1374] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[ 1005.560353][ T1379] FAT-fs (loop8): error, fat_get_cluster: invalid start cluster (i_pos 0, start 22000003)
[ 1005.620952][T21899] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1005.650657][ T1379] FAT-fs (loop8): Filesystem has been set read-only
[ 1006.256997][ T5970] usb 4-1: new high-speed USB device number 119 using dummy_hcd
[ 1006.455882][ T5970] usb 4-1: Using ep0 maxpacket: 8
[ 1006.473273][ T5970] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1006.513242][ T5970] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1006.529411][ T1436] loop4: detected capacity change from 0 to 256
[ 1006.536279][ T5970] usb 4-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0x43, changing to 0x3
[ 1006.544458][ T1425] loop8: detected capacity change from 0 to 4096
[ 1006.565765][ T1425] ntfs3(loop8): Different NTFS sector size (1024) and media sector size (512).
[ 1006.575416][ T5970] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 254, changing to 11
[ 1006.628089][ T5970] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 59391, setting to 1024
[ 1006.683150][ T5970] usb 4-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1006.706069][ T1436] FAT-fs (loop4): Directory bread(block 64) failed
[ 1006.720850][ T5970] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1006.742650][ T1436] FAT-fs (loop4): Directory bread(block 65) failed
[ 1006.758986][ T1408] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[ 1006.798105][ T5970] hub 4-1:1.0: bad descriptor, ignoring hub
[ 1006.801418][ T1436] FAT-fs (loop4): Directory bread(block 66) failed
[ 1006.830181][ T5970] hub 4-1:1.0: probe with driver hub failed with error -5
[ 1006.850174][ T1436] FAT-fs (loop4): Directory bread(block 67) failed
[ 1006.854708][ T5970] cdc_wdm 4-1:1.0: skipping garbage
[ 1006.875100][ T1436] FAT-fs (loop4): Directory bread(block 68) failed
[ 1006.888321][ T5970] cdc_wdm 4-1:1.0: skipping garbage
[ 1006.901690][ T5970] cdc_wdm 4-1:1.0: probe with driver cdc_wdm failed with error -22
[ 1006.903935][ T1436] FAT-fs (loop4): Directory bread(block 69) failed
[ 1006.925134][ T1436] FAT-fs (loop4): Directory bread(block 70) failed
[ 1006.940211][ T1436] FAT-fs (loop4): Directory bread(block 71) failed
[ 1006.959936][ T1436] FAT-fs (loop4): Directory bread(block 72) failed
[ 1006.994784][ T1436] FAT-fs (loop4): Directory bread(block 73) failed
[ 1007.080840][ T1436] syz.4.10545: attempt to access beyond end of device
[ 1007.080840][ T1436] loop4: rw=8912896, sector=1160, nr_sectors = 4 limit=256
[ 1007.100557][ T1436] syz.4.10545: attempt to access beyond end of device
[ 1007.100557][ T1436] loop4: rw=8388608, sector=1160, nr_sectors = 4 limit=256
[ 1007.128798][   T31] audit: type=1800 audit(1766363035.483:239): pid=1436 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.10545" name="file0" dev="loop4" ino=1048763 res=0 errno=0
[ 1007.170365][ T5929] usb 4-1: USB disconnect, device number 119
[ 1007.369920][ T1430] C: renamed from team_slave_0 (while UP)
[ 1007.395201][ T1430] netlink: 152 bytes leftover after parsing attributes in process `syz.9.10543'.
[ 1007.427702][   T49] netdevsim netdevsim6 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1007.453636][   T49] netdevsim netdevsim6 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1007.516953][   T49] netdevsim netdevsim6 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1007.553785][   T49] netdevsim netdevsim6 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1007.751170][   T31] audit: type=1326 audit(1766363036.134:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1475 comm="syz.5.10553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea7498f749 code=0x7ffc0000
[ 1007.821694][   T31] audit: type=1326 audit(1766363036.134:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1475 comm="syz.5.10553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea7498f749 code=0x7ffc0000
[ 1007.946866][   T31] audit: type=1326 audit(1766363036.166:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1475 comm="syz.5.10553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=152 compat=0 ip=0x7fea7498f749 code=0x7ffc0000
[ 1008.050824][   T31] audit: type=1326 audit(1766363036.166:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1475 comm="syz.5.10553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea7498f749 code=0x7ffc0000
[ 1008.173623][   T31] audit: type=1326 audit(1766363036.166:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1475 comm="syz.5.10553" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fea7498f749 code=0x7ffc0000
[ 1008.324210][ T1505] bond1: option broadcast_neighbor: mode dependency failed, not supported in mode balance-rr(0)
[ 1008.363497][ T1525] netlink: 4 bytes leftover after parsing attributes in process `syz.4.10565'.
[ 1008.385872][ T1505] bond1 (unregistering): Released all slaves
[ 1008.399992][ T1549] netlink: 'syz.5.10566': attribute type 21 has an invalid length.
[ 1008.545260][ T1549] netlink: 156 bytes leftover after parsing attributes in process `syz.5.10566'.
[ 1009.005377][ T1610] i2c i2c-0: Invalid block write size 36
[ 1009.171008][T26358] usb 6-1: new high-speed USB device number 124 using dummy_hcd
[ 1009.366058][T26358] usb 6-1: Using ep0 maxpacket: 16
[ 1009.390014][T26358] usb 6-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[ 1009.434052][T26358] usb 6-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[ 1009.476354][T26358] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1009.514699][T26358] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1009.548665][T26358] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1009.567872][T26358] usb 6-1: Product: syz
[ 1009.577812][T26358] usb 6-1: Manufacturer: syz
[ 1009.587645][T26358] usb 6-1: SerialNumber: syz
[ 1009.619583][ T5929] usb 7-1: new high-speed USB device number 14 using dummy_hcd
[ 1009.808723][ T5929] usb 7-1: Using ep0 maxpacket: 16
[ 1009.822130][ T5929] usb 7-1: config 0 interface 0 altsetting 18 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1009.866762][ T5929] usb 7-1: config 0 interface 0 has no altsetting 0
[ 1009.885150][ T5929] usb 7-1: New USB device found, idVendor=25c6, idProduct=9002, bcdDevice=62.ba
[ 1009.903894][ T5929] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1009.921728][ T5929] usb 7-1: Product: syz
[ 1009.926812][ T5929] usb 7-1: Manufacturer: syz
[ 1009.931416][ T5929] usb 7-1: SerialNumber: syz
[ 1009.969326][ T5929] usb 7-1: config 0 descriptor??
[ 1009.993304][ T5929] hub 7-1:0.0: bad descriptor, ignoring hub
[ 1010.012036][T26358] usb 6-1: 0:2 : does not exist
[ 1010.040890][ T5929] hub 7-1:0.0: probe with driver hub failed with error -5
[ 1010.062306][ T5929] usb 7-1: selecting invalid altsetting 0
[ 1010.089313][T26358] usb 6-1: USB disconnect, device number 124
[ 1010.107388][ T5929] usb 7-1: can't set first interface for hiFace device.
[ 1010.135974][ T5929] snd-usb-hiface 7-1:0.0: probe with driver snd-usb-hiface failed with error -5
[ 1010.174258][ T1593] loop4: detected capacity change from 0 to 32768
[ 1010.229226][ T5929] usb 7-1: USB disconnect, device number 14
[ 1010.282105][ T1593] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[ 1010.358759][ T1602] loop3: detected capacity change from 0 to 40427
[ 1010.398764][ T1602] F2FS-fs (loop3): build fault injection rate: 11
[ 1010.446535][ T1593] XFS (loop4): Ending clean mount
[ 1010.475383][ T1602] F2FS-fs (loop3): build fault injection type: 0x3bfe8f
[ 1010.486448][    C0] F2FS-fs (loop3): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60
[ 1010.531558][ T1593] XFS (loop4): Quotacheck needed: Please wait.
[ 1010.538853][ T1602] F2FS-fs (loop3): inject kvmalloc in f2fs_kvmalloc of f2fs_fill_super+0x4388/0x6ec0
[ 1010.626905][ T1602] F2FS-fs (loop3): Failed to initialize F2FS segment manager (-12)
[ 1010.667733][   T31] audit: type=1326 audit(1766363039.200:245): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1699 comm="syz.8.10589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eb978f749 code=0x7ffc0000
[ 1010.742661][ T1593] XFS (loop4): Quotacheck: Done.
[ 1010.838025][   T31] audit: type=1326 audit(1766363039.200:246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1699 comm="syz.8.10589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eb978f749 code=0x7ffc0000
[ 1010.861747][   T31] audit: type=1326 audit(1766363039.200:247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1699 comm="syz.8.10589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=150 compat=0 ip=0x7f0eb978f749 code=0x7ffc0000
[ 1010.894888][   T31] audit: type=1326 audit(1766363039.200:248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1699 comm="syz.8.10589" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eb978f749 code=0x7ffc0000
[ 1010.939937][ T1706] netlink: 'syz.5.10590': attribute type 61 has an invalid length.
[ 1011.046506][ T5833] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[ 1011.419071][ T1731] loop9: detected capacity change from 0 to 64
[ 1011.882393][ T1751] loop9: detected capacity change from 0 to 256
[ 1012.180573][ T1767] Àÿ: renamed from team_slave_1
[ 1012.328125][ T1772] loop9: detected capacity change from 0 to 128
[ 1012.414413][ T1772] EXT4-fs (loop9): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1012.447107][   T31] kauditd_printk_skb: 1 callbacks suppressed
[ 1012.447137][   T31] audit: type=1326 audit(1766363041.047:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1780 comm="syz.8.10613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eb978f749 code=0x7ffc0000
[ 1012.518532][ T1772] ext4 filesystem being mounted at /23/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1012.644477][   T31] audit: type=1326 audit(1766363041.100:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1780 comm="syz.8.10613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=98 compat=0 ip=0x7f0eb978f749 code=0x7ffc0000
[ 1012.794275][   T31] audit: type=1326 audit(1766363041.100:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1780 comm="syz.8.10613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eb978f749 code=0x7ffc0000
[ 1012.871875][T32729] EXT4-fs (loop9): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1012.904236][   T31] audit: type=1326 audit(1766363041.110:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1780 comm="syz.8.10613" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eb978f749 code=0x7ffc0000
[ 1012.981217][ T1804] netlink: 'syz.3.10620': attribute type 12 has an invalid length.
[ 1012.989171][ T1804] netlink: 132 bytes leftover after parsing attributes in process `syz.3.10620'.
[ 1013.894289][ T1859] netlink: 16 bytes leftover after parsing attributes in process `syz.3.10638'.
[ 1013.941801][ T1859] netlink: 40 bytes leftover after parsing attributes in process `syz.3.10638'.
[ 1013.966750][ T1862] openvswitch: netlink: IP tunnel TTL not specified.
[ 1014.193274][ T1875] netlink: 20 bytes leftover after parsing attributes in process `syz.6.10643'.
[ 1014.571621][ T5822] usb 5-1: new high-speed USB device number 118 using dummy_hcd
[ 1014.658987][ T1904] loop9: detected capacity change from 0 to 2048
[ 1014.710796][ T1904] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1014.715762][ T1910] netlink: 52 bytes leftover after parsing attributes in process `syz.5.10654'.
[ 1014.743285][ T5822] usb 5-1: Using ep0 maxpacket: 16
[ 1014.750566][ T5822] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1014.808879][ T5822] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1014.876591][ T5822] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 93
[ 1014.933615][ T5822] usb 5-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1014.984915][ T5822] usb 5-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 1015.014185][ T5822] usb 5-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 1015.069207][ T5822] usb 5-1: Manufacturer: syz
[ 1015.092496][ T5822] usb 5-1: config 0 descriptor??
[ 1015.218370][   T31] audit: type=1326 audit(1766363043.966:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1935 comm="syz.9.10660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f022f78f749 code=0x7ffc0000
[ 1015.295101][ T1940] netlink: 8 bytes leftover after parsing attributes in process `syz.3.10661'.
[ 1015.320226][   T31] audit: type=1326 audit(1766363043.976:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1935 comm="syz.9.10660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f022f78f749 code=0x7ffc0000
[ 1015.496485][   T31] audit: type=1326 audit(1766363043.976:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1935 comm="syz.9.10660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f022f78f749 code=0x7ffc0000
[ 1015.591299][ T5822] rc_core: IR keymap rc-hauppauge not found
[ 1015.595638][   T31] audit: type=1326 audit(1766363043.976:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1935 comm="syz.9.10660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f022f78f749 code=0x7ffc0000
[ 1015.597225][ T5822] Registered IR keymap rc-empty
[ 1015.742421][ T5822] mceusb 5-1:0.0: Error: mce write urb status = -71
[ 1015.750835][   T31] audit: type=1326 audit(1766363043.976:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=1935 comm="syz.9.10660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f022f78f749 code=0x7ffc0000
[ 1015.798125][ T5822] mceusb 5-1:0.0: Error: mce write urb status = -71
[ 1015.833114][ T5822] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[ 1015.916613][ T5822] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input86
[ 1015.999473][ T5822] mceusb 5-1:0.0: Error: mce write urb status = -71
[ 1016.051084][ T5822] mceusb 5-1:0.0: Error: mce write urb status = -71
[ 1016.088345][ T5822] mceusb 5-1:0.0: Error: mce write urb status = -71
[ 1016.145648][ T5822] mceusb 5-1:0.0: Error: mce write urb status = -71
[ 1016.190968][ T5822] mceusb 5-1:0.0: Error: mce write urb status = -71
[ 1016.238608][ T5822] mceusb 5-1:0.0: Error: mce write urb status = -71
[ 1016.318726][ T5822] mceusb 5-1:0.0: Error: mce write urb status = -71
[ 1016.349010][ T1991] netlink: 'syz.9.10675': attribute type 1 has an invalid length.
[ 1016.378020][ T1991] netlink: 224 bytes leftover after parsing attributes in process `syz.9.10675'.
[ 1016.410497][ T5822] mceusb 5-1:0.0: Error: mce write urb status = -71
[ 1016.448951][ T5822] mceusb 5-1:0.0: Error: mce write urb status = -71
[ 1016.485010][ T5822] mceusb 5-1:0.0: Error: mce write urb status = -71
[ 1016.546993][ T1994] xt_l2tp: wrong L2TP version: 0
[ 1016.568997][ T5822] mceusb 5-1:0.0: Registered  with mce emulator interface version 1
[ 1016.601166][ T5822] mceusb 5-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[ 1016.633021][ T2007] loop9: detected capacity change from 0 to 16
[ 1016.670424][ T5822] usb 5-1: USB disconnect, device number 118
[ 1016.708007][ T2007] erofs (device loop9): mounted with root inode @ nid 36.
