last executing test programs:

7.717801806s ago: executing program 2 (id=566):
futex(&(0x7f000000cffc)=0x4, 0x9, 0x4, 0x0, 0x0, 0x400000)
futex(&(0x7f000000cffc)=0x2, 0x9, 0x2, 0x0, 0x0, 0x2)
futex(&(0x7f000000cffc)=0x2, 0xa, 0x1, 0x0, 0x0, 0x2)

6.777002776s ago: executing program 2 (id=573):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_FLUSH(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000040)={0x1c, 0x4, 0x6, 0x201, 0x0, 0x0, {0x5, 0x0, 0x1}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0xc090}, 0x800)

6.776404566s ago: executing program 2 (id=574):
r0 = syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x110, 0x0, 0x0, 0x0, 0x40, 0x28bd, 0x74, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x3, "", [{{0x9, 0x4, 0x0, 0x6, 0x2, 0x3, 0x0, 0x1, 0x0, {0x9, 0x21, 0xa, 0x4, 0x1, {0x22, 0x28}}, {{{0x9, 0x5, 0x81, 0x3, 0x400, 0x0, 0xb, 0xfe}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000040)={0x2c, &(0x7f0000000180)={0x40, 0x8, 0x28, {0x6a, 0xe, "f70ba381030000000000000000cb4fdca0560f920d54f365c5b1d43ee44fbf6fc93f0808251f"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)

5.464239207s ago: executing program 1 (id=584):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_COALESCE_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000580)={0x34, r1, 0x1, 0x70bd2c, 0x0, {}, [@ETHTOOL_A_COALESCE_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'netdevsim0\x00'}]}, @ETHTOOL_A_COALESCE_PKT_RATE_HIGH={0x8, 0x12, 0x6}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)

5.433738878s ago: executing program 1 (id=585):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_FLUSH(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000040)={0x1c, 0x4, 0x6, 0x201, 0x0, 0x0, {0x5, 0x0, 0x1}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0xc090}, 0x800)

5.37565311s ago: executing program 1 (id=586):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = syz_io_uring_setup(0x5ffd, 0x0, 0x0, 0x0, &(0x7f0000000000))
r4 = bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
r6 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r6, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r7=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r5, 0x84, 0x83, &(0x7f0000001000)={r7}, 0x8)
r8 = openat$vicodec1(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0)
r9 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
poll(&(0x7f0000000440)=[{r6, 0x200}, {0xffffffffffffffff, 0x80}, {r1, 0x80}, {r3, 0x4110}, {r8, 0x4}, {r9, 0x4002}], 0x6, 0x4)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000140)={0x1b, 0x0, 0x0, 0x1000, 0x0, 0x1, 0x0, '\x00', 0x0, r4, 0x1, 0x1}, 0x48)
r10 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0xfffffffc, @mcast1, 0x7}, 0x1c)
connect$pppl2tp(r10, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x4, 0x0, 0x0, 0x0, {0xa, 0x4e22, 0xffff, @ipv4={'\x00', '\xff\xff', @empty}}}}, 0x32)
sendmsg$RDMA_NLDEV_CMD_RES_PD_GET(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYRES16], 0x40}, 0x1, 0x0, 0x0, 0x20000800}, 0x0)
syz_clone(0x80000, 0x0, 0x0, 0x0, 0x0, &(0x7f0000003b00)="4757bcf1")
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3)

4.392983092s ago: executing program 1 (id=589):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000280)={[{@acl}, {@dir_resv_level={'dir_resv_level', 0x3d, 0x7}}, {@data_writeback}, {@resv_level={'resv_level', 0x3d, 0x6}}, {@localflocks}, {@heartbeat_none}, {@coherency_full}, {@noacl}]}, 0x1, 0x4421, &(0x7f0000004500)="$eJzs3c9PHGUfAPBnBt63UNsKtYeamLiJTTRqCPSk0kRKaSm0WFNtY7xsF9i26MI2sBgPPeCtiScTD8ZDo4k3Tg0Hr/VP8OKxnpvowYuJSSNmd2eBGXbDSliwzeeTlNl5fu9+d5595jB94kTl9txSbm4pV1jIlWduLp3OfVYuLc8XQ7xPDrp/2tOJOIn9wbly7sIH10+H8NPsL4/X19fXQ1V3aGpoy+s//7g7s/XYEGfqVNtt3tpe+TiEcGLbuKq6Qggf/RhCFEI4m6SNJsfeEMKxUM+7fvfLG7k9Gs2DR8Uz+SdT99aGT02u3l9r/d6jEL4tvfjmrfnfXuka/vX1PeoeAAAAAAAAAAAAAAAAAICn3PjVK9feHxwKD6PQvRptf153PDm2ej52fc+83Pk3CwAAAAAAAAAAAAAAAAAAAP9Rm8//56LjTZ7/H0uOIy3qr7/b+THSORPvXRk7PziU7P8ebct/K0n6/WxX6G+y73t2//ezmfrN93/f3s9uNcbX6LcvRPFA6jyOBwZC+D7Z+P1kdDgulZcqb9wsLy/M7tkwnlrp+Nd3709FJ9nQv934j2ba7/z+/y9s+zZVz2/s3VfsmZaOf1fLcj98EbUV/3OZevsRf3YvHf/uWlrv1gIj9QmgGv+vuneO/1im/U7F/1gIIRdVx5pLzQDVNUw1vdV6hbR0/P9XS0tNnckH2er6/ysT//OZ9g9q/l/J/hDRVDr+/6+l9aRKbF7//fHO1/+FTPsHEf/q+Ff8/rclHf9D9cTuVJHaJ9nu/D+eab9T8b8WJ+M8FqW+AatRPb3V/1dHWjr+PdvyN+//4rbWfxcz9ffr/q/Rb+P+rzH9vxbV7/9oLh3/3pbl2r3+JzL1Oj3/j9TWf+xWOv6Ha2nptXNf7W+78Z/MtN+p+NdWJT2N+G/OJ38fqqd/Z/3XlnT8n6snxltLrNT+1tZ/0c7r/0uZ9g9i/Vcd/0rc2V6fFen4H2lZrhr/n9v4/b+cqdf5+IcwaK2/a+n4H21Zrnb99+wc/6lMvU7H/9VONg4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwFBhNjn0higdS53E8MBDCueT8ZDgcTRdm89Ol8synSyGMJem5cDy6VSpPF0r5uYXybDFfKJXKMyGcT/JPhJ5oqVSu5OcLdy5stNUb3S4WFivTxUIlhDCepL8Ujjbamp6rzBfuhBAubuQ9H5cX79wuLORn5xbfGRwcHAwTG2Poj4qfV4oLlXrv9dwQJjfq9kVbBlfLvrQxliPRJ+XlxYVCqZZ+eUudUnmmUNpSZyrJ+zr0R5XF5YWZQqWYL5VvNfo7SCPJcWzi6odXLw9ty78R1Y+j+zssAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP6lh8NvfxNC6K6fxSGEXJS8iJJ/KQ8eFc/kn0zdWxs+Nbl6f+1xszIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/7ADBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFXfpHaSCI4gD8Ziy09BhWy25nu6KIFq4InkCP4WH0KF7CO1ikSJsiBJJZCPsHtkmq72sezI+Z92AeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyz2+de+vdROR4mp7GfH7+fd/nD+X+n03ff/iDDNyOk8v3f1D3ZR/T6P8thyt2rxPN+uvj5iovZ/Bngz36WDcZ2hu3+bm6/teR8pVRLQlv0k5V9WytwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAHTtwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYgWMBAAAAAGH+1lH0bQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPArAAD//z8QH1I=")
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101142, 0xeaff)
open(&(0x7f00000000c0)='./file1\x00', 0x14927e, 0x6)

3.874750817s ago: executing program 0 (id=597):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=ANY=[@ANYBLOB="140000001000010000000000000000000300000a70000000060a010400000000000000000200000044000480400001800e000100627974656f726465720000002c00028008000140000000010800024000000000080004400000000208000340000000000800054000f4ff080900010073797a30000000000900020073797a32"], 0x98}, 0x1, 0x0, 0x0, 0x20044054}, 0x0)

2.710672204s ago: executing program 0 (id=600):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="02000000040000000400000009"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0d00000000010000040000000100000000000000", @ANYRES32=r0], 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x3, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000004095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000008c0)={{r1}, &(0x7f0000000180), &(0x7f0000000880)=r2}, 0x20)

2.684333265s ago: executing program 2 (id=602):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000340)={0x2c, r2, 0x21, 0x72bd25, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_TX_RATES={0x10, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0xc, 0x0, 0x0, 0x1, [@NL80211_TXRATE_HT={0x4}, @NL80211_TXRATE_LEGACY={0x4}]}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0x24000804}, 0x0)

2.54354823s ago: executing program 4 (id=605):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$HCIINQUIRY(r0, 0x400448ca, 0x0)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0x0, 0x1}, 0x6)
write$bt_hci(r0, &(0x7f0000000540)={0x1, @disconnect={{0x406, 0x3}, {0xc8, 0x3}}}, 0x7)

2.512420861s ago: executing program 2 (id=606):
pipe2$9p(0x0, 0x80000)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
syz_io_uring_setup(0x49a, &(0x7f00000000c0)={0x0, 0x49f0, 0x20, 0x8001, 0x48024e}, 0x0, 0x0, &(0x7f0000000000))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(0xffffffffffffffff, 0x0, 0x4)
socket$nl_rdma(0x10, 0x3, 0x14)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
utimes(0x0, 0x0)
writev(0xffffffffffffffff, &(0x7f0000000680)=[{&(0x7f0000000000)="abece2d4d226b486b0a1f9a9", 0xc}, {0x0}, {0x0}, {&(0x7f0000000480)}], 0x4)
sendmsg$nl_route_sched(r0, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000000c00)=@newtaction={0x14, 0x30, 0x12f}, 0x14}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_PORT_SPLIT(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

2.482697961s ago: executing program 0 (id=607):
syz_mount_image$erofs(&(0x7f00000001c0), &(0x7f0000000200)='./file2\x00', 0x0, &(0x7f0000000000)=ANY=[], 0x1, 0x1f0, &(0x7f0000000440)="$eJzslb+r01AUx7/3Ji9pfW5uLg4+8DmYJqm/lgfPxclB8Edxs9i0VFMrbQZbEPEvcHdzcPFfEKGu/hFSBVEQXdT5SnJvkptqSltbing+0JNv7j09OfeccAKCIP5bPrz/ORU/Dj5VABzFHmy1/tnIfbjm/67y7dGbK5cbT80Xb+2pUy1Gs5d+vglgcslApO6FEELf31PX6+CZvgGO00o3wOAofRscN5UOwHBL6bua7u8oEQbOnX7YanfDwI2NFxs/NvXZ/L4+YWhp+TFtfzga32uGYTDYmLBKKjf5kuVXAQ60/PR+OZDZulr9PHB4StfBcE3pi7DhOE5eEu38x808vjH3/BaWP+SuvvIx6U660p5xNrBkHXfm+MS1Xa0xAPtz719t9m1YRVgorOBlvmXIrbSjW0917QJm8aR/EVDYBtaf4QV7DUPk9aHsX5bqY3lfdO7vzu/y4WLvz6KVz+aneM5wSptPcpQ8Sz4Wtaj3oDYcjc90e81O0Anu+379vHvWdc/5tWQQSVsyA+P41WQ+HZGhY6plvhaz8LAZRQNP2uzelzY/QP4fnsw/jv2TSL4cDMeuzsb9DiB9KFM/nlxjtW+UJk8QBLFFToBlg9NMhfqaqA1LCOH/NvQIgiAIgiAIgiAIgvhn+BUAAP//aA9ZjQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x42040, 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3000002, 0x12, r0, 0xc76ed000)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)

2.341250076s ago: executing program 4 (id=609):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a6c000000060a09040000000000000000020000040900010073797a30000000000900020073797a3200000000400004803c0001800b00010065787468647200002c000280080003400000008c080007400000000e0800064000000a"], 0x94}, 0x1, 0x0, 0x0, 0x8080}, 0x0)

2.341026866s ago: executing program 1 (id=610):
r0 = io_uring_setup(0x3538, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x1})
futex(&(0x7f0000000b40)=0x1, 0xb, 0x1, 0x0, &(0x7f0000000bc0), 0x0)
close(r0)

2.119459153s ago: executing program 4 (id=611):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = syz_io_uring_setup(0x5ffd, 0x0, 0x0, 0x0, 0x0)
r4 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000340)={0x0, 0x0, 0x4e}, 0x28)
socket$inet_sctp(0x2, 0x1, 0x84)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
r6 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r6, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r7=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r5, 0x84, 0x83, &(0x7f0000001000)={r7}, 0x8)
r8 = openat$vicodec1(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0)
r9 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
poll(&(0x7f0000000440)=[{r6, 0x200}, {0xffffffffffffffff, 0x80}, {r1, 0x80}, {r3, 0x4110}, {r8, 0x4}, {r9, 0x4002}], 0x6, 0x4)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000140)={0x1b, 0x0, 0x0, 0x1000, 0x0, 0x1, 0x0, '\x00', 0x0, r4, 0x1, 0x1}, 0x48)
connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0xfffffffc, @mcast1, 0x7}, 0x1c)
connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x4, 0x0, 0x0, 0x0, {0xa, 0x4e22, 0xffff, @ipv4={'\x00', '\xff\xff', @empty}}}}, 0x32)
sendmsg$RDMA_NLDEV_CMD_RES_PD_GET(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYRES16], 0x40}, 0x1, 0x0, 0x0, 0x20000800}, 0x0)
syz_clone(0x80000, 0x0, 0x0, 0x0, 0x0, &(0x7f0000003b00)="4757bcf1")
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3)

1.841626442s ago: executing program 3 (id=612):
unshare(0x22020400)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x4, 0x4, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000008850000007600000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x80)
sendmsg$nl_route_sched(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000005c0)=@newtaction={0x64, 0x30, 0xffffffffffffffff, 0x0, 0x40002, {}, [{0x50, 0x1, [@m_bpf={0x4c, 0x1, 0x0, 0x0, {{0x8}, {0x24, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_PARMS={0x18, 0x2, {0x64, 0x7, 0x8, 0x1}}, @TCA_ACT_BPF_FD={0x8, 0x5, r1}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x64}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)

1.292364539s ago: executing program 0 (id=613):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f00000001c0)={0x5c, 0x2, 0x6, 0x3, 0x0, 0x0, {0x7}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_TIMEOUT={0x8, 0x6, 0x1, 0x0, 0x7500}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0x2}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x16, 0x3, 'hash:net,port,net\x00'}]}, 0x5c}, 0x1, 0x0, 0x0, 0x810}, 0x20004000)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)={0x60, 0x9, 0x6, 0x3, 0x0, 0x0, {0x5, 0x0, 0x40}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_DATA={0x38, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT={0x6, 0x4, 0x1, 0x0, 0x4e21}, @IPSET_ATTR_PROTO={0x5, 0x7, 0xde}, @IPSET_ATTR_IP={0xc, 0x1, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @private=0xe0004000}}, @IPSET_ATTR_IP_TO={0xc, 0x16, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @dev={0xac, 0x14, 0x14, 0xb}}}, @IPSET_ATTR_IP2={0xc, 0x14, 0x0, 0x1, @IPSET_ATTR_IPADDR_IPV4={0x8, 0x1, 0x1, 0x0, @broadcast=0xffff0011}}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x10004893}, 0x80)