[ 1016.915684][ T1941] loop8: detected capacity change from 0 to 32768
[ 1016.988528][ T1941] read_mapping_page failed!
[ 1017.010141][ T1941] jfs_create: dtInsert returned -EIO
[ 1017.020148][ T1941] ERROR: (device loop8): jfs_create: 
[ 1017.020148][ T1941] 
[ 1017.122135][ T1941] ERROR: (device loop8): remounting filesystem as read-only
[ 1017.849723][ T2096] netlink: 9 bytes leftover after parsing attributes in process `syz.9.10696'.
[ 1017.859299][ T2062] 8021q: adding VLAN 0 to HW filter on device bond3
[ 1018.081056][ T2108] openvswitch: netlink: IP tunnel dst address not specified
[ 1018.401858][ T2024] loop6: detected capacity change from 0 to 32768
[ 1018.419859][ T5909] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[ 1018.489568][ T2024] JBD2: Ignoring recovery information on journal
[ 1018.600785][ T5909] usb 9-1: Using ep0 maxpacket: 32
[ 1018.627951][ T5909] usb 9-1: config 1 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 127, changing to 10
[ 1018.710671][ T5909] usb 9-1: config 1 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1018.738708][ T2024] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[ 1018.776231][ T5909] usb 9-1: config 1 interface 0 has no altsetting 0
[ 1018.819187][ T5909] usb 9-1: language id specifier not provided by device, defaulting to English
[ 1018.867439][ T5909] usb 9-1: New USB device found, idVendor=0079, idProduct=1844, bcdDevice= 0.40
[ 1018.911742][ T5909] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1018.948702][ T5909] usb 9-1: Product: syz
[ 1018.971521][ T5909] usb 9-1: Manufacturer: 踹ꪌ�䊑幺ឦ쓊渠쪀ட⨣Ὃ➾㱜ᶇ⊗䲪凎蟲឵�釯厕ꄃ籠칪�茚Լڕ⳥蠘鬗Ṵᖻ鮌沮屌ཅ沤󲦽
[ 1019.058116][ T5909] usb 9-1: SerialNumber: syz
[ 1019.196553][T21899] ocfs2: Unmounting device (7,6) on (node local)
[ 1019.358799][ T5909] usbhid 9-1:1.0: can't add hid device: -71
[ 1019.393534][ T5909] usbhid 9-1:1.0: probe with driver usbhid failed with error -71
[ 1019.449635][ T5909] usb 9-1: USB disconnect, device number 3
[ 1020.071217][ T2209] tmpfs: Bad value for 'usrquota_block_hardlimit'
[ 1020.239642][ T2213] bond4: entered promiscuous mode
[ 1020.259308][ T2251] loop5: detected capacity change from 0 to 256
[ 1020.268160][ T2213] 8021q: adding VLAN 0 to HW filter on device bond4
[ 1020.277488][ T2260] loop6: detected capacity change from 0 to 1024
[ 1020.412652][ T2260] syz.6.10733: attempt to access beyond end of device
[ 1020.412652][ T2260] loop6: rw=8388608, sector=5778, nr_sectors = 2 limit=1024
[ 1020.587872][ T2269] loop3: detected capacity change from 0 to 1024
[ 1020.667742][ T2269] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1020.757195][ T2280] loop5: detected capacity change from 0 to 512
[ 1020.786095][ T2269] 9p: Unexpected value for 'privport'
[ 1020.793271][ T2280] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1020.996877][ T5841] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1021.030682][ T2280] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 0, start 22000003)
[ 1021.144791][ T2294] loop6: detected capacity change from 0 to 256
[ 1021.275731][ T2294] FAT-fs (loop6): Directory bread(block 64) failed
[ 1021.315496][ T2294] FAT-fs (loop6): Directory bread(block 65) failed
[ 1021.354120][ T2294] FAT-fs (loop6): Directory bread(block 66) failed
[ 1021.360676][ T2294] FAT-fs (loop6): Directory bread(block 67) failed
[ 1021.412225][ T2294] FAT-fs (loop6): Directory bread(block 68) failed
[ 1021.440183][ T2294] FAT-fs (loop6): Directory bread(block 69) failed
[ 1021.446865][ T2294] FAT-fs (loop6): Directory bread(block 70) failed
[ 1021.471262][ T2294] FAT-fs (loop6): Directory bread(block 71) failed
[ 1021.493782][ T2294] FAT-fs (loop6): Directory bread(block 72) failed
[ 1021.530376][ T2294] FAT-fs (loop6): Directory bread(block 73) failed
[ 1021.673175][ T2317] veth3: entered promiscuous mode
[ 1021.718325][ T2317] veth3: entered allmulticast mode
[ 1021.972815][ T2222] loop8: detected capacity change from 0 to 40427
[ 1022.014794][ T2222] F2FS-fs (loop8): Invalid log_blocksize (268), supports only 12
[ 1022.052110][ T2222] F2FS-fs (loop8): Can't find valid F2FS filesystem in 1th superblock
[ 1022.059877][ T2356] netlink: 'syz.5.10753': attribute type 2 has an invalid length.
[ 1022.060581][ T2357] netlink: 'syz.3.10752': attribute type 11 has an invalid length.
[ 1022.091791][ T2356] netlink: 'syz.5.10753': attribute type 1 has an invalid length.
[ 1022.102684][ T2222] F2FS-fs (loop8): invalid crc value
[ 1022.144310][ T2356] netlink: 4 bytes leftover after parsing attributes in process `syz.5.10753'.
[ 1022.444076][ T2371] loop6: detected capacity change from 0 to 2048
[ 1022.525058][ T2371] UDF-fs: error (device loop6): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[ 1022.556891][ T2222] F2FS-fs (loop8): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[ 1022.602884][ T2371] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1022.649769][ T2222] F2FS-fs (loop8): Try to recover 1th superblock, ret: 0
[ 1022.656831][ T2222] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e5
[ 1022.678181][ T2387] netlink: 8 bytes leftover after parsing attributes in process `syz.4.10760'.
[ 1022.697066][ T2388] Cannot find set identified by id 65534 to match
[ 1024.349410][ T2411] loop9: detected capacity change from 0 to 32768
[ 1024.357033][ T2474] loop6: detected capacity change from 0 to 4096
[ 1024.410690][ T2411] (syz.9.10766,2411,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[ 1024.485988][ T2411] (syz.9.10766,2411,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[ 1024.509480][ T2474] ntfs3(loop6): MFT: r=19, expect seq=1 instead of a48d!
[ 1024.537680][ T2474] ntfs3(loop6): Mark volume as dirty due to NTFS errors
[ 1024.589699][ T2411] JBD2: Ignoring recovery information on journal
[ 1024.626969][ T2501] loop3: detected capacity change from 0 to 256
[ 1024.680547][ T2501] exfat: Deprecated parameter 'utf8'
[ 1024.725516][ T2501] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xbe649ead, utbl_chksum : 0xe619d30d)
[ 1024.831263][ T2411] ocfs2: Mounting device (7,9) on (node local, slot 0) with ordered data mode.
[ 1024.870697][ T2493] loop8: detected capacity change from 0 to 4096
[ 1025.114480][ T2522] loop4: detected capacity change from 0 to 256
[ 1025.299326][ T2512] bond2: option lp_interval: invalid value (18446744073709551613)
[ 1025.364606][ T2512] bond2: option lp_interval: allowed values 1 - 2147483647
[ 1025.460988][ T2512] bond2 (unregistering): Released all slaves
[ 1025.483031][T32729] ocfs2: Unmounting device (7,9) on (node local)
[ 1025.847879][ T2623] loop8: detected capacity change from 0 to 1024
[ 1025.862054][ T2623] EXT4-fs (loop8): stripe (4) is not aligned with cluster size (4096), stripe is disabled
[ 1026.013765][ T2623] EXT4-fs error (device loop8): ext4_map_blocks:783: inode #3: block 2: comm syz.8.10798: lblock 2 mapped to illegal pblock 2 (length 1)
[ 1026.145637][ T2623] Quota error (device loop8): qtree_write_dquot: dquota write failed
[ 1026.153761][ T2623] EXT4-fs error (device loop8): ext4_map_blocks:783: inode #3: block 48: comm syz.8.10798: lblock 0 mapped to illegal pblock 48 (length 1)
[ 1026.229698][ T2623] Quota error (device loop8): v2_write_file_info: Can't write info structure
[ 1026.264222][ T2623] EXT4-fs error (device loop8): ext4_acquire_dquot:6986: comm syz.8.10798: Failed to acquire dquot type 0
[ 1026.334363][ T2623] EXT4-fs error (device loop8) in ext4_reserve_inode_write:6298: Corrupt filesystem
[ 1026.353669][ T2623] EXT4-fs error (device loop8): ext4_evict_inode:253: inode #11: comm syz.8.10798: mark_inode_dirty error
[ 1026.377554][ T2623] EXT4-fs warning (device loop8): ext4_evict_inode:256: couldn't mark inode dirty (err -117)
[ 1026.390750][ T2623] EXT4-fs (loop8): 1 orphan inode deleted
[ 1026.394210][   T37] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1026.402378][ T2623] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1026.460611][  T147] EXT4-fs error (device loop8): ext4_map_blocks:783: inode #3: block 1: comm kworker/u8:5: lblock 1 mapped to illegal pblock 1 (length 1)
[ 1026.480010][  T147] Quota error (device loop8): remove_tree: Can't read quota data block 1
[ 1026.512469][  T147] EXT4-fs error (device loop8): ext4_release_dquot:7022: comm kworker/u8:5: Failed to release dquot type 0
[ 1026.642932][   T37] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1026.657311][T30492] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1026.680924][  T743] EXT4-fs error (device loop8): ext4_map_blocks:783: inode #3: block 1: comm kworker/u8:6: lblock 1 mapped to illegal pblock 1 (length 1)
[ 1026.705158][  T743] Quota error (device loop8): remove_tree: Can't read quota data block 1
[ 1026.712367][ T2660] A link change request failed with some changes committed already. Interface virt_wifi0 may have been left with an inconsistent configuration, please check.
[ 1026.714291][  T743] EXT4-fs error (device loop8): ext4_release_dquot:7022: comm kworker/u8:6: Failed to release dquot type 0
[ 1026.746458][T30492] EXT4-fs error (device loop8): __ext4_get_inode_loc:4830: comm syz-executor: Invalid inode table block 1 in block_group 0
[ 1026.787631][T30492] EXT4-fs error (device loop8) in ext4_reserve_inode_write:6298: Corrupt filesystem
[ 1026.824784][T30492] EXT4-fs error (device loop8): ext4_quota_off:7270: inode #3: comm syz-executor: mark_inode_dirty error
[ 1027.025294][   T37] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1027.064635][ T2685] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1027.080725][ T2685] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1027.090286][ T2685] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1027.099530][ T2685] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1027.108465][ T2685] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1027.155585][ T2677] loop8: detected capacity change from 0 to 2048
[ 1027.225468][ T2674] C speed is unknown, defaulting to 1000
[ 1027.373079][ T2701] NILFS (loop8): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1027.454738][   T37] netdevsim netdevsim3  (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1027.818371][ T2722] netlink: 'syz.4.10820': attribute type 11 has an invalid length.
[ 1028.263856][   T37] macsec0: left allmulticast mode
[ 1028.268915][   T37] macsec0: left promiscuous mode
[ 1028.308915][   T37] bridge0: port 3(macsec0) entered disabled state
[ 1029.080311][ T5839] Bluetooth: hci2: command tx timeout
[ 1029.664401][ T2826] netlink: 20 bytes leftover after parsing attributes in process `syz.9.10841'.
[ 1030.064266][ T2792] loop6: detected capacity change from 0 to 32768
[ 1030.121153][ T2792] ERROR: (device loop6): diAllocBit: iag inconsistent
[ 1030.121153][ T2792] 
[ 1030.160567][ T2792] ERROR: (device loop6): remounting filesystem as read-only
[ 1030.189816][ T2792] ialloc: diAlloc returned -5!
[ 1030.229650][ T2844] loop9: detected capacity change from 0 to 512
[ 1030.259214][ T2844] EXT4-fs (loop9): mounting ext3 file system using the ext4 subsystem
[ 1030.339354][ T2844] EXT4-fs error (device loop9): ext4_orphan_get:1391: inode #15: comm syz.9.10844: iget: bad extended attribute block 851968
[ 1030.367597][ T2844] EXT4-fs error (device loop9): ext4_orphan_get:1396: comm syz.9.10844: couldn't read orphan inode 15 (err -117)
[ 1030.383116][ T2844] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1030.444271][ T2844] EXT4-fs error (device loop9): ext4_lookup:1785: inode #14: comm syz.9.10844: invalid fast symlink length 39
[ 1030.602532][T32729] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1030.967152][   T37] bond0 (unregistering): Released all slaves
[ 1031.064505][ T5839] Bluetooth: hci2: command tx timeout
[ 1031.171681][   T37] bond1 (unregistering): Released all slaves
[ 1031.284751][ T2875] loop6: detected capacity change from 0 to 4096
[ 1031.333169][   T37] bond2 (unregistering): Released all slaves
[ 1031.430843][ T2875] ntfs3(loop6): Mark volume as dirty due to NTFS errors
[ 1031.476413][ T2875] ntfs3(loop6): ino=9, ntfs_sync_fs failed, -22.
[ 1031.554229][T21899] ntfs3(loop6): ino=9, ntfs_sync_fs failed, -22.
[ 1031.563301][   T37] bond3 (unregistering): Released all slaves
[ 1031.761083][   T37] bond4 (unregistering): Released all slaves
[ 1031.800199][ T2674] wlan0 speed is unknown, defaulting to 1000
[ 1031.810187][ T5842] team0: Port device syz_tun removed
[ 1032.659551][ T6505] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[ 1032.775740][ T2950] loop8: detected capacity change from 0 to 2048
[ 1032.797924][ T2950] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1032.883433][ T6505] usb 10-1: config 0 has an invalid interface number: 58 but max is 0
[ 1032.931232][ T6505] usb 10-1: config 0 has no interface number 0
[ 1032.946481][ T6505] usb 10-1: config 0 interface 58 altsetting 0 endpoint 0xE has invalid maxpacket 1023, setting to 64
[ 1032.980294][ T6505] usb 10-1: config 0 interface 58 altsetting 0 bulk endpoint 0x9 has invalid maxpacket 64
[ 1033.043063][ T5839] Bluetooth: hci2: command tx timeout
[ 1033.060001][ T6505] usb 10-1: New USB device found, idVendor=085a, idProduct=0008, bcdDevice=7f.81
[ 1033.120702][ T6505] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1033.161644][ T6505] usb 10-1: Product: syz
[ 1033.210019][ T6505] usb 10-1: Manufacturer: syz
[ 1033.251156][ T6505] usb 10-1: SerialNumber: syz
[ 1033.314602][ T6505] usb 10-1: config 0 descriptor??
[ 1033.317418][ T2983] netlink: 'syz.8.10863': attribute type 6 has an invalid length.
[ 1033.394128][ T2925] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[ 1033.633962][ T2911] loop6: detected capacity change from 0 to 32768
[ 1033.653097][ T2911] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.10855 (2911)
[ 1033.739294][ T2911] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1033.772095][ T6505] kaweth 10-1:0.58: Firmware present in device.
[ 1033.792443][ T2911] BTRFS info (device loop6): using sha256 (sha256-lib) checksum algorithm
[ 1033.915070][ T6505] kaweth 10-1:0.58: Error reading configuration (-71), no net device created
[ 1033.964406][ T6505] kaweth 10-1:0.58: probe with driver kaweth failed with error -5
[ 1034.074250][ T6505] usb 10-1: USB disconnect, device number 2
[ 1034.109159][ T2674] chnl_net:caif_netlink_parms(): no params data found
[ 1034.118582][ T2911] BTRFS info (device loop6): enabling ssd optimizations
[ 1034.155734][ T2911] BTRFS info (device loop6): turning on async discard
[ 1034.210315][ T2911] BTRFS info (device loop6): enabling free space tree
[ 1034.540963][T21899] BTRFS info (device loop6): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1034.697742][   T37] veth0_macvtap: left promiscuous mode
[ 1034.766218][   T37] veth1_vlan: left promiscuous mode
[ 1034.771568][   T37] veth0_vlan: left promiscuous mode
[ 1034.809656][ T3112] ieee802154 phy0 wpan0: encryption failed: -22
[ 1035.026992][ T5839] Bluetooth: hci2: command tx timeout
[ 1035.080944][ T3118] loop8: detected capacity change from 0 to 4096
[ 1035.131320][ T3118] ntfs3(loop8): Different NTFS sector size (1024) and media sector size (512).
[ 1035.339499][ T2685] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1035.349102][ T2685] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1035.358514][ T2685] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1035.366802][ T2685] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1035.374597][ T2685] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1035.745069][ T3148] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1036.022442][ T3161] netlink: 8 bytes leftover after parsing attributes in process `syz.8.10883'.
[ 1037.309318][ T2685] Bluetooth: hci3: command tx timeout
[ 1038.171470][ T3217] xt_TCPMSS: Only works on TCP SYN packets
[ 1038.316437][ T3222] loop6: detected capacity change from 0 to 512
[ 1038.395821][ T3222] EXT4-fs (loop6): revision level too high, forcing read-only mode
[ 1038.404656][ T3222] EXT4-fs (loop6): orphan cleanup on readonly fs
[ 1038.489165][ T3222] EXT4-fs error (device loop6): ext4_do_update_inode:5617: inode #16: comm syz.6.10903: corrupted inode contents
[ 1038.534345][ T3222] EXT4-fs (loop6): Remounting filesystem read-only
[ 1038.551214][ T3222] EXT4-fs (loop6): 1 truncate cleaned up
[ 1038.566748][ T3502] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[ 1038.577522][ T3502] Quota error (device loop6): write_blk: dquota write failed
[ 1038.594771][ T3502] Quota error (device loop6): remove_free_dqentry: Can't write block (5) with free entries
[ 1038.618060][ T3502] EXT4-fs (loop6): Quota write (off=5120, len=1024) cancelled because transaction is not started
[ 1038.649686][ T3502] Quota error (device loop6): write_blk: dquota write failed
[ 1038.657304][ T3502] Quota error (device loop6): free_dqentry: Can't move quota data block (5) to free list
[ 1038.686623][ T3502] EXT4-fs (loop6): Quota write (off=8, len=24) cancelled because transaction is not started
[ 1038.697363][ T3502] Quota error (device loop6): v2_write_file_info: Can't write info structure
[ 1038.710659][ T3502] Quota error (device loop6): do_check_range: Getting dqdh_entries 15 out of range 0-14
[ 1038.729400][ T3222] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1038.759508][ T3187] netlink: 60 bytes leftover after parsing attributes in process `syz.4.10891'.
[ 1038.959449][T21899] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1039.304194][ T2685] Bluetooth: hci3: command tx timeout
[ 1039.366261][ T2674] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1039.409107][ T2674] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1039.428502][ T2674] bridge_slave_0: entered allmulticast mode
[ 1039.460589][ T2674] bridge_slave_0: entered promiscuous mode
[ 1039.504437][ T3132] C speed is unknown, defaulting to 1000
[ 1039.520393][ T2674] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1039.549843][ T2674] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1039.573641][ T2674] bridge_slave_1: entered allmulticast mode
[ 1039.595724][ T3304] overlayfs: workdir and upperdir must reside under the same mount
[ 1039.601423][ T2674] bridge_slave_1: entered promiscuous mode
[ 1040.021675][ T2674] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1040.115865][ T2674] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1040.483288][ T2674] team0: Port device team_slave_0 added
[ 1040.596248][ T3380] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[ 1040.684516][ T2674] team0: Port device team_slave_1 added
[ 1040.692157][ T3132] wlan0 speed is unknown, defaulting to 1000
[ 1040.885110][ T3258] loop4: detected capacity change from 0 to 40427
[ 1040.907916][ T3408] loop6: detected capacity change from 0 to 128
[ 1040.921320][ T3258] F2FS-fs: heap/no_heap options were deprecated
[ 1040.969779][ T3408] UDF-fs: error (device loop6): udf_read_tagged: read failed, block=256, location=256
[ 1040.982108][ T3258] F2FS-fs (loop4): build fault injection rate: 23
[ 1041.014542][ T3258] F2FS-fs (loop4): build fault injection type: 0x3bfe8c
[ 1041.030521][ T3408] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1041.045789][ T3258] F2FS-fs (loop4): invalid crc value
[ 1041.087832][ T3258] F2FS-fs (loop4): inject page alloc in f2fs_grab_cache_folio of f2fs_ra_meta_pages+0x615/0x970
[ 1041.107682][   T37] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1041.282190][ T2685] Bluetooth: hci3: command tx timeout
[ 1041.542833][ T3258] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[ 1041.597848][ T3258] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1041.634792][ T5822] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[ 1041.668429][ T2674] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1041.681459][ T2674] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1041.741893][ T3258] F2FS-fs (loop4): inject dquot initialize in f2fs_dquot_initialize of f2fs_create+0x14c/0x5c0
[ 1041.783973][ T2674] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1041.817858][ T5822] usb 9-1: config 0 has an invalid interface number: 69 but max is 0
[ 1041.827553][ T5822] usb 9-1: config 0 has no interface number 0
[ 1041.843433][ T5822] usb 9-1: config 0 interface 69 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 1023
[ 1041.921341][ T5822] usb 9-1: config 0 interface 69 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1041.968358][ T5822] usb 9-1: New USB device found, idVendor=0c4b, idProduct=0100, bcdDevice=d7.ca
[ 1041.995040][   T37] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1041.996133][ T5822] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1042.043599][ T5822] usb 9-1: Product: syz
[ 1042.058408][ T5822] usb 9-1: Manufacturer: syz
[ 1042.072871][ T2674] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1042.079956][ T5822] usb 9-1: SerialNumber: syz
[ 1042.112500][ T2674] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1042.139621][ T5822] usb 9-1: config 0 descriptor??
[ 1042.164294][ T3433] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[ 1042.199251][ T5822] cyberjack 9-1:0.69: Reiner SCT Cyberjack USB card reader converter detected
[ 1042.225907][ T2674] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1042.254614][ T5822] usb 9-1: Reiner SCT Cyberjack USB card reader converter now attached to ttyUSB0
[ 1042.437653][   T37] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1042.601275][   T37] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1042.678119][ T1084] usb 9-1: USB disconnect, device number 4
[ 1042.711971][ T1084] cyberjack ttyUSB0: Reiner SCT Cyberjack USB card reader converter now disconnected from ttyUSB0
[ 1042.768252][ T1084] cyberjack 9-1:0.69: device disconnected
[ 1042.891331][ T3548] loop4: detected capacity change from 0 to 8
[ 1042.922114][ T3467] loop9: detected capacity change from 0 to 32768
[ 1042.923647][ T3513] loop6: detected capacity change from 0 to 4096
[ 1042.949585][ T3548] MTD: Attempt to mount non-MTD device "/dev/loop4"
[ 1042.995295][ T3548] cramfs: Error -3 while decompressing!
[ 1043.008817][ T3467] ea_get: invalid extended attribute
[ 1043.014341][ T3467] ffff888053b70330: 04 00 00 00                                      ....
[ 1043.027255][ T3548] cramfs: ffffffff999eb2e8(26)->ffff888074b73000(4096)
[ 1043.030843][ T5835] udevd[5835]: incorrect cramfs checksum on /dev/loop4
[ 1043.034152][ T3548] cramfs: Error -3 while decompressing!
[ 1043.053655][ T3548] cramfs: ffffffff999eb302(26)->ffff88806a011000(4096)
[ 1043.060168][ T2674] hsr_slave_0: entered promiscuous mode
[ 1043.089974][ T3548] cramfs: Error -3 while decompressing!
[ 1043.101401][ T2674] hsr_slave_1: entered promiscuous mode
[ 1043.134927][ T2674] debugfs: 'hsr0' already exists in 'hsr'
[ 1043.144593][ T3548] cramfs: ffffffff999eb31c(16)->ffff888048a20000(4096)
[ 1043.171133][ T2674] Cannot create hsr debugfs directory
[ 1043.195887][ T3548] cramfs: Error -3 while decompressing!
[ 1043.217281][ T5835] udevd[5835]: incorrect cramfs checksum on /dev/loop4
[ 1043.254761][ T3548] cramfs: ffffffff999eb2e8(26)->ffff888074b73000(4096)
[ 1043.268967][ T2685] Bluetooth: hci3: command tx timeout
[ 1043.895003][ T3588] loop8: detected capacity change from 0 to 4096
[ 1044.047924][ T3588] ntfs3(loop8): Mark volume as dirty due to NTFS errors
[ 1044.189413][ T3588] ntfs3(loop8): Failed to load $Extend (-22).
[ 1044.195511][ T3588] ntfs3(loop8): Failed to initialize $Extend.
[ 1044.253854][   T37] bridge_slave_1: left allmulticast mode
[ 1044.297734][   T37] bridge_slave_1: left promiscuous mode
[ 1044.310874][   T37] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1044.408340][   T37] bridge_slave_0: left allmulticast mode
[ 1044.414011][   T37] bridge_slave_0: left promiscuous mode
[ 1044.487051][   T37] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1045.319183][ T3753] hsr_slave_0: hsr_addr_subst_dest: Unknown node
[ 1045.326188][ T3753] hsr_slave_1: hsr_addr_subst_dest: Unknown node
[ 1046.207999][ T3781] loop9: detected capacity change from 0 to 1024
[ 1046.251703][ T3781] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1046.284395][ T3781] EXT4-fs (loop9): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[ 1046.315305][ T3781] EXT4-fs (loop9): ext4_check_descriptors: Checksum for group 0 failed (53380!=20869)
[ 1046.340069][ T3781] EXT4-fs (loop9): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[ 1046.417277][ T3781] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1046.571526][T32729] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1046.819887][   T37] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1046.834533][   T37] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1046.847584][   T37] bond0 (unregistering): (slave team0): Releasing backup interface
[ 1046.858619][   T37] bond0 (unregistering): (slave wlan1): Releasing backup interface
[ 1046.878636][   T37] bond0 (unregistering): Released all slaves
[ 1046.899943][   T37] bond1 (unregistering): Released all slaves
[ 1046.933426][ T3746] netlink: 20 bytes leftover after parsing attributes in process `syz.4.10952'.
[ 1046.944680][ T3746] netlink: 20 bytes leftover after parsing attributes in process `syz.4.10952'.
[ 1047.094017][ T3132] chnl_net:caif_netlink_parms(): no params data found
[ 1047.206507][   T37] : left promiscuous mode
[ 1047.408337][   T31] audit: type=1326 audit(1766363077.769:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3831 comm="syz.4.10973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f347f18f749 code=0x7ffc0000
[ 1047.484994][ T3845] loop8: detected capacity change from 0 to 1024
[ 1047.550358][   T31] audit: type=1326 audit(1766363077.790:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3831 comm="syz.4.10973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f347f18f749 code=0x7ffc0000
[ 1047.640529][   T31] audit: type=1326 audit(1766363077.790:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3831 comm="syz.4.10973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=273 compat=0 ip=0x7f347f18f749 code=0x7ffc0000
[ 1047.744382][  T147] hfsplus: b-tree write err: -5, ino 4
[ 1047.772305][   T31] audit: type=1326 audit(1766363077.790:262): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3831 comm="syz.4.10973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f347f18f749 code=0x7ffc0000
[ 1047.864730][   T31] audit: type=1326 audit(1766363077.790:263): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=3831 comm="syz.4.10973" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f347f18f749 code=0x7ffc0000
[ 1047.999008][ T3889] netlink: 20 bytes leftover after parsing attributes in process `syz.9.10981'.
[ 1048.142072][ T3900] netlink: 'syz.4.10980': attribute type 2 has an invalid length.
[ 1048.763305][ T3922] loop9: detected capacity change from 0 to 4096
[ 1048.797212][ T3867] loop6: detected capacity change from 0 to 32768
[ 1048.852264][ T3867] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.10978 (3867)
[ 1048.962302][ T3867] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1049.023497][ T3867] BTRFS info (device loop6): using sha256 (sha256-lib) checksum algorithm
[ 1049.476308][ T3867] BTRFS info (device loop6): turning on async discard
[ 1049.487340][ T3867] BTRFS info (device loop6): enabling free space tree
[ 1049.570981][ T3132] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1049.578129][ T3132] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1049.636098][ T4009] netlink: 16 bytes leftover after parsing attributes in process `syz.9.10994'.
[ 1049.643826][ T3132] bridge_slave_0: entered allmulticast mode
[ 1049.680352][ T3132] bridge_slave_0: entered promiscuous mode
[ 1049.775031][T21899] BTRFS info (device loop6): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1049.811949][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[ 1049.825917][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 1049.959724][ T4018] netlink: 8 bytes leftover after parsing attributes in process `syz.4.10997'.