1.117163645s ago: executing program 1 (id=614):
syz_mount_image$ocfs2(&(0x7f00000026c0), &(0x7f0000004780)='./file0\x00', 0x2010080, &(0x7f0000000340)=ANY=[@ANYBLOB="6a6f75726e616c5f6173796e635f636f6d6d69742c636f686572656e63793d66756c6c2c6572726f72733d636f6e74696e75652c6865617274626561743d6e6f6e652c6572726f72733d636f6e74696e75652c6e6f696e74722c67727071756f74612c001796fa694353e3807803df5ea6fd4d6e6a2613d336eb62b863dcd89e37b45f8bd04199a14c48b3e553e035ab300ba3c60c27682a8ab5656969d829535c0862f6e3a35f15fe4d50c0d5c74631344625d6224c436474bb101ff47a14c51e342ca291c09c35d9d31b06b6b86cb9dccae387b5f1e7c5e1d445d52845a3fa4c77234ea9d37c8a277c85e69a85cc6ffeb225bebbca91b569b80ee303c9a21c58db5d96fb87f1713e0e9b896e37becae2e7a978259a0847e9fb08dcb8b9f84f616463da2507db1b3489769e99"], 0x1, 0x4703, &(0x7f000000c7c0)="$eJzs212IXFcBB/BzZ1ezmybb/UibpOnHJBFctCybPlXrQ1yrNpo2H9pWU2Wd3Ww3q7M76+6MFgxSgyAKghIEFT+oCqUvtSAG+lKLUPADaRVKRdH6IlKogg8GbaArM3Nvdu6d2d7JTtLS9veDdvaee8+5Z/a/99w590wKseqphdXiwmqxtFSszN6/ekvxc5VybXEuFF4lr/X56c6VyEn2r50j7/vAR+65JYQ/HPvah9bW1tZC3XDo6EDLz+f/fXq29TVRyNSpt9u5taY/1h556edveaUj8pwIIexo61ddXwjhY78IYUsIYSQuG41fB0MI20IIUQjh0d/868cDvXShxdl7X3ju2JnD+85MPf7YMxfmj254YBTCd8u7b55ffHF/323Pv+MynR4AAF7RB48fufvo5IHwZBSGzvW3f17fGb8mn4/vfNun7nq4f33/Gt3pexVDBQAAgIz1+f9w9HKH9bpkZS1ZEnzigRN3PxWt7zexfX07dNeR298/eSBe/43a9t8aF/3zvX2NNdTsum92/XckU7/z+u/6eR7+6rO/XHrr5vuf9C8573CIChOp7UJhYiKEY1PN7V3R1kK5slp95/2V2tLJzZ/3jSKdf3b1fn1Bv9v8RzPV89b/d3/i8z8b7O/lHYyF7F9tfbvY/qdMB+n8Nx7Lf/KlqKv8xzL18vK/4+nt53+1pZd3kD0jlyKdf/NC3Nd6QLE5ANTz/2Z/fv47Mu3n5f/9qXOPntjE93/q48xwVO/rQGoEeDku3+ArTGSk828GkRo641/kRtf//zL5X5NpPy//Oyv/+N3ferj/bzT+j0/10uabRzr/ZhDF1BHr1/9IIf/6vzbTfl7+vz3152c/2dO9uj3/ev/H3f+7ks4/vhGnB8/Gb7Lb8X9npv28/HeN3ffQwib6/eHBuJ9DURhr+dbpufotbGh9vboxpanvXt7ESd4E0vk3f2upS2eo+dK4/ofzx/9dmfbz8n9oz9ffc7qn7/92Hv8njf9dSec/2Ci7lPxfyuS/O9N+Xv4/PP33v9x3mcf/+vZB+Xclnf/Wtv3rz38KXc3/rsvUz3v+s2/0qUf+2sP8P+lfct7k+U/yHGI8aj7/obN0/ldteFy39/89mXp51/+3/vP80/t7Gf+jAU8AepDOf1uzsMMEsNv8r8+0n5f/F+758sf/tIn5X+MT30CSf8v8f0uz/Kjxvyvp/Lc3C1P/GOrBxv8b9/+oPff/ZvK/IdN+Xv4XDk30f+Uy3//r/R/v8Cibdun8hzY8rp7/77u4/9+YqZeX/xf3/vTFm3v6/B/CpLn+pqXzv3rD4xrX/0B+/jdl6uXl/51v/PqJB3vo/9t7qEs2/+a9PnU5xZ/Nu53/FzPt5+X/o/HzZ/dfgfnfre7/XUnn31w1v5T8s/P/vZn28/L/3pEfrPRfgec/d8gfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgU0bj1+EQFSZS24XCxEQIY/H2rrA1mimdnJ4pV2Y/sxrCjri8GEaj+XJlplSeXliqnJybLpXLldkQron37wgD0Wq5Up1eLC1fe7GtwejUXGmlOjNXqoYQdsbl14ftSVszC9XF0nLj2KTOVVHps7VKtTRRW51bCbsvlm9LyudXKrXl6y62dXWhsrJ8qrQ0fXJh5d2Tk5OTYc/FPo9Ecw9U55aqzd4299brJHWHo5Y309h9Q8v5Pl2prSyVyo3yG1vqlCuzpXJLnZtazlddqS3Nlqpz0+XKfHK+YkvdlvfW2L033jceRlLvL6mbdTB+vf3Q8Y8eP3ygbX8xSue9VFucm9ze+W8CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDeuJ29717dDCH3NrUII4WDyQxT/l3L23heeO3bm8L4zU48/9syF+aOdjgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVh535equjiOACfGd/7WiCltBFyGRgiojsJC/pFJJXXyJZtWge1SsigKDCMaFkQBEHtooKgVVD5F0QtXLaqNrVoYRBBxehMXu4IN7zQMed5YDgzzL1nvjBw78z5HA4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD6cXbHYlfWXtq1eWnr7g+hMz/3fwhhNFne/7y3I/SEEL5+mTkdVmkLPU39v5mcGy9fNfm9t3/84fXRZO31F98trtsdknSo4XhnkqZDQ2vvf6O6M/hsejAJIY1dCFEsjD05UwshdMQuhCh+fpy/mP2+/xe7EKLo/3C3K7v/tdiFEMXW3Z/6avkzHtVzvn5hsPG/v9UjeBuP6KxDb09eeZe6qZX3Mn//T/LN+2A1zJ448v557CKIZnZu6mjsGgAAgL/rXIv8P2xZ3r9/OQk93eXc/1tT/t/b1P/q+f+Ke9tvjM20FUJsK41NZsfD+9rpc+M7NXD19uua8Z6qkv9Xm/y/2uT/1Sb/rzb5f7XJ/8m8kv9X0uObexZfxC6CaOT/AABQPYeOT0zVh0eyl/9NPzrLeX1f3tbzPP3BremBRw3jRvLDf9vhYxMHDg6P5Pe9PCC4sv5DunT2ez7fo7ktTDbNu2i1/kPv04X5a53lT9T/cP5GUV9xXes/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC/2J17GgbBKAyj321F1EarogkLPwk+0MCIAKQwowEdTBiAgRBQwEDOWe5NnuUFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnu9f5XXx/aUx0muNSFPZZdf+OZ5mP3PfDsv77HHjVgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjYgQMZAAAAAGH+1nm0HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgKcCAAD//wTsyzo=")
r0 = syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000040)='./bus\x00', 0x2020c1b, 0x0, 0x1, 0x0, &(0x7f00000000c0))
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1a5a438, &(0x7f0000004440)=ANY=[@ANYRES32=0x0, @ANYRESHEX=0x0, @ANYBLOB, @ANYRESHEX, @ANYRESHEX=r0, @ANYRESHEX, @ANYRESDEC, @ANYRESOCT=0x0, @ANYRES16, @ANYRES32, @ANYBLOB="ac2d5b5b8945d57e7869648ebe10b8d2719763b4bf3f6667bf8f722606d2b3593f26218e9a5fba2e7d4166787da71737b380045fb0a682e2915271f214c0112961b73c4638e7ba68deb34826d7682ace7549c83bf52bd9142b6c5adebf82155270d33204c09c07ed4ca2fc932af48646c9624e3e3544d68f61a2b073fb85332599b299a4f441a8e2f74c57aa38b5b596238280c1693bba97ff258679ab84485970b60f81093dda6501baba18a7790ca3e6fcfa12898b9fff3faf613d71f9d64dbd5c2edad8e774fb0da39e532d92164e2d34aff7cae32f3cd7aa9aace000f136323e4808d0c66c0828942def38deb2e1d847555fe0d5ba8084babb3169f9f06246ecd5327758448c9c7e4591da12ff1b084e757d05af4f0f0444ecfcc0c4d2067a98d49fe52412218380bb75e21cd2372404ea0b116b9a1c1e3350b3e6f17c5bd1f1adb4ce1d03d5b30eb0690340708f06dfca5c9d74a7c140cabddd0f37d8bcf15e578dde85d7c28ccb1c9633ceeb54bb278d5a097220ca53a2ea4781aca2b70189199938afba9a700a610225311fe8316794ca0ae139a50dbd34d572d6165eaaa94844620045e615d51f5e19c29aadad3539490961135851f15bbfd0604f3926877583d85c45a04c6f155ad6e1966d2004ab6ab51f9beb82dbcdcaaab886564cbf81b581da397eba4fc8fe430ef93ed613cd588e399669b9f4b63481163e6c2b74112538192be9551ca400bc2b947a535fccbc567a68a3ab94554385bb1f2a0e2146310113102a9ffbcbbf44d30e076d363d6201faecf8bbbbc9d7fcd38195860bbc85ee3f5f9b2c990164abc3a7674ab2a631147d708585f52694a46b681cbc623b53a272f21f2aa5597beec8094954541316cc45ec9751fef12369e7272b7bdcb527bac4a19e0bba1b68ef98e3563705e9ca40bb914cece2fd75c2375b81a06dadcdb1c54a175855e30c3d9ca58ca873e43d703b1471526fb3dfe12e140b81df3afae6104e5ffa4e8585b456a7199c75c5abc7afeca743fce310df09062f20b9a99fac5d019338d98606805f4faad9cc81ebf03b7239a340c973828b676af4e594d796689f9823730c5ead8dba256925869ab0d7196a99b75a15f9927852d7813aa5a4cb76764749e882d59c094c5ebd1911153150e8d53aa8abbf360a4045b63e0e296d03158de8aa02b5aeb459dcdc6b9d5aa8c0e455e7cb6a5d9b26ee5420e41d89590a0c04ca8701a6a386716a32e04102f281f66317a21940c0cf83e128f4f83bdf6770170d74d43f3b1f4c0bb5e8c69254e0bfd15c6d02596bf3b547e5b9b8e84390455a9c4b00b633c661616aca4a4158868be21633f343155996eaff00c2c347fea03c6f06e7adcd83cf320e3a446d07dba202e5960632560da8a3b60efe5a814a5cb2a4ff0842fff23897b583b381e5030e506caef8dc97bef9532111e3eb3621870ec39fe2351d3814a02d2f9e38aac1f0897f32ddbffdc6e0acdea95ff7f67865daae1130f68f00985682ecefc43fb6f8521514923b5cf3560be0739aeb4eb00b389d39ebb9b974e054120fcd48c0d6bc09441c2c19f41bdfceed01a3b686921500fae88795f216794d21dd3a98f2fdb5a1590e0cbdc5cd9593b164e255131c21f22ed7e7ed4ec83db91f8bf5f327d7222be1e470a7c0d0a657c73ad606f2ef0c59d3c118c601d23d67ee16ce3658c9153b8131f06c1e4f83c49dbe6dbc3478b1313b9221bc4c5eadebfd16cd07afde509f2e926fcfd5f8feabe836f4080ea5e65c1e4d859f16ac45ad8c804eb9ecce363faf19c1409d8192a644823578ccfd5b643478eb948223676d375f811fffa874f7c2a281104a28baf4da2716ae870abb3e0f05e63466176356728a700fe39ebb62bdbff139fdbf21520022984dc6d3eed1d81b94f28a07cc238ccb64d65e87534c0111bb76212368c6e8e9a536e758fa2f16a2cab9d31984055488b27bcff12bcc5a0fe21a0e44edfb87c681060e6944ff89dce4a9c7122c53acc27913a5fbf15c9ada971df88f0df3f82eb563f63c640ad6e39a1f5c1aad83c364957ec6d645f4243d1fb4ecef275d4c0ca0284064cde0c282d793f290bab5a4dec15f3e2adcc9d455d2e28bd040d6e0f651ac6f20f55d1303d2aaef2104b393afc849e9cd7743ca20a6f092cbf42a67446892493128d38bb0d0f507ffe3fd718ec48eff58df729728bc01ee180d676dfa22c81da0e4e3fda94f4f94195bc82e1f941d8a290ca0d416373d420eba196470e4f25940506061c601f12b3656d6d6b3a47e50d5235b7fd0f82bb0835aee3470b69bf7e59616ece447d9af36c396f687214ff7d7e27961f461c780b4c563aeb47fa9f335cbdade8a06711ba79b6fe8778ac1bc06bb59131c17409c1d1d0cc746aec8c3b1348f9585945192d8e32002c676753ab246a92702fc8e3a3ce89b84661b1b10dcd73fddacd311ca663d483b87a59225f60627eecf409d6188236b198633d47c5f1c0ba0bb4321aac88a6061d5e97883914cd74284ab937b9579ccee6ab5bb39f6274a04e3e7a8c3d033e340357bc15c5f6daa047b1cee448ac380bbde4bf806b0891a04b9e408609b040b7d3a02d2a76d4013756d79244792c543fe2327a3c371852bed5ab54de987bc4699b32ad1c08f7fff7a23069e722f5d78742d622d4ccbc1a7bddc9a590b2c707bac3957d46b657a4e17f1914db58fb6436bdd58b86df491016a2b9ebe0c35a859b216f17f4828c8dee30a38ed1fc36347af978999d0c404313cf99c9281c45194abd79475a80ea1486840aad72b1c0c4f17fe35a150fcb574fa9fcc09a7fc5dcd34e15d4bf1bccfa8bf423d2437e2eb0d3ca9324fbfc7e256b862c50ebc8db3fb69f69003d37807af8ddccf2d929ad9d06ebbb7e538d93bb0b7bc828e1639e0b5e89c22badca307ad28183c3083e87c917feb4c882397d397ea2e7ff0e05ebb252940302cdc0f0f7efe40685f7c3e8923e3795d70d69c70d9a071e401cee771f29dcb5316471768464c4659f2c76d11713ab44f4c944a4819deb1248b02457403e9630aaf4a180e9e55bb4d291e9a2bc85a1ed17f906d54935c7e5e8b707ead56284fda0208bd88ab5c3259bd5329c0d26653eb07b6856ad799fd6fa8d2111da3970ff8509bc2ef3a8813d04f36001526b70757646ed4bf25a256751b8ec714f2e62dea19e82aacec389195532bf7f335afae4351adb93c846e22f1f2a3e0d620d81688bd5530e389f2284b3c997d4abab7c30aac1b141425cd9aa315dc5a5e8b04fd503d79896b1494d8be48048c7392fc92c325b76bde4496c49da34c9ff95969bec8f95c356239d5336907957383b12c512fff6d797097a26a5aee9251bae940ef1a19b3f746396300d3baeb476b023f740ed7c1da92fdbf1834c3a882a6079885b933333d0e194cc1f25a06c3a2d370936886cb385d9861d6762c7416a1db5275228b6499cdef9767fb998d43251b963bc4477b2c051b70a0317de5f6ec3158914145bd036ff194df9722d2a3d2ac2397891b573a34ad16236cdc7ca77bc15f0fdbc3cae923d61633a42bab450a80cf3ee6580e792b1617d74fa189d450a64ca12d8c797698208ea61010b6072885b762af598159621f838ebacc00ea11f5924b39b2bbbc5c7d667871ce32e9aa75893a9fa13a2ffe66b360e266446259a8745addb4e186139d86d4e8d48537ac35029b0d87c03e8c1a9b9a422594496feda8bc5502777428fe737198ed896c2128a4f7d552f2eea8fef6e68feaf3cbfd549e622eea7bc988bb16fc49b7ab241426f2e40edcca07d4f947ccb1d3b8c2e9cb14a0c04495dbb75bd9c935f36bfe398455b0e5f927d5726e617c69ca81fe36c3e6ea510c5fe4735161c992f9ebf66727e5a7ded590061d4da3b86b996846a6bb102e47d33465d88a68644c8a76a770d5e0318e6c301e7c7f5575bf15a9589b32cfaa41ee15972488497195a2cb49a6b6f937a8e311e34d311dfd4fe222d3abc095b0b24a1b7193eb3353def0cc1511c8fce9b0a7867ae2fed4db93009646dc91a3745387cbe61b37f749b40d5d38970856b7ab8b6e1e0b81c078c68cb55c57854b8b5863b7a4c87f42e6d6dca2de0326b1b26970168c99f59816877448e7f72626f5354fdb5e033cd6b42e9476665efae66287e656590d1f80b3a09557a57d7de4bade6a122d40a92db1d347463b74151d44a02dbe067259c633b8c84425e77a736fca99f06d0fd66e35365511ec017537f4c212e7f2e23369958c3a7b92feffad9edb12139f1f690f9512725c0a1a164e78b4130c91fd3961df91c1a11783c24b03bcf305fd0e14e6510f4d58cf73326e94f2bc1b1ab295297bee7a98b77afe483a7d66e780d5e111b4202285f580ce571ecc0985501faa0e9f2f5b9848d770d8d8ad7b90a951f83279073e45a0c7abcf89cd6200f7fc320e46ea3de2addee3a984432501063f9928d0897d93dde20fe8ebe4dabc1ac34b0efdb3d7c7b4d49571ea64252d7209ff6d0ae5b95ef35d8160c5976f7ed9c4b69db81a73f6d00fd254c417696d6af694f3688826cc04db8019f2419fa99e47dc436fd76890b5291cd2724717a1e604e6cb5e214235664e8c7148c2bd87996c05bcfe1f29200f40a0d766df3ddc6faef82fb34d385f90b8f0e4bb7ba519e7986735c169cb3546d62fb70fbd49eec4edd70397d2fcbfdb9cd87331fce3c9786b7090501b904c8f925a1dbfa151a18e6c145ebb74da7100de60a627100d6c04ce789a7d4e88692cb090fd9ff2006e5ddb870f5b2aa502081eb7a26744de9a0d29a66ef18eb097e1d396561078e3f9258046a3a3e9b5878964d71b526755084f385d9777b2ab503f9d77c09a46004b5005f69eedee80edd87dd17f2292eba00f71dedb010b7b003a8400f6b44d63559a10bc0052c678ac8ed9658aff4f858778ebb60cbaf53d82248a260c7255f943711e8ac31a4b7a4694dcdace3be25ea43bdc9dfd52d369292d8d7581a6979d1b8ad543baeb9296907e0926025f4c3597e98e2eacd048a5dedd0e9dabc3268ed35a91c6180908af07a95bf374573c7b4f611eb30bbb5f1721a6550f483dcaed51d84fdaa5c6a52d7c4d04ca4edfd2884483c2d5aaebf6f06c6fff8bff813923ac8c6edd0eadefab938442ff09b1b3ff926c963d67a01cccbd86cb69bb5e5a4adca82110f87d3ee7800b14412b48cd94feacbaa9c1921e816d0287ad1198b94fd6de314912b79938a0d00ef5968ca4cb506afa1496ce4886c8c44955a92c9d2395f108a357e240511cc7e6548ac4174e5b52cc1f03ea8fa8268a7283e9cd25518cc71114869537891b64337222f04c111407bc2c8777f1132e1b294ec533610fd1ae3b4aa7e20c315d87aeed3a19151677e04173fbd55e88669f515dea19c8b99f8d7e829734f615a9b95e278fec62cf2d1a37d535ef71996530c62e65bb6fde625447e9122cfd947d7032c7580bfa5286bdde0bd9c4f0c63cbceddc302e1daef7f27bf289f72456802560e4477b27520b45f3a39e787824f169b3fa0ec7fba1c37f4499d43a9cdca7595f3e9ab74223c34819b260130d8a7613653101cc9a6e236ac01965356c90814c632ed421a62654a457ccc66040026451610b94898d13292cf2096fc1744b8fe67cebbcee0a3830be987694e593d732f05e3c6503a71173dc9870c3eca017318b628dd651232ea1c424a98b394188c8b8dbf30d69f1976219fd5b1975f8deebabeca970581f011f428c164bb35e0d6be187a5a2887d6bb0889c41c5c24d0b173f05db5d3a9e50318b448b3c8c53e8afceede4caf8850d585d4134559a6abbee463da46f316c3faeffa30fec0b35fff3f320b99e805fa2d3d179fe0d9a40e8b5a3df3d5fea5e743163c8a21eb10b84046c95b735e5c727336666c9922041490702d1e17c8b", @ANYBLOB="4b5b40505ce4295c79dcaf712107d5772e50bc7e91c4501e03e44ce7c98e30df04de10ee861097fdc0244296b0cdb9fb091e8872149bc55fc3de32d9bc67139102c0c51604fa", @ANYRESDEC, @ANYRES8], 0xd, 0x0, &(0x7f0000000000))
rmdir(&(0x7f0000000080)='./bus\x00')

1.111033465s ago: executing program 4 (id=615):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000ab4000000060a0b0400000000000000000200000088000480240001800b000100736f636b6574000014000280080002400000000308000140000000024c0001800b00010065787468647200003c000280080002400000007508000340000000590800064000000002080006400000000108000440000000b905000200070000000500020007000000140001800a00010071756f7461000000040002800900010073797a30000000000900020073797a32"], 0x17c}}, 0x40880)

951.41337ms ago: executing program 4 (id=616):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2000000000001)
ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f00000001c0)={0x2, 0x0, [{0xd, 0x7, 0x0, 0x22, 0x1, 0x3, 0x3ff}, {0x1, 0x1, 0x0, 0x6, 0x80000001, 0x1ff, 0x7fff}]})

948.64088ms ago: executing program 3 (id=617):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)={0x2c, r1, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_TX_RATES={0x10, 0x5a, 0x0, 0x1, [@NL80211_BAND_5GHZ={0xc, 0x1, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x4}, @NL80211_TXRATE_HT={0x14}]}]}]}, 0x2c}}, 0x0)

888.064682ms ago: executing program 0 (id=618):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000b80)=@delchain={0x144, 0x65, 0x300, 0x70bd27, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x2, 0x2}, {0x0, 0x1}, {0xd}}, [@TCA_RATE={0x6, 0x5, {0xb, 0x40}}, @filter_kind_options=@f_basic={{0xa}, {0x10c, 0x2, [@TCA_BASIC_EMATCHES={0x20, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0x18, 0x2, 0x0, 0x1, [@TCF_EM_CANID={0x14, 0x3, 0x0, 0x0, {{0x401, 0x7, 0xf}, {{0x4, 0x0, 0x1}, {0x0, 0x1}}}}]}, @TCA_EMATCH_TREE_LIST={0x4}]}, @TCA_BASIC_EMATCHES={0xe8, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_LIST={0xe4, 0x2, 0x0, 0x1, [@TCF_EM_META={0x44, 0x2, 0x0, 0x0, {{0x9, 0x4, 0x600}, [@TCA_EM_META_LVALUE={0x4}, @TCA_EM_META_LVALUE={0x14, 0x2, [@TCF_META_TYPE_VAR="419892b8b4ad", @TCF_META_TYPE_VAR="6762ab8b52fbbf7a5d28"]}, @TCA_EM_META_RVALUE={0x1d, 0x3, [@TCF_META_TYPE_VAR="df504b", @TCF_META_TYPE_INT, @TCF_META_TYPE_INT=0x1, @TCF_META_TYPE_INT=0x9, @TCF_META_TYPE_VAR="4f65f6c06d4b55b3f0da"]}]}}, @TCF_EM_IPT={0x14, 0x3, 0x0, 0x0, {{0x6, 0x9, 0x7}, [@TCA_EM_IPT_NFPROTO={0x5, 0x4, 0x1}]}}, @TCF_EM_META={0x28, 0x2, 0x0, 0x0, {{0x8, 0x4, 0x6}, [@TCA_EM_META_HDR={0xc, 0x1, {{0x1}, {0x7454, 0x3}}}, @TCA_EM_META_HDR={0xc, 0x1, {{0x4, 0x9, 0x2188e8564924fac6}, {0x8, 0x5}}}, @TCA_EM_META_RVALUE={0x4}]}}, @TCF_EM_META={0x60, 0x1, 0x0, 0x0, {{0x8001, 0x4, 0x5}, [@TCA_EM_META_RVALUE={0x4}, @TCA_EM_META_LVALUE={0x16, 0x2, [@TCF_META_TYPE_VAR, @TCF_META_TYPE_VAR="3b9aa19a5093e4d1c834", @TCF_META_TYPE_INT=0x9, @TCF_META_TYPE_VAR="ae2e", @TCF_META_TYPE_VAR="0795"]}, @TCA_EM_META_RVALUE={0x19, 0x3, [@TCF_META_TYPE_INT=0x7, @TCF_META_TYPE_VAR="2a969cd4", @TCF_META_TYPE_VAR="c5a29d0983a38c474fe4", @TCF_META_TYPE_VAR="b3690e"]}, @TCA_EM_META_LVALUE={0x19, 0x2, [@TCF_META_TYPE_INT=0xa, @TCF_META_TYPE_VAR="14", @TCF_META_TYPE_VAR="ccbcd1cc4e2b", @TCF_META_TYPE_VAR="92d1", @TCF_META_TYPE_INT, @TCF_META_TYPE_INT=0xa]}]}}]}]}]}}]}, 0x144}, 0x1, 0x0, 0x0, 0x40008c5}, 0x20000080)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})

817.427554ms ago: executing program 3 (id=619):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r0, &(0x7f00000009c0)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x21}}, 0x10)
r1 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08061cdc030ec0800000000600004e2100e2ffca1b1f0000000004c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec08120800030006010000bdad446b9bbc7a46e3988285dcdf12f2130809d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff000000000000000000", 0x89}], 0x1}, 0x0)

812.966445ms ago: executing program 0 (id=620):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
ptrace$ARCH_SHSTK_ENABLE(0x1e, r0, 0x0, 0x5001)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
madvise(&(0x7f00002e5000/0x400000)=nil, 0x400000, 0xf)
syz_open_dev$sndctrl(&(0x7f0000000000), 0x1, 0x0)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$SO_TIMESTAMP(r3, 0x1, 0x3f, 0x0, 0x0)
close(0x3)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000100)=ANY=[@ANYBLOB="2c00000001040102000000000000000001000003080003400000000705000100010000000800044000000d13ff7e2de4280a0d96e69c146ed82895085717834110cff112b36d07192e22fad9ec92ed17f14394096262af169156be1cc148c63df00f52520a04af308bb95fbb9e938c6a"], 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x840)
syz_mount_image$hfsplus(&(0x7f0000000a40), &(0x7f0000000180)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2010410, &(0x7f0000000000)=ANY=[], 0x1, 0x694, &(0x7f0000000a80)="$eJzs3UtsHGcdAPD/rNdrbwip2zptQJVqNRIgLBI7lgvmQkCALNFDVQ6crcRprGzSYm+RWyG6vK899IpUDj4gcULiHqlcuMCth158rITEpRcMl0UzO7PvTXbz2nX7+0Wz3zfzzXyP/7z2EWsC+NzaXo3y3Uhie/WVw3T++Gijdny0cbvIR8RCRDQiyhFRiojkP81m88OIqxFJu5qkL42Y723n/b2t1z769PiT1lw5n7L1Sz3bPZBGPsVKRMzl6aOq79pD15e0R3g1Ii7mKUxdepo2e/z072dbJZWeFavDtl58Mp0EHqukdd8csBRxJj/R0/cBrbti6559qjWm3QEAAAB4Ap46iZM4TM5Nux8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwWjQ6z/9P8qlU5FciKZ7/X8mXRZ6fLS/ef5VSV/7u4+wLAAAAAAAAADyIhck3efEkTuIwzhXzzST7efylbGY5e/1CvBUHsRv7cSkOYyfqUY/9WI+Ipa6KKoc79fr++hhbXhm65ZUxx1YdKBlcAgAAAAAAAACfP7+K7c7v/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAuSiLlWkk3LUW4tXopSmluMiEq6oBHxzyJ/mt2ddgcAAADg4VWHLVzoyj91EidxGOeK+WYSyxHxXPb5fzHeijtRj72oRy1243r2nUDrU3/p+Gijdny0cTudBtv47r8n6mdWY7S+exje8oVsjWrciL1syaW4Fm9ELa5HKdsydSHvT1FrX79+mfYp+U5uzJ5dz9N05O/l6YB3JxrsKPf+MuXWYp6Zy9OlLCLz7Yis5X1Lo/F0sWfae6ini8XemR+vY/0trUep3dnlvpb6BtGJ+eJ4baXO5Gk6nt+NivlU9EQiG1Hn6HtuIOZ9vvrXP//kZu3OrZs3DlZnZ0jjKQ66ZvZaHTwmNroi8fxnORID1rJInG/Pb8cP48exGivxauzHXvwsdqIeu7ES389yO/nxnHSd8iMidbVn7tURHWhfvCv5EdraWZP16aVs23Ox174ovJz9uxLr8c3YjM3Y6trD5++9h7OzvjTiStv84tBRXPxanknvWb8fde+aijSuTxdxTaLnmruUlXUv6UTpmTGiNOH9qPzl/BxM2/h1ns6G/kisd0Xi2XtH4o/ZkA5qd27t39x5c7zmnnkvz6Tn0W9n6i5Ryc+h1m8nvUdHeiw9O7RsPStbbpeVBsrOt8taZ2oj3ojrsTvkTK3k7+EGa7qSlT0/tGwjK7vQVTbs/RYAMy29HZ75+plK9V/Vf1Q/qP6merP6yuL3Fr618EIl5v82/+3y2txXSi8kf4kP4hedt5AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCDO3j7nVs7tdrufk+mUWs2m+8OLXrYzMcf/yl7wNOjr3mcTPE4syfY6JfORtx35bNTicZDZ5Jk3JX/22w28yXJo+tGKR7PuJq5WYnzNDLTvS4Bj9/l+u03Lx+8/c439m7vvL77+u6drc3NrbWtzZc3Lt/Yq+2utV77t5rgma7AzOrc9PtL/jCdDgEAAAAAAAAAAAD3NfR///8vHtlfESTTHiAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABw6m2vRvluJLG+dmktnT8+2qilU5HvrFmOiFJEJD+PSD6MuBqtKZa6qktGtfP+3tZrH316/EmnrnKxfmnIdj+YbBSNfIqViJjL08KPxqqiPLK+a/2lE0vaI0wDdrEIHEzb/wMAAP//oBkKiA==")
syz_open_dev$sndpcmp(&(0x7f0000000b00), 0x0, 0x0)
r5 = socket$inet(0x2, 0xa, 0x37c8)
getsockopt$sock_buf(r5, 0x1, 0x1c, 0x0, &(0x7f00000002c0)=0x10)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000080)={0xaa, 0x4})
ioctl$UFFDIO_WRITEPROTECT(0xffffffffffffffff, 0xc018aa06, &(0x7f0000000280)={{&(0x7f0000696000/0x2000)=nil, 0x2000}, 0x4})
rename(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000280)='./file0\x00')
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCGWINSZ(r6, 0x5413, 0x0)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x40000, 0x0)
ioctl$PIO_UNISCRNMAP(r7, 0x5453, 0x0)

775.911026ms ago: executing program 4 (id=621):
r0 = syz_usb_connect$hid(0x2, 0x4a, &(0x7f0000000000)=ANY=[@ANYBLOB="3f010000000000400b060a7000000200000109022400010000000009040000010300000009210000000122050009058103"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000200)={0x2c, &(0x7f0000000080)={0x0, 0x0, 0x8, {0x8, 0x10, "0b93f08482b8"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)