[ 1050.220847][ T3132] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1050.249838][ T3132] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1050.271543][ T3132] bridge_slave_1: entered allmulticast mode
[ 1050.300036][ T3132] bridge_slave_1: entered promiscuous mode
[ 1050.467848][T10543] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[ 1050.632084][ T4069] loop4: detected capacity change from 0 to 16
[ 1050.640727][T10543] usb 9-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[ 1050.685535][T10543] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1050.700981][ T4069] erofs (device loop4): mounted with root inode @ nid 36.
[ 1050.743512][ T4069] syz.4.11004: attempt to access beyond end of device
[ 1050.743512][ T4069] loop4: rw=524288, sector=128, nr_sectors = 1 limit=16
[ 1050.773027][T10543] usb 9-1: config 0 descriptor??
[ 1050.811633][ T4069] syz.4.11004: attempt to access beyond end of device
[ 1050.811633][ T4069] loop4: rw=524288, sector=0, nr_sectors = 1024 limit=16
[ 1050.865091][ T4069] syz.4.11004: attempt to access beyond end of device
[ 1050.865091][ T4069] loop4: rw=0, sector=128, nr_sectors = 1 limit=16
[ 1050.901404][ T4069] syz.4.11004: attempt to access beyond end of device
[ 1050.901404][ T4069] loop4: rw=0, sector=0, nr_sectors = 1024 limit=16
[ 1050.920046][ T4062] netdevsim netdevsim9 netdevsim0: entered allmulticast mode
[ 1050.931220][ T4069] erofs (device loop4): read error -5 @ 0 of nid 89
[ 1050.986986][   T31] audit: type=1800 audit(1766363081.507:264): pid=4069 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.11004" name="file2" dev="loop4" ino=89 res=0 errno=0
[ 1051.104946][ T3132] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1051.215208][ T3132] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1051.234048][T10543] usb 9-1: Cannot set MAC address
[ 1051.251979][T10543] MOSCHIP usb-ethernet driver 9-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71
[ 1051.367979][T10543] usb 9-1: USB disconnect, device number 5
[ 1051.745311][ T4132] 8021q: VLANs not supported on lo
[ 1051.854780][ T4163] 9pnet_fd: p9_fd_create_tcp (4163): problem binding to privport
[ 1051.931947][ T3132] team0: Port device team_slave_0 added
[ 1051.994513][ T3132] team0: Port device team_slave_1 added
[ 1052.772985][ T4261] xt_hashlimit: max too large, truncated to 1048576
[ 1052.790884][ T4184] bond1: option miimon: invalid value (18446744073709551614)
[ 1052.825748][ T4184] bond1: option miimon: allowed values 0 - 2147483647
[ 1052.875198][ T4184] bond1 (unregistering): Released all slaves
[ 1053.011756][ T3132] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1053.020460][ T3132] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1053.067291][ T3132] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1053.186230][   T37] hsr_slave_0: left promiscuous mode
[ 1053.203136][   T37] hsr_slave_1: left promiscuous mode
[ 1053.220833][   T37] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1053.249212][   T37] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1053.309737][   T37] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1053.349258][   T37] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1053.454902][   T37] veth1_macvtap: left allmulticast mode
[ 1053.512426][   T37] veth1_macvtap: left promiscuous mode
[ 1053.524445][   T37] veth0_macvtap: left promiscuous mode
[ 1053.530240][   T37] veth1_vlan: left promiscuous mode
[ 1053.694897][ T4335] loop8: detected capacity change from 0 to 16
[ 1053.739190][ T4335] erofs (device loop8): mounted with root inode @ nid 36.
[ 1054.011058][ T4352] loop4: detected capacity change from 0 to 64
[ 1054.045779][ T4348] loop9: detected capacity change from 0 to 1024
[ 1055.271409][ T4395] netlink: 'syz.8.11054': attribute type 8 has an invalid length.
[ 1055.315362][   T37] team0 (unregistering): Port device team_slave_1 removed
[ 1055.366552][   T37] team0 (unregistering): Port device team_slave_0 removed
[ 1055.880062][ T3132] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1055.887338][ T3132] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[ 1055.915627][ T3132] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1056.022737][ T4395] bridge1: trying to set multicast startup query interval below minimum, setting to 100 (1000ms)
[ 1056.247050][ T2674] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1056.263739][ T2674] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1056.400945][ T2674] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1056.508349][ T3132] hsr_slave_0: entered promiscuous mode
[ 1056.543399][ T3132] hsr_slave_1: entered promiscuous mode
[ 1056.561777][ T3132] debugfs: 'hsr0' already exists in 'hsr'
[ 1056.567527][ T3132] Cannot create hsr debugfs directory
[ 1056.586740][ T2674] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1056.757419][ T4463] loop4: detected capacity change from 0 to 512
[ 1056.865398][ T4463] FAT-fs (loop4): error, clusters badly computed (1 != 0)
[ 1056.917556][ T4463] FAT-fs (loop4): Filesystem has been set read-only
[ 1057.003222][ T4463] FAT-fs (loop4): error, clusters badly computed (2 != 1)
[ 1057.409119][ T4526] netlink: 20 bytes leftover after parsing attributes in process `syz.9.11071'.
[ 1057.458889][ T4527] netlink: 16 bytes leftover after parsing attributes in process `syz.8.11073'.
[ 1057.988566][ T4580] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[ 1058.433697][ T4595] ipip0: entered promiscuous mode
[ 1058.468843][ T4595] ipip0: entered allmulticast mode
[ 1058.789210][ T2674] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1059.114703][ T2674] 8021q: adding VLAN 0 to HW filter on device team0
[ 1059.153114][ T3788] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1059.160270][ T3788] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1059.243022][ T3788] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1059.250234][ T3788] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1059.797261][ T3132] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1059.889244][ T4683] loop4: detected capacity change from 0 to 64
[ 1059.905212][ T3132] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1059.955764][ T3132] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1060.003035][ T4679] loop8: detected capacity change from 0 to 4096
[ 1060.059890][ T3132] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1060.097298][ T4679] ntfs3(loop8): Different NTFS sector size (4096) and media sector size (512).
[ 1060.263687][ T4684] loop6: detected capacity change from 0 to 4096
[ 1060.371103][ T4679] ntfs3(loop8): ino=1a, mi_enum_attr
[ 1060.376649][ T4679] ntfs3(loop8): Mark volume as dirty due to NTFS errors
[ 1060.415758][ T4679] ntfs3(loop8): ino=1a, mi_enum_attr
[ 1060.453084][ T4679] ntfs3(loop8): Failed to initialize $Extend/$Reparse.
[ 1060.512703][ T4684] ntfs3(loop6): Mark volume as dirty due to NTFS errors
[ 1060.600419][ T4684] ntfs3(loop6): Failed to load $Extend (-22).
[ 1060.606527][ T4684] ntfs3(loop6): Failed to initialize $Extend.
[ 1060.622712][ T4679] ntfs3(loop8): ino=5, "/" indx_read
[ 1060.723578][ T4708] loop9: detected capacity change from 0 to 4096
[ 1060.789809][ T4708] ntfs3(loop9): Different NTFS sector size (1024) and media sector size (512).
[ 1060.813137][ T3132] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1060.975921][ T3132] 8021q: adding VLAN 0 to HW filter on device team0
[ 1061.088933][   T49] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1061.096116][   T49] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1061.214241][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1061.221437][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1061.627703][ T4742] loop6: detected capacity change from 0 to 512
[ 1061.659129][ T2674] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1061.690387][ T4742] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[ 1061.744754][ T4742] EXT4-fs (loop6): can't mount with commit=, fs mounted w/o journal
[ 1061.960606][ T2674] veth0_vlan: entered promiscuous mode
[ 1062.004850][ T2674] veth1_vlan: entered promiscuous mode
[ 1062.066919][ T5822] usb 7-1: new high-speed USB device number 15 using dummy_hcd
[ 1062.137360][ T2674] veth0_macvtap: entered promiscuous mode
[ 1062.161178][ T2674] veth1_macvtap: entered promiscuous mode
[ 1062.209070][ T5822] usb 7-1: Using ep0 maxpacket: 16
[ 1062.212159][ T5822] usb 7-1: config 1 has an invalid descriptor of length 189, skipping remainder of the config
[ 1062.212210][ T5822] usb 7-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18
[ 1062.214115][ T5822] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice=f1.40
[ 1062.214148][ T5822] usb 7-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[ 1062.214174][ T5822] usb 7-1: Product: syz
[ 1062.214193][ T5822] usb 7-1: Manufacturer: syz
[ 1062.234353][ T5822] cdc_ether 7-1:1.0: skipping garbage
[ 1062.234596][ T5822] cdc_ether 7-1:1.0: probe with driver cdc_ether failed with error -22
[ 1062.278692][ T2674] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1062.422474][   T24] usb 7-1: USB disconnect, device number 15
[ 1062.556769][ T2674] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1062.653410][ T6045] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1062.702492][ T6045] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1062.738734][ T6045] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1062.797986][ T6045] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1062.908147][ T3132] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1063.200983][ T4808] netlink: 'syz.6.11123': attribute type 5 has an invalid length.
[ 1063.249414][ T4808] netlink: 8 bytes leftover after parsing attributes in process `syz.6.11123'.
[ 1063.285873][ T4816] netlink: 'syz.4.11124': attribute type 3 has an invalid length.
[ 1063.293723][ T4816] netlink: 'syz.4.11124': attribute type 3 has an invalid length.
[ 1063.329728][ T4808] ip6erspan0: entered promiscuous mode
[ 1063.451349][ T3502] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1063.491567][ T3502] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1063.678995][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1063.691552][ T3132] veth0_vlan: entered promiscuous mode
[ 1063.709940][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1063.781480][ T3132] veth1_vlan: entered promiscuous mode
[ 1063.849383][ T6505] usb 5-1: new high-speed USB device number 119 using dummy_hcd
[ 1063.976998][ T3132] veth0_macvtap: entered promiscuous mode
[ 1064.038301][ T6505] usb 5-1: Using ep0 maxpacket: 16
[ 1064.055204][ T3132] veth1_macvtap: entered promiscuous mode
[ 1064.085235][ T6505] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1064.164890][ T6505] usb 5-1: New USB device found, idVendor=0b0e, idProduct=ffff, bcdDevice= 0.00
[ 1064.183672][ T3132] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1064.211976][ T6505] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1064.260553][ T3132] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1064.284764][ T6505] usb 5-1: config 0 descriptor??
[ 1064.377087][ T3488] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1064.433593][ T3488] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1064.479796][ T3488] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1064.540106][ T6505] usbhid 5-1:0.0: can't add hid device: -71
[ 1064.557112][ T3488] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1064.567903][ T6505] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[ 1064.626509][ T4803] loop9: detected capacity change from 0 to 32768
[ 1064.633598][ T6505] usb 5-1: USB disconnect, device number 119
[ 1065.095300][ T5990] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1065.147104][ T5990] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1065.318155][ T3502] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1065.333718][ T6505] usb 2-1: new high-speed USB device number 111 using dummy_hcd
[ 1065.358361][ T3502] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1065.400592][ T4922] No such timeout policy "syz1"
[ 1065.524068][ T6505] usb 2-1: Using ep0 maxpacket: 16
[ 1065.559994][ T6505] usb 2-1: config 0 has an invalid interface number: 48 but max is 0
[ 1065.594072][ T6505] usb 2-1: config 0 has no interface number 0
[ 1065.636719][ T6505] usb 2-1: config 0 interface 48 has no altsetting 0
[ 1065.659978][ T6505] usb 2-1: New USB device found, idVendor=1199, idProduct=b000, bcdDevice=a8.98
[ 1065.708529][ T6505] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1065.744090][ T4937] netlink: 'syz.6.11145': attribute type 21 has an invalid length.
[ 1065.765218][ T6505] usb 2-1: Product: syz
[ 1065.769527][ T6505] usb 2-1: Manufacturer: syz
[ 1065.792417][ T4937] netlink: 132 bytes leftover after parsing attributes in process `syz.6.11145'.
[ 1065.812370][ T6505] usb 2-1: SerialNumber: syz
[ 1065.854044][ T4944] loop0: detected capacity change from 0 to 256
[ 1065.860216][ T4937] netlink: 'syz.6.11145': attribute type 1 has an invalid length.
[ 1065.876772][ T6505] usb 2-1: config 0 descriptor??
[ 1066.033070][ T4944] FAT-fs (loop0): Directory bread(block 64) failed
[ 1066.070632][ T4944] FAT-fs (loop0): Directory bread(block 65) failed
[ 1066.135856][ T4944] FAT-fs (loop0): Directory bread(block 66) failed
[ 1066.142419][ T4944] FAT-fs (loop0): Directory bread(block 67) failed
[ 1066.149216][ T5839] Bluetooth: hci2: Unknown advertising packet type: 0x35
[ 1066.149281][ T5839] Bluetooth: hci2: Malformed LE Event: 0x0d
[ 1066.154052][ T6505] usb 2-1: USB disconnect, device number 111
[ 1066.250656][ T4944] FAT-fs (loop0): Directory bread(block 68) failed
[ 1066.305158][ T4944] FAT-fs (loop0): Directory bread(block 69) failed
[ 1066.359693][ T4944] FAT-fs (loop0): Directory bread(block 70) failed
[ 1066.422655][ T5839] Bluetooth: hci6: command 0x0406 tx timeout
[ 1066.451023][ T4944] FAT-fs (loop0): Directory bread(block 71) failed
[ 1066.457630][ T4944] FAT-fs (loop0): Directory bread(block 72) failed
[ 1066.597098][ T4944] FAT-fs (loop0): Directory bread(block 73) failed
[ 1066.708238][ T4995] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1067.630431][ T5822] usb 1-1: new high-speed USB device number 122 using dummy_hcd
[ 1067.819923][ T5822] usb 1-1: Using ep0 maxpacket: 32
[ 1067.841490][ T5822] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 1067.862749][ T5062] loop4: detected capacity change from 0 to 256
[ 1067.894614][ T5822] usb 1-1: config 255 has an invalid interface number: 81 but max is 0
[ 1067.918890][ T5062] exfat: Deprecated parameter 'namecase'
[ 1067.923469][ T5822] usb 1-1: config 255 has an invalid descriptor of length 0, skipping remainder of the config
[ 1067.961670][ T5062] exfat: Deprecated parameter 'utf8'
[ 1067.997914][ T5063] loop1: detected capacity change from 0 to 1764
[ 1068.013008][ T5822] usb 1-1: config 255 has no interface number 0
[ 1068.019292][ T5822] usb 1-1: config 255 interface 81 altsetting 3 has an endpoint descriptor with address 0x93, changing to 0x83
[ 1068.066791][ T5062] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d)
[ 1068.124805][ T5822] usb 1-1: config 255 interface 81 altsetting 3 endpoint 0x83 has an invalid bInterval 0, changing to 7
[ 1068.162840][ T5822] usb 1-1: config 255 interface 81 altsetting 3 endpoint 0x83 has invalid maxpacket 59391, setting to 1024
[ 1068.178742][ T5076] openvswitch: netlink: Tunnel attr 193 out of range max 16
[ 1068.210194][ T5074] loop8: detected capacity change from 0 to 2048
[ 1068.242119][ T5822] usb 1-1: config 255 interface 81 has no altsetting 0
[ 1068.280227][ T5822] usb 1-1: string descriptor 0 read error: -22
[ 1068.300516][ T5822] usb 1-1: New USB device found, idVendor=0dfc, idProduct=0001, bcdDevice=24.ac
[ 1068.347514][ T5074] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1068.381240][ T5822] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1068.500958][ T5029] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1068.624920][ T5822] input: USB Touchscreen 0dfc:0001 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:255.81/input/input88
[ 1068.906087][ T5112] syz.8.11183 (5112): /proc/5111/oom_adj is deprecated, please use /proc/5111/oom_score_adj instead.
[ 1069.110511][ T5822] usb 1-1: USB disconnect, device number 122
[ 1070.270397][   T24] usb 7-1: new full-speed USB device number 16 using dummy_hcd
[ 1070.356774][ T5201] nvme_fabrics: missing parameter 'transport=%s'
[ 1070.380447][ T5201] nvme_fabrics: missing parameter 'nqn=%s'
[ 1070.387454][ T6505] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[ 1070.445345][   T24] usb 7-1: unable to get BOS descriptor or descriptor too short
[ 1070.506431][   T24] usb 7-1: not running at top speed; connect to a high speed hub
[ 1070.546461][   T24] usb 7-1: config 1 has an invalid interface number: 138 but max is 0
[ 1070.578145][ T6505] usb 10-1: config 0 has an invalid interface number: 64 but max is 0
[ 1070.593162][   T24] usb 7-1: config 1 has an invalid descriptor of length 158, skipping remainder of the config
[ 1070.621110][ T6505] usb 10-1: config 0 has an invalid descriptor of length 48, skipping remainder of the config
[ 1070.635294][   T24] usb 7-1: config 1 has no interface number 0
[ 1070.659355][ T6505] usb 10-1: config 0 has no interface number 0
[ 1070.665712][   T24] usb 7-1: config 1 interface 138 altsetting 252 endpoint 0xC has invalid maxpacket 52651, setting to 64
[ 1070.678595][ T5133] loop4: detected capacity change from 0 to 32768
[ 1070.719620][ T6505] usb 10-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice=39.48
[ 1070.761407][   T24] usb 7-1: config 1 interface 138 has no altsetting 0
[ 1070.801625][ T6505] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1070.809733][ T6505] usb 10-1: Product: syz
[ 1070.832542][   T31] audit: type=1800 audit(1766363102.356:265): pid=5133 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.11189" name="file1" dev="loop4" ino=4 res=0 errno=0
[ 1070.839288][   T24] usb 7-1: New USB device found, idVendor=0cb8, idProduct=c90b, bcdDevice= d.ae
[ 1070.891469][ T5218] loop1: detected capacity change from 0 to 1764
[ 1070.899537][ T6505] usb 10-1: Manufacturer: syz
[ 1070.915870][ T6505] usb 10-1: SerialNumber: syz
[ 1070.936220][ T6505] usb 10-1: config 0 descriptor??
[ 1070.972338][   T24] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1071.011788][   T24] usb 7-1: Product: syz
[ 1071.032226][   T24] usb 7-1: Manufacturer: syz
[ 1071.063726][ T5229] loop0: detected capacity change from 0 to 22
[ 1071.092570][   T24] usb 7-1: SerialNumber: syz
[ 1071.118948][ T5229] MTD: Attempt to mount non-MTD device "/dev/loop0"
[ 1071.131485][ T5186] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[ 1071.155685][ T5229] romfs: Mounting image 'rom 637cf1fa' through the block layer
[ 1071.406532][ T6505] uvcvideo 10-1:0.64: Found UVC 0.00 device syz (046d:0823)
[ 1071.438384][   T24] usb 7-1: Quirk or no altset; falling back to MIDI 1.0
[ 1071.448963][ T6505] uvcvideo 10-1:0.64: No valid video chain found.
[ 1071.475512][ T6505] usb 10-1: USB disconnect, device number 3
[ 1071.574327][ T5264] netlink: 4 bytes leftover after parsing attributes in process `syz.4.11212'.
[ 1071.611536][ T5271] loop8: detected capacity change from 0 to 256
[ 1071.625482][   T24] usb 7-1: USB disconnect, device number 16
[ 1071.720546][ T5929] IPVS: starting estimator thread 0...
[ 1071.870511][ T5282] IPVS: using max 25 ests per chain, 60000 per kthread
[ 1072.181690][ T6695] udevd[6695]: error opening ATTR{/sys/devices/platform/dummy_hcd.6/usb7/7-1/7-1:1.138/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1072.864825][ T5342] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1073.559548][ T5377] loop6: detected capacity change from 0 to 512
[ 1073.677928][ T5377] EXT4-fs error (device loop6): ext4_orphan_get:1391: inode #15: comm syz.6.11238: inode has both inline data and extents flags
[ 1073.705561][ T5377] EXT4-fs error (device loop6): ext4_orphan_get:1396: comm syz.6.11238: couldn't read orphan inode 15 (err -117)
[ 1073.723285][ T5377] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1073.904539][T21899] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1074.453456][ T5419] netlink: 40 bytes leftover after parsing attributes in process `syz.1.11247'.
[ 1074.739359][ T5421] loop0: detected capacity change from 0 to 4096
[ 1074.778804][ T5421] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512).
[ 1074.850038][ T5437] netlink: 16 bytes leftover after parsing attributes in process `syz.1.11252'.
[ 1074.932033][ T5421] ntfs3(loop0): ino=19, mi_enum_attr
[ 1074.967089][ T5421] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[ 1074.969447][ T5444] loop6: detected capacity change from 0 to 64
[ 1074.984172][ T5445] loop9: detected capacity change from 0 to 8
[ 1075.051701][ T5421] ntfs3(loop0): failed to convert "c46c" to cp775
[ 1075.092650][ T5421] ntfs3(loop0): ino=20, mi_enum_attr
[ 1075.158162][ T5366] loop4: detected capacity change from 0 to 32768
[ 1075.281064][ T5457] netlink: 256 bytes leftover after parsing attributes in process `syz.1.11256'.
[ 1075.345673][ T5457] unsupported nlmsg_type 40
[ 1075.450248][ T5468] openvswitch: netlink: VXLAN extension 0 has unexpected len 2 expected 0
[ 1075.991649][ T5501] loop8: detected capacity change from 0 to 128
[ 1076.039963][ T5501] EXT4-fs (loop8): ext4_check_descriptors: Checksum for group 0 failed (30846!=65535)
[ 1076.134140][ T5501] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 ro without journal. Quota mode: none.
[ 1076.181364][ T5501] EXT4-fs (loop8): ext4_remount: Checksum for group 0 failed (30846!=65535)
[ 1076.383650][ T5516] trusted_key: encrypted_key: master key parameter 'u' is invalid
[ 1076.500701][T30492] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1076.888378][ T5929] usb 7-1: new high-speed USB device number 17 using dummy_hcd
[ 1077.071221][ T5929] usb 7-1: config 0 has an invalid interface number: 120 but max is 0
[ 1077.107919][ T5562] netlink: 8 bytes leftover after parsing attributes in process `syz.0.11283'.
[ 1077.113146][ T5929] usb 7-1: config 0 has no interface number 0
[ 1077.163971][ T5929] usb 7-1: config 0 interface 120 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[ 1077.212173][ T5929] usb 7-1: New USB device found, idVendor=16e3, idProduct=f9e9, bcdDevice= 0.58
[ 1077.265561][ T5929] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1077.288268][ T5572] ptrace attach of "./syz-executor exec"[30492] was attempted by "./syz-executor exec"[5572]
[ 1077.330036][ T5929] usb 7-1: config 0 descriptor??
[ 1077.664976][ T6505] usb 7-1: USB disconnect, device number 17
[ 1077.831658][ T5605] loop4: detected capacity change from 0 to 512
[ 1077.926074][ T5605] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1078.041091][ T5619] netlink: 60 bytes leftover after parsing attributes in process `syz.9.11292'.
[ 1078.060991][ T5605] ext4 filesystem being mounted at /1923/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1078.335408][ T5833] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1078.822336][ T5653] xt_cluster: you have exceeded the maximum number of cluster nodes (1536 > 32)
[ 1078.941750][ T5660] netlink: 44 bytes leftover after parsing attributes in process `syz.8.11302'.
[ 1079.065941][ T5561] loop1: detected capacity change from 0 to 40427
[ 1079.164958][ T5561] F2FS-fs (loop1): build fault injection rate: 174
[ 1079.205768][ T5671] loop6: detected capacity change from 0 to 512
[ 1079.212277][ T5561] F2FS-fs (loop1): build fault injection type: 0x3bfe8c
[ 1079.250329][ T5671] EXT4-fs error (device loop6): ext4_orphan_get:1417: comm syz.6.11306: bad orphan inode 15
[ 1079.261012][ T5561] F2FS-fs (loop1): invalid crc value
[ 1079.365233][ T5671] ext4_test_bit(bit=14, block=5) = 0
[ 1079.416916][ T5671] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1079.503732][ T5671] EXT4-fs error (device loop6): __ext4_new_inode:1073: comm syz.6.11306: reserved inode found cleared - inode=1
[ 1079.765665][ T5561] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[ 1079.863204][ T5561] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[ 1079.876894][T21899] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1080.016255][ T5699] loop9: detected capacity change from 0 to 4096
[ 1080.045825][ T5699] ntfs3(loop9): Different NTFS sector size (4096) and media sector size (512).
[ 1080.222340][ T5929] usb 1-1: new high-speed USB device number 123 using dummy_hcd
[ 1080.236007][ T5699] ntfs3(loop9): ino=19, mi_enum_attr
[ 1080.271252][ T5699] ntfs3(loop9): Mark volume as dirty due to NTFS errors
[ 1080.373677][ T5699] ntfs3(loop9): failed to convert "c46c" to iso8859-5
[ 1080.403421][ T5699] ntfs3(loop9): ino=20, mi_enum_attr
[ 1080.420385][ T5929] usb 1-1: config 0 has an invalid interface number: 50 but max is 0
[ 1080.469767][ T5929] usb 1-1: config 0 has no interface number 0
[ 1080.500375][ T5929] usb 1-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=e6.fc
[ 1080.555007][ T5929] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1080.608203][ T5929] usb 1-1: Product: syz
[ 1080.612388][ T5929] usb 1-1: Manufacturer: syz
[ 1080.659093][ T5929] usb 1-1: SerialNumber: syz
[ 1080.701422][ T5929] usb 1-1: config 0 descriptor??
[ 1080.744392][ T5929] yurex 1-1:0.50: Could not find endpoints
[ 1080.948126][ T6015] usb 1-1: USB disconnect, device number 123
[ 1081.191995][ T5767] loop9: detected capacity change from 0 to 512
[ 1081.296719][ T5767] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1081.370972][ T5780] loop6: detected capacity change from 0 to 8
[ 1081.427610][ T5780] SQUASHFS error: Failed to read block 0x34e: -5
[ 1081.439830][ T5780] SQUASHFS error: Unable to read metadata cache entry [34c]
[ 1081.460301][   T31] audit: type=1800 audit(1766363113.515:266): pid=5780 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.11328" name="file1" dev="loop6" ino=5 res=0 errno=0
[ 1081.686393][ T5713] loop4: detected capacity change from 0 to 32768
[ 1081.740721][ T5792] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1081.784762][ T5713] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.11316 (5713)
[ 1081.845846][T32729] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1081.929140][ T5713] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1082.004130][ T5713] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm
[ 1082.319421][ T5829] netlink: 24 bytes leftover after parsing attributes in process `syz.9.11335'.
[ 1082.339099][ T5846] loop6: detected capacity change from 0 to 256
[ 1082.390086][ T5829] vlan0: entered promiscuous mode
[ 1082.486835][ T5713] BTRFS info (device loop4): enabling ssd optimizations
[ 1082.530863][ T5713] BTRFS info (device loop4): turning on async discard
[ 1082.549817][ T5846] FAT-fs (loop6): Directory bread(block 64) failed
[ 1082.565244][ T5713] BTRFS info (device loop4): enabling free space tree
[ 1082.607741][ T5846] FAT-fs (loop6): Directory bread(block 65) failed
[ 1082.661931][ T5846] FAT-fs (loop6): Directory bread(block 66) failed
[ 1082.702144][ T5846] FAT-fs (loop6): Directory bread(block 67) failed
[ 1082.772218][ T5846] FAT-fs (loop6): Directory bread(block 68) failed
[ 1082.821579][ T5846] FAT-fs (loop6): Directory bread(block 69) failed
[ 1082.870381][ T5846] FAT-fs (loop6): Directory bread(block 70) failed
[ 1082.898023][ T5846] FAT-fs (loop6): Directory bread(block 71) failed
[ 1082.947506][ T5833] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1082.969256][ T5846] FAT-fs (loop6): Directory bread(block 72) failed
[ 1083.013377][ T5846] FAT-fs (loop6): Directory bread(block 73) failed
[ 1083.020277][ T5886] netlink: 'syz.8.11345': attribute type 1 has an invalid length.