652.190479ms ago: executing program 3 (id=622):
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000000)='./file1\x00', 0x801, &(0x7f0000000240)=ANY=[], 0xff, 0x252, &(0x7f0000000540)="$eJzsmb9rFEEUx7+zu7d3hAS0sLE5i4ARkr3dPZU0gloqgpCIWh5mDTGTnNxdkTvwR7Cx8Q/wb7DWIoVY2NmIhZVFDAQstLRRcGR+Zed+rTm4zvcp5t68eTPvvZndN3ALgiD+Ww6+/tx/cXV5dRHALOZRNvpvfm7jOfZfXvolI77f9rA3uB4DIETeD/7hPwTw7ooPPNXLCvFLuOPzZs1V4QMVrbsFD+fM+G0wRDZWIdFiBoa7Rv3AkW3w4Bm71+Rr9zd4FssmkU0qmzog+uL/scuwBu1eemBOfO1ub7PBgWtMCTxraQ0vCevHasYKwdE6PAtG2BTtX4CDfXlCl5wtkOd15/mzXdmPjD6Gp/ZSksBDYg6mDoYVo19GGVEUVU03S5z8Twf5+r4+Nid/J9xKUbaV4o2YtnByqdDGJjHGxj74ztBbIzw+hDPEUBzGH3GsmIUQTyZJMBx3BNMQ7Dt/zFnSdHIXXnV4Vphr5ga9N0dsQm9z8RUwUYKs3cUJnZ7WMHOUl03SH4ZnHU77Ed1zNY8GbUJM0Zetm0NDn2Y4v2E1qLS7H6+boVN965zpfwuOhLDoIcnrJwuAs8aUQYjAuRVqna2HtXa3t7Sx1VjP1rPtNK1fjM/H8YW0pmqzbgvqX0XVpxmn/pX0lTFgJ52H2Gl0Oq1kB+i0ktD209eqdSruypvmdzXPU/XPw8JvIcz1UlJpl0fHo+6/sp7HVG/BHxs8QRAEQRAEQRAEQRAEQRBEAdXP+tf8dT03i6pnPoTpD1ViNEF6U034GwAA//89J0vl")
syz_open_dev$MSR(0x0, 0x0, 0x0)
readlinkat(0xffffffffffffff9c, &(0x7f0000000300)='./cgroup\x00', 0xfffffffffffffffe, 0xfe9c)

365.666199ms ago: executing program 3 (id=623):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000000)={0x1, 0x0, [{0x26f, 0x0, 0x8000000}]})

174.976334ms ago: executing program 3 (id=624):
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
ptrace$ARCH_SHSTK_ENABLE(0x1e, r0, 0x0, 0x5001)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
madvise(&(0x7f00002e5000/0x400000)=nil, 0x400000, 0xf)
syz_open_dev$sndctrl(&(0x7f0000000000), 0x1, 0x0)
r3 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$SO_TIMESTAMP(r3, 0x1, 0x3f, 0x0, 0x0)
close(0x3)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFULNL_MSG_CONFIG(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000100)=ANY=[@ANYBLOB="2c00000001040102000000000000000001000003080003400000000705000100010000000800044000000d13ff7e2de4280a0d96e69c146ed82895085717834110cff112b36d07192e22fad9ec92ed17f14394096262af169156be1cc148c63df00f52520a04af308bb95fbb9e938c6a"], 0x2c}, 0x1, 0x0, 0x0, 0x80}, 0x840)
syz_mount_image$hfsplus(&(0x7f0000000a40), &(0x7f0000000180)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2010410, &(0x7f0000000000)=ANY=[], 0x1, 0x694, &(0x7f0000000a80)="$eJzs3UtsHGcdAPD/rNdrbwip2zptQJVqNRIgLBI7lgvmQkCALNFDVQ6crcRprGzSYm+RWyG6vK899IpUDj4gcULiHqlcuMCth158rITEpRcMl0UzO7PvTXbz2nX7+0Wz3zfzzXyP/7z2EWsC+NzaXo3y3Uhie/WVw3T++Gijdny0cbvIR8RCRDQiyhFRiojkP81m88OIqxFJu5qkL42Y723n/b2t1z769PiT1lw5n7L1Sz3bPZBGPsVKRMzl6aOq79pD15e0R3g1Ii7mKUxdepo2e/z072dbJZWeFavDtl58Mp0EHqukdd8csBRxJj/R0/cBrbti6559qjWm3QEAAAB4Ap46iZM4TM5Nux8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwWjQ6z/9P8qlU5FciKZ7/X8mXRZ6fLS/ef5VSV/7u4+wLAAAAAAAAADyIhck3efEkTuIwzhXzzST7efylbGY5e/1CvBUHsRv7cSkOYyfqUY/9WI+Ipa6KKoc79fr++hhbXhm65ZUxx1YdKBlcAgAAAAAAAACfP7+K7c7v/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAuSiLlWkk3LUW4tXopSmluMiEq6oBHxzyJ/mt2ddgcAAADg4VWHLVzoyj91EidxGOeK+WYSyxHxXPb5fzHeijtRj72oRy1243r2nUDrU3/p+Gijdny0cTudBtv47r8n6mdWY7S+exje8oVsjWrciL1syaW4Fm9ELa5HKdsydSHvT1FrX79+mfYp+U5uzJ5dz9N05O/l6YB3JxrsKPf+MuXWYp6Zy9OlLCLz7Yis5X1Lo/F0sWfae6ini8XemR+vY/0trUep3dnlvpb6BtGJ+eJ4baXO5Gk6nt+NivlU9EQiG1Hn6HtuIOZ9vvrXP//kZu3OrZs3DlZnZ0jjKQ66ZvZaHTwmNroi8fxnORID1rJInG/Pb8cP48exGivxauzHXvwsdqIeu7ES389yO/nxnHSd8iMidbVn7tURHWhfvCv5EdraWZP16aVs23Ox174ovJz9uxLr8c3YjM3Y6trD5++9h7OzvjTiStv84tBRXPxanknvWb8fde+aijSuTxdxTaLnmruUlXUv6UTpmTGiNOH9qPzl/BxM2/h1ns6G/kisd0Xi2XtH4o/ZkA5qd27t39x5c7zmnnkvz6Tn0W9n6i5Ryc+h1m8nvUdHeiw9O7RsPStbbpeVBsrOt8taZ2oj3ojrsTvkTK3k7+EGa7qSlT0/tGwjK7vQVTbs/RYAMy29HZ75+plK9V/Vf1Q/qP6merP6yuL3Fr618EIl5v82/+3y2txXSi8kf4kP4hedt5AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCDO3j7nVs7tdrufk+mUWs2m+8OLXrYzMcf/yl7wNOjr3mcTPE4syfY6JfORtx35bNTicZDZ5Jk3JX/22w28yXJo+tGKR7PuJq5WYnzNDLTvS4Bj9/l+u03Lx+8/c439m7vvL77+u6drc3NrbWtzZc3Lt/Yq+2utV77t5rgma7AzOrc9PtL/jCdDgEAAAAAAAAAAAD3NfR///8vHtlfESTTHiAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABw6m2vRvluJLG+dmktnT8+2qilU5HvrFmOiFJEJD+PSD6MuBqtKZa6qktGtfP+3tZrH316/EmnrnKxfmnIdj+YbBSNfIqViJjL08KPxqqiPLK+a/2lE0vaI0wDdrEIHEzb/wMAAP//oBkKiA==")
syz_open_dev$sndpcmp(&(0x7f0000000b00), 0x0, 0x0)
r5 = socket$inet(0x2, 0xa, 0x37c8)
getsockopt$sock_buf(r5, 0x1, 0x1c, 0x0, &(0x7f00000002c0)=0x10)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000080)={0xaa, 0x4})
ioctl$UFFDIO_WRITEPROTECT(0xffffffffffffffff, 0xc018aa06, &(0x7f0000000280)={{&(0x7f0000696000/0x2000)=nil, 0x2000}, 0x4})
rename(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000280)='./file0\x00')
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCGWINSZ(r6, 0x5413, 0x0)
r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x40000, 0x0)
ioctl$PIO_UNISCRNMAP(r7, 0x5453, 0x0)

0s ago: executing program 2 (id=625):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = syz_io_uring_setup(0x5ffd, 0x0, 0x0, 0x0, &(0x7f0000000000))
r4 = bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
r6 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r6, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r7=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r5, 0x84, 0x83, &(0x7f0000001000)={r7}, 0x8)
r8 = openat$vicodec1(0xffffffffffffff9c, &(0x7f00000003c0), 0x2, 0x0)
r9 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
poll(&(0x7f0000000440)=[{r6, 0x200}, {0xffffffffffffffff, 0x80}, {r1, 0x80}, {r3, 0x4110}, {r8, 0x4}, {r9, 0x4002}], 0x6, 0x4)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000140)={0x1b, 0x0, 0x0, 0x1000, 0x0, 0x1, 0x0, '\x00', 0x0, r4, 0x1, 0x1}, 0x48)
connect$inet6(0xffffffffffffffff, &(0x7f00000000c0)={0xa, 0x0, 0xfffffffc, @mcast1, 0x7}, 0x1c)
connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x4, 0x0, 0x0, 0x0, {0xa, 0x4e22, 0xffff, @ipv4={'\x00', '\xff\xff', @empty}}}}, 0x32)
sendmsg$RDMA_NLDEV_CMD_RES_PD_GET(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYRES16], 0x40}, 0x1, 0x0, 0x0, 0x20000800}, 0x0)
syz_clone(0x80000, 0x0, 0x0, 0x0, 0x0, &(0x7f0000003b00)="4757bcf1")
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x3)

kernel console output (not intermixed with test programs):