[ 1083.876735][ T5939] loop6: detected capacity change from 0 to 1024
[ 1083.945974][ T5939] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[ 1083.997769][ T5951] loop0: detected capacity change from 0 to 512
[ 1084.032420][ T5939] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[ 1084.083523][ T5951] EXT4-fs error (device loop0): ext4_orphan_get:1391: comm syz.0.11358: inode #13: comm syz.0.11358: iget: illegal inode #
[ 1084.119213][ T5939] EXT4-fs (loop6): revision level too high, forcing read-only mode
[ 1084.127484][ T5939] EXT4-fs (loop6): orphan cleanup on readonly fs
[ 1084.163102][ T5951] EXT4-fs (loop0): Remounting filesystem read-only
[ 1084.202967][ T5939] EXT4-fs error (device loop6): ext4_free_blocks:6728: comm syz.6.11354: Freeing blocks not in datazone - block = 0, count = 4096
[ 1084.243312][ T5939] EXT4-fs (loop6): Remounting filesystem read-only
[ 1084.246689][ T5964] loop4: detected capacity change from 0 to 512
[ 1084.281166][ T5951] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1084.296604][ T5939] EXT4-fs (loop6): 1 orphan inode deleted
[ 1084.319205][ T5964] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[ 1084.330302][ T5939] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1084.393199][ T5964] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.11361: bg 0: block 384: padding at end of block bitmap is not set
[ 1084.435980][ T5964] EXT4-fs (loop4): Remounting filesystem read-only
[ 1084.453411][ T5964] EXT4-fs (loop4): 1 truncate cleaned up
[ 1084.460863][ T5964] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1084.520687][ T3132] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1084.597787][ T5833] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1084.673984][T21899] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1084.849417][ T5992] loop4: detected capacity change from 0 to 512
[ 1084.913577][ T5992] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1085.003707][ T6005] loop9: detected capacity change from 0 to 256
[ 1085.020072][ T6005] FAT-fs (loop9): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[ 1085.020105][ T5992] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #15: comm syz.4.11365: iget: bad extended attribute block 262144
[ 1085.134516][ T6013] netlink: 2 bytes leftover after parsing attributes in process `syz.8.11369'.
[ 1085.157444][ T5992] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.11365: couldn't read orphan inode 15 (err -117)
[ 1085.271510][ T5992] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1085.541445][ T6032] loop8: detected capacity change from 0 to 64
[ 1085.574477][ T5992] EXT4-fs error (device loop4): ext4_lookup:1789: inode #2: comm syz.4.11365: deleted inode referenced: 15
[ 1085.642559][ T6032] Trying to free block not in datazone
[ 1085.782425][ T6042] netlink: 2 bytes leftover after parsing attributes in process `syz.6.11377'.
[ 1085.807543][ T5833] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1086.071042][ T6063] netlink: 12 bytes leftover after parsing attributes in process `syz.4.11380'.
[ 1086.116167][ T6055] set_capacity_and_notify: 1 callbacks suppressed
[ 1086.116189][ T6055] loop0: detected capacity change from 0 to 1764
[ 1086.138326][ T6063] netlink: 8 bytes leftover after parsing attributes in process `syz.4.11380'.
[ 1086.254629][ T6055] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[ 1086.368493][ T6055] iso9660: Corrupted directory entry in block 2 of inode 1920
[ 1086.435491][ T6078] loop1: detected capacity change from 0 to 16
[ 1086.503160][ T6078] erofs (device loop1): EXPERIMENTAL 48-bit layout support in use. Use at your own risk!
[ 1086.585467][ T6078] erofs (device loop1): mounted with root inode @ nid 36.
[ 1086.681559][ T6078] syz.1.11385: attempt to access beyond end of device
[ 1086.681559][ T6078] loop1: rw=0, sector=15300821024, nr_sectors = 8 limit=16
[ 1086.763980][ T6078] erofs (device loop1): read error -5 @ 72 of nid 36
[ 1086.787836][   T31] audit: type=1326 audit(1766363119.110:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6096 comm="syz.9.11391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f022f78f749 code=0x7ffc0000
[ 1086.800255][   T31] audit: type=1326 audit(1766363119.121:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6096 comm="syz.9.11391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f022f78f749 code=0x7ffc0000
[ 1086.817022][   T31] audit: type=1326 audit(1766363119.142:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6096 comm="syz.9.11391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f022f78f749 code=0x7ffc0000
[ 1086.817479][   T31] audit: type=1326 audit(1766363119.142:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6096 comm="syz.9.11391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f022f78f783 code=0x7ffc0000
[ 1086.854378][   T31] audit: type=1326 audit(1766363119.184:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6096 comm="syz.9.11391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f022f78e1ff code=0x7ffc0000
[ 1086.951225][   T31] audit: type=1326 audit(1766363119.278:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6096 comm="syz.9.11391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f022f78f7d7 code=0x7ffc0000
[ 1086.954566][   T31] audit: type=1326 audit(1766363119.278:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6096 comm="syz.9.11391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f022f78df90 code=0x7ffc0000
[ 1086.963265][   T31] audit: type=1326 audit(1766363119.289:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6096 comm="syz.9.11391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f022f78f34b code=0x7ffc0000
[ 1086.964494][ T6100] loop9: detected capacity change from 0 to 2048
[ 1086.974511][   T31] audit: type=1326 audit(1766363119.299:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6096 comm="syz.9.11391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f022f78e3aa code=0x7ffc0000
[ 1086.975156][   T31] audit: type=1326 audit(1766363119.299:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6096 comm="syz.9.11391" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f022f78f34b code=0x7ffc0000
[ 1087.221649][ T6118] netlink: 'syz.1.11393': attribute type 6 has an invalid length.
[ 1087.348390][ T6119] loop0: detected capacity change from 0 to 256
[ 1087.597704][ T6119] FAT-fs (loop0): Directory bread(block 64) failed
[ 1087.622110][ T6119] FAT-fs (loop0): Directory bread(block 65) failed
[ 1087.657773][ T6119] FAT-fs (loop0): Directory bread(block 66) failed
[ 1087.700227][ T6135] netlink: 8 bytes leftover after parsing attributes in process `syz.9.11397'.
[ 1087.709577][ T6135] netlink: 4 bytes leftover after parsing attributes in process `syz.9.11397'.
[ 1087.718733][ T6119] FAT-fs (loop0): Directory bread(block 67) failed
[ 1087.757277][ T6119] FAT-fs (loop0): Directory bread(block 68) failed
[ 1087.783610][ T6119] FAT-fs (loop0): Directory bread(block 69) failed
[ 1087.829637][ T6119] FAT-fs (loop0): Directory bread(block 70) failed
[ 1087.894235][ T6119] FAT-fs (loop0): Directory bread(block 71) failed
[ 1087.930417][ T6119] FAT-fs (loop0): Directory bread(block 72) failed
[ 1087.974552][ T6119] FAT-fs (loop0): Directory bread(block 73) failed
[ 1088.211693][ T6164] netlink: 'syz.4.11405': attribute type 11 has an invalid length.
[ 1088.853419][ T6155] Bluetooth: hci0: Opcode 0x0c20 failed: -4
[ 1089.170304][ T6206] netlink: 8 bytes leftover after parsing attributes in process `syz.4.11416'.
[ 1089.567400][ T6221] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[ 1089.648944][ T6227] nbd: illegal input index 2958377
[ 1089.950618][ T6177] loop8: detected capacity change from 0 to 32768
[ 1090.005225][ T6177] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop8 (7:8) scanned by syz.8.11409 (6177)
[ 1090.114802][ T6177] BTRFS info (device loop8): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1090.154555][ T6168] loop9: detected capacity change from 0 to 40427
[ 1090.166835][ T6177] BTRFS info (device loop8): using sha256 (sha256-lib) checksum algorithm
[ 1090.181948][T10543] usb 2-1: new high-speed USB device number 112 using dummy_hcd
[ 1090.265666][ T6168] F2FS-fs (loop9): invalid crc value
[ 1090.376391][T10543] usb 2-1: Using ep0 maxpacket: 16
[ 1090.439850][ T6168] F2FS-fs (loop9): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[ 1090.469404][ T6177] BTRFS info (device loop8): enabling ssd optimizations
[ 1090.491933][T10543] usb 2-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice=10.00
[ 1090.532037][ T6177] BTRFS info (device loop8): turning on async discard
[ 1090.540757][ T6168] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[ 1090.548321][ T6177] BTRFS info (device loop8): enabling free space tree
[ 1090.569068][T10543] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1090.624257][T10543] usb 2-1: Product: syz
[ 1090.628444][T10543] usb 2-1: Manufacturer: syz
[ 1090.683277][T10543] usb 2-1: SerialNumber: syz
[ 1090.739625][T10543] usb 2-1: config 0 descriptor??
[ 1090.781374][T10543] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected
[ 1090.857769][T10543] usb 2-1: Detected FT-X
[ 1091.045173][T10543] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[ 1091.091642][T30492] BTRFS info (device loop8): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1091.110501][T10543] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[ 1091.138720][T10543] ftdi_sio 2-1:0.0: GPIO initialisation failed: -71
[ 1091.206349][T10543] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0
[ 1091.244906][T10543] usb 2-1: USB disconnect, device number 112
[ 1091.312465][T10543] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[ 1091.387591][T10543] ftdi_sio 2-1:0.0: device disconnected
[ 1091.552158][ T6336] loop0: detected capacity change from 0 to 256
[ 1091.672715][ T6336] exfat: Deprecated parameter 'utf8'
[ 1091.758253][ T6336] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d)
[ 1092.464044][ T6361] loop4: detected capacity change from 0 to 4096
[ 1092.538583][ T6361] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512).
[ 1092.728625][ T6384] Non-string source
[ 1092.856982][ T6385] bridge3: entered promiscuous mode
[ 1092.901934][ T6385] bridge3: entered allmulticast mode
[ 1092.987844][   T56] I/O error, dev loop6, sector 0 op 0x1:(WRITE) flags 0x800 phys_seg 0 prio class 2
[ 1093.033415][ T6398] binder: BC_ACQUIRE_RESULT not supported
[ 1093.039323][ T6398] binder: 6397:6398 ioctl c0306201 200000000480 returned -22
[ 1093.320833][ T6409] loop6: detected capacity change from 0 to 512
[ 1093.401974][ T6409] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1)
[ 1093.503621][ T6409] FAT-fs (loop6): error, corrupted directory (invalid entries)
[ 1094.128800][ T6372] loop8: detected capacity change from 0 to 32768
[ 1094.202179][ T6372] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop8 (7:8) scanned by syz.8.11448 (6372)
[ 1094.302404][ T6372] BTRFS info (device loop8): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1094.386771][ T6372] BTRFS info (device loop8): using sha256 (sha256-lib) checksum algorithm
[ 1094.676742][ T6372] BTRFS info (device loop8): enabling ssd optimizations
[ 1094.699083][ T6485] loop1: detected capacity change from 0 to 1024
[ 1094.729505][ T6372] BTRFS info (device loop8): turning on async discard
[ 1094.773973][ T6372] BTRFS info (device loop8): enabling free space tree
[ 1095.050400][   T12] hfsplus: b-tree write err: -5, ino 4
[ 1095.118774][T30492] BTRFS info (device loop8): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1095.241870][ T6506] loop0: detected capacity change from 0 to 4096
[ 1095.274969][ T6521] netlink: 4 bytes leftover after parsing attributes in process `syz.6.11483'.
[ 1095.340495][ T6506] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512).
[ 1095.397080][ T6521] netlink: 4 bytes leftover after parsing attributes in process `syz.6.11483'.
[ 1095.510642][ T6521] netlink: 4 bytes leftover after parsing attributes in process `syz.6.11483'.
[ 1095.554094][ T6521] netlink: 4 bytes leftover after parsing attributes in process `syz.6.11483'.
[ 1095.605520][ T6521] netlink: 4 bytes leftover after parsing attributes in process `syz.6.11483'.
[ 1095.644351][   T24] usb 2-1: new high-speed USB device number 113 using dummy_hcd
[ 1095.673015][ T6521] netlink: 4 bytes leftover after parsing attributes in process `syz.6.11483'.
[ 1095.720533][ T6521] netlink: 4 bytes leftover after parsing attributes in process `syz.6.11483'.
[ 1095.774833][ T6521] netlink: 4 bytes leftover after parsing attributes in process `syz.6.11483'.
[ 1095.871823][   T24] usb 2-1: config 220 has an invalid interface number: 76 but max is 2
[ 1095.902393][ T6521] netlink: 4 bytes leftover after parsing attributes in process `syz.6.11483'.
[ 1095.911561][   T24] usb 2-1: config 220 has an invalid descriptor of length 95, skipping remainder of the config
[ 1095.951173][   T24] usb 2-1: config 220 has no interface number 2
[ 1095.957858][   T24] usb 2-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[ 1096.006025][ T6521] netlink: 4 bytes leftover after parsing attributes in process `syz.6.11483'.
[ 1096.068766][   T24] usb 2-1: config 220 interface 0 has no altsetting 0
[ 1096.086723][ T6521] bridge_slave_0: left promiscuous mode
[ 1096.111312][   T24] usb 2-1: config 220 interface 76 has no altsetting 0
[ 1096.129145][ T6521] macvlan0: left promiscuous mode
[ 1096.178235][ T6521] ipip0: left promiscuous mode
[ 1096.183111][   T24] usb 2-1: config 220 interface 1 has no altsetting 0
[ 1096.208689][ T6521] ip6erspan0: left promiscuous mode
[ 1096.217212][   T24] usb 2-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[ 1096.247201][ T6521] bridge3: left promiscuous mode
[ 1096.282928][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1096.301484][   T24] usb 2-1: Product: syz
[ 1096.305675][   T24] usb 2-1: Manufacturer: syz
[ 1096.341523][   T24] usb 2-1: SerialNumber: syz
[ 1096.637502][   T24] usb 2-1: selecting invalid altsetting 0
[ 1096.643730][   T24] uvcvideo 2-1:220.0: Found UVC 7.01 device syz (8086:0b07)
[ 1096.709431][   T24] uvcvideo 2-1:220.0: No valid video chain found.
[ 1096.786098][   T24] usb 2-1: selecting invalid altsetting 0
[ 1096.853424][   T24] usbtest 2-1:220.1: probe with driver usbtest failed with error -22
[ 1096.925052][   T24] usb 2-1: USB disconnect, device number 113
[ 1097.050274][ T6611] overlayfs: unescaped trailing colons in lowerdir mount option.
[ 1097.139793][ T5839] Bluetooth: hci7: command 0x2016 tx timeout
[ 1098.973108][ T6713] loop6: detected capacity change from 0 to 64
[ 1099.111602][ T2685] Bluetooth: hci7: command 0x2016 tx timeout
[ 1099.250074][ T6652] loop1: detected capacity change from 0 to 32768
[ 1099.269258][ T6652] diRead: diIAGRead returned -5
[ 1099.663467][ T6746] loop8: detected capacity change from 0 to 1024
[ 1099.749030][ T6746] EXT4-fs: Ignoring removed bh option
[ 1099.886963][ T6746] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1100.019321][ T6746] EXT4-fs error (device loop8): ext4_get_first_dir_block:3538: inode #11: comm syz.8.11542: directory missing '.'