k not in datazone
[   64.919524][ T4289] Trying to free block not in datazone
[   64.937667][ T4289] Trying to free block not in datazone
[   64.943295][ T4289] Trying to free block not in datazone
[   64.948901][ T4289] Trying to free block not in datazone
[   64.961211][ T4289] Trying to free block not in datazone
[   64.970634][ T4289] Trying to free block not in datazone
[   64.988207][ T4289] Trying to free block not in datazone
[   64.993272][ T4366] FAT-fs (loop3): Directory bread(block 64) failed
[   65.025108][ T4366] FAT-fs (loop3): Directory bread(block 65) failed
[   65.041096][ T4289] Trying to free block not in datazone
[   65.045933][ T4366] FAT-fs (loop3): Directory bread(block 66) failed
[   65.056760][ T4289] Trying to free block not in datazone
[   65.060227][ T4366] FAT-fs (loop3): Directory bread(block 67) failed
[   65.068933][ T4289] Trying to free block not in datazone
[   65.068941][ T4289] Trying to free block not in datazone
[   65.068947][ T4289] Trying to free block not in datazone
[   65.068953][ T4289] Trying to free block not in datazone
[   65.068960][ T4289] Trying to free block not in datazone
[   65.068966][ T4289] Trying to free block not in datazone
[   65.068972][ T4289] Trying to free block not in datazone
[   65.068978][ T4289] Trying to free block not in datazone
[   65.068983][ T4289] Trying to free block not in datazone
[   65.068989][ T4289] Trying to free block not in datazone
[   65.068995][ T4289] Trying to free block not in datazone
[   65.069000][ T4289] Trying to free block not in datazone
[   65.069005][ T4289] Trying to free block not in datazone
[   65.069011][ T4289] Trying to free block not in datazone
[   65.069016][ T4289] Trying to free block not in datazone
[   65.069021][ T4289] Trying to free block not in datazone
[   65.069027][ T4289] Trying to free block not in datazone
[   65.069032][ T4289] Trying to free block not in datazone
[   65.069038][ T4289] Trying to free block not in datazone
[   65.069044][ T4289] Trying to free block not in datazone
[   65.069049][ T4289] Trying to free block not in datazone
[   65.069055][ T4289] Trying to free block not in datazone
[   65.069061][ T4289] Trying to free block not in datazone
[   65.069066][ T4289] Trying to free block not in datazone
[   65.069072][ T4289] Trying to free block not in datazone
[   65.069077][ T4289] Trying to free block not in datazone
[   65.069083][ T4289] Trying to free block not in datazone
[   65.069088][ T4289] Trying to free block not in datazone
[   65.069094][ T4289] Trying to free block not in datazone
[   65.069100][ T4289] Trying to free block not in datazone
[   65.069106][ T4289] Trying to free block not in datazone
[   65.069112][ T4289] Trying to free block not in datazone
[   65.069118][ T4289] Trying to free block not in datazone
[   65.069123][ T4289] Trying to free block not in datazone
[   65.069130][ T4289] Trying to free block not in datazone
[   65.069136][ T4289] Trying to free block not in datazone
[   65.069142][ T4289] Trying to free block not in datazone
[   65.069148][ T4289] Trying to free block not in datazone
[   65.069154][ T4289] Trying to free block not in datazone
[   65.069159][ T4289] Trying to free block not in datazone
[   65.069165][ T4289] Trying to free block not in datazone
[   65.069171][ T4289] Trying to free block not in datazone
[   65.069177][ T4289] Trying to free block not in datazone
[   65.069183][ T4289] Trying to free block not in datazone
[   65.069189][ T4289] Trying to free block not in datazone
[   65.069195][ T4289] Trying to free block not in datazone
[   65.069201][ T4289] Trying to free block not in datazone
[   65.069207][ T4289] Trying to free block not in datazone
[   65.069212][ T4289] Trying to free block not in datazone
[   65.069218][ T4289] Trying to free block not in datazone
[   65.069224][ T4289] Trying to free block not in datazone
[   65.069231][ T4289] Trying to free block not in datazone
[   65.069236][ T4289] Trying to free block not in datazone
[   65.074875][ T4289] Trying to free block not in datazone
[   65.074884][ T4289] Trying to free block not in datazone
[   65.074889][ T4289] Trying to free block not in datazone
[   65.074894][ T4289] Trying to free block not in datazone
[   65.074899][ T4289] Trying to free block not in datazone
[   65.074905][ T4289] Trying to free block not in datazone
[   65.074910][ T4289] Trying to free block not in datazone
[   65.074917][ T4289] Trying to free block not in datazone
[   65.074923][ T4289] Trying to free block not in datazone
[   65.074929][ T4289] Trying to free block not in datazone
[   65.074935][ T4289] Trying to free block not in datazone
[   65.074940][ T4289] Trying to free block not in datazone
[   65.074947][ T4289] Trying to free block not in datazone
[   65.074953][ T4289] Trying to free block not in datazone
[   65.074958][ T4289] Trying to free block not in datazone
[   65.074963][ T4289] Trying to free block not in datazone
[   65.074969][ T4289] Trying to free block not in datazone
[   65.074975][ T4289] Trying to free block not in datazone
[   65.074982][ T4289] Trying to free block not in datazone
[   65.074988][ T4289] Trying to free block not in datazone
[   65.074994][ T4289] Trying to free block not in datazone
[   65.075000][ T4289] Trying to free block not in datazone
[   65.075007][ T4289] Trying to free block not in datazone
[   65.075013][ T4289] Trying to free block not in datazone
[   65.075018][ T4289] Trying to free block not in datazone
[   65.075023][ T4289] Trying to free block not in datazone
[   65.075028][ T4289] Trying to free block not in datazone
[   65.075033][ T4289] Trying to free block not in datazone
[   65.075038][ T4289] Trying to free block not in datazone
[   65.075043][ T4289] Trying to free block not in datazone
[   65.075048][ T4289] Trying to free block not in datazone
[   65.075053][ T4289] Trying to free block not in datazone
[   65.075058][ T4289] Trying to free block not in datazone
[   65.075064][ T4289] Trying to free block not in datazone
[   65.075071][ T4289] Trying to free block not in datazone
[   65.075076][ T4289] Trying to free block not in datazone
[   65.075083][ T4289] Trying to free block not in datazone
[   65.075089][ T4289] Trying to free block not in datazone
[   65.075095][ T4289] Trying to free block not in datazone
[   65.075102][ T4289] Trying to free block not in datazone
[   65.075107][ T4289] Trying to free block not in datazone
[   65.075113][ T4289] Trying to free block not in datazone
[   65.075119][ T4289] Trying to free block not in datazone
[   65.075125][ T4289] Trying to free block not in datazone
[   65.075132][ T4289] Trying to free block not in datazone
[   65.075138][ T4289] Trying to free block not in datazone
[   65.075144][ T4289] Trying to free block not in datazone
[   65.075151][ T4289] Trying to free block not in datazone
[   65.075157][ T4289] Trying to free block not in datazone
[   65.075163][ T4289] Trying to free block not in datazone
[   65.075185][ T4289] Trying to free block not in datazone
[   65.075191][ T4289] Trying to free block not in datazone
[   65.075197][ T4289] Trying to free block not in datazone
[   65.075203][ T4289] Trying to free block not in datazone
[   65.075209][ T4289] Trying to free block not in datazone
[   65.075215][ T4289] Trying to free block not in datazone
[   65.075221][ T4289] Trying to free block not in datazone
[   65.075226][ T4289] Trying to free block not in datazone
[   65.075231][ T4289] Trying to free block not in datazone
[   65.075237][ T4289] Trying to free block not in datazone
[   65.075243][ T4289] Trying to free block not in datazone
[   65.075249][ T4289] Trying to free block not in datazone
[   65.075255][ T4289] Trying to free block not in datazone
[   65.075262][ T4289] Trying to free block not in datazone
[   65.075268][ T4289] Trying to free block not in datazone
[   65.075275][ T4289] Trying to free block not in datazone
[   65.075281][ T4289] Trying to free block not in datazone
[   65.075287][ T4289] Trying to free block not in datazone
[   65.075294][ T4289] Trying to free block not in datazone
[   65.075300][ T4289] Trying to free block not in datazone
[   65.075306][ T4289] Trying to free block not in datazone
[   65.075313][ T4289] Trying to free block not in datazone
[   65.075319][ T4289] Trying to free block not in datazone
[   65.075325][ T4289] Trying to free block not in datazone
[   65.075331][ T4289] Trying to free block not in datazone
[   65.075338][ T4289] Trying to free block not in datazone
[   65.075344][ T4289] Trying to free block not in datazone
[   65.075350][ T4289] Trying to free block not in datazone
[   65.075356][ T4289] Trying to free block not in datazone
[   65.075362][ T4289] Trying to free block not in datazone
[   65.075367][ T4289] Trying to free block not in datazone
[   65.075373][ T4289] Trying to free block not in datazone
[   65.104824][ T4362] ntfs: volume version 3.1.
[   65.135136][ T4366] FAT-fs (loop3): Directory bread(block 68) failed
[   65.145145][ T4372] BFS-fs: bfs_fill_super(): loop4 is unclean, continuing
[   65.219478][ T4366] FAT-fs (loop3): Directory bread(block 69) failed
[   65.282141][ T4289] Trying to free block not in datazone
[   65.297995][ T4366] FAT-fs (loop3): Directory bread(block 70) failed
[   65.344268][ T4289] Trying to free block not in datazone
[   65.478319][ T4366] FAT-fs (loop3): Directory bread(block 71) failed
[   65.550005][ T4289] Trying to free block not in datazone
[   65.831717][ T4366] FAT-fs (loop3): Directory bread(block 72) failed
[   65.867489][ T4289] Trying to free block not in datazone
[   65.870041][ T4366] FAT-fs (loop3): Directory bread(block 73) failed
[   65.875069][ T4289] Trying to free block not in datazone
[   65.897745][ T4289] Trying to free block not in datazone
[   65.903327][ T4289] Trying to free block not in datazone
[   65.909270][ T4289] Trying to free block not in datazone
[   65.917357][ T4289] Trying to free block not in datazone
[   65.931081][ T4289] Trying to free block not in datazone
[   65.966446][ T4289] Trying to free block not in datazone
[   65.975669][ T4378] set_capacity_and_notify: 8 callbacks suppressed
[   65.975682][ T4378] loop4: detected capacity change from 0 to 16
[   65.981185][ T4178] usb 1-1: new full-speed USB device number 2 using dummy_hcd
[   65.995943][ T4289] Trying to free block not in datazone
[   66.003821][ T4289] Trying to free block not in datazone
[   66.026924][ T4289] Trying to free block not in datazone
[   66.047812][ T4289] Trying to free block not in datazone
[   66.060532][ T4289] Trying to free block not in datazone
[   66.069120][ T4378] erofs: (device loop4): mounted with root inode @ nid 36.
[   66.098651][ T4289] Trying to free block not in datazone
[   66.112000][ T4289] Trying to free block not in datazone
[   66.130801][ T4289] Trying to free block not in datazone
[   66.136567][ T4289] Trying to free block not in datazone
[   66.158052][ T4289] Trying to free block not in datazone
[   66.170932][ T4384] loop2: detected capacity change from 0 to 1024
[   66.180057][ T4289] Trying to free block not in datazone
[   66.198880][ T4289] Trying to free block not in datazone
[   66.205231][ T4289] Trying to free block not in datazone
[   66.211001][ T4289] Trying to free block not in datazone
[   66.217272][ T4289] Trying to free block not in datazone
[   66.247903][ T4384] EXT4-fs error (device loop2): ext4_map_blocks:631: inode #3: block 2: comm syz.2.50: lblock 2 mapped to illegal pblock 2 (length 1)
[   66.251014][ T4289] Trying to free block not in datazone
[   66.281197][ T4289] Trying to free block not in datazone
[   66.286838][ T4384] EXT4-fs error (device loop2): ext4_map_blocks:631: inode #3: block 48: comm syz.2.50: lblock 0 mapped to illegal pblock 48 (length 1)
[   66.286899][ T4289] Trying to free block not in datazone
[   66.331532][ T4289] Trying to free block not in datazone
[   66.337113][ T4289] Trying to free block not in datazone
[   66.343002][ T4289] Trying to free block not in datazone
[   66.348539][ T4289] Trying to free block not in datazone
[   66.359546][ T4392] loop4: detected capacity change from 0 to 512
[   66.365858][ T4289] Trying to free block not in datazone
[   66.371645][ T4289] Trying to free block not in datazone
[   66.377100][ T4289] Trying to free block not in datazone
[   66.390393][ T4384] EXT4-fs error (device loop2): ext4_acquire_dquot:6236: comm syz.2.50: Failed to acquire dquot type 0
[   66.396806][ T4289] Trying to free block not in datazone
[   66.408501][ T4384] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5873: Corrupt filesystem
[   66.428311][ T4289] Trying to free block not in datazone
[   66.430918][ T4384] EXT4-fs error (device loop2): ext4_evict_inode:284: inode #11: comm syz.2.50: mark_inode_dirty error
[   66.436134][ T4289] Trying to free block not in datazone
[   66.451192][ T4178] usb 1-1: unable to get BOS descriptor or descriptor too short
[   66.461301][ T4392] EXT4-fs (loop4): Ignoring removed bh option
[   66.468438][ T4289] Trying to free block not in datazone
[   66.476846][ T4289] Trying to free block not in datazone
[   66.485343][ T4392] EXT4-fs error (device loop4): ext4_expand_extra_isize_ea:2759: inode #11: comm syz.4.53: corrupted xattr block 95
[   66.498385][ T4178] usb 1-1: not running at top speed; connect to a high speed hub
[   66.506332][ T4289] Trying to free block not in datazone
[   66.512999][ T4289] Trying to free block not in datazone
[   66.518463][ T4289] Trying to free block not in datazone
[   66.525703][ T4289] Trying to free block not in datazone
[   66.526957][ T4392] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2809: Unable to expand inode 11. Delete some EAs or run e2fsck.
[   66.531435][ T4289] Trying to free block not in datazone
[   66.550825][ T4289] Trying to free block not in datazone
[   66.551953][ T4384] EXT4-fs warning (device loop2): ext4_evict_inode:287: couldn't mark inode dirty (err -117)
[   66.556578][ T4289] Trying to free block not in datazone
[   66.572388][ T4289] Trying to free block not in datazone
[   66.581147][ T4289] Trying to free block not in datazone
[   66.586678][ T4289] Trying to free block not in datazone
[   66.593897][ T4289] Trying to free block not in datazone
[   66.599449][ T4289] Trying to free block not in datazone
[   66.605346][ T4289] Trying to free block not in datazone
[   66.610889][ T4289] Trying to free block not in datazone
[   66.613596][ T4392] EXT4-fs error (device loop4): ext4_validate_block_bitmap:429: comm syz.4.53: bg 0: block 7: invalid block bitmap
[   66.616794][ T4178] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   66.640216][ T4384] EXT4-fs (loop2): 1 orphan inode deleted
[   66.640626][ T4289] Trying to free block not in datazone
[   66.651731][ T4289] Trying to free block not in datazone
[   66.657188][ T4289] Trying to free block not in datazone
[   66.657434][  T154] EXT4-fs error (device loop2): ext4_map_blocks:631: inode #3: block 1: comm kworker/u4:2: lblock 1 mapped to illegal pblock 1 (length 1)
[   66.662997][ T4178] usb 1-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[   66.688990][ T4392] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6191: Corrupt filesystem
[   66.697974][ T4289] Trying to free block not in datazone
[   66.703921][ T4289] Trying to free block not in datazone
[   66.704365][ T4384] EXT4-fs (loop2): mounted filesystem without journal. Opts: noinit_itable,journal_dev=0x0000000000000006,data_err=ignore,max_batch_time=0x0000000000000006,discard,nolazytime,nobarrier,noblock_validity,nogrpid,,errors=continue. Quota mode: none.
[   66.709457][ T4289] Trying to free block not in datazone
[   66.742250][ T4392] EXT4-fs error (device loop4): ext4_xattr_delete_inode:2925: inode #11: comm syz.4.53: corrupted xattr block 95
[   66.753953][  T154] EXT4-fs error (device loop2): ext4_release_dquot:6272: comm kworker/u4:2: Failed to release dquot type 0
[   66.754286][ T4178] usb 1-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 249, changing to 4
[   66.781003][ T4392] EXT4-fs warning (device loop4): ext4_evict_inode:304: xattr delete (err -117)
[   66.790392][ T4392] EXT4-fs (loop4): 1 orphan inode deleted
[   66.796986][ T4289] Trying to free block not in datazone
[   66.805987][ T4392] EXT4-fs (loop4): mounted filesystem without journal. Opts: auto_da_alloc,bh,,errors=continue. Quota mode: none.
[   66.825448][ T4289] Trying to free block not in datazone
[   66.833839][ T4289] Trying to free block not in datazone
[   66.873196][ T4289] Trying to free block not in datazone
[   66.878292][ T4401] loop3: detected capacity change from 0 to 64
[   66.878672][ T4289] Trying to free block not in datazone
[   66.878681][ T4289] Trying to free block not in datazone
[   66.919844][ T4289] Trying to free block not in datazone
[   66.926440][ T4289] Trying to free block not in datazone
[   66.933019][ T4289] Trying to free block not in datazone
[   66.938568][ T4289] Trying to free block not in datazone
[   66.949298][ T4289] Trying to free block not in datazone
[   66.955863][ T4289] Trying to free block not in datazone
[   66.971382][  T144] EXT4-fs error (device loop2): ext4_map_blocks:631: inode #3: block 2: comm kworker/u4:1: lblock 2 mapped to illegal pblock 2 (length 1)
[   66.977070][ T4289] Trying to free block not in datazone
[   66.998881][ T4289] Trying to free block not in datazone
[   67.004023][ T4178] usb 1-1: New USB device found, idVendor=21b4, idProduct=0081, bcdDevice= 0.40
[   67.016035][ T4289] Trying to free block not in datazone
[   67.021305][ T4178] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   67.021661][  T144] EXT4-fs error (device loop2): ext4_write_dquot:6216: comm kworker/u4:1: Failed to commit dquot type 0
[   67.030042][ T4178] usb 1-1: Product: syz
[   67.041349][ T4289] Trying to free block not in datazone
[   67.050890][ T4289] Trying to free block not in datazone
[   67.051534][ T4178] usb 1-1: Manufacturer: syz
[   67.061179][ T4178] usb 1-1: SerialNumber: syz
[   67.088459][ T4289] Trying to free block not in datazone
[   67.109321][ T4189] EXT4-fs error (device loop2): __ext4_get_inode_loc:4334: comm syz-executor: Invalid inode table block 1 in block_group 0
[   67.130875][ T4289] Trying to free block not in datazone
[   67.137806][ T4289] Trying to free block not in datazone
[   67.161727][ T4189] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5873: Corrupt filesystem
[   67.166550][ T4289] Trying to free block not in datazone
[   67.183397][ T4289] Trying to free block not in datazone
[   67.184093][ T4403] loop3: detected capacity change from 0 to 2048
[   67.198967][ T4189] EXT4-fs error (device loop2): ext4_quota_off:6542: inode #3: comm syz-executor: mark_inode_dirty error
[   67.208553][ T4289] Trying to free block not in datazone
[   67.226255][ T4289] Trying to free block not in datazone
[   67.243550][ T4289] Trying to free block not in datazone
[   67.256694][ T4289] Trying to free block not in datazone
[   67.264407][ T4407] loop4: detected capacity change from 0 to 128
[   67.271784][ T4289] Trying to free block not in datazone
[   67.274727][ T4403] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[   67.277250][ T4289] Trying to free block not in datazone
[   67.277259][ T4289] Trying to free block not in datazone
[   67.277265][ T4289] Trying to free block not in datazone
[   67.277271][ T4289] Trying to free block not in datazone
[   67.277277][ T4289] Trying to free block not in datazone
[   67.344082][ T4407] affs: No valid root block on device loop4
[   67.390384][ T4409] loop2: detected capacity change from 0 to 512
[   67.416067][ T4289] Trying to free block not in datazone
[   67.422687][ T4289] Trying to free block not in datazone
[   67.428236][ T4289] Trying to free block not in datazone
[   67.435260][ T4289] Trying to free block not in datazone
[   67.440805][ T4289] Trying to free block not in datazone
[   67.450722][ T4289] Trying to free block not in datazone
[   67.459059][ T4289] Trying to free block not in datazone
[   67.467316][ T4289] Trying to free block not in datazone
[   67.471780][ T4178] usb 1-1: 1:1 : invalid UAC_AS_GENERAL desc
[   67.476721][ T4409] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,nogrpid,quota,,errors=continue. Quota mode: writeback.
[   67.487089][ T4289] Trying to free block not in datazone
[   67.497318][ T4289] Trying to free block not in datazone
[   67.521751][ T4178] usb 1-1: unit 2 not found!
[   67.541142][ T4289] Trying to free block not in datazone
[   67.570023][ T4178] usb 1-1: USB disconnect, device number 2
[   67.583806][ T4409] ext4 filesystem being mounted at /16/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   67.603446][ T4414] bridge0: adding interface bridge_slave_0 with same address as a received packet (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[   67.621277][ T4289] Trying to free block not in datazone
[   67.642017][ T4414] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[   67.664245][ T4289] Trying to free block not in datazone
[   67.690464][ T4289] Trying to free block not in datazone
[   67.709161][ T4289] Trying to free block not in datazone
[   67.725070][ T4416] loop3: detected capacity change from 0 to 2048
[   67.732596][ T4289] Trying to free block not in datazone
[   67.738172][ T4289] Trying to free block not in datazone
[   67.763066][ T4289] Trying to free block not in datazone
[   67.768619][ T4289] Trying to free block not in datazone
[   67.779715][ T4289] Trying to free block not in datazone
[   67.785288][ T4289] Trying to free block not in datazone
[   67.791287][ T4289] Trying to free block not in datazone
[   67.796933][ T4289] Trying to free block not in datazone
[   67.807967][ T4289] Trying to free block not in datazone
[   67.816040][ T4289] Trying to free block not in datazone
[   67.821532][ T4289] Trying to free block not in datazone
[   67.827066][ T4289] Trying to free block not in datazone
[   67.853286][ T4420] loop4: detected capacity change from 0 to 2048
[   67.859707][ T4289] Trying to free block not in datazone
[   67.876650][ T4289] Trying to free block not in datazone
[   67.882780][ T4289] Trying to free block not in datazone
[   67.883950][ T4416] EXT4-fs (loop3): mounted filesystem without journal. Opts: init_itable,,errors=continue. Quota mode: none.
[   67.888242][ T4289] Trying to free block not in datazone
[   67.888250][ T4289] Trying to free block not in datazone
[   67.914854][ T4263] udevd[4263]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[   67.927836][ T4289] Trying to free block not in datazone
[   67.945012][ T4289] Trying to free block not in datazone
[   67.950486][ T4289] Trying to free block not in datazone
[   67.959491][ T4420] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[   67.961690][ T4420] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   68.026875][ T4289] Trying to free block not in datazone
[   68.040904][ T4427] loop2: detected capacity change from 0 to 164
[   68.060145][ T4289] Trying to free block not in datazone
[   68.079217][ T4289] Trying to free block not in datazone
[   68.088258][ T4289] Trying to free block not in datazone
[   68.093852][ T4289] Trying to free block not in datazone
[   68.099318][ T4289] Trying to free block not in datazone
[   68.104945][ T4289] Trying to free block not in datazone
[   68.110399][ T4289] Trying to free block not in datazone
[   68.130534][ T4289] Trying to free block not in datazone
[   68.220980][ T4289] Trying to free block not in datazone
[   68.226481][ T4289] Trying to free block not in datazone
[   68.248236][ T4434] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[   68.258920][ T4432] EXT4-fs (loop0): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[   68.276338][ T4289] Trying to free block not in datazone
[   68.287311][ T4432] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[   68.293107][ T4289] Trying to free block not in datazone
[   68.327250][ T4434] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1062: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   68.350755][ T4289] Trying to free block not in datazone
[   68.377266][ T4289] Trying to free block not in datazone
[   68.411040][ T4432] EXT4-fs error (device loop0): ext4_get_journal_inode:5187: inode #5: comm syz.0.70: unexpected bad inode w/o EXT4_IGET_BAD
[   68.424246][ T4289] Trying to free block not in datazone
[   68.447617][ T4438] netlink: 'syz.2.71': attribute type 1 has an invalid length.
[   68.469228][ T4289] Trying to free block not in datazone
[   68.471101][ T4434] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.69: bg 0: block 248: padding at end of block bitmap is not set
[   68.492413][ T4432] EXT4-fs (loop0): no journal found
[   68.497629][ T4432] EXT4-fs (loop0): can't get journal size
[   68.503852][ T4289] Trying to free block not in datazone
[   68.509308][ T4289] Trying to free block not in datazone
[   68.518791][ T4289] Trying to free block not in datazone
[   68.525672][ T4432] EXT4-fs (loop0): mounted filesystem without journal. Opts: noblock_validity,stripe=0x0000000000000002,norecovery,min_batch_time=0x0000000000000005,abort,,errors=continue. Quota mode: writeback.
[   68.557537][ T4434] EXT4-fs error (device loop3): ext4_acquire_dquot:6236: comm syz.3.69: Failed to acquire dquot type 1
[   68.561688][ T4289] Trying to free block not in datazone
[   68.597803][ T4289] Trying to free block not in datazone
[   68.611025][ T4289] Trying to free block not in datazone
[   68.619349][ T4289] Trying to free block not in datazone
[   68.625273][ T4289] Trying to free block not in datazone
[   68.630869][ T4289] Trying to free block not in datazone
[   68.636621][ T4289] Trying to free block not in datazone
[   68.643148][ T4289] Trying to free block not in datazone
[   68.648615][ T4289] Trying to free block not in datazone
[   68.654448][ T4289] Trying to free block not in datazone
[   68.659906][ T4289] Trying to free block not in datazone
[   68.666405][ T4289] Trying to free block not in datazone
[   68.667257][ T4434] EXT4-fs (loop3): 1 truncate cleaned up
[   68.672980][ T4289] Trying to free block not in datazone
[   68.686248][ T4289] Trying to free block not in datazone
[   68.691942][ T4289] Trying to free block not in datazone