[ 1100.121675][ T6746] EXT4-fs (loop8): Remounting filesystem read-only
[ 1100.345532][T30492] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1100.378660][T24163] usb 2-1: new high-speed USB device number 114 using dummy_hcd
[ 1100.423475][ T6771] loop6: detected capacity change from 0 to 4096
[ 1100.532158][ T6712] loop9: detected capacity change from 0 to 32768
[ 1100.552283][T24163] usb 2-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[ 1100.603628][T24163] usb 2-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18
[ 1100.621839][ T6771] ntfs3(loop6): Mark volume as dirty due to NTFS errors
[ 1100.649583][ T6771] ntfs3(loop6): Failed to load $Extend (-22).
[ 1100.665928][T24163] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1100.685584][ T6771] ntfs3(loop6): Failed to initialize $Extend.
[ 1100.695940][ T6792] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1100.716418][T24163] gspca_main: stv0680-2.14.0 probing 041e:4007
[ 1100.740887][ T6771] ntfs3(loop6): ino=21, The size of extended attributes must not exceed 64KiB
[ 1100.759912][ T6797] __nla_validate_parse: 158 callbacks suppressed
[ 1100.759933][ T6797] netlink: 12 bytes leftover after parsing attributes in process `syz.0.11552'.
[ 1101.021654][ T6807] A link change request failed with some changes committed already. Interface ipvlan1 may have been left with an inconsistent configuration, please check.
[ 1101.199612][ T6815] netlink: 28 bytes leftover after parsing attributes in process `syz.6.11556'.
[ 1101.250870][ T6815] netlink: 28 bytes leftover after parsing attributes in process `syz.6.11556'.
[ 1101.641126][ T6821] loop0: detected capacity change from 0 to 8192
[ 1101.704227][   T24] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[ 1101.779552][T24163] gspca_stv0680: usb_control_msg error 0, request = 0x88, error = -32
[ 1101.828621][T24163] stv0680 2-1:4.0: STV(e): camera ping failed!!
[ 1101.852271][T24163] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71
[ 1101.898023][   T24] usb 10-1: Using ep0 maxpacket: 8
[ 1101.905464][T24163] stv0680 2-1:4.0: last error: 0,  command = 0x0
[ 1101.918799][   T24] usb 10-1: config 6 has an invalid interface number: 2 but max is 0
[ 1101.953632][T24163] usb 2-1: USB disconnect, device number 114
[ 1101.970849][   T24] usb 10-1: config 6 has an invalid descriptor of length 0, skipping remainder of the config
[ 1102.027059][   T24] usb 10-1: config 6 has no interface number 0
[ 1102.077424][   T24] usb 10-1: config 6 interface 2 altsetting 0 has an endpoint descriptor with address 0xAA, changing to 0x8A
[ 1102.141177][   T24] usb 10-1: config 6 interface 2 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[ 1102.198971][   T24] usb 10-1: config 6 interface 2 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1102.268649][   T24] usb 10-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91
[ 1102.324984][   T24] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1102.354239][   T24] usb 10-1: Product: syz
[ 1102.358518][   T24] usb 10-1: Manufacturer: syz
[ 1102.422703][   T24] usb 10-1: SerialNumber: syz
[ 1102.458954][   T24] hso 10-1:6.2: Failed to find INT IN ep
[ 1102.732938][   T24] usb 10-1: USB disconnect, device number 4
[ 1103.053180][ T6825] loop4: detected capacity change from 0 to 32768
[ 1103.108224][ T6825] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.11558 (6825)
[ 1103.206227][ T6825] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1103.275336][ T6825] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm
[ 1103.342360][ T6923] ieee802154 phy0 wpan0: encryption failed: -22
[ 1103.705428][ T6825] BTRFS info (device loop4): checking UUID tree
[ 1103.741513][ T6825] BTRFS info (device loop4): enabling ssd optimizations
[ 1103.778984][ T6825] BTRFS info (device loop4): turning on async discard
[ 1103.812361][ T6825] BTRFS info (device loop4): enabling free space tree
[ 1103.909241][ T6825] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1104.035336][ T6964] loop9: detected capacity change from 0 to 256
[ 1104.091378][ T6969] netlink: 'syz.1.11588': attribute type 21 has an invalid length.
[ 1104.134535][ T6969] netlink: 132 bytes leftover after parsing attributes in process `syz.1.11588'.
[ 1105.085738][ T7021] binder: 7015:7021 unknown command 0
[ 1105.091146][ T7021] binder: 7015:7021 ioctl c0306201 200000000100 returned -22
[ 1105.455446][ T5839] Bluetooth: hci7: command 0x2016 tx timeout
[ 1105.663911][ T7043] netlink: 8 bytes leftover after parsing attributes in process `syz.6.11609'.
[ 1105.785718][   T31] kauditd_printk_skb: 11 callbacks suppressed
[ 1105.785740][   T31] audit: type=1326 audit(1766363139.046:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7048 comm="syz.8.11611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eb978f749 code=0x7ffc0000
[ 1105.920447][ T7055] netlink: 8 bytes leftover after parsing attributes in process `syz.0.11613'.
[ 1105.964053][   T31] audit: type=1326 audit(1766363139.078:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7048 comm="syz.8.11611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eb978f749 code=0x7ffc0000
[ 1106.103765][   T31] audit: type=1326 audit(1766363139.109:290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7048 comm="syz.8.11611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eb978f749 code=0x7ffc0000
[ 1106.243709][   T31] audit: type=1326 audit(1766363139.109:291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7048 comm="syz.8.11611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eb978f749 code=0x7ffc0000
[ 1106.382314][   T31] audit: type=1326 audit(1766363139.109:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7048 comm="syz.8.11611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f0eb978f749 code=0x7ffc0000
[ 1106.499041][   T31] audit: type=1326 audit(1766363139.109:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7048 comm="syz.8.11611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eb978f749 code=0x7ffc0000
[ 1106.577000][   T31] audit: type=1326 audit(1766363139.109:294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7048 comm="syz.8.11611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eb978f749 code=0x7ffc0000
[ 1106.668488][ T7096] netlink: 8 bytes leftover after parsing attributes in process `syz.1.11622'.
[ 1106.691831][   T31] audit: type=1326 audit(1766363139.109:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7048 comm="syz.8.11611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0eb978f749 code=0x7ffc0000
[ 1106.830633][   T31] audit: type=1326 audit(1766363139.109:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7048 comm="syz.8.11611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f0eb978f749 code=0x7ffc0000
[ 1106.939990][   T31] audit: type=1326 audit(1766363139.109:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7048 comm="syz.8.11611" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f0eb978f749 code=0x7ffc0000
[ 1106.968552][ T7107] netlink: 'syz.8.11628': attribute type 1 has an invalid length.
[ 1107.348371][ T7129] netlink: 32 bytes leftover after parsing attributes in process `syz.8.11635'.
[ 1107.408511][ T7129] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[ 1107.821117][ T7149] loop6: detected capacity change from 0 to 1024
[ 1107.838539][ T7149] EXT4-fs: Ignoring removed orlov option
[ 1107.883492][ T7149] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1108.001239][ T7149] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1108.124067][ T7171] netlink: 56 bytes leftover after parsing attributes in process `syz.1.11647'.
[ 1108.348415][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[ 1108.354831][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 1108.396355][T21899] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1108.396802][ T7188] loop9: detected capacity change from 0 to 164
[ 1108.503940][ T7188] Unable to read rock-ridge attributes
[ 1109.126332][ T7230] loop6: detected capacity change from 0 to 1024
[ 1109.447616][ T6035] hfsplus: b-tree write err: -5, ino 4
[ 1109.455511][ T7245] ALSA: mixer_oss: invalid OSS volume ''
[ 1109.837289][ T7269] loop4: detected capacity change from 0 to 256
[ 1109.870350][ T7272] loop0: detected capacity change from 0 to 512
[ 1109.905890][ T7269] exfat: Deprecated parameter 'namecase'
[ 1109.982482][ T7272] EXT4-fs (loop0): revision level too high, forcing read-only mode
[ 1109.992751][ T7269] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d)
[ 1110.040432][ T7272] EXT4-fs (loop0): orphan cleanup on readonly fs
[ 1110.089967][ T7272] EXT4-fs error (device loop0): ext4_acquire_dquot:6986: comm syz.0.11672: Failed to acquire dquot type 1
[ 1110.234322][ T7272] EXT4-fs (loop0): Remounting filesystem read-only
[ 1110.284719][ T7272] EXT4-fs (loop0): 1 truncate cleaned up
[ 1110.314567][ T7272] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1110.343537][ T7299] netlink: 148 bytes leftover after parsing attributes in process `syz.8.11680'.
[ 1110.377352][   T24] usb 2-1: new high-speed USB device number 115 using dummy_hcd
[ 1110.551765][   T24] usb 2-1: Using ep0 maxpacket: 32
[ 1110.584472][   T24] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xA6, changing to 0x86
[ 1110.604437][ T3132] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1110.635290][ T7299] netlink: 148 bytes leftover after parsing attributes in process `syz.8.11680'.
[ 1110.655197][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x86 has an invalid bInterval 0, changing to 7
[ 1110.714141][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x86 has invalid maxpacket 8960, setting to 1024
[ 1110.721694][ T7313] netlink: 28 bytes leftover after parsing attributes in process `syz.4.11683'.
[ 1110.769903][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x7 has an invalid bInterval 255, changing to 11
[ 1110.794007][ T7313] netlink: 28 bytes leftover after parsing attributes in process `syz.4.11683'.
[ 1110.840379][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid maxpacket 59391, setting to 1024
[ 1110.895963][   T24] usb 2-1: New USB device found, idVendor=05ef, idProduct=020a, bcdDevice=91.36
[ 1110.963998][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1110.989746][   T24] usb 2-1: Product: syz
[ 1111.015980][   T24] usb 2-1: Manufacturer: syz
[ 1111.066961][   T24] usb 2-1: SerialNumber: syz
[ 1111.093651][   T24] usb 2-1: config 0 descriptor??
[ 1111.391422][   T32] INFO: task syz.7.10183:32063 blocked for more than 143 seconds.
[ 1111.414464][   T32]       Tainted: G             L      syzkaller #0
[ 1111.478233][   T32] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[ 1111.485290][ T7280] loop6: detected capacity change from 0 to 32768
[ 1111.487692][ T7338] loop8: detected capacity change from 0 to 8192
[ 1111.511910][   T32] task:syz.7.10183     state:D stack:28184 pid:32063 tgid:32061 ppid:23792  task_flags:0x400040 flags:0x00080002
[ 1111.543007][   T24] iforce 2-1:0.0: usb_submit_urb failed: -71
[ 1111.563136][ T7280] JBD2: Ignoring recovery information on journal
[ 1111.568018][   T24] input input89: Device does not respond to id packet M
[ 1111.577142][   T32] Call Trace:
[ 1111.587219][ T2685] Bluetooth: hci6: unexpected event for opcode 0x1004
[ 1111.595229][   T32]  <TASK>
[ 1111.600631][   T32]  __schedule+0x149b/0x4fd0
[ 1111.607072][   T32]  ? __pfx___schedule+0x10/0x10
[ 1111.612697][   T24] iforce 2-1:0.0: usb_submit_urb failed: -71
[ 1111.618836][   T24] input input89: Device does not respond to id packet P
[ 1111.626267][   T32]  ? schedule+0x91/0x360
[ 1111.630791][   T24] iforce 2-1:0.0: usb_submit_urb failed: -71
[ 1111.638794][   T32]  schedule+0x165/0x360
[ 1111.643119][   T24] input input89: Device does not respond to id packet B
[ 1111.651854][   T32]  schedule_preempt_disabled+0x13/0x30
[ 1111.657425][   T32]  __mutex_lock+0x7e6/0x1350
[ 1111.662765][   T32]  ? __mutex_lock+0x5bb/0x1350
[ 1111.667774][   T24] iforce 2-1:0.0: usb_submit_urb failed: -71
[ 1111.674482][   T24] input input89: Device does not respond to id packet N
[ 1111.682098][   T32]  ? comedi_open+0xc0/0x5f0
[ 1111.701098][   T32]  ? __pfx___mutex_lock+0x10/0x10
[ 1111.710019][   T24] iforce 2-1:0.0: usb_submit_urb failed: -71
[ 1111.731895][   T32]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1111.743730][   T24] iforce 2-1:0.0: usb_submit_urb failed: -71
[ 1111.766753][   T32]  ? __kasan_kmalloc+0x93/0xb0
[ 1111.780068][ T7280] (syz.6.11675,7280,0):ocfs2_clear_journal_error:1140 ERROR: File system error 33023 recorded in journal 0.
[ 1111.782390][   T24] iforce 2-1:0.0: usb_submit_urb failed: -71
[ 1111.811358][   T32]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1111.817047][   T32]  ? __kmalloc_cache_noprof+0x3e2/0x700
[ 1111.832860][ T7280] (syz.6.11675,7280,0):ocfs2_clear_journal_error:1142 ERROR: File system on device loop6 needs checking.