[   68.709943][ T4434] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   68.711110][ T4289] Trying to free block not in datazone
[   68.728871][ T4289] Trying to free block not in datazone
[   68.734982][ T4289] Trying to free block not in datazone
[   68.740492][ T4289] Trying to free block not in datazone
[   68.768039][ T4289] Trying to free block not in datazone
[   68.778029][ T4289] Trying to free block not in datazone
[   68.798572][ T4289] Trying to free block not in datazone
[   68.809561][ T4289] Trying to free block not in datazone
[   68.830985][ T4289] Trying to free block not in datazone
[   68.839585][ T4441] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz.2.72: invalid indirect mapped block 4294967295 (level 1)
[   68.845038][ T4434] EXT4-fs error (device loop3): ext4_acquire_dquot:6236: comm syz.3.69: Failed to acquire dquot type 1
[   68.893570][ T4289] Trying to free block not in datazone
[   68.899060][ T4289] Trying to free block not in datazone
[   68.904590][ T4289] Trying to free block not in datazone
[   68.910152][ T4289] Trying to free block not in datazone
[   68.915719][ T4289] Trying to free block not in datazone
[   68.921199][ T4289] Trying to free block not in datazone
[   68.926654][ T4289] Trying to free block not in datazone
[   68.932231][ T4289] Trying to free block not in datazone
[   68.937685][ T4289] Trying to free block not in datazone
[   68.943199][ T4289] Trying to free block not in datazone
[   68.948658][ T4289] Trying to free block not in datazone
[   68.954166][ T4289] Trying to free block not in datazone
[   68.967287][ T4434] syz.3.69 (4434) used greatest stack depth: 18072 bytes left
[   68.984041][ T4441] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz.2.72: invalid indirect mapped block 4294967295 (level 1)
[   68.999323][ T4430] ocfs2: Slot 0 on device (7,4) was already allocated to this node!
[   69.032194][ T4441] EXT4-fs (loop2): 2 truncates cleaned up
[   69.053549][ T4441] EXT4-fs (loop2): mounted filesystem without journal. Opts: journal_dev=0x0000000000000002,init_itable=0x0000000000004004,barrier=0x0000000000000005,,errors=continue. Quota mode: writeback.
[   69.107732][ T4430] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[   69.135600][ T4441] EXT4-fs (loop2): Cannot specify journal on remount
[   69.145915][ T4448] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   69.168772][ T4443] ntfs: volume version 3.1.
[   69.178005][ T4443] __ntfs_error: 18 callbacks suppressed
[   69.178019][ T4443] ntfs: (device loop0): ntfs_lookup_inode_by_name(): Index entry out of bounds in directory inode 0x5.
[   69.202731][ T4430] (syz.4.68,4430,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is smaller than minimal - offset=0, inode=970662608961, rec_len=0, name_len=0
[   69.250297][ T4443] ntfs: (device loop0): check_windows_hibernation_status(): Failed to find inode number for hiberfil.sys.
[   69.268602][ T4443] ntfs: (device loop0): load_system_files(): Failed to determine if Windows is hibernated.  Mounting read-only.  Run chkdsk.
[   69.282454][ T4430] (syz.4.68,4430,1):ocfs2_prepare_dir_for_insert:4311 ERROR: status = -2
[   69.301664][ T4430] (syz.4.68,4430,1):ocfs2_mknod:298 ERROR: status = -2
[   69.308625][ T4430] (syz.4.68,4430,1):ocfs2_mknod:502 ERROR: status = -2
[   69.317869][ T4443] ntfs: (device loop0): ntfs_read_locked_attr_inode(): Failed with error code -2 while reading attribute inode (mft_no 0x1a, type 0x80, name_len 4).  Marking corrupt inode and base inode 0x1a as bad.  Run chkdsk.
[   69.335154][ T4430] (syz.4.68,4430,0):ocfs2_create:676 ERROR: status = -2
[   69.365441][ T4452] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[   69.401095][ T4443] ntfs: (device loop0): load_and_init_usnjrnl(): Failed to load $UsnJrnl/$DATA/$Max attribute.
[   69.438623][ T4448] Quota error (device loop1): do_check_range: Getting dqdh_next_free 256 out of range 0-7
[   69.471491][ T4443] ntfs: (device loop0): load_system_files(): Failed to load $UsnJrnl.  Will not be able to remount read-write.  Run chkdsk.
[   69.497429][ T4200] ocfs2: Unmounting device (7,4) on (node local)
[   69.512831][ T4448] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[   69.536535][ T4448] EXT4-fs error (device loop1): ext4_acquire_dquot:6236: comm syz.1.74: Failed to acquire dquot type 1
[   69.565645][ T4448] EXT4-fs error (device loop1): ext4_do_update_inode:5229: inode #16: comm syz.1.74: corrupted inode contents
[   69.625997][ T4460] comedi comedi0: dt2815: I/O port conflict (0x3,2)
[   69.661460][ T4448] EXT4-fs error (device loop1): ext4_dirty_inode:6077: inode #16: comm syz.1.74: mark_inode_dirty error
[   69.680561][ T4448] EXT4-fs error (device loop1): ext4_do_update_inode:5229: inode #16: comm syz.1.74: corrupted inode contents
[   69.732310][ T4448] EXT4-fs error (device loop1): __ext4_ext_dirty:183: inode #16: comm syz.1.74: mark_inode_dirty error
[   69.799827][ T4448] EXT4-fs error (device loop1): ext4_do_update_inode:5229: inode #16: comm syz.1.74: corrupted inode contents
[   69.863628][ T4448] EXT4-fs error (device loop1) in ext4_orphan_del:303: Corrupt filesystem
[   69.895490][ T4448] EXT4-fs error (device loop1): ext4_do_update_inode:5229: inode #16: comm syz.1.74: corrupted inode contents
[   69.925959][ T4472] netlink: 'syz.0.85': attribute type 4 has an invalid length.
[   69.929373][ T4448] EXT4-fs error (device loop1): ext4_truncate:4286: inode #16: comm syz.1.74: mark_inode_dirty error
[   69.943761][ T4472] netlink: 'syz.0.85': attribute type 10 has an invalid length.
[   69.954034][ T4468] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=4096, location=4096
[   69.974878][ T4468] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found!
[   69.992562][ T4448] EXT4-fs error (device loop1) in ext4_process_orphan:345: Corrupt filesystem
[   70.007855][ T4468] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found!
[   70.020071][ T4448] EXT4-fs (loop1): 1 truncate cleaned up
[   70.043724][ T4468] UDF-fs: Scanning with blocksize 512 failed
[   70.049822][ T4448] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   70.068395][ T4468] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[   70.071471][ T4472] netlink: 152 bytes leftover after parsing attributes in process `syz.0.85'.
[   70.083796][ T4448] ext4 filesystem being mounted at /3/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   70.103036][ T4468] UDF-fs: Scanning with blocksize 1024 failed
[   70.138491][ T4468] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512
[   70.186556][ T4468] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[   70.224667][ T4472] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[   70.224898][ T4468] UDF-fs: Scanning with blocksize 2048 failed
[   70.327204][ T4468] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[   70.390500][ T4468] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512
[   70.430507][ T4468] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[   70.450755][ T4468] UDF-fs: Scanning with blocksize 4096 failed
[   70.458511][ T4468] UDF-fs: warning (device loop3): udf_fill_super: No partition found (1)
[   70.556556][ T4240] read_mapping_page failed!
[   70.564056][ T4240] ERROR: (device loop2): txCommit: 
[   70.564056][ T4240] 
[   70.580212][ T4240] jfs_write_inode: jfs_commit_inode failed!
[   70.782644][ T4490] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   70.815138][ T4490] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[   71.046992][ T4494] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[   71.049481][ T4500] set_capacity_and_notify: 12 callbacks suppressed
[   71.049493][ T4500] loop2: detected capacity change from 0 to 256
[   71.104481][ T4504] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   71.157442][ T4474] XFS (loop4): Mounting V5 filesystem in no-recovery mode. Filesystem will be inconsistent.
[   71.166681][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[   71.174073][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[   71.204714][ T4500] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000001)
[   71.410586][ T4514] loop1: detected capacity change from 0 to 2048
[   71.425316][ T4200] XFS (loop4): Unmounting Filesystem
[   71.460841][ T4517] loop0: detected capacity change from 0 to 8192
[   71.482205][ T4514] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   71.505052][ T4521] loop2: detected capacity change from 0 to 512
[   71.524579][ T4514] ext4 filesystem being mounted at /8/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   71.554763][ T4517] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal
[   71.619173][ T4517] REISERFS (device loop0): using ordered data mode
[   71.632429][ T4517] reiserfs: using flush barriers
[   71.643688][ T4517] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[   71.752952][ T4517] REISERFS (device loop0): checking transaction log (loop0)
[   71.813788][ T4521] EXT4-fs (loop2): Test dummy encryption mode enabled
[   71.820613][ T4521] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   71.887017][ T4521] EXT4-fs error (device loop2): ext4_orphan_get:1432: comm syz.2.102: bad orphan inode 131083
[   71.991410][ T4521] EXT4-fs (loop2): mounted filesystem without journal. Opts: test_dummy_encryption,init_itable,norecovery,,errors=continue. Quota mode: none.
[   72.060895][ T4528] loop3: detected capacity change from 0 to 4096
[   72.137364][ T4517] REISERFS (device loop0): Using tea hash to sort names
[   72.163971][ T4517] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[   72.171112][ T4528] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   72.295589][ T4528] EXT4-fs error (device loop3): ext4_do_update_inode:5229: inode #15: comm syz.3.105: corrupted inode contents
[   72.326707][ T4528] EXT4-fs error (device loop3): ext4_dirty_inode:6077: inode #15: comm syz.3.105: mark_inode_dirty error
[   72.327510][ T4538] loop1: detected capacity change from 0 to 1024
[   72.372312][ T4538] hfsplus: unable to parse mount options
[   72.426972][ T4528] EXT4-fs error (device loop3): ext4_do_update_inode:5229: inode #15: comm syz.3.105: corrupted inode contents
[   72.442197][    C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[   72.463107][ T4528] EXT4-fs error (device loop3): __ext4_ext_dirty:183: inode #15: comm syz.3.105: mark_inode_dirty error
[   72.480260][ T4528] EXT4-fs error (device loop3): ext4_do_update_inode:5229: inode #15: comm syz.3.105: corrupted inode contents
[   72.533790][ T4528] EXT4-fs error (device loop3): __ext4_ext_dirty:183: inode #15: comm syz.3.105: mark_inode_dirty error
[   72.568887][ T4538] syz.1.107 uses obsolete (PF_INET,SOCK_PACKET)
[   72.822398][ T4528] EXT4-fs error (device loop3): ext4_do_update_inode:5229: inode #15: comm syz.3.105: corrupted inode contents
[   73.126139][ T4528] EXT4-fs error (device loop3): ext4_truncate:4286: inode #15: comm syz.3.105: mark_inode_dirty error
[   73.300775][ T4558] loop0: detected capacity change from 0 to 1024
[   73.310296][ T4528] EXT4-fs error (device loop3) in ext4_setattr:5645: Corrupt filesystem
[   73.356679][ T4542] EXT4-fs error (device loop3): ext4_do_update_inode:5229: inode #15: comm syz.3.105: corrupted inode contents
[   73.379506][ T4560] loop4: detected capacity change from 0 to 128
[   73.547884][ T4563] netlink: 'syz.2.114': attribute type 10 has an invalid length.
[   74.685405][ T4553] loop1: detected capacity change from 0 to 32768
[   74.779050][ T4553] XFS (loop1): Mounting V5 Filesystem
[   74.838245][ T4553] XFS (loop1): Ending clean mount
[   74.877328][ T4553] XFS (loop1): Quotacheck needed: Please wait.
[   74.937317][ T4553] XFS (loop1): Quotacheck: Done.
[   75.037742][ T4190] XFS (loop1): Unmounting Filesystem
[   75.194856][ T4576] loop4: detected capacity change from 0 to 32768
[   75.250514][ T4576] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.118 (4576)
[   75.420056][ T4576] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[   75.445694][ T4576] BTRFS info (device loop4): using free space tree
[   75.481363][ T4576] BTRFS info (device loop4): has skinny extents
[   75.508385][ T4565] hfsplus: b-tree write err: -5, ino 25
[   75.514387][ T4565] hfsplus: b-tree write err: -5, ino 4
[   75.542451][ T4565] hfsplus: b-tree write err: -5, ino 2
[   75.564776][ T4565] hfsplus: b-tree write err: -5, ino 17
[   75.941644][ T4576] BTRFS info (device loop4): enabling ssd optimizations
[   76.779670][ T4631] netlink: 'syz.0.127': attribute type 10 has an invalid length.
[   76.936815][ T4630] set_capacity_and_notify: 2 callbacks suppressed
[   76.936830][ T4630] loop1: detected capacity change from 0 to 128
[   76.972071][ T4630] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[   77.058050][ T4630] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   77.177658][ T4613] loop2: detected capacity change from 0 to 16384
[   77.382942][ T4641] loop0: detected capacity change from 0 to 4096
[   77.428996][ T4649] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   77.471076][ T4231] Bluetooth: hci0: command 0x0c20 tx timeout
[   77.517396][ T4653] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   77.936518][ T4672] netlink: 'syz.3.137': attribute type 10 has an invalid length.
[   78.813446][ T4677] loop0: detected capacity change from 0 to 512
[   78.980456][ T4686] netlink: 'syz.3.140': attribute type 10 has an invalid length.
[   79.001508][ T4680] loop1: detected capacity change from 0 to 4096
[   79.016798][ T4677] EXT4-fs (loop0): mounted filesystem without journal. Opts: lazytime,errors=remount-ro,. Quota mode: writeback.
[   79.135920][ T4677] ext4 filesystem being mounted at /26/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   80.290394][ T4708] loop3: detected capacity change from 0 to 256
[   80.584601][ T4718] loop1: detected capacity change from 0 to 1024
[   80.652773][ T4718] hfsplus: unable to parse mount options
[   81.050269][ T4699] loop0: detected capacity change from 0 to 32768
[   81.147359][ T4699] XFS (loop0): Mounting V5 Filesystem
[   81.288152][ T4699] XFS (loop0): Ending clean mount
[   81.335379][ T4699] XFS (loop0): Quotacheck needed: Please wait.
[   81.394403][ T1325] cfg80211: failed to load regulatory.db
[   81.536652][ T4739] loop1: detected capacity change from 0 to 1024
[   82.185856][ T4699] XFS (loop0): Quotacheck: Done.
[   82.193997][ T4739] hfsplus: unable to parse mount options
[   82.347721][ T4196] XFS (loop0): Unmounting Filesystem
[   82.355726][ T4745] loop2: detected capacity change from 0 to 164
[   82.668673][ T4733] loop3: detected capacity change from 0 to 32768
[   82.873051][ T4755] loop0: detected capacity change from 0 to 64
[   82.941969][ T4744] loop1: detected capacity change from 0 to 32768
[   83.032609][ T4755] BFS-fs: bfs_fill_super(): loop0 is unclean, continuing
[   83.068996][ T4733] XFS (loop3): Mounting V5 Filesystem
[   83.085300][ T4744] ocfs2: Slot 0 on device (7,1) was already allocated to this node!
[   83.169866][ T4744] JBD2: Ignoring recovery information on journal
[   83.235736][ T4733] XFS (loop3): Ending clean mount
[   83.318657][ T4744] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[   83.330436][ T4204] XFS (loop3): Unmounting Filesystem
[   83.655228][ T4190] ocfs2: Unmounting device (7,1) on (node local)
[   83.841263][ T4772] loop3: detected capacity change from 0 to 256
[   84.058454][ T4778] loop3: detected capacity change from 0 to 1024
[   84.079696][ T4767] loop0: detected capacity change from 0 to 32768
[   84.107054][ T4776] loop1: detected capacity change from 0 to 4096
[   84.162655][ T4776] ntfs: (device loop1): parse_options(): Option utf8 is no longer supported, using option nls=utf8. Please use option nls=utf8 in the future and make sure utf8 is compiled either as a module or into the kernel.
[   84.190878][ T4776] ntfs: (device loop1): ntfs_read_locked_inode(): Corrupt standard information attribute in inode.
[   84.209602][ T4778] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51269!=20869)
[   84.248820][ T4780] loop4: detected capacity change from 0 to 1024
[   84.257309][ T4778] EXT4-fs error (device loop3): ext4_get_journal_inode:5187: inode #32: comm syz.3.165: iget: special inode unallocated
[   84.258106][ T4776] ntfs: (device loop1): ntfs_read_locked_inode(): Failed with error code -5.  Marking corrupt inode 0xa as bad.  Run chkdsk.
[   84.295672][ T4776] ntfs: (device loop1): load_and_init_upcase(): Failed to load $UpCase from the volume. Using default.
[   84.308375][ T4778] EXT4-fs (loop3): no journal found
[   84.329419][ T4776] ntfs: volume version 3.1.
[   84.370082][ T4778] EXT4-fs (loop3): can't get journal size
[   84.405077][ T4778] EXT4-fs (loop3): filesystem is read-only
[   84.410915][ T4778] EXT4-fs (loop3): mounted filesystem without journal. Opts: nodioread_nolock,noload,noblock_validity,bsdgroups,abort,data=writeback,init_itable=0x000000000000001f,usrquota,,errors=continue. Quota mode: writeback.
[   84.465796][ T4268] ntfs: (device loop1): ntfs_write_block(): Writing beyond initialized size is not supported yet. Sorry.
[   84.502143][ T4190] ntfs: (device loop1): ntfs_put_super(): Volume has errors.  Leaving volume marked dirty.  Run chkdsk.
[   84.707767][ T4785] loop1: detected capacity change from 0 to 1024
[   84.729412][ T4785] hfsplus: unable to parse mount options
[   84.934715][ T4789] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   85.029437][ T4800] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   85.352406][ T4805] hfsplus: unable to parse mount options
[   85.471465][   T26] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   86.521010][   T26] usb 3-1: Using ep0 maxpacket: 32
[   86.536727][ T4822] erofs: (device loop1): mounted with root inode @ nid 36.
[   86.632025][ T4824] EXT4-fs (loop0): Ignoring removed bh option
[   86.639859][ T4822] attempt to access beyond end of device
[   86.639859][ T4822] loop1: rw=524288, want=1072, limit=16
[   86.641231][   T26] usb 3-1: config index 0 descriptor too short (expected 156, got 27)
[   86.670028][ T4815] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop3 scanned by syz.3.178 (4815)
[   86.684663][ T4203] erofs: (device loop1): z_erofs_lz4_decompress: failed to decompress -26 in[46, 4050] out[9000]
[   86.706466][   T26] usb 3-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[   86.715518][ T4822] erofs: (device loop1): z_erofs_readahead: readahead error at page 4 @ nid 89
[   86.717735][   T26] usb 3-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[   86.738182][   T26] usb 3-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[   86.751404][   T26] usb 3-1: config 0 interface 0 has no altsetting 0
[   86.760464][ T4822] attempt to access beyond end of device
[   86.760464][ T4822] loop1: rw=524288, want=56, limit=16
[   86.772115][ T4822] erofs: (device loop1): z_erofs_lz4_decompress: failed to decompress -26 in[46, 4050] out[8192]
[   86.772264][ T4815] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm
[   86.797742][ T4824] EXT4-fs (loop0): mounted filesystem without journal. Opts: nobarrier,dioread_lock,barrier=0x0000000000000004,nolazytime,debug_want_extra_isize=0x0000000000000080,lazytime,errors=remount-ro,stripe=0x0000000000000010,bh,init_itable,. Quota mode: none.
[   86.828315][   T25] audit: type=1800 audit(1781668140.568:2): pid=4822 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.179" name="file2" dev="loop1" ino=89 res=0 errno=0
[   86.854903][ T4815] BTRFS info (device loop3): turning off barriers
[   86.889331][ T4824] EXT4-fs error (device loop0): ext4_check_all_de:667: inode #12: block 7: comm syz.0.180: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=124 fake=0
[   86.936479][ T4815] BTRFS info (device loop3): turning on async discard
[   86.961288][   T26] usb 3-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[   86.970346][   T26] usb 3-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[   86.989019][ T4815] BTRFS info (device loop3): doing ref verification
[   87.004854][ T4815] BTRFS info (device loop3): using free space tree
[   87.018031][   T26] usb 3-1: Product: syz
[   87.036494][ T4815] BTRFS info (device loop3): has skinny extents
[   87.044386][   T26] usb 3-1: Manufacturer: syz
[   87.049016][   T26] usb 3-1: SerialNumber: syz
[   87.060738][ T4824] EXT4-fs (loop0): Remounting filesystem read-only
[   87.094715][   T26] usb 3-1: config 0 descriptor??
[   87.172893][   T26] ldusb 3-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[   87.249337][   T26] ldusb 3-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[   87.406403][ T4815] BTRFS info (device loop3): enabling ssd optimizations
[   87.483818][   T26] usb 3-1: USB disconnect, device number 2
[   87.522634][   T26] ldusb 3-1:0.0: LD USB Device #0 now disconnected
[   87.678658][ T4851] set_capacity_and_notify: 6 callbacks suppressed
[   87.678672][ T4851] loop4: detected capacity change from 0 to 32768
[   87.956429][ T4851] XFS (loop4): Mounting V5 Filesystem
[   88.124805][ T4851] XFS (loop4): Ending clean mount
[   88.206247][ T4851] XFS (loop4): Quotacheck needed: Please wait.
[   88.319938][ T4878] loop1: detected capacity change from 0 to 256
[   88.377407][ T4851] XFS (loop4): Quotacheck: Done.
[   88.422437][ T4878] exfat: Deprecated parameter 'utf8'
[   88.436140][ T4200] XFS (loop4): Unmounting Filesystem
[   88.477201][ T4881] loop0: detected capacity change from 0 to 1024
[   88.512731][ T4881] hfsplus: unable to parse mount options
[   88.552548][ T4878] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[   88.604755][ T4887] loop3: detected capacity change from 0 to 1024
[   88.660166][ T4887] hfsplus: unable to parse mount options
[   88.688907][ T4878] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x5f1fc80d, utbl_chksum : 0xe619d30d)
[   89.083458][    C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[   89.370835][ T4891] loop0: detected capacity change from 0 to 512
[   89.470997][ T4895] loop2: detected capacity change from 0 to 1024
[   89.600350][ T4895] hfsplus: unable to parse mount options
[   89.959512][ T4891] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option
[   90.022562][ T4891] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   90.217495][ T4901] loop1: detected capacity change from 0 to 64
[   90.241793][ T4891] EXT4-fs error (device loop0): ext4_orphan_get:1432: comm syz.0.190: bad orphan inode 131083
[   90.277901][ T4891] EXT4-fs (loop0): mounted filesystem without journal. Opts: nomblk_io_submit,journal_dev=0x00000000000003f2,noload,,errors=continue. Quota mode: none.
[   90.307227][ T4905] loop2: detected capacity change from 0 to 1024
[   90.307823][ T4904] loop4: detected capacity change from 0 to 2048
[   90.393414][ T4906] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   90.438747][ T4904] NILFS error (device loop4): nilfs_check_page: size of directory #2 is not a multiple of chunk size
[   90.466779][ T4904] Remounting filesystem read-only
[   90.859392][ T4909] loop0: detected capacity change from 0 to 40427
[   90.961302][ T4909] F2FS-fs (loop0): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[   91.159621][ T4909] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[   91.331050][ T4909] F2FS-fs (loop0): invalid crc value
[   91.462766][ T4909] F2FS-fs (loop0): Found nat_bits in checkpoint
[   91.619130][ T4909] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[   91.630161][ T4909] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[   91.675848][ T4932] hfsplus: unable to parse mount options
[   91.677662][ T4909] attempt to access beyond end of device
[   91.677662][ T4909] loop0: rw=2051, want=45064, limit=40427
[   91.693909][ T4909] attempt to access beyond end of device
[   91.693909][ T4909] loop0: rw=2051, want=65536, limit=40427
[   91.713372][ T4928] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[   91.723258][ T4935] netlink: 'syz.4.204': attribute type 10 has an invalid length.
[   91.745012][ T4909] F2FS-fs (loop0): Issue discard(4614, 4614, 1019) failed, ret: -5
[   91.745053][ T4909] F2FS-fs (loop0): Issue discard(5637, 5637, 2555) failed, ret: -5
[   92.281337][ T4868] usb 2-1: new full-speed USB device number 2 using dummy_hcd
[   92.435998][ T4953] hfsplus: unable to parse mount options
[   92.892998][ T4959] set_capacity_and_notify: 5 callbacks suppressed
[   92.893014][ T4959] loop4: detected capacity change from 0 to 256
[   93.042016][ T4868] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[   93.053679][ T4937] loop3: detected capacity change from 0 to 32768
[   93.070426][ T4868] usb 2-1: config 0 has no interface number 0
[   93.129094][ T4949] loop0: detected capacity change from 0 to 32768
[   93.146344][ T4937] XFS: attr2 mount option is deprecated.
[   93.178574][ T4949] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.209 (4949)
[   93.271962][ T4868] usb 2-1: New USB device found, idVendor=0b48, idProduct=1003, bcdDevice=7b.54
[   93.296943][ T4868] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   93.328403][ T4868] usb 2-1: Product: syz
[   93.332767][ T4868] usb 2-1: Manufacturer: syz
[   93.337360][ T4868] usb 2-1: SerialNumber: syz
[   93.352903][ T4868] usb 2-1: config 0 descriptor??
[   93.435245][ T4937] XFS (loop3): Mounting V5 Filesystem
[   93.463671][ T4868] usb 2-1: selecting invalid altsetting 1
[   93.531676][ T4868] dvb_ttusb_budget: ttusb_init_controller: error
[   93.586639][ T4868] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[   93.857603][ T4949] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[   93.877923][ T4937] XFS (loop3): Ending clean mount
[   93.884192][ T4949] BTRFS info (device loop0): setting nodatasum
[   93.887121][ T4868] DVB: Unable to find symbol stv0299_attach()
[   93.905247][ T4937] XFS (loop3): Quotacheck needed: Please wait.
[   93.913487][ T4949] BTRFS info (device loop0): force zlib compression, level 3
[   93.934601][ T4868] DVB: Unable to find symbol tda8083_attach()
[   93.940849][ T4868] dvb_ttusb_budget: no frontend driver found for device [0b48:1003]
[   93.956036][ T4949] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_LZO (0x8)
[   93.980980][ T4949] BTRFS info (device loop0): use lzo compression, level 0
[   93.988125][ T4949] BTRFS info (device loop0): turning on flush-on-commit
[   94.020701][ T4868] usb 2-1: USB disconnect, device number 2
[   94.028219][ T4949] BTRFS info (device loop0): enabling auto defrag
[   94.035489][ T4949] BTRFS info (device loop0): max_inline at 4096
[   94.042078][ T4949] BTRFS info (device loop0): using free space tree
[   94.048734][ T4949] BTRFS info (device loop0): has skinny extents
[   94.119693][ T4937] XFS (loop3): Quotacheck: Done.
[   94.143849][ T4970] loop4: detected capacity change from 0 to 32768
[   94.158698][ T4949] BTRFS info (device loop0): enabling ssd optimizations
[   94.231345][ T4970] ocfs2: Slot 0 on device (7,4) was already allocated to this node!
[   94.265770][ T4204] XFS (loop3): Unmounting Filesystem
[   94.332141][ T4970] JBD2: Ignoring recovery information on journal
[   94.595114][ T5006] netlink: 'syz.1.219': attribute type 10 has an invalid length.
[   94.708059][ T4308] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 9 /dev/loop0 scanned by udevd (4308)
[   94.750740][ T4970] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[   94.867930][ T5018] loop1: detected capacity change from 0 to 1024
[   94.912104][ T5018] hfsplus: unable to parse mount options
[   94.939250][ T5022] netlink: 'syz.0.223': attribute type 29 has an invalid length.
[   94.977885][ T5022] netlink: 'syz.0.223': attribute type 29 has an invalid length.
[   95.065338][ T5026] loop1: detected capacity change from 0 to 128
[   95.078689][ T4200] ocfs2: Unmounting device (7,4) on (node local)
[   95.092232][ T5024] netlink: 'syz.0.223': attribute type 29 has an invalid length.
[   95.261910][ T5026] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[   95.315450][ T5026] ext4 filesystem being mounted at /37/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   95.467361][ T5028] loop3: detected capacity change from 0 to 32768
[   95.789210][ T5028] JBD2: Ignoring recovery information on journal
[   95.829633][ T5013] loop2: detected capacity change from 0 to 32768
[   96.022959][ T5028] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[   96.031278][ T5036] loop1: detected capacity change from 0 to 4096
[   96.077123][ T5013] debugfs: Directory 'B1DE653C5FFC4D88B33B244AAB9EB3E9' with parent 'ocfs2' already present!
[   96.089965][ T5036] ntfs3: loop1: Different NTFS' sector size (4096) and media sector size (512)
[   96.144304][ T5045] loop0: detected capacity change from 0 to 2048
[   96.156625][ T5013] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[   96.270173][ T4204] ocfs2: Unmounting device (7,3) on (node local)
[   96.281085][ T5045] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   96.407235][ T5036] ntfs3: loop1: failed to convert "076c" to cp874
[   96.407942][ T4189] ocfs2: Unmounting device (7,2) on (node local)
[   96.696768][ T5054] hfsplus: unable to parse mount options
[   97.297396][ T5061] device ip6_vti0 entered promiscuous mode
[   97.355133][ T5056] hfsplus: unable to parse mount options
[   97.550973][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #382!!!
[   97.560984][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #382!!!
[   97.570979][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #382!!!
[   97.580972][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #382!!!
[   97.590978][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #382!!!
[   97.600972][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #382!!!
[   97.620853][ T5062] netlink: 'syz.0.233': attribute type 10 has an invalid length.
[   97.777378][ T5069] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   97.801695][ T5069] EXT4-fs (loop2): 1 truncate cleaned up
[   97.807344][ T5069] EXT4-fs (loop2): mounted filesystem without journal. Opts: init_itable=0x00000000000007ff,jqfmt=vfsold,debug_want_extra_isize=0x0000000000000066,user_xattr,nolazytime,quota,,errors=continue. Quota mode: writeback.
[   97.872779][ T5072] hfsplus: unable to parse mount options
[   97.969884][ T5080] netlink: 'syz.0.240': attribute type 10 has an invalid length.
[   98.054523][ T5069] EXT4-fs (loop2): Can't set test_dummy_encryption on remount
[   98.077914][ T5085] set_capacity_and_notify: 4 callbacks suppressed
[   98.077929][ T5085] loop1: detected capacity change from 0 to 256
[   98.152901][ T5085] exfat: Deprecated parameter 'utf8'
[   98.173345][ T5085] exfat: Deprecated parameter 'utf8'
[   98.269545][ T5085] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x11bbdf60, utbl_chksum : 0xe619d30d)
[   98.505680][ T5098] nbd: must specify a size in bytes for the device
[   98.555920][ T5102] loop2: detected capacity change from 0 to 512
[   98.584198][ T5104] loop0: detected capacity change from 0 to 256
[   98.740275][ T5084] loop3: detected capacity change from 0 to 32768
[   98.753334][ T5104] exfat: Deprecated parameter 'namecase'
[   98.769501][ T5104] exfat: Deprecated parameter 'namecase'
[   98.865635][ T5109] loop1: detected capacity change from 0 to 1024
[   98.925243][ T5109] hfsplus: unable to parse mount options
[   98.979363][ T5104] exFAT-fs (loop0): failed to load upcase table (idx : 0x0001fe89, chksum : 0xeb34f926, utbl_chksum : 0xe619d30d)
[   99.091128][ T5102] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,nogrpid,quota,,errors=continue. Quota mode: writeback.
[   99.163732][ T5102] ext4 filesystem being mounted at /56/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   99.617209][ T5102] capability: warning: `syz.2.249' uses 32-bit capabilities (legacy support in use)
[   99.723093][ T5116] loop4: detected capacity change from 0 to 1024
[   99.814143][ T5116] hfsplus: unable to parse mount options
[   99.838596][ T5119] loop2: detected capacity change from 0 to 1024
[   99.934750][ T5122] loop1: detected capacity change from 0 to 1024
[  100.097350][ T5122] hfsplus: unable to parse mount options
[  100.533636][ T5119] hfsplus: bad catalog entry type
[  100.556791][ T5127] usb usb8: usbfs: process 5127 (syz.4.258) did not claim interface 0 before use
[  100.622064][ T4723] hfsplus: b-tree write err: -5, ino 25
[  100.628378][ T4723] hfsplus: b-tree write err: -5, ino 4
[  100.675591][ T4723] hfsplus: b-tree write err: -5, ino 2
[  101.315811][ T5143] loop3: detected capacity change from 0 to 1024
[  101.800952][    C0] sched: RT throttling activated
[  101.822373][ T5143] hfsplus: unable to parse mount options
[  102.112771][ T5156] netlink: 132 bytes leftover after parsing attributes in process `syz.0.269'.
[  102.160981][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #302!!!
[  102.201921][ T5147] netlink: 'syz.4.265': attribute type 10 has an invalid length.
[  102.293194][ T5129] loop1: detected capacity change from 0 to 32768
[  102.747828][ T5161] hfsplus: unable to parse mount options
[  103.087836][ T5164] set_capacity_and_notify: 1 callbacks suppressed
[  103.087851][ T5164] loop2: detected capacity change from 0 to 1024
[  103.101838][ T5164] hfsplus: unable to parse mount options
[  103.186394][ T5171] capability: warning: `syz.3.274' uses deprecated v2 capabilities in a way that may be insecure
[  103.224206][ T5172] loop2: detected capacity change from 0 to 1024
[  103.333747][ T5172] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (32298!=35945)
[  103.418617][ T5172] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  103.778595][ T5172] EXT4-fs (loop2): orphan cleanup on readonly fs
[  104.006915][ T5172] EXT4-fs error (device loop2): ext4_read_inode_bitmap:168: comm syz.2.275: Inode bitmap for bg 0 marked uninitialized
[  104.451077][ T5172] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  104.801511][ T5191] loop4: detected capacity change from 0 to 256
[  104.992246][ T5191] exfat: Deprecated parameter 'namecase'
[  104.997952][ T5191] exfat: Deprecated parameter 'namecase'
[  105.097697][ T5197] loop3: detected capacity change from 0 to 1024
[  105.168150][ T5197] hfsplus: unable to parse mount options
[  105.584238][ T5191] exFAT-fs (loop4): failed to load upcase table (idx : 0x0001fe89, chksum : 0xeb34f926, utbl_chksum : 0xe619d30d)
[  105.853725][ T5166] loop0: detected capacity change from 0 to 32768
[  105.863848][ T5166] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop0 scanned by syz.0.272 (5166)
[  105.964637][ T5166] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  105.991893][ T5166] BTRFS info (device loop0): using free space tree
[  106.039182][ T5166] BTRFS info (device loop0): has skinny extents
[  106.082372][ T5005] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  106.194395][ T5216] loop4: detected capacity change from 0 to 1024
[  106.245980][ T5211] loop3: detected capacity change from 0 to 1024
[  106.477002][ T5216] hfsplus: unable to parse mount options
[  106.627273][ T5211] hfsplus: unable to parse mount options
[  106.803780][ T5166] BTRFS error (device loop0): open_ctree failed: -12
[  106.846330][ T4266] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop0 scanned by udevd (4266)
[  106.918832][ T5235] loop2: detected capacity change from 0 to 256
[  106.984444][ T5005] usb 2-1: Using ep0 maxpacket: 8
[  107.171592][ T5242] loop4: detected capacity change from 0 to 512
[  107.218560][ T5242] EXT4-fs warning (device loop4): dx_probe:893: inode #2: comm syz.4.292: dx entry: limit 1024 != root limit 124
[  107.221182][ T5005] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  107.445666][ T5242] EXT4-fs warning (device loop4): dx_probe:966: inode #2: comm syz.4.292: Corrupt directory, running e2fsck is recommended
[  107.662902][ T5242] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -117
[  107.696175][ T5005] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  107.709180][ T5005] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  107.718307][ T5005] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  107.728773][ T5005] usb 2-1: config 0 descriptor??
[  107.741155][ T5242] EXT4-fs error (device loop4): ext4_iget_extra_inode:4573: inode #15: comm syz.4.292: corrupted in-inode xattr
[  107.812671][ T5242] EXT4-fs (loop4): Remounting filesystem read-only
[  107.856078][ T5242] EXT4-fs error (device loop4): ext4_orphan_get:1411: comm syz.4.292: couldn't read orphan inode 15 (err -117)
[  107.883946][ T5242] EXT4-fs (loop4): Remounting filesystem read-only
[  107.940077][ T5242] EXT4-fs (loop4): mounted filesystem without journal. Opts: dioread_lock,noblock_validity,grpquota,init_itable,norecovery,grpjquota=.nouid32,errors=remount-ro,jqfmt=vfsv1,grpid,,. Quota mode: writeback.
[  108.003256][ T5005] iowarrior 2-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  108.023393][ T5255] loop2: detected capacity change from 0 to 1024
[  108.062133][ T5255] hfsplus: unable to parse mount options
[  108.076118][ T5242] EXT4-fs warning (device loop4): dx_probe:893: inode #2: comm syz.4.292: dx entry: limit 1024 != root limit 124
[  108.098883][ T5242] EXT4-fs warning (device loop4): dx_probe:966: inode #2: comm syz.4.292: Corrupt directory, running e2fsck is recommended
[  108.116373][ T5242] EXT4-fs error (device loop4): ext4_readdir:263: inode #2: block 3: comm syz.4.292: path /65/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0
[  108.154183][ T5257] loop0: detected capacity change from 0 to 1024
[  108.160731][ T5242] EXT4-fs (loop4): Remounting filesystem read-only
[  108.183081][ T5257] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (32298!=35945)
[  108.214989][ T5200] iowarrior 2-1:0.0: Error -90 while submitting URB
[  108.244162][ T5005] usb 2-1: USB disconnect, device number 3
[  108.271063][ T5257] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  108.322928][ T5257] EXT4-fs (loop0): orphan cleanup on readonly fs
[  108.335710][ T5257] EXT4-fs error (device loop0): ext4_read_inode_bitmap:168: comm syz.0.296: Inode bitmap for bg 0 marked uninitialized
[  108.435707][ T5257] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  108.697576][ T5268] loop3: detected capacity change from 0 to 1024
[  108.752107][ T5268] hfsplus: unable to parse mount options
[  109.091029][ T5005] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  109.248707][ T5266] loop0: detected capacity change from 0 to 32768
[  109.273449][ T4645] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  109.551312][ T4645] usb 3-1: Using ep0 maxpacket: 16
[  109.671890][ T4645] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  109.694284][ T5272] loop1: detected capacity change from 0 to 32768
[  109.912001][ T4645] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  109.987385][ T4645] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  110.066475][   T25] audit: type=1800 audit(1781668163.808:3): pid=5272 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.302" name="file1" dev="loop1" ino=4 res=0 errno=0
[  110.121210][ T5005] usb 5-1: Using ep0 maxpacket: 16
[  110.141531][ T4645] usb 3-1: Product: syz
[  110.146987][ T4645] usb 3-1: Manufacturer: syz
[  110.152514][ T4645] usb 3-1: SerialNumber: syz
[  110.211408][ T5282] loop3: detected capacity change from 0 to 128
[  110.245386][ T5005] usb 5-1: config 1 has an invalid interface number: 105 but max is 0
[  110.257039][ T5005] usb 5-1: config 1 has no interface number 0
[  110.278522][ T5005] usb 5-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  110.293224][ T5005] usb 5-1: config 1 interface 105 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  110.309632][ T5005] usb 5-1: config 1 interface 105 has no altsetting 0
[  110.369880][ T5282] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  110.422657][ T5282] ext4 filesystem being mounted at /57/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  110.526622][ T5282] netlink: 4 bytes leftover after parsing attributes in process `syz.3.306'.
[  110.536142][ T4645] usb 3-1: 1:1 : sample bitwidth 185 in over sample bytes 3
[  110.553091][ T4645] usb 3-1: 1:1 : invalid UAC_FORMAT_TYPE desc
[  110.574260][ T4645] usb 3-1: 2:1 : UAC_AS_GENERAL descriptor not found
[  110.624900][ T4645] usb 3-1: USB disconnect, device number 3
[  110.625925][ T5005] usb 5-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d
[  110.636275][ T5280] loop0: detected capacity change from 0 to 32768
[  110.643869][ T5005] usb 5-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  110.656167][ T5005] usb 5-1: Product: syz
[  110.660479][ T5005] usb 5-1: Manufacturer: syz
[  110.665638][ T5005] usb 5-1: SerialNumber: syz
[  110.701293][ T5262] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  110.708717][ T5262] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  110.782225][ T5280] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  110.880413][ T4308] udevd[4308]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  110.916660][ T4196] ocfs2: Unmounting device (7,0) on (node local)
[  110.920524][ T5298] loop3: detected capacity change from 0 to 1024
[  111.002382][ T5298] hfsplus: unable to parse mount options
[  111.132820][ T5305] loop0: detected capacity change from 0 to 1024
[  111.152878][ T5262] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  111.170187][ T5262] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  111.192509][ T5305] hfsplus: unable to parse mount options
[  111.502049][ T5005] aqc111 5-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x20) reg index 0x0000: -71
[  111.519117][ T5311] loop1: detected capacity change from 0 to 512
[  111.530555][ T5005] aqc111: probe of 5-1:1.105 failed with error -71
[  111.568890][ T5005] usb 5-1: USB disconnect, device number 2
[  111.684843][ T5311] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  111.707893][ T5311] ext4 filesystem being mounted at /55/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  111.751018][ T5007] usb 3-1: new full-speed USB device number 4 using dummy_hcd
[  112.141267][ T5007] usb 3-1: config 0 interface 0 altsetting 7 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  112.179073][ T5007] usb 3-1: config 0 interface 0 altsetting 7 endpoint 0x81 has invalid wMaxPacketSize 0
[  112.219056][ T5007] usb 3-1: config 0 interface 0 altsetting 7 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  112.241690][ T5330] loop4: detected capacity change from 0 to 1024
[  112.245853][ T5007] usb 3-1: config 0 interface 0 has no altsetting 0
[  112.259410][ T5007] usb 3-1: New USB device found, idVendor=1241, idProduct=5015, bcdDevice= 0.00
[  112.270412][ T5007] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  112.282044][ T5330] hfsplus: unable to parse mount options
[  112.286235][ T5007] usb 3-1: config 0 descriptor??
[  112.451970][ T5326] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  112.534802][ T4204] ocfs2: Unmounting device (7,3) on (node local)
[  112.762038][ T5337] hfsplus: unable to parse mount options
[  112.775926][ T5007] holtek 0003:1241:5015.0001: unknown main item tag 0x0
[  112.789613][ T5007] holtek 0003:1241:5015.0001: item fetching failed at offset 4/5
[  112.798454][ T5007] holtek 0003:1241:5015.0001: parse failed
[  112.809711][ T5007] holtek: probe of 0003:1241:5015.0001 failed with error -22
[  113.006905][ T4864] usb 3-1: USB disconnect, device number 4
[  113.153332][ T5348] bridge0: adding interface bridge_slave_0 with same address as a received packet (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[  113.224878][ T5348] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  113.264934][ T5351] netlink: 68 bytes leftover after parsing attributes in process `syz.0.331'.
[  113.291135][ T5351] tipc: Enabling of bearer <ud…:s> rejected, media not registered
[  113.294705][ T5353] set_capacity_and_notify: 2 callbacks suppressed
[  113.294717][ T5353] loop1: detected capacity change from 0 to 256
[  113.395110][ T5353] FAT-fs (loop1): Directory bread(block 64) failed
[  113.422062][ T5353] FAT-fs (loop1): Directory bread(block 65) failed
[  113.435676][ T5353] FAT-fs (loop1): Directory bread(block 66) failed
[  113.443875][ T5353] FAT-fs (loop1): Directory bread(block 67) failed
[  113.458426][ T5353] FAT-fs (loop1): Directory bread(block 68) failed
[  113.474966][ T5353] FAT-fs (loop1): Directory bread(block 69) failed
[  113.487469][ T5353] FAT-fs (loop1): Directory bread(block 70) failed
[  113.517187][ T5353] FAT-fs (loop1): Directory bread(block 71) failed
[  113.538051][ T5353] FAT-fs (loop1): Directory bread(block 72) failed
[  113.563702][ T5365] loop3: detected capacity change from 0 to 1024
[  113.568149][ T5353] FAT-fs (loop1): Directory bread(block 73) failed
[  113.602151][ T5365] hfsplus: unable to parse mount options
[  113.634823][ T5005] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  113.658903][ T5372] loop2: detected capacity change from 0 to 1024
[  113.666437][ T5372] hfsplus: unable to parse mount options
[  113.714380][ T5376] loop0: detected capacity change from 0 to 16
[  113.803655][ T5376] MTD: Attempt to mount non-MTD device "/dev/loop0"
[  113.983992][ T5241] udevd[5241]: incorrect cramfs checksum on /dev/loop0
[  114.041152][ T4645] usb 2-1: new low-speed USB device number 4 using dummy_hcd
[  114.432376][ T4645] usb 2-1: config 0 interface 0 altsetting 15 endpoint 0x81 has invalid maxpacket 1024, setting to 8
[  114.467712][ T4645] usb 2-1: config 0 interface 0 altsetting 15 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  114.534863][ T4308] udevd[4308]: incorrect cramfs checksum on /dev/loop0
[  114.601176][ T5382] netem: change failed
[  114.605417][ T4645] usb 2-1: config 0 interface 0 has no altsetting 0
[  114.625605][ T5005] usb 5-1: Using ep0 maxpacket: 16
[  114.638727][ T4308] udevd[4308]: incorrect cramfs checksum on /dev/loop0
[  114.648941][ T4645] usb 2-1: New USB device found, idVendor=056e, idProduct=00fc, bcdDevice= 0.00
[  114.664473][ T4645] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  114.687646][ T4308] udevd[4308]: incorrect cramfs checksum on /dev/loop0
[  114.720581][ T4308] udevd[4308]: incorrect cramfs checksum on /dev/loop0
[  114.729457][ T4645] usb 2-1: config 0 descriptor??
[  114.761182][ T5005] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  114.761293][ T5378] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  114.778805][ T5005] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  114.878291][ T5391] netlink: 'syz.0.345': attribute type 10 has an invalid length.
[  115.495841][ T4645] elecom 0003:056E:00FC.0002: unknown main item tag 0x2
[  115.552216][ T4645] elecom 0003:056E:00FC.0002: unknown main item tag 0x7
[  115.653625][ T4645] elecom 0003:056E:00FC.0002: hidraw0: USB HID v0.0c Device [HID 056e:00fc] on usb-dummy_hcd.1-1/input0
[  115.695841][ T5401] loop0: detected capacity change from 0 to 512
[  115.731238][ T5005] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  115.748752][ T5005] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  115.757291][ T5005] usb 5-1: Product: syz
[  115.766785][ T5005] usb 5-1: Manufacturer: syz
[  115.771533][ T5005] usb 5-1: SerialNumber: syz
[  115.858290][ T4645] usb 2-1: USB disconnect, device number 4
[  116.000102][ T5401] Quota error (device loop0): do_check_range: Getting dqdh_next_free 256 out of range 0-7
[  116.067613][ T5401] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  116.098756][ T5401] EXT4-fs error (device loop0): ext4_acquire_dquot:6236: comm syz.0.353: Failed to acquire dquot type 1
[  116.121623][ T5005] usb 5-1: 0:2 : does not exist
[  116.129900][ T5401] EXT4-fs error (device loop0): ext4_do_update_inode:5229: inode #16: comm syz.0.353: corrupted inode contents
[  116.142886][ T5413] fido_id[5413]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[  116.159400][ T5401] EXT4-fs error (device loop0): ext4_dirty_inode:6077: inode #16: comm syz.0.353: mark_inode_dirty error
[  116.182965][ T5401] EXT4-fs error (device loop0): ext4_do_update_inode:5229: inode #16: comm syz.0.353: corrupted inode contents
[  116.205798][ T5005] usb 5-1: USB disconnect, device number 3
[  116.224245][ T5401] EXT4-fs error (device loop0): __ext4_ext_dirty:183: inode #16: comm syz.0.353: mark_inode_dirty error
[  116.258711][ T5401] EXT4-fs error (device loop0): ext4_do_update_inode:5229: inode #16: comm syz.0.353: corrupted inode contents
[  116.300622][ T5420] loop2: detected capacity change from 0 to 1024
[  116.336747][ T5401] EXT4-fs error (device loop0) in ext4_orphan_del:303: Corrupt filesystem
[  116.365364][ T5401] EXT4-fs error (device loop0): ext4_do_update_inode:5229: inode #16: comm syz.0.353: corrupted inode contents
[  116.393766][ T5424] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  116.402006][ T5420] hfsplus: unable to parse mount options
[  116.423999][ T5401] EXT4-fs error (device loop0): ext4_truncate:4286: inode #16: comm syz.0.353: mark_inode_dirty error
[  116.464863][ T5401] EXT4-fs error (device loop0) in ext4_process_orphan:345: Corrupt filesystem
[  116.497375][ T5401] EXT4-fs (loop0): 1 truncate cleaned up
[  116.515304][ T5401] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  116.556802][ T5401] ext4 filesystem being mounted at /72/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  117.001071][ T5005] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  117.006678][ T4664] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  117.020382][ T5434] netlink: 'syz.0.363': attribute type 10 has an invalid length.
[  117.415698][ T4664] usb 5-1: config 220 has an invalid interface number: 76 but max is 2
[  117.435204][ T4664] usb 5-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  117.478573][ T4664] usb 5-1: config 220 has no interface number 2
[  117.506346][ T4664] usb 5-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  117.549717][ T4664] usb 5-1: config 220 interface 0 has no altsetting 0
[  117.578721][ T4664] usb 5-1: config 220 interface 76 has no altsetting 0
[  117.607702][ T4664] usb 5-1: config 220 interface 1 has no altsetting 0
[  117.799141][ T4664] usb 5-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  117.818432][ T4664] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  117.872067][    C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[  117.872787][ T4664] usb 5-1: Product: syz
[  117.929653][ T5440] loop2: detected capacity change from 0 to 1024
[  117.948286][ T4664] usb 5-1: Manufacturer: syz
[  117.957811][ T4664] usb 5-1: SerialNumber: syz
[  118.042232][ T5440] hfsplus: unable to parse mount options
[  118.108501][ T5005] usb 2-1: Using ep0 maxpacket: 8
[  118.284976][ T5005] usb 2-1: config 0 interface 0 altsetting 8 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  118.299826][ T5005] usb 2-1: config 0 interface 0 altsetting 8 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  118.321678][ T5448] tipc: Started in network mode
[  118.326747][ T5448] tipc: Node identity 050000000000000005, cluster identity 4711
[  118.341440][ T5005] usb 2-1: config 0 interface 0 has no altsetting 0
[  118.348064][ T5005] usb 2-1: New USB device found, idVendor=17ef, idProduct=60a4, bcdDevice= 0.00
[  118.360903][ T5438] loop0: detected capacity change from 0 to 32768
[  118.378372][ T5450] loop3: detected capacity change from 0 to 1024
[  118.387626][ T4664] usb 5-1: Found UVC 7.01 device syz (8086:0b07)
[  118.394339][ T4664] usb 5-1: No valid video chain found.
[  118.399891][ T4664] usb 5-1: selecting invalid altsetting 0
[  118.444865][ T5450] hfsplus: unable to parse mount options
[  118.482756][ T4664] usb 5-1: selecting invalid altsetting 0
[  118.488875][ T4664] usbtest: probe of 5-1:220.1 failed with error -22
[  118.504453][ T4664] usb 5-1: USB disconnect, device number 4
[  118.685766][ T5438] XFS (loop0): Mounting V5 Filesystem
[  118.705067][ T5005] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  118.721937][ T5005] usb 2-1: config 0 descriptor??
[  118.815861][ T5438] XFS (loop0): Ending clean mount
[  118.964895][ T4196] XFS (loop0): Unmounting Filesystem
[  119.038726][ T5470] netlink: 4 bytes leftover after parsing attributes in process `syz.4.375'.
[  119.209227][ T5476] loop3: detected capacity change from 0 to 256
[  119.256427][ T5476] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x32e3664b, utbl_chksum : 0xe619d30d)
[  119.347376][ T5005] lenovo 0003:17EF:60A4.0003: unknown main item tag 0x3
[  119.354726][ T5005] lenovo 0003:17EF:60A4.0003: unknown main item tag 0x0
[  119.362615][ T5005] lenovo 0003:17EF:60A4.0003: unknown main item tag 0x0
[  119.369571][ T5005] lenovo 0003:17EF:60A4.0003: unknown main item tag 0x0