[ 1111.833140][   T24] iforce 2-1:0.0: usb_submit_urb failed: -71
[ 1111.857038][   T32]  ? comedi_open+0x8b/0x5f0
[ 1111.871646][   T32]  comedi_open+0xc0/0x5f0
[ 1111.881690][   T32]  ? do_raw_spin_unlock+0x122/0x240
[ 1111.885956][ T7280] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[ 1111.905466][   T32]  chrdev_open+0x4cc/0x5e0
[ 1111.909936][   T32]  ? __pfx_chrdev_open+0x10/0x10
[ 1111.941992][   T24] input: Unknown I-Force Device [%04x:%04x] as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input89
[ 1111.943934][  T989] (kworker/u8:7,989,0):ocfs2_check_dir_entry:338 ERROR: bad entry in directory #4104: rec_len is smaller than minimal - offset=0, inode=4104, rec_len=8, name_len=0
[ 1111.966952][   T32]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1111.988239][   T32]  ? fsnotify_open_perm_and_set_mode+0x113/0x610
[ 1112.031002][   T24] usb 2-1: USB disconnect, device number 115
[ 1112.037071][    C1] iforce 2-1:0.0: iforce_usb_irq - usb_submit_urb failed with result -19
[ 1112.045514][ T7280] (syz.6.11675,7280,0):ocfs2_check_dir_entry:338 ERROR: bad entry in directory #4097: rec_len is smaller than minimal - offset=0, inode=397313, rec_len=0, name_len=1
[ 1112.048570][   T32]  ? __pfx_chrdev_open+0x10/0x10
[ 1112.104156][   T32]  do_dentry_open+0x7ce/0x1420
[ 1112.108409][ T7280] (syz.6.11675,7280,0):ocfs2_prepare_dir_for_insert:4336 ERROR: status = -2
[ 1112.120331][   T32]  vfs_open+0x3b/0x340
[ 1112.134462][ T7280] (syz.6.11675,7280,0):ocfs2_mknod:302 ERROR: status = -2
[ 1112.146715][   T32]  ? path_openat+0x33f3/0x3dd0
[ 1112.178942][ T7280] (syz.6.11675,7280,0):ocfs2_mknod:506 ERROR: status = -2
[ 1112.180997][   T32]  path_openat+0x340e/0x3dd0
[ 1112.204040][ T7280] (syz.6.11675,7280,0):ocfs2_create:679 ERROR: status = -2
[ 1112.222898][   T32]  ? __pfx_stack_trace_save+0x10/0x10
[ 1112.237319][   T32]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1112.248979][   T32]  ? kmem_cache_alloc_noprof+0x37d/0x710
[ 1112.261375][   T32]  ? getname_flags+0xb8/0x540
[ 1112.270672][   T32]  ? __pfx_path_openat+0x10/0x10
[ 1112.281433][   T32]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1112.295372][   T32]  ? __lock_acquire+0x6b6/0x2cf0
[ 1112.305119][   T32]  do_filp_open+0x1fa/0x410
[ 1112.314043][   T32]  ? __pfx_do_filp_open+0x10/0x10
[ 1112.324607][   T32]  ? _raw_spin_unlock+0x28/0x50
[ 1112.336117][   T32]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1112.347989][   T32]  ? alloc_fd+0x64c/0x6c0
[ 1112.361770][   T32]  do_sys_openat2+0x121/0x200
[ 1112.371018][   T32]  ? __pfx_do_sys_openat2+0x10/0x10
[ 1112.376242][   T32]  ? exc_page_fault+0x71/0xd0
[ 1112.391826][   T32]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1112.397486][   T32]  ? do_user_addr_fault+0xc85/0x1380
[ 1112.413130][   T32]  __x64_sys_openat+0x138/0x170
[ 1112.418042][   T32]  do_syscall_64+0xec/0xf80
[ 1112.437729][   T32]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1112.448154][   T32]  ? trace_irq_disable+0x37/0x100
[ 1112.453219][   T32]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1112.475924][   T32] RIP: 0033:0x7fa3a878f749
[ 1112.480657][   T32] RSP: 002b:00007fa3a955e038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[ 1112.500255][   T32] RAX: ffffffffffffffda RBX: 00007fa3a89e5fa0 RCX: 00007fa3a878f749
[ 1112.519923][   T32] RDX: 0000000000000400 RSI: 0000200000000080 RDI: ffffffffffffff9c
[ 1112.539620][   T32] RBP: 00007fa3a8813f91 R08: 0000000000000000 R09: 0000000000000000
[ 1112.551908][   T32] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1112.570110][   T32] R13: 00007fa3a89e6038 R14: 00007fa3a89e5fa0 R15: 00007ffff0527cb8
[ 1112.590016][   T32]  </TASK>
[ 1112.593236][   T32] 
[ 1112.593236][   T32] Showing all locks held in the system:
[ 1112.652443][   T32] 7 locks held by kworker/1:0/24:
[ 1112.671809][   T32]  #0: ffff888140af1548 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x9b4/0x1770
[ 1112.693609][   T32]  #1: ffffc900001e7bc0 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x9ef/0x1770
[ 1112.771433][ T7338] Dev loop8: unable to read RDB block 8
[ 1112.777215][ T7338]  loop8: unable to read partition table
[ 1112.788985][   T32]  #2: ffff888027e43198 (&dev->mutex){....}-{4:4}, at: hub_event+0x187/0x4ef0
[ 1112.799784][ T7338] loop_reread_partitions: partition scan of loop8 () failed (rc=-5)
[ 1112.820360][   T32]  #3: ffff8880b873a918 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x2a/0x140
[ 1112.856893][   T32]  #4: ffff8880b8724588 (psi_seq){-.-.}-{0:0}, at: psi_task_switch+0x53/0x880
[ 1112.876645][   T32]  #5: ffff8880b8724588 (psi_seq){-.-.}-{0:0}, at: psi_task_switch+0x53/0x880
[ 1112.885849][   T32]  #6: ffff8880b8739858 (&pool->lock){-.-.}-{2:2}, at: __queue_work+0x7eb/0xf90
[ 1112.895193][   T32] 1 lock held by khungtaskd/32:
[ 1112.900190][   T32]  #0: ffffffff8df41aa0 (rcu_read_lock){....}-{1:3}, at: debug_show_all_locks+0x2e/0x180
[ 1112.921711][   T32] 2 locks held by getty/5577:
[ 1112.926995][   T32]  #0: ffff888033f500a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[ 1112.939247][   T32]  #1: ffffc9000332b2f0 (&ldata->atomic_read_lock){+.+.}-{4:4}, at: n_tty_read+0x449/0x1460
[ 1112.953994][   T32] 1 lock held by udevd/5860:
[ 1112.958692][   T32] 2 locks held by syz-executor/21899:
[ 1112.965752][   T32]  #0: ffff8880242fc0e0 (&type->s_umount_key#69){++++}-{4:4}, at: deactivate_super+0xa9/0xe0
[ 1112.976849][   T32]  #1: ffffffff8df475f8 (rcu_state.exp_mutex){+.+.}-{4:4}, at: synchronize_rcu_expedited+0x36e/0x6e0
[ 1112.995005][   T32] 1 lock held by syz.2.9734/29768:
[ 1113.000413][   T32] 1 lock held by syz.7.10183/32063:
[ 1113.005689][   T32]  #0: ffff88802f1f98f8 (&dev->mutex#4){+.+.}-{4:4}, at: comedi_open+0xc0/0x5f0
[ 1113.017009][   T32] 1 lock held by cmp/7387:
[ 1113.026919][T21899] ocfs2: Unmounting device (7,6) on (node local)
[ 1113.037993][   T32] 
[ 1113.060990][   T32] =============================================
[ 1113.060990][   T32] 
[ 1113.104319][   T32] NMI backtrace for cpu 1
[ 1113.104344][   T32] CPU: 1 UID: 0 PID: 32 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1113.104377][   T32] Tainted: [L]=SOFTLOCKUP
[ 1113.104387][   T32] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1113.104402][   T32] Call Trace:
[ 1113.104412][   T32]  <TASK>
[ 1113.104423][   T32]  dump_stack_lvl+0xe8/0x150
[ 1113.104460][   T32]  nmi_cpu_backtrace+0x274/0x2d0
[ 1113.104495][   T32]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1113.104525][   T32]  ? __pfx_nmi_raise_cpu_backtrace+0x10/0x10
[ 1113.104569][   T32]  nmi_trigger_cpumask_backtrace+0x17a/0x300
[ 1113.104608][   T32]  sys_info+0x135/0x170
[ 1113.104637][   T32]  watchdog+0xf95/0xfe0
[ 1113.104679][   T32]  ? watchdog+0x20a/0xfe0
[ 1113.104725][   T32]  kthread+0x711/0x8a0
[ 1113.104763][   T32]  ? __pfx_watchdog+0x10/0x10
[ 1113.104815][   T32]  ? __pfx_kthread+0x10/0x10
[ 1113.104844][   T32]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1113.104879][   T32]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1113.104916][   T32]  ? __pfx_kthread+0x10/0x10
[ 1113.104950][   T32]  ret_from_fork+0x510/0xa50
[ 1113.104978][   T32]  ? __pfx_ret_from_fork+0x10/0x10
[ 1113.105000][   T32]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1113.105033][   T32]  ? __switch_to+0xc9e/0x1480
[ 1113.105073][   T32]  ? __pfx_kthread+0x10/0x10
[ 1113.105106][   T32]  ret_from_fork_asm+0x1a/0x30
[ 1113.105159][   T32]  </TASK>
[ 1113.105189][   T32] Sending NMI from CPU 1 to CPUs 0:
[ 1113.252477][    C0] NMI backtrace for cpu 0
[ 1113.252501][    C0] CPU: 0 UID: 0 PID: 7388 Comm: rm Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1113.252530][    C0] Tainted: [L]=SOFTLOCKUP
[ 1113.252539][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1113.252553][    C0] RIP: 0010:set_pte_range+0x577/0x8a0
[ 1113.252590][    C0] Code: c6 58 4c 89 f0 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 f7 e8 3b 1f 19 00 4d 8b 36 e9 c1 02 00 00 e8 be fe b2 ff 4c 89 6c 24 10 <48> 8b 5c 24 10 4c 89 f0 48 c1 e8 03 42 80 3c 20 00 74 08 4c 89 f7
[ 1113.252610][    C0] RSP: 0000:ffffc9000b4af8b0 EFLAGS: 00000287
[ 1113.252630][    C0] RAX: 0000000000000003 RBX: ffff88813ff1c980 RCX: 0000000000000001
[ 1113.252645][    C0] RDX: 0000000000000005 RSI: ffffffff8d9759c8 RDI: ffff88803403bd00
[ 1113.252662][    C0] RBP: ffffea000049dcc0 R08: ffff88801acc543f R09: 1ffff11003598a87
[ 1113.252679][    C0] R10: dffffc0000000000 R11: ffffed1003598a88 R12: dffffc0000000000
[ 1113.252696][    C0] R13: 0000000012773025 R14: ffff8880506af950 R15: 0000000000000001
[ 1113.252714][    C0] FS:  00007fc339debc80(0000) GS:ffff888125e21000(0000) knlGS:0000000000000000
[ 1113.252734][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1113.252749][    C0] CR2: 00007fc339f2af50 CR3: 000000007ff7e000 CR4: 0000000000350ef0
[ 1113.252767][    C0] Call Trace:
[ 1113.252775][    C0]  <TASK>
[ 1113.252793][    C0]  filemap_map_pages+0xfcd/0x1fd0
[ 1113.252834][    C0]  ? filemap_map_pages+0x160/0x1fd0
[ 1113.252862][    C0]  ? __pfx_filemap_map_pages+0x10/0x10
[ 1113.252891][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1113.252921][    C0]  ? __pfx_filemap_map_pages+0x10/0x10
[ 1113.252946][    C0]  ? do_pte_missing+0x11a9/0x3330
[ 1113.252969][    C0]  do_pte_missing+0x20b0/0x3330
[ 1113.252999][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1113.253027][    C0]  ? handle_mm_fault+0xdb/0x32b0
[ 1113.253063][    C0]  handle_mm_fault+0x1b26/0x32b0
[ 1113.253106][    C0]  ? handle_mm_fault+0xdb/0x32b0
[ 1113.253145][    C0]  ? __pfx_handle_mm_fault+0x10/0x10
[ 1113.253176][    C0]  ? lock_vma_under_rcu+0x42c/0x4a0
[ 1113.253217][    C0]  do_user_addr_fault+0xa7c/0x1380
[ 1113.253245][    C0]  ? rcu_is_watching+0x15/0xb0
[ 1113.253278][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1113.253306][    C0]  ? trace_page_fault_user+0x84/0x1c0
[ 1113.253331][    C0]  exc_page_fault+0x71/0xd0
[ 1113.253355][    C0]  asm_exc_page_fault+0x26/0x30
[ 1113.253376][    C0] RIP: 0033:0x7fc339f2af50
[ 1113.253398][    C0] Code: Unable to access opcode bytes at 0x7fc339f2af26.
[ 1113.253409][    C0] RSP: 002b:00007ffc226bbba8 EFLAGS: 00010246
[ 1113.253428][    C0] RAX: 0000000000000000 RBX: 00007fc339e874d0 RCX: 00007fc339fa9487
[ 1113.253444][    C0] RDX: 0000000000000000 RSI: 00007fc339e803ae RDI: 00007fc339e802e2
[ 1113.253459][    C0] RBP: 0000000000000003 R08: 00007fc33a193af8 R09: 0000000000000000
[ 1113.253474][    C0] R10: 00007ffc226bb910 R11: 0000000000000246 R12: 00007ffc226bbce8
[ 1113.253489][    C0] R13: 00007ffc226bbd08 R14: 00007fc339e874d0 R15: 0000000000000000
[ 1113.253517][    C0]  </TASK>
[ 1113.550725][   T32] Kernel panic - not syncing: hung_task: blocked tasks
[ 1113.557593][   T32] CPU: 1 UID: 0 PID: 32 Comm: khungtaskd Tainted: G             L      syzkaller #0 PREEMPT(full) 
[ 1113.568288][   T32] Tainted: [L]=SOFTLOCKUP
[ 1113.572610][   T32] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1113.582671][   T32] Call Trace:
[ 1113.585958][   T32]  <TASK>
[ 1113.588898][   T32]  vpanic+0x1e0/0x670
[ 1113.592902][   T32]  panic+0xb9/0xc0
[ 1113.596639][   T32]  ? __pfx_panic+0x10/0x10
[ 1113.601062][   T32]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1113.606706][   T32]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1113.612348][   T32]  ? preempt_schedule_thunk+0x16/0x30
[ 1113.617739][   T32]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1113.623384][   T32]  ? nmi_trigger_cpumask_backtrace+0x2bb/0x300
[ 1113.629558][   T32]  watchdog+0xfdf/0xfe0
[ 1113.633737][   T32]  ? watchdog+0x20a/0xfe0
[ 1113.638095][   T32]  kthread+0x711/0x8a0
[ 1113.642186][   T32]  ? __pfx_watchdog+0x10/0x10
[ 1113.646881][   T32]  ? __pfx_kthread+0x10/0x10
[ 1113.651480][   T32]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1113.657133][   T32]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1113.662352][   T32]  ? __pfx_kthread+0x10/0x10
[ 1113.666948][   T32]  ret_from_fork+0x510/0xa50
[ 1113.671538][   T32]  ? __pfx_ret_from_fork+0x10/0x10
[ 1113.676647][   T32]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1113.682275][   T32]  ? __switch_to+0xc9e/0x1480
[ 1113.686957][   T32]  ? __pfx_kthread+0x10/0x10
[ 1113.691562][   T32]  ret_from_fork_asm+0x1a/0x30
[ 1113.696437][   T32]  </TASK>
[ 1113.699534][   T32] Kernel Offset: disabled
[ 1113.703925][   T32] Rebooting in 86400 seconds..