[  119.376555][ T5005] lenovo 0003:17EF:60A4.0003: unknown main item tag 0x0
[  119.411027][   T25] audit: type=1800 audit(1781668173.148:4): pid=5476 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.379" name="file2" dev="loop3" ino=1048622 res=0 errno=0
[  119.444004][ T5005] lenovo 0003:17EF:60A4.0003: unknown main item tag 0x0
[  119.462936][ T5460] loop2: detected capacity change from 0 to 32768
[  119.488382][ T5005] lenovo 0003:17EF:60A4.0003: unknown main item tag 0x0
[  119.512369][ T5005] lenovo 0003:17EF:60A4.0003: unknown main item tag 0x0
[  119.531578][ T5005] lenovo 0003:17EF:60A4.0003: hidraw0: USB HID v0.04 Device [HID 17ef:60a4] on usb-dummy_hcd.1-1/input0
[  119.571065][ T5460] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.371 (5460)
[  119.621517][ T5005] usb 2-1: USB disconnect, device number 5
[  119.665975][ T5484] loop4: detected capacity change from 0 to 1024
[  119.707533][ T5460] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  119.745296][ T5460] BTRFS warning (device loop2): excessive commit interval 3581
[  119.784191][ T5460] BTRFS info (device loop2): force zlib compression, level 3
[  119.808565][ T5487] fido_id[5487]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[  119.839785][ T5460] BTRFS info (device loop2): metadata ratio 107050
[  119.867105][ T5491] netlink: 'syz.3.382': attribute type 10 has an invalid length.
[  119.930163][ T5484] hfsplus: unable to parse mount options
[  120.027855][ T5460] BTRFS info (device loop2): turning on flush-on-commit
[  120.253995][ T5460] BTRFS info (device loop2): max_inline at 4096
[  120.462730][ T5460] BTRFS info (device loop2): using free space tree
[  120.608744][ T5460] BTRFS info (device loop2): has skinny extents
[  120.853971][ T5513] loop1: detected capacity change from 0 to 1024
[  120.922169][ T5513] hfsplus: unable to parse mount options
[  121.075491][ T5460] BTRFS info (device loop2): enabling ssd optimizations
[  121.357687][ T5523] loop3: detected capacity change from 0 to 512
[  121.484402][ T5483] loop0: detected capacity change from 0 to 32768
[  121.614026][ T5523] Quota error (device loop3): do_check_range: Getting dqdh_next_free 256 out of range 0-7
[  121.645368][ T5483] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 scanned by syz.0.376 (5483)
[  121.701860][ T5523] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  121.726499][ T5483] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  121.741401][ T5483] BTRFS info (device loop0): using free space tree
[  121.747932][ T5483] BTRFS info (device loop0): has skinny extents
[  121.789358][ T5523] EXT4-fs error (device loop3): ext4_acquire_dquot:6236: comm syz.3.387: Failed to acquire dquot type 1
[  121.832893][ T5523] EXT4-fs error (device loop3): ext4_do_update_inode:5229: inode #16: comm syz.3.387: corrupted inode contents
[  121.856708][ T5523] EXT4-fs error (device loop3): ext4_dirty_inode:6077: inode #16: comm syz.3.387: mark_inode_dirty error
[  121.876256][ T5523] EXT4-fs error (device loop3): ext4_do_update_inode:5229: inode #16: comm syz.3.387: corrupted inode contents
[  121.891635][ T5523] EXT4-fs error (device loop3): __ext4_ext_dirty:183: inode #16: comm syz.3.387: mark_inode_dirty error
[  121.961839][ T5523] EXT4-fs error (device loop3): ext4_do_update_inode:5229: inode #16: comm syz.3.387: corrupted inode contents
[  122.010207][ T5523] EXT4-fs error (device loop3) in ext4_orphan_del:303: Corrupt filesystem
[  122.029197][ T5523] EXT4-fs error (device loop3): ext4_do_update_inode:5229: inode #16: comm syz.3.387: corrupted inode contents
[  122.064512][ T5520] loop1: detected capacity change from 0 to 32768
[  122.066563][ T5483] BTRFS info (device loop0): enabling ssd optimizations
[  122.078051][ T5523] EXT4-fs error (device loop3): ext4_truncate:4286: inode #16: comm syz.3.387: mark_inode_dirty error
[  122.141907][ T5520] ocfs2: Slot 0 on device (7,1) was already allocated to this node!
[  122.214949][ T5523] EXT4-fs error (device loop3) in ext4_process_orphan:345: Corrupt filesystem
[  122.330059][ T5520] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  122.341207][ T5523] EXT4-fs (loop3): 1 truncate cleaned up
[  122.346865][ T5523] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  122.361927][    C0] bridge0: received packet on bridge_slave_1 with own address as source address (addr:aa:aa:aa:aa:aa:1c, vlan:0)
[  122.446677][ T5520] (syz.1.386,5520,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is smaller than minimal - offset=0, inode=970662608961, rec_len=0, name_len=0
[  122.474143][ T5523] ext4 filesystem being mounted at /82/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  122.541751][ T5520] (syz.1.386,5520,0):ocfs2_prepare_dir_for_insert:4311 ERROR: status = -2
[  122.744668][ T5520] (syz.1.386,5520,1):ocfs2_mknod:298 ERROR: status = -2
[  122.793372][ T5520] (syz.1.386,5520,1):ocfs2_mknod:502 ERROR: status = -2
[  122.837662][ T5520] (syz.1.386,5520,1):ocfs2_create:676 ERROR: status = -2
[  122.896596][ T5532] loop2: detected capacity change from 0 to 32768
[  122.913842][ T4190] ocfs2: Unmounting device (7,1) on (node local)
[  122.932735][ T5532] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.389 (5532)
[  122.971180][ T5532] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  123.007200][ T5532] BTRFS info (device loop2): using free space tree
[  123.033987][ T5532] BTRFS info (device loop2): has skinny extents
[  123.460984][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #18a!!!
[  123.480979][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #18a!!!
[  123.490974][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #18a!!!
[  123.743985][ T5579] netlink: 'syz.4.394': attribute type 10 has an invalid length.
[  123.851144][ T5527] usb 1-1: new full-speed USB device number 3 using dummy_hcd
[  124.151335][ T5532] BTRFS info (device loop2): enabling ssd optimizations
[  124.279807][ T5527] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  124.491503][ T5527] usb 1-1: New USB device found, idVendor=1286, idProduct=1fa4, bcdDevice=fb.16
[  124.510819][ T5527] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  124.539169][ T5527] usb 1-1: Product: syz
[  124.539580][ T4308] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 10 /dev/loop2 scanned by udevd (4308)
[  124.550984][ T5527] usb 1-1: Manufacturer: syz
[  124.572307][ T5527] usb 1-1: SerialNumber: syz
[  124.608589][ T5527] usb 1-1: config 0 descriptor??
[  124.681052][ T4657] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  124.723973][ T5595] loop3: detected capacity change from 0 to 32768
[  124.751876][ T5527] mvusb_mdio: probe of 1-1:0.0 failed with error -5
[  124.765975][ T5595] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.395 (5595)
[  124.841532][ T5595] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  124.860503][ T5595] BTRFS info (device loop3): setting nodatasum
[  124.881107][ T5595] BTRFS info (device loop3): force zlib compression, level 3
[  124.890117][ T5527] usb 1-1: USB disconnect, device number 3
[  124.929628][ T5595] BTRFS info (device loop3): metadata ratio 4
[  124.931174][ T4657] usb 5-1: Using ep0 maxpacket: 16
[  124.941485][ T5595] BTRFS info (device loop3): enabling ssd optimizations
[  124.948437][ T5595] BTRFS info (device loop3): allowing degraded mounts
[  124.996029][ T5595] BTRFS info (device loop3): using free space tree
[  125.026223][ T5595] BTRFS info (device loop3): has skinny extents
[  125.081238][ T4657] usb 5-1: config 0 interface 0 has no altsetting 0
[  125.091178][ T4657] usb 5-1: New USB device found, idVendor=056a, idProduct=00c0, bcdDevice= 0.00
[  125.126052][ T4657] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  125.171888][ T4657] usb 5-1: config 0 descriptor??
[  125.279328][ T5603] loop2: detected capacity change from 0 to 32768
[  125.460070][ T5626] loop1: detected capacity change from 0 to 1024
[  125.535595][ T5626] hfsplus: unable to parse mount options
[  125.579686][ T5603] ea_get: invalid extended attribute
[  125.717132][   T25] audit: type=1800 audit(1781668179.458:5): pid=5603 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.398" name="file1" dev="loop2" ino=4 res=0 errno=0
[  125.761024][ T4657] wacom 0003:056A:00C0.0004: ignoring exceeding usage max
[  126.068289][ T4657] wacom 0003:056A:00C0.0004: hidraw0: USB HID v0.81 Device [HID 056a:00c0] on usb-dummy_hcd.4-1/input0
[  126.131189][ T5629] usb usb9: usbfs: process 5629 (syz.0.401) did not claim interface 0 before use
[  126.137476][ T4657] usb 5-1: USB disconnect, device number 5
[  126.327946][ T5630] fido_id[5630]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[  127.334777][ T5654] netlink: 'syz.3.407': attribute type 10 has an invalid length.
[  128.105745][ T5666] netlink: 'syz.4.412': attribute type 10 has an invalid length.
[  128.141553][ T5636] loop2: detected capacity change from 0 to 32768
[  128.200987][ T5636] ocfs2: Slot 0 on device (7,2) was already allocated to this node!
[  128.245695][ T5674] loop1: detected capacity change from 0 to 1024
[  128.349133][ T5636] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  128.378084][ T5674] EXT4-fs (loop1): Ignoring removed nomblk_io_submit option
[  128.407891][ T5636] (syz.2.402,5636,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is smaller than minimal - offset=0, inode=970662608961, rec_len=0, name_len=0
[  128.437956][ T5674] EXT4-fs (loop1): mounted filesystem without journal. Opts: noblock_validity,usrquota,max_batch_time=0x0000000000000000,grpid,noauto_da_alloc,acl,abort,resgid=0x0000000000000000,nomblk_io_submit,noinit_itable,i_version,,errors=continue. Quota mode: writeback.
[  128.438227][ T5636] (syz.2.402,5636,1):ocfs2_prepare_dir_for_insert:4311 ERROR: status = -2
[  128.472901][ T5636] (syz.2.402,5636,1):ocfs2_mknod:298 ERROR: status = -2
[  128.479858][ T5636] (syz.2.402,5636,1):ocfs2_mknod:502 ERROR: status = -2
[  128.488573][ T5636] (syz.2.402,5636,1):ocfs2_create:676 ERROR: status = -2
[  128.501142][ T5684] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 434: padding at end of block bitmap is not set
[  128.594036][ T4189] ocfs2: Unmounting device (7,2) on (node local)
[  129.750253][ T5709] netlink: 'syz.1.426': attribute type 10 has an invalid length.
[  129.777594][ T5706] netlink: 'syz.2.425': attribute type 10 has an invalid length.
[  130.318512][ T5711] loop0: detected capacity change from 0 to 8192
[  130.378520][ T5711] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal
[  130.421203][ T5711] REISERFS (device loop0): using ordered data mode
[  130.433454][ T5711] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  130.467100][ T5711] REISERFS (device loop0): checking transaction log (loop0)
[  130.487304][ T5711] REISERFS (device loop0): Using r5 hash to sort names
[  130.494650][ T5711] REISERFS warning (device loop0): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 1) not found (pos 2)
[  130.512275][ T5711] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[  130.824335][ T4264] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  131.066774][ T4656] kernel read not supported for file /dsp (pid: 4656 comm: kworker/1:13)
[  131.091754][ T4264] usb 2-1: Using ep0 maxpacket: 32
[  131.211315][ T4264] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  131.245549][ T4264] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  131.411198][ T4264] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  131.451429][ T4264] usb 2-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  131.476639][ T4264] usb 2-1: Product: syz
[  131.491058][ T4264] usb 2-1: Manufacturer: syz
[  131.552125][ T4264] hub 2-1:4.0: USB hub found
[  131.578973][ T5734] loop0: detected capacity change from 0 to 32768
[  131.673889][ T5734] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  131.727198][   T25] audit: type=1800 audit(1781668185.468:6): pid=5734 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.435" name="file1" dev="loop0" ino=17058 res=0 errno=0
[  131.821275][ T4264] hub 2-1:4.0: config failed, hub has too many ports! (err -19)
[  131.919496][ T4196] ocfs2: Unmounting device (7,0) on (node local)
[  132.045440][ T5739] loop2: detected capacity change from 0 to 32768
[  132.094807][ T5739] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  132.131841][ T5739] BTRFS info (device loop2): force clearing of disk cache
[  132.139030][ T5739] BTRFS info (device loop2): enabling auto defrag
[  132.159154][ T5739] BTRFS info (device loop2): max_inline at 0
[  132.161300][ T4656] usb 2-1: USB disconnect, device number 6
[  132.195109][ T5739] BTRFS info (device loop2): enabling disk space caching
[  132.211063][ T5739] BTRFS info (device loop2): disk space caching is enabled
[  132.218289][ T5739] BTRFS info (device loop2): has skinny extents
[  132.587738][ T5764] netlink: 'syz.3.442': attribute type 10 has an invalid length.
[  132.613271][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  132.619571][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  132.671410][ T4656] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  133.019067][ T5739] BTRFS info (device loop2): enabling ssd optimizations
[  133.145956][ T4656] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  133.552169][ T5739] BTRFS info (device loop2): clearing free space tree
[  133.559429][ T5739] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  133.581091][ T4656] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  133.619613][ T5777] netlink: 'syz.1.443': attribute type 10 has an invalid length.
[  133.641669][ T4656] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  133.666462][ T4656] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  133.678185][ T4656] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  133.720071][ T5739] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  133.753488][ T4656] usb 5-1: config 0 descriptor??
[  133.810178][ T5787] netlink: 'syz.1.446': attribute type 3 has an invalid length.
[  134.284148][ T4656] plantronics 0003:047F:FFFF.0005: No inputs registered, leaving
[  134.352389][ T4656] plantronics 0003:047F:FFFF.0005: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  134.581338][ T4656] usb 5-1: USB disconnect, device number 6
[  134.993590][ T5799] fido_id[5799]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[  135.061229][ T2301] usb 2-1: new full-speed USB device number 7 using dummy_hcd
[  135.145154][ T5793] loop0: detected capacity change from 0 to 40427
[  135.298335][ T5793] F2FS-fs (loop0): Invalid SB checksum offset: 0
[  135.318652][ T5793] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[  135.358152][ T5793] F2FS-fs (loop0): invalid crc value
[  135.379794][ T5793] F2FS-fs (loop0): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  135.462723][ T4232] usb 5-1: new full-speed USB device number 7 using dummy_hcd
[  135.530708][ T5793] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0
[  135.546316][ T5793] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  135.642167][ T2301] usb 2-1: config 0 interface 0 has no altsetting 0
[  135.648827][ T2301] usb 2-1: New USB device found, idVendor=046d, idProduct=c52b, bcdDevice= 0.00
[  135.652235][ T4196] attempt to access beyond end of device
[  135.652235][ T4196] loop0: rw=2049, want=45104, limit=40427
[  135.663356][ T2301] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  135.697016][ T2301] usb 2-1: config 0 descriptor??
[  136.001247][ T4232] usb 5-1: too many endpoints for config 0 interface 0 altsetting 4: 254, using maximum allowed: 30
[  136.013574][ T4232] usb 5-1: config 0 interface 0 altsetting 4 has 1 endpoint descriptor, different from the interface descriptor's value: 254
[  136.027149][ T4232] usb 5-1: config 0 interface 0 has no altsetting 0
[  136.034676][ T4232] usb 5-1: New USB device found, idVendor=048d, idProduct=8595, bcdDevice= 0.00
[  136.044232][ T4232] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  136.142376][ T4232] usb 5-1: config 0 descriptor??
[  136.642404][ T2301] logitech-djreceiver 0003:046D:C52B.0006: unknown main item tag 0x2
[  136.650526][ T2301] logitech-djreceiver 0003:046D:C52B.0006: unknown main item tag 0x6
[  136.658692][ T2301] logitech-djreceiver 0003:046D:C52B.0006: ignoring exceeding usage max
[  136.671789][ T2301] usb 2-1: USB disconnect, device number 7
[  136.733816][ T4232] itetech 0003:048D:8595.0007: unknown main item tag 0x3
[  136.740924][ T4232] itetech 0003:048D:8595.0007: unexpected long global item
[  136.778222][ T4232] itetech: probe of 0003:048D:8595.0007 failed with error -22
[  136.840741][ T5843] loop2: detected capacity change from 0 to 32768
[  136.861561][ T5843] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.464 (5843)
[  136.880103][ T5843] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  136.895573][ T5843] BTRFS info (device loop2): setting nodatasum
[  136.904013][ T5843] BTRFS info (device loop2): enabling auto defrag
[  136.910610][ T5843] BTRFS info (device loop2): disabling tree log
[  136.918078][ T5843] BTRFS info (device loop2): using free space tree
[  136.924994][ T5843] BTRFS info (device loop2): has skinny extents
[  136.950111][ T4232] usb 5-1: USB disconnect, device number 7
[  137.126292][ T5843] BTRFS info (device loop2): enabling ssd optimizations
[  137.233836][ T5847] loop3: detected capacity change from 0 to 40427
[  137.241404][ T5871] loop1: detected capacity change from 0 to 1024
[  137.267931][ T5871] hfsplus: unable to parse mount options
[  137.270269][ T5847] F2FS-fs (loop3): Invalid SB checksum offset: 0
[  137.386483][ T5847] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock
[  137.436334][ T5847] F2FS-fs (loop3): invalid crc value
[  137.511647][ T5847] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  137.564851][ T4308] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 9 /dev/loop2 scanned by udevd (4308)
[  137.747857][ T5880] netlink: 452 bytes leftover after parsing attributes in process `syz.0.470'.
[  137.807437][ T5880] netlink: 20 bytes leftover after parsing attributes in process `syz.0.470'.
[  137.898787][ T5847] F2FS-fs (loop3): Try to recover 2th superblock, ret: 0
[  137.920894][ T5847] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  138.030806][ T4204] attempt to access beyond end of device
[  138.030806][ T4204] loop3: rw=2049, want=45104, limit=40427
[  138.570248][ T5878] loop4: detected capacity change from 0 to 32768
[  138.608604][ T5878] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.469 (5878)
[  138.706277][ T5894] loop2: detected capacity change from 0 to 1024
[  139.102194][ T5894] hfsplus: unable to parse mount options
[  139.126634][ T5878] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  139.135820][ T5005] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  139.187547][ T5878] BTRFS info (device loop4): force clearing of disk cache
[  139.251101][ T5878] BTRFS info (device loop4): enabling auto defrag
[  139.291116][ T5878] BTRFS info (device loop4): max_inline at 0
[  139.297138][ T5878] BTRFS info (device loop4): enabling disk space caching
[  139.331085][ T5878] BTRFS info (device loop4): disk space caching is enabled
[  139.341282][ T5878] BTRFS info (device loop4): has skinny extents
[  139.471387][ T5005] usb 4-1: Using ep0 maxpacket: 16
[  139.798274][ T5927] netlink: 'syz.0.478': attribute type 10 has an invalid length.
[  139.812143][ T5878] BTRFS info (device loop4): enabling ssd optimizations
[  139.820327][ T5878] BTRFS info (device loop4): clearing free space tree
[  139.834884][ T5878] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  139.848718][ T5878] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  140.011162][ T4656] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  140.063032][ T5005] usb 4-1: config 0 interface 0 altsetting 255 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  140.136415][  T154] BTRFS info (device loop4): qgroup scan completed (inconsistency flag cleared)
[  140.261087][ T4656] usb 2-1: Using ep0 maxpacket: 32
[  140.386037][ T5005] usb 4-1: config 0 interface 0 altsetting 255 endpoint 0x81 has invalid wMaxPacketSize 0
[  140.396051][ T5005] usb 4-1: config 0 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  140.409028][ T5005] usb 4-1: config 0 interface 0 has no altsetting 0
[  140.415710][ T5005] usb 4-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[  140.424809][ T5005] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  140.446083][ T5005] usb 4-1: config 0 descriptor??
[  140.546361][ T4656] usb 2-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[  140.587645][ T4656] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  140.613079][ T4656] usb 2-1: Product: syz
[  140.618457][ T5940] tipc: Started in network mode
[  140.627556][ T4656] usb 2-1: Manufacturer: syz
[  140.632280][ T4656] usb 2-1: SerialNumber: syz
[  140.634761][ T5940] tipc: Node identity -, cluster identity 4711
[  140.646035][ T4656] usb 2-1: config 0 descriptor??
[  140.693048][ T4656] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[  140.922915][ T5952] netlink: 'syz.0.486': attribute type 10 has an invalid length.
[  140.972836][ T5005] hid-multitouch 0003:1FD2:6007.0008: ignoring exceeding usage max
[  141.401455][ T4656] gspca_ov534_9: reg_w failed -71
[  141.715469][ T5005] hid-multitouch 0003:1FD2:6007.0008: hidraw0: USB HID v0.81 Device [HID 1fd2:6007] on usb-dummy_hcd.3-1/input0
[  141.729687][ T5005] usb 4-1: USB disconnect, device number 2
[  141.891194][ T4656] gspca_ov534_9: Unknown sensor 0000
[  141.891260][ T4656] ov534_9: probe of 2-1:0.0 failed with error -22
[  141.978512][ T4656] usb 2-1: USB disconnect, device number 8
[  142.083944][ T5970] netlink: 'syz.0.492': attribute type 10 has an invalid length.
[  142.326964][ T5971] fido_id[5971]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[  142.992590][ T4657] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  143.192567][ T5987] loop0: detected capacity change from 0 to 64
[  143.206458][ T5989] loop1: detected capacity change from 0 to 1024
[  143.312638][ T5987] attempt to access beyond end of device
[  143.312638][ T5987] loop0: rw=2049, want=268435470, limit=64
[  143.369606][ T5987] Buffer I/O error on dev loop0, logical block 134217734, lost async page write
[  143.421409][ T4657] usb 4-1: unable to get BOS descriptor or descriptor too short
[  143.514280][ T4657] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  143.538244][ T4657] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  143.660125][ T5991] loop2: detected capacity change from 0 to 32768
[  143.664808][ T5005] usb 5-1: new full-speed USB device number 8 using dummy_hcd
[  143.721383][ T4657] usb 4-1: New USB device found, idVendor=1235, idProduct=0010, bcdDevice= 0.40
[  143.741193][ T4657] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  143.743230][ T5991] XFS (loop2): Mounting V5 Filesystem
[  143.750067][ T4657] usb 4-1: Product: syz
[  143.759094][ T4657] usb 4-1: Manufacturer: syz
[  143.769196][ T4657] usb 4-1: SerialNumber: syz
[  143.813859][ T4657] usb 4-1: selecting invalid altsetting 1
[  143.828043][ T4657] usb 4-1: unit 6 not found!
[  143.849659][ T4657] usb 4-1: unit 0 not found!
[  143.874844][ T5991] XFS (loop2): Ending clean mount
[  143.885062][ T4656] XFS (loop2): Metadata CRC error detected at xfs_inobt_read_verify+0x3a/0xd0, xfs_finobt block 0x10 
[  143.924731][ T4657] snd-usb-audio: probe of 4-1:1.0 failed with error -22
[  143.936825][ T4656] XFS (loop2): Unmount and run xfs_repair
[  143.950064][ T4656] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  144.021237][ T4656] 00000000: 46 49 42 33 00 00 00 01 ff ff ff ff ff ff ff ff  FIB3............
[  144.052396][ T4308] udevd[4308]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  144.060565][ T4656] 00000010: 00 00 00 00 00 00 00 10 00 00 00 01 00 00 00 10  ................
[  144.082095][ T5005] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 254, using maximum allowed: 30
[  144.093423][ T5005] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1056, setting to 64
[  144.104736][ T5005] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 254
[  144.118330][ T5005] usb 5-1: New USB device found, idVendor=046d, idProduct=ca03, bcdDevice= 0.00
[  144.127448][ T5005] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  144.193054][ T4656] 00000020: d7 dc 42 4e 79 90 42 cb 9f 91 9c b7 20 0a 10 1d  ..BNy.B..... ...
[  144.202221][ T4656] 00000030: 00 00 00 00 0f 8d d2 a2 00 00 18 00 00 00 40 37  ..............@7
[  144.211099][ T4656] 00000040: ff ff ff ff ff ff fe 00 00 00 00 00 00 00 00 00  ................
[  144.235013][ T5005] usb 5-1: config 0 descriptor??
[  144.261495][ T5993] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  144.378252][ T5007] usb 4-1: USB disconnect, device number 3
[  144.538108][ T4656] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  144.547282][ T4656] 00000060: 00 00 00 00 00 f0 00 00 00 00 00 00 00 00 00 00  ................
[  144.557155][ T4656] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  144.567044][ T5991] XFS (loop2): metadata I/O error in "xfs_btree_read_buf_block+0x1db/0x2d0" at daddr 0x10 len 4 error 74
[  144.585707][ T5991] XFS (loop2): Failed to initialize disk quotas.
[  144.728717][ T5005] logitech 0003:046D:CA03.0009: unknown main item tag 0x2
[  144.754232][ T5005] logitech 0003:046D:CA03.0009: unexpected long global item
[  144.771510][ T5005] logitech 0003:046D:CA03.0009: parse failed
[  144.780325][ T5005] logitech: probe of 0003:046D:CA03.0009 failed with error -22
[  144.810833][ T4189] XFS (loop2): Unmounting Filesystem
[  144.854647][ T6018] loop0: detected capacity change from 0 to 32768
[  144.948353][ T6018] ea_get: invalid extended attribute
[  144.973563][   T25] audit: type=1800 audit(1781668198.718:7): pid=6018 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.506" name="file1" dev="loop0" ino=4 res=0 errno=0
[  144.980654][ T5005] usb 5-1: USB disconnect, device number 8
[  145.052748][ T6018] ea_get: invalid extended attribute
[  145.888734][ T6024] loop1: detected capacity change from 0 to 256
[  146.017125][ T6024] FAT-fs (loop1): Directory bread(block 64) failed
[  146.031787][ T6024] FAT-fs (loop1): Directory bread(block 65) failed
[  146.040259][ T6030] netlink: 'syz.2.507': attribute type 10 has an invalid length.
[  146.048356][ T6024] FAT-fs (loop1): Directory bread(block 66) failed
[  146.055151][ T6024] FAT-fs (loop1): Directory bread(block 67) failed
[  146.112873][ T6024] FAT-fs (loop1): Directory bread(block 68) failed
[  146.119517][ T6024] FAT-fs (loop1): Directory bread(block 69) failed
[  146.815530][ T6032] loop4: detected capacity change from 0 to 1024
[  146.816982][ T6024] FAT-fs (loop1): Directory bread(block 70) failed
[  146.853606][ T6032] hfsplus: unable to parse mount options
[  146.866878][ T6024] FAT-fs (loop1): Directory bread(block 71) failed
[  146.875406][ T6036] loop3: detected capacity change from 0 to 256
[  146.965217][ T6024] FAT-fs (loop1): Directory bread(block 72) failed
[  146.972627][ T6024] FAT-fs (loop1): Directory bread(block 73) failed
[  147.391749][ T6036] FAT-fs (loop3): Directory bread(block 64) failed
[  147.398369][ T6036] FAT-fs (loop3): Directory bread(block 65) failed
[  147.438569][ T6036] FAT-fs (loop3): Directory bread(block 66) failed
[  147.466750][ T6036] FAT-fs (loop3): Directory bread(block 67) failed
[  147.486690][ T6047] genirq: Flags mismatch irq 31. 00000000 (comedi_parport) vs. 00000000 (virtio1-input.0)
[  147.499041][ T6036] FAT-fs (loop3): Directory bread(block 68) failed
[  147.500755][ T6043] loop0: detected capacity change from 0 to 1764
[  147.506267][ T6036] FAT-fs (loop3): Directory bread(block 69) failed
[  147.566422][ T6036] FAT-fs (loop3): Directory bread(block 70) failed
[  147.576886][ T6036] FAT-fs (loop3): Directory bread(block 71) failed
[  147.604389][ T6036] FAT-fs (loop3): Directory bread(block 72) failed
[  147.627700][ T6036] FAT-fs (loop3): Directory bread(block 73) failed
[  148.584120][ T6055] loop1: detected capacity change from 0 to 1024
[  148.635098][ T6055] hfsplus: unable to parse mount options
[  149.007639][ T6059] netlink: 'syz.4.521': attribute type 10 has an invalid length.
[  149.694092][ T6065] loop3: detected capacity change from 0 to 256
[  149.752011][ T6065] exfat: Deprecated parameter 'namecase'
[  149.757729][ T6065] exfat: Deprecated parameter 'utf8'
[  149.829436][ T6071] netlink: 'syz.1.526': attribute type 10 has an invalid length.
[  149.845604][ T6065] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xea424414, utbl_chksum : 0xe619d30d)
[  149.921765][ T6075] loop0: detected capacity change from 0 to 1024
[  149.994383][ T6083] loop4: detected capacity change from 0 to 64
[  150.280373][ T6094] loop1: detected capacity change from 0 to 1024
[  150.319708][ T6094] hfsplus: unable to parse mount options
[  150.799837][ T6102] netlink: 'syz.4.538': attribute type 10 has an invalid length.
[  150.821102][ T5005] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  151.281596][ T5005] usb 4-1: unable to get BOS descriptor or descriptor too short
[  151.401581][ T5005] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  151.479329][ T5005] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  151.851261][ T5005] usb 4-1: string descriptor 0 read error: -22
[  151.894781][ T5005] usb 4-1: New USB device found, idVendor=1235, idProduct=0010, bcdDevice= 0.40
[  151.924204][ T6112] loop1: detected capacity change from 0 to 256
[  151.953039][ T5005] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  152.037967][ T6096] loop0: detected capacity change from 0 to 32768
[  152.058785][ T5005] usb 4-1: selecting invalid altsetting 1
[  152.075365][ T5005] usb 4-1: unit 6 not found!
[  152.281630][ T5005] usb 4-1: cannot get ctl value: req = 0x83, wValue = 0x100, wIndex = 0x200, type = 3
[  152.301548][ T5005] usb 4-1: 2:0: cannot get min/max values for control 1 (id 2)
[  152.380962][ T5005] snd-usb-audio: probe of 4-1:1.0 failed with error -22
[  152.403166][ T4308] udevd[4308]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  152.420018][ T6107] loop4: detected capacity change from 0 to 32768
[  152.545759][   T25] audit: type=1326 audit(1781668206.288:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6115 comm="syz.2.544" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f181abdee59 code=0x7ffc0000
[  152.601316][ T4233] usb 4-1: USB disconnect, device number 4
[  152.665437][   T25] audit: type=1326 audit(1781668206.358:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6115 comm="syz.2.544" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f181abdee59 code=0x7ffc0000
[  152.728210][   T25] audit: type=1326 audit(1781668206.358:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6115 comm="syz.2.544" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f181abdee59 code=0x7ffc0000
[  152.765580][ T6122] loop4: detected capacity change from 0 to 512
[  152.772278][ T6114] loop1: detected capacity change from 0 to 32768
[  152.780248][   T25] audit: type=1326 audit(1781668206.358:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6115 comm="syz.2.544" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f181abdee59 code=0x7ffc0000
[  152.805161][   T25] audit: type=1326 audit(1781668206.358:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6115 comm="syz.2.544" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f181abdee59 code=0x7ffc0000
[  152.835446][   T25] audit: type=1326 audit(1781668206.358:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6115 comm="syz.2.544" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f181abdee59 code=0x7ffc0000
[  152.889430][ T6114] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop1 scanned by syz.1.542 (6114)
[  153.641372][ T6114] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[  153.667137][   T25] audit: type=1326 audit(1781668206.358:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6115 comm="syz.2.544" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f181abdee59 code=0x7ffc0000
[  153.672356][ T6122] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  153.700209][ T6125] loop0: detected capacity change from 0 to 4096
[  153.716378][ T6114] BTRFS info (device loop1): using free space tree
[  153.739995][ T6114] BTRFS info (device loop1): has skinny extents
[  153.754041][   T25] audit: type=1326 audit(1781668206.358:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6115 comm="syz.2.544" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f181abdee59 code=0x7ffc0000
[  153.772897][ T6125] ntfs3: loop0: Different NTFS' sector size (1024) and media sector size (512)
[  153.785040][ T6135] loop3: detected capacity change from 0 to 64
[  153.945181][ T6122] EXT4-fs warning (device loop4): verify_group_input:147: Cannot add at group 7 (only 1 groups)
[  154.003849][ T6114] BTRFS info (device loop1): enabling ssd optimizations
[  154.130804][ T6157] loop2: detected capacity change from 0 to 1024
[  154.173003][ T6157] hfsplus: unable to parse mount options
[  154.258041][ T6162] loop4: detected capacity change from 0 to 64
[  154.451055][ T5241] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 9 /dev/loop1 scanned by udevd (5241)
[  154.895764][ T5005] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  155.157787][ T6179] Zero length message leads to an empty skb
[  155.352561][ T5005] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  155.374815][ T5005] usb 2-1: config 0 has no interface number 0
[  155.394828][ T5005] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  155.491931][ T5005] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  155.504462][ T5005] usb 2-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.00
[  155.518733][ T5005] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  155.539794][ T5005] usb 2-1: config 0 descriptor??
[  155.866832][ T6172] syz.4.556 (6172): drop_caches: 2
[  156.045944][ T5005] prodikeys 0003:041E:2801.000A: hidraw0: USB HID v0.00 Device [HID 041e:2801] on usb-dummy_hcd.1-1/input1
[  156.067857][ T6202] netlink: 'syz.3.568': attribute type 10 has an invalid length.
[  156.085734][ T5005] hid_prodikeys: hid-prodikeys: failed to find output report
[  156.085734][ T5005] 
[  156.111442][ T6205] loop4: detected capacity change from 0 to 128
[  156.175922][ T6205] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  156.210438][ T6205] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  156.227668][ T6205] ext2 filesystem being mounted at /112/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  156.350436][ T4869] usb 2-1: USB disconnect, device number 9
[  156.417408][ T6213] loop3: detected capacity change from 0 to 1024
[  156.427942][ T6207] fido_id[6207]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[  156.532394][ T6213] hfsplus: unable to parse mount options
[  156.721137][ T4652] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  156.884804][ T6221] loop3: detected capacity change from 0 to 512
[  156.937614][ T6221] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  156.974048][ T4663] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  156.992830][ T6221] EXT4-fs error (device loop3): ext4_clear_blocks:883: inode #11: comm syz.3.575: attempt to clear invalid blocks 33261 len 1
[  157.018419][ T6221] EXT4-fs (loop3): 1 truncate cleaned up
[  157.024168][ T6221] EXT4-fs (loop3): mounted filesystem without journal. Opts: noblock_validity,inode_readahead_blks=0x0000000008000000,nodiscard,,errors=continue. Quota mode: none.
[  157.121767][ T5005] usb 3-1: new full-speed USB device number 5 using dummy_hcd
[  157.143651][ T4652] usb 1-1: unable to get BOS descriptor or descriptor too short
[  157.234213][ T4663] usb 5-1: Using ep0 maxpacket: 16
[  157.241367][ T4652] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  157.256862][ T4652] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  157.423313][ T4652] usb 1-1: New USB device found, idVendor=1235, idProduct=0010, bcdDevice= 0.40
[  157.440130][ T4652] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  157.455640][ T4652] usb 1-1: Product: syz
[  157.460447][ T4652] usb 1-1: Manufacturer: syz
[  157.514721][ T4663] usb 5-1: New USB device found, idVendor=06b9, idProduct=4061, bcdDevice= 1.88
[  157.526422][ T4652] usb 1-1: SerialNumber: syz
[  157.544130][ T4663] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  157.613784][ T4663] usb 5-1: Product: syz
[  157.628143][ T4663] usb 5-1: Manufacturer: syz
[  157.643198][ T4663] usb 5-1: SerialNumber: syz
[  157.672253][ T4663] usb 5-1: config 0 descriptor??
[  157.693743][ T4652] usb 1-1: selecting invalid altsetting 1
[  157.707599][ T4652] usb 1-1: unit 6 not found!
[  157.712782][ T4652] usb 1-1: unit 0 not found!
[  157.751539][ T4652] snd-usb-audio: probe of 1-1:1.0 failed with error -22
[  157.836868][ T4308] udevd[4308]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  157.971300][ T4663] speedtch 5-1:0.0: speedtch_bind: wrong device class 10
[  157.978558][ T4663] speedtch 5-1:0.0: usbatm_usb_probe: bind failed: -19!
[  158.036261][ T6245] netlink: 32 bytes leftover after parsing attributes in process `syz.1.583'.
[  158.047600][ T4663] usb 5-1: USB disconnect, device number 9
[  158.074013][ T4652] usb 1-1: USB disconnect, device number 4
[  158.091263][ T5005] usb 3-1: config 0 interface 0 altsetting 6 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  158.117639][ T5005] usb 3-1: config 0 interface 0 altsetting 6 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[  158.141046][ T5005] usb 3-1: config 0 interface 0 altsetting 6 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  158.171634][ T5005] usb 3-1: config 0 interface 0 has no altsetting 0
[  158.188516][ T5005] usb 3-1: New USB device found, idVendor=28bd, idProduct=0074, bcdDevice= 0.00
[  158.208317][ T5005] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  158.233137][ T5005] usb 3-1: config 0 descriptor??
[  158.324500][ T6219] raw-gadget.2 gadget: fail, usb_ep_enable returned -22
[  159.263581][ T5005] uclogic 0003:28BD:0074.000B: interface is invalid, ignoring
[  159.496272][ T5005] usb 3-1: USB disconnect, device number 5
[  159.563728][ T6271] loop0: detected capacity change from 0 to 256
[  160.824325][ T6262] loop1: detected capacity change from 0 to 32768
[  160.954187][ T6262] JBD2: Ignoring recovery information on journal
[  161.116321][ T6262] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode.
[  161.179650][ T6308] loop0: detected capacity change from 0 to 16
[  161.232196][ T6310] loop3: detected capacity change from 0 to 1024
[  161.262798][ T6308] erofs: (device loop0): mounted with root inode @ nid 36.
[  161.307019][ T4190] ocfs2: Unmounting device (7,1) on (node local)
[  161.338444][ T6308] attempt to access beyond end of device
[  161.338444][ T6308] loop0: rw=524288, want=1342177304, limit=16
[  161.367628][ T6310] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a802c018, mo2=0002]
[  161.380547][ T6310] System zones: 0-1, 3-12
[  161.392899][ T6308] attempt to access beyond end of device
[  161.392899][ T6308] loop0: rw=0, want=1342177280, limit=16
[  161.404847][   T25] audit: type=1800 audit(1781668215.148:16): pid=6308 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.607" name="file1" dev="loop0" ino=86 res=0 errno=0
[  161.406679][ T6307] attempt to access beyond end of device
[  161.406679][ T6307] loop0: rw=524288, want=1348712320, limit=16
[  161.456658][ T6307] attempt to access beyond end of device
[  161.456658][ T6307] loop0: rw=0, want=1348712296, limit=16
[  161.492273][ T6310] EXT4-fs (loop3): mounted filesystem without journal. Opts: nobarrier,dioread_lock,barrier=0x0000000000000004,nolazytime,debug_want_extra_isize=0x0000000000000080,lazytime,stripe=0x0000000000000fdc,debug,resgid=0x0000000000000000,jqfmt=vfsv0,,errors=continue. Quota mode: none.
[  161.524473][ T6307] attempt to access beyond end of device
[  161.524473][ T6307] loop0: rw=0, want=1348712296, limit=16
[  161.637167][ T6308] attempt to access beyond end of device
[  161.637167][ T6308] loop0: rw=0, want=1348712296, limit=16
[  161.677699][ T6310] EXT4-fs (loop3): Online resizing not supported with bigalloc
[  161.690925][ T6308] attempt to access beyond end of device
[  161.690925][ T6308] loop0: rw=0, want=1348712296, limit=16
[  161.722003][ T6308] attempt to access beyond end of device
[  161.722003][ T6308] loop0: rw=0, want=1348712296, limit=16
[  161.739057][ T6308] attempt to access beyond end of device
[  161.739057][ T6308] loop0: rw=0, want=1348712296, limit=16
[  162.534855][ T6331] netlink: 'syz.4.615': attribute type 2 has an invalid length.
[  162.698046][ T6339] netlink: 4 bytes leftover after parsing attributes in process `syz.3.617'.
[  162.987808][ T6352] loop3: detected capacity change from 0 to 16
[  162.999880][ T6353] loop0: detected capacity change from 0 to 1024
[  163.062235][ T6353] hfsplus: unable to parse mount options
[  163.074543][ T6352] erofs: (device loop3): mounted with root inode @ nid 36.
[  163.107799][ T6352] erofs: (device loop3): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  163.140176][ T6352] erofs: (device loop3): z_erofs_readpage: failed to read, err [-117]
[  163.181028][ T5007] usb 5-1: new full-speed USB device number 10 using dummy_hcd
[  163.233626][ T6328] loop1: detected capacity change from 0 to 32768
[  163.291520][ T6328] (syz.1.614,6328,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  163.338022][ T6328] (syz.1.614,6328,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  163.430102][ T6328] JBD2: Ignoring recovery information on journal
[  163.539293][ T6328] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  163.781232][ T5007] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  164.325848][ T6328] 
[  164.328209][ T6328] ======================================================
[  164.335216][ T6328] WARNING: possible circular locking dependency detected
[  164.342228][ T6328] syzkaller #0 Not tainted
[  164.346631][ T6328] ------------------------------------------------------
[  164.348924][ T5007] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  164.353631][ T6328] syz.1.614/6328 is trying to acquire lock:
[  164.353644][ T6328] ffff88807460dc78 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_init_acl+0x307/0x770
[  164.378519][ T6328] 
[  164.378519][ T6328] but task is already holding lock:
[  164.385876][ T6328] ffff88805f4440e8 (&journal->j_trans_barrier){.+.+}-{3:3}, at: ocfs2_start_trans+0x3a6/0x6f0
[  164.396142][ T6328] 
[  164.396142][ T6328] which lock already depends on the new lock.
[  164.396142][ T6328] 
[  164.406530][ T6328] 
[  164.406530][ T6328] the existing dependency chain (in reverse order) is:
[  164.415528][ T6328] 
[  164.415528][ T6328] -> #3 (&journal->j_trans_barrier){.+.+}-{3:3}:
[  164.424050][ T6328]        down_read+0x44/0x2e0
[  164.428736][ T6328]        ocfs2_start_trans+0x3a6/0x6f0
[  164.434195][ T6328]        ocfs2_shutdown_local_alloc+0x1f8/0xaa0
[  164.440443][ T6328]        ocfs2_dismount_volume+0x1e1/0x8a0
[  164.446245][ T6328]        generic_shutdown_super+0x130/0x300
[  164.452137][ T6328]        kill_block_super+0x7c/0xe0
[  164.457336][ T6328]        deactivate_locked_super+0x93/0xf0
[  164.463134][ T6328]        cleanup_mnt+0x42d/0x4e0
[  164.468070][ T6328]        task_work_run+0x125/0x1a0
[  164.473183][ T6328]        exit_to_user_mode_loop+0x10f/0x130
[  164.479068][ T6328]        exit_to_user_mode_prepare+0xee/0x180
[  164.485125][ T6328]        syscall_exit_to_user_mode+0x16/0x40
[  164.491110][ T6328]        do_syscall_64+0x58/0xa0
[  164.496039][ T6328]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  164.502451][ T6328] 
[  164.502451][ T6328] -> #2 (sb_internal#3){.+.+}-{0:0}:
[  164.509921][ T6328]        ocfs2_start_trans+0x2a7/0x6f0
[  164.515372][ T6328]        ocfs2_truncate_file+0x62d/0x1460
[  164.521089][ T6328]        ocfs2_setattr+0x14dd/0x1ad0
[  164.522405][ T5007] usb 5-1: New USB device found, idVendor=060b, idProduct=700a, bcdDevice= 0.00
[  164.526376][ T6328]        notify_change+0xbcd/0xee0
[  164.540461][ T6328]        do_truncate+0x1ac/0x240
[  164.545393][ T6328]        path_openat+0x2922/0x2fa0
[  164.550497][ T6328]        do_filp_open+0x1e2/0x410
[  164.555515][ T6328]        do_sys_openat2+0x150/0x4b0
[  164.560703][ T6328]        __x64_sys_creat+0x8c/0xb0
[  164.560970][ T5007] usb 5-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[  164.565804][ T6328]        do_syscall_64+0x4c/0xa0
[  164.578678][ T6328]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  164.585094][ T6328] 
[  164.585094][ T6328] -> #1 (&oi->ip_alloc_sem){++++}-{3:3}:
[  164.592910][ T6328]        down_write+0x38/0x60
[  164.597583][ T6328]        ocfs2_try_remove_refcount_tree+0xb3/0x340
[  164.600974][ T5007] usb 5-1: Manufacturer: syz
[  164.604077][ T6328]        ocfs2_truncate_file+0xe03/0x1460
[  164.614343][ T6328]        ocfs2_setattr+0x14dd/0x1ad0
[  164.619625][ T6328]        notify_change+0xbcd/0xee0
[  164.624734][ T6328]        do_truncate+0x1ac/0x240
[  164.628071][ T5007] usb 5-1: config 0 descriptor??
[  164.629674][ T6328]        path_openat+0x2922/0x2fa0
[  164.639693][ T6328]        do_filp_open+0x1e2/0x410
[  164.644714][ T6328]        do_sys_openat2+0x150/0x4b0
[  164.649903][ T6328]        __x64_sys_creat+0x8c/0xb0
[  164.655001][ T6328]        do_syscall_64+0x4c/0xa0
[  164.659929][ T6328]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  164.666337][ T6328] 
[  164.666337][ T6328] -> #0 (&oi->ip_xattr_sem){++++}-{3:3}:
[  164.674149][ T6328]        __lock_acquire+0x2c42/0x7d10
[  164.679522][ T6328]        lock_acquire+0x19e/0x400
[  164.684540][ T6328]        down_read+0x44/0x2e0
[  164.689208][ T6328]        ocfs2_init_acl+0x307/0x770
[  164.694399][ T6328]        ocfs2_mknod+0x15cb/0x2510
[  164.699499][ T6328]        ocfs2_mkdir+0x192/0x420
[  164.704424][ T6328]        vfs_mkdir+0x387/0x570
[  164.709180][ T6328]        do_mkdirat+0x1df/0x5b0
[  164.714026][ T6328]        __x64_sys_mkdirat+0x85/0x90
[  164.719300][ T6328]        do_syscall_64+0x4c/0xa0
[  164.724234][ T6328]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  164.730650][ T6328] 
[  164.730650][ T6328] other info that might help us debug this:
[  164.730650][ T6328] 
[  164.740870][ T6328] Chain exists of:
[  164.740870][ T6328]   &oi->ip_xattr_sem --> sb_internal#3 --> &journal->j_trans_barrier
[  164.740870][ T6328] 
[  164.754774][ T6328]  Possible unsafe locking scenario:
[  164.754774][ T6328] 
[  164.762215][ T6328]        CPU0                    CPU1
[  164.767563][ T6328]        ----                    ----
[  164.772909][ T6328]   lock(&journal->j_trans_barrier);
[  164.778182][ T6328]                                lock(sb_internal#3);
[  164.784928][ T6328]                                lock(&journal->j_trans_barrier);
[  164.792713][ T6328]   lock(&oi->ip_xattr_sem);
[  164.797279][ T6328] 
[  164.797279][ T6328]  *** DEADLOCK ***
[  164.797279][ T6328] 
[  164.805398][ T6328] 8 locks held by syz.1.614/6328:
[  164.810398][ T6328]  #0: ffff88807312a460 (sb_writers#23){.+.+}-{0:0}, at: mnt_want_write+0x3d/0x90
[  164.819609][ T6328]  #1: ffff88807460df48 (&type->i_mutex_dir_key#18/1){+.+.}-{3:3}, at: filename_create+0x208/0x470
[  164.830300][ T6328]  #2: ffff8880603f42c8 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#4){+.+.}-{3:3}, at: ocfs2_reserve_suballoc_bits+0x16a/0x44d0
[  164.843938][ T6328]  #3: ffff8880603f3488 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5){+.+.}-{3:3}, at: ocfs2_reserve_suballoc_bits+0x16a/0x44d0
[  164.857573][ T6328]  #4: ffff8880603f6d88 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#6){+.+.}-{3:3}, at: ocfs2_reserve_local_alloc_bits+0x11c/0x25f0
[  164.871477][ T6328]  #5: ffff88807312a650 (sb_internal#3){.+.+}-{0:0}, at: ocfs2_mknod+0xf5a/0x2510
[  164.880681][ T6328]  #6: ffff88805f4440e8 (&journal->j_trans_barrier){.+.+}-{3:3}, at: ocfs2_start_trans+0x3a6/0x6f0
[  164.891360][ T6328]  #7: ffff88807c306990 (jbd2_handle){++++}-{0:0}, at: start_this_handle+0x134c/0x15c0
[  164.901011][ T6328] 
[  164.901011][ T6328] stack backtrace:
[  164.906897][ T6328] CPU: 1 PID: 6328 Comm: syz.1.614 Not tainted syzkaller #0
[  164.914164][ T6328] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/09/2026
[  164.924208][ T6328] Call Trace:
[  164.927474][ T6328]  <TASK>
[  164.930387][ T6328]  dump_stack_lvl+0x188/0x250
[  164.935053][ T6328]  ? load_image+0x400/0x400
[  164.939537][ T6328]  ? show_regs_print_info+0x20/0x20
[  164.944723][ T6328]  ? print_circular_bug+0x12b/0x1a0
[  164.949906][ T6328]  check_noncircular+0x296/0x330
[  164.954827][ T6328]  ? add_chain_block+0x940/0x940
[  164.959746][ T6328]  ? _find_first_zero_bit+0xce/0xf0
[  164.964928][ T6328]  ? add_lock_to_list+0x18d/0x280
[  164.969932][ T6328]  __lock_acquire+0x2c42/0x7d10
[  164.974773][ T6328]  ? lock_chain_count+0x20/0x20
[  164.979609][ T6328]  ? verify_lock_unused+0x140/0x140
[  164.984802][ T6328]  ? asm_sysvec_reschedule_ipi+0x16/0x20
[  164.990421][ T6328]  lock_acquire+0x19e/0x400
[  164.994908][ T6328]  ? ocfs2_init_acl+0x307/0x770
[  164.999748][ T6328]  ? __might_sleep+0xf0/0xf0
[  165.004319][ T6328]  ? read_lock_is_recursive+0x10/0x10
[  165.009676][ T6328]  ? preempt_schedule_thunk+0x16/0x18
[  165.015033][ T6328]  down_read+0x44/0x2e0
[  165.019175][ T6328]  ? ocfs2_init_acl+0x307/0x770
[  165.024010][ T6328]  ocfs2_init_acl+0x307/0x770
[  165.028671][ T6328]  ? ocfs2_acl_chmod+0x330/0x330
[  165.033589][ T6328]  ? lockdep_hardirqs_on+0x94/0x140
[  165.038774][ T6328]  ? ocfs2_journal_access+0x40/0x40
[  165.043955][ T6328]  ocfs2_mknod+0x15cb/0x2510
[  165.048532][ T6328]  ? ocfs2_mkdir+0x420/0x420
[  165.053114][ T6328]  ? ocfs2_inode_lock_tracker+0x433/0x700
[  165.058820][ T6328]  ? __lock_acquire+0x7d10/0x7d10
[  165.063830][ T6328]  ? do_raw_spin_lock+0x128/0x2f0
[  165.068849][ T6328]  ? ocfs2_inode_unlock_tracker+0x26c/0x2e0
[  165.074740][ T6328]  ? __lock_acquire+0x7d10/0x7d10
[  165.079759][ T6328]  ? __rwlock_init+0x140/0x140
[  165.084514][ T6328]  ? ocfs2_lookup+0x490/0x950
[  165.089179][ T6328]  ? do_raw_spin_unlock+0x11d/0x230
[  165.094366][ T6328]  ? put_pid+0xda/0x120
[  165.098508][ T6328]  ocfs2_mkdir+0x192/0x420
[  165.102906][ T6328]  ? make_kgid+0x660/0x660
[  165.107305][ T6328]  ? ocfs2_symlink+0x27e0/0x27e0
[  165.112223][ T6328]  ? HAS_UNMAPPED_ID+0x1d3/0x230
[  165.117143][ T6328]  ? ocfs2_getattr+0x360/0x360
[  165.121893][ T6328]  ? inode_permission+0xef/0x480
[  165.126815][ T6328]  ? bpf_lsm_inode_mkdir+0x5/0x10
[  165.131823][ T6328]  ? security_inode_mkdir+0xb3/0x100
[  165.137093][ T6328]  vfs_mkdir+0x387/0x570
[  165.141325][ T6328]  do_mkdirat+0x1df/0x5b0
[  165.145639][ T6328]  ? vfs_mkdir+0x570/0x570
[  165.150038][ T6328]  ? getname_flags+0x1fe/0x500
[  165.154784][ T6328]  __x64_sys_mkdirat+0x85/0x90
[  165.159530][ T6328]  do_syscall_64+0x4c/0xa0
[  165.163929][ T6328]  ? clear_bhb_loop+0x30/0x80
[  165.168592][ T6328]  ? clear_bhb_loop+0x30/0x80
[  165.173253][ T6328]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  165.179140][ T6328] RIP: 0033:0x7fd8ff649cc7
[  165.183542][ T6328] Code: 00 66 90 48 89 f2 b9 00 01 00 00 48 89 fe bf 9c ff ff ff e9 db f7 ff ff 66 2e 0f 1f 84 00 00 00 00 00 90 b8 02 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  165.203128][ T6328] RSP: 002b:00007fd8fd8a3e58 EFLAGS: 00000246 ORIG_RAX: 0000000000000102
[  165.211527][ T6328] RAX: ffffffffffffffda RBX: 00007fd8fd8a3ee0 RCX: 00007fd8ff649cc7
[  165.219479][ T6328] RDX: 00000000000001ff RSI: 0000200000000040 RDI: 00000000ffffff9c
[  165.227433][ T6328] RBP: 00002000000002c0 R08: 00002000000000c0 R09: 0000000000000000
[  165.235387][ T6328] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000200000000040
[  165.243342][ T6328] R13: 00007fd8fd8a3ea0 R14: 0000000000000000 R15: 0000000000000000
[  165.251302][ T6328]  </TASK>
[  165.356125][ T6328] (syz.1.614,6328,0):ocfs2_parse_options:1459 ERROR: Invalid heartbeat mount options
[  165.384780][ T6372] netlink: 'syz.3.626': attribute type 10 has an invalid length.
[  165.521144][ T5007] cougar 0003:060B:700A.000C: unknown main item tag 0x1
[  165.575013][ T5007] cougar 0003:060B:700A.000C: item fetching failed at offset 2/5
[  165.626433][ T5007] cougar 0003:060B:700A.000C: parse failed
[  165.639792][ T5007] cougar: probe of 0003:060B:700A.000C failed with error -22
[  165.656161][ T4190] ocfs2: Unmounting device (7,1) on (node local)
[  165.753918][   T26] usb 5-1: USB disconnect, device number 10