last executing test programs:

3.094549726s ago: executing program 0 (id=223):
r0 = userfaultfd(0x1)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000240)={0xaa, 0x50})
ioctl$UFFDIO_ZEROPAGE(r0, 0xc020aa04, &(0x7f0000000140)={{&(0x7f0000ffd000/0x1000)=nil, 0x1000}})

3.036578989s ago: executing program 0 (id=225):
syz_mount_image$btrfs(&(0x7f0000000100), &(0x7f00000000c0)='./file1\x00', 0x810, &(0x7f00000001c0)={[{@metadata_ratio={'metadata_ratio', 0x3d, 0x2}}, {}, {@compress_force}, {@nodiscard}, {@compress_algo={'compress', 0x3d, 'zstd'}}, {@clear_cache}, {@flushoncommit}, {@usebackuproot}]}, 0x1, 0x50f3, &(0x7f000000f3c0)="$eJzs3U+IVWUfB/Dnzp1x5lVw7isEtsoikGrh4CYioqtMUFF0y8VgBE4tgnThJEi0EMQW/Vt4S4paSK6kFsksjKA2LqQwArehYS7cKAaSi3Yac8957pz7HO+5d0ZtTD8fmTnnOb/zPOe5l7O43+uccwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEEF74/bNDVfVT16bPnJtp7jywZebyvul1p0OodbbX8vqOrc++8ua2HS9OxA6zL2fLRqPfkFnX81ljVc/GhX69P6+HEMaSAer58pk1pVGLq3vKA1a6fnH30U17mxuPH27Xr146e7L80lkwsdITWCn5eXVh8Vxqdn6PJHt024VTr9Zzimb90xPuX3kRAMCSTLU6i+7H0fwjbre9P60n7WbSbift+AmhXWwsRzbuqn7z3JDWV2iezSwqjPedZ1LP3/9uu5X2T9pJ1FjCPHt3zSPNRL95ziX1lZonAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ3kkbdHH6qqn7o2febcTHPngS0zl/dNrzsdQqOzvZaVa6vfP9z869utxw78uPmr4xeef6ye94vL0cLO4be48sRkCG8UKhfisBfXhtDqLXSa4cty4a3OynOxAAAAwN3k/s7vkW47i4NjPe1aJ03WOv+iLCxev7j76Ka9zY3HD7frVy+dPbn88Vp9xmvecLxuu7H4UysE4xh/0/EW63HXPaVxqqUjpnn+8fNTf1f1L+X/RnX+j++c/A8AAMDNkP/TcaoNyv/fvfbHJ1X9S/l/Q88hS/k/zjjm/5GwvPwPAAAAd7Lbnf+bpXGqDcr/4y+NfV3Vv5T/p4bL/6PFaceNv8YJ75oMYWrQ1AEAAIA+4v+7L361EPN69s1BmtefevTguarxSvm/OVz+H7ulrwoAAAC4GUe+2P5wVb2U/1vD5f/x2zprAAAAYCne+XDig6p6Kf/PDpf/V+fL/MqHrNNP8a8QDk2GMLGwMpcVfg7tp7sFAAAA4BaJOf3PT3f+ULVfKf/PVd//P97pIF7/33P/v9L1/4VCdte/J90YAAAAgHtR+Xr+eHv87MkF/Z6/P+z1/w/87+CrVccv5f/9w+X/enF5K5//BwAAAMvwX3v+3/bSONUG3f//vo/e/aWqfyn/t4fL/3G5pvjyTtRq2fvz3mQI6xdW8rsJfhMPtyspzI8VCh2tpMe22CMvzI8XCh1zSY/NkyE8uLCyPyn8PxbaSeHK2rxwJCmcjoX8fOgWjiWFE/FM+3xtPt208H0s5BdYzMcrKNZ0L4lIelzt12OhcMMeZ7sHBwAAuKfE8Jxn2bHeZkij7Hxt0A6rB+0wMmiH+qAdRpMd0h37bQ+zvYW4vX1m49Ke/39kuPwf34pV2aLf9f8hXv+fP9ewe/3/bCw0ksJ8LLTSOwa04jGysPtxPEajlfe4sr5bAAAAgLta/F6gvsLzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5h715j5KruA4CffY734fVCUoXQKNkkNY6beL22gUQtVdaUqhEpzbqhoCqi2NhrsnjBjm1KjEJkbCIaIShtkJIPRRhFUc0HqBWISAoIFymOUHlEVEUBBAqtIQoipSQRaYIUqtl7z+ydc3cefqzx0t9P8s6Z+Z/nnYfn3HvnXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/h4Feu+dtm8Ud/e96zL1w8fsWetRe/et15pz4ZwsTM4x1ZuKP/xtvHf373uffseWD1HfcdPv+jvXm5PB4Gqn868zs3xFoPLw7h/o4QutPAisEs0JPfH4z1vW8whFPCbKBWYrI/K5E2HL7fF8K+MBuoVfW9vhAGC4ELn3rk4Zuridv6QlgaQqikbTxfydroSwNn9GaB/jSwtTsL/OqtTC3w3c4sAMcsvhlqL/oDE/UZhucu1+D113PcOvb2SofXFRPDjfP9bO08d6qgN31g4pietlJ1zIvS2+Ogd9sCeLeVtvOtnrbiF6n8G8pbs6FK6Nw0uXnD1dM74yOdYXS0q1FN8/Q8P/P6lzYeSXrBvA5jB4aPy+vwlieW3t21/ILH71ux9OX9H9v7yrF280eFTVpMz7dKyF9zC+Z5jMZ9niyAt1/pW9KIL10hhM2f/73PNIuX5v/Dzef/8eUcbzvrcsda3xzK5ubxkcGYeG0om5sDAADAgrEQ9ppuHX3oE83qK83/R9o7/h8P+eeT+Wy0B0MYn0nsXRLCaTOPZ4G7YnOXLQnhgzOpifrA2iRwMIT3ziSW16pKSiyKJUaSwE+G8sB4EjgUAxNJ4FsxcGsSuCEGDiSBjTFwMAmcGwNhqn4cvz+Uj6PtQF8MrM824oF4FsIvhmJrybZ6rlYVAADAcZLPDnvq7xbOdTjWDHF6eaCvVYZ4BnbDDJWkhnQGW5tWNayhu1UNna1qqI17d/Phl2ruaFVz6TSMjvoMt//ybz4bmijN/8eaz/8rc3Sko3T8P4R1M39j7s48Ml2Lr5+oywAAAAAcg4H/ffGbzeKl+f94e+f/x30iXYXM4bG4G2LLkhDG6gNZtX9YDmRHvQfyAAAAACwEtePxtWPhU/ltdop2Op8u5584wvzxwP/4nPl7Dz64vll/S/P/ifbO/++vv806cSj24mtLQlhUCPwg9rIamDESAz/+ZH0gH/+huAFuilXlJybUqropllgfA2NJYF+jEj+slTitPpA/WbXG99bGMZWXKAQAAADghIu7A+Jx+Xj+/4d+s/qaZuVK8//1R3b+/8w8uHR6//RACCu7Q+hKfxjwWH+2MGAMDHbkiYf6s7q60qqu7w/hnOrA0qpezNf/707XGHyqL6sqBk770P7Xz6gmvtkXwspi4OnP3XlWNbEzCdQa/8u+ED5QHW3a+HcWZY33pI1/fVEI7y8EalVdtiiEamO9aVWPVPLrGKRV/XMlhHcVArWqzq6EsCsAsEDF/0o3FR/csevaLRumpye3z2Mi7sPvC5unpidHN26d3lRp0KdNSZ/rljG6vjymdq9881y+RNFF964bbCdd+53gWLGtfD9+6cTB/H78LtQzM87VPXV316RD/siHy02EwjepRkPunOch9xcrmX0SS/XH/L1hICy6esfk9tEvbti5c/uq7G+72Vdnf+NhpmxbrUq3Vf9cfWvj5dFwtazE0W6rZcVKVu68ctvKHbuuXTF15YbLJy+fvGrV2avHzhxbM/bxM1dWRzWW/W0x1GVzVZ0M9a072xzXcRzq6d2FSk7Ep4aEhMRCS2wdWNb0/+TS/H9b8/l//NSJn/z5+gyNjv8Px8P82eOzh/nXx8C+do//Dzc6ml87MWAkCeyOgd0O8wMAAPDOECf5cW9m3Cv90+XfeblZudL8f3d7v/8/Tuv/15auP7/RMv/LY4mxRuv/p8v819b/391o/f90mf/a+v/73ob1/6+uBZJN8gvr/wMAAO8EJ279/5bL+6cXCChlaLm8f3qBgFKGlsv4t3uBgCNe///5//yr/w5NlOb/t7Y3/7dwPwAAAJw8vvxn1/xOs3hp/r+vvfn/iV//LzQ6/3+kUWCi0cKA1v8DAABggWq0/t/wjf2XNitXmv8faG/+H0+76KzLHWt9cyhb0y6ka9q9NlT7yQAAAAAsDJ1hdLSnzbx1K6OuPfo2n8mXAm2WLnrxTw4f2fn/B9ub/9f9LuOWJ5be3bX8gsffvG/F0pf3f2zvK7PH/wEAAID50+5+CQAAAAAAAAAAAAAA4O334n/sWdMsXvr9f1g383ij3//H6/7F3xe8uy53rLX1+n/5/Qs/fc+umSULHxsK4cPFwJY9W04J+bX5lxUDD1+y/D3VxJ60xIMvnPtSNXFpGvjUilPfqCbOSQLr4yKJ700D8aqKbyxOAnF5xX9PA3F7HEgDvXngq4uzcXSk2+qng9m26ki31bODISwpBGrb6v7BrI2OdIC3JYHaAL+QBuIA/zwPdKa9umcg61UMDMaidwxkvQIA4KQVvwX2hM1T05Nj8St8vD29u/42qluy7PpytR1tNv9cvjTZRfeuG2wn3ZV+F5291nhPqFSHsKr0dbWYpWNmlMenlhab7t0NhtxqtbfOBuVSR7rpehuPqC8b0ejGrdObeloOfE3rLKu7W2ZZVZrsFLN0zmzSNmppoy9tjKjNbdNGl+P9zjA62pXk+oMYHA51Wr0i2v29fnGdv0avgmKeqw7v/VWz+krz/+H25v+V4rjeyC8GsDteWe/vlljmHwAAAObXV9f++hvx32dvfPTpZnlL8/+R9ub/cQ9Wfig429txMF7/f++SEGYurT+cBe6KzV22JIQPzqQmYonsgvrnxxJjWeCuuMNkeSyxfqK+qkUxcCAJ/GQoDxxMAodiIN9LsT/ku3L+fiiEs2ZS6+pLbIslhpPAZ2JgJAmMxsBYElgcA+NJ4NXFeWAiCfxbDISp+m117+J8WwEAAByJfJ7VU383pPO8A92tMnS0ytDfKkNnqwyVVhkajSLe/3bM0JOcvNJRyNST1tqX1FLKEC+Gf8T9KmUIP6zPmRYsNR3PP6idb9BRn+GBT3RXQhOl+f9Ye/P//vrbrPVDcf4/e/2/LPCD2L2vxVPHR2Lgx5+sD+Q7Bg7Fye5Ntaom8hL5pP2mWGI8BkaSwLYYGE8C69flgX3vqQ/kM+1a43trjU/lJQoBAAAAOOHiDoK4mybO/+/Y8ZWBZuVK8//x9ub/sb2BYmM3xFoPLw7h/o7Z3tQCKwazQNyPMRh/Hv++wRBOKezgqJWY7M9K9CYNh+/3Zb9Q702r+l5f9uODeP/Cpx55+OZq4ra+EJYW9r7U2ni+krXRlwbO6M0C/Wlga3cWiHt+aoHvdmYBOGa1vYLxBZWf6lIzPHe5Bq+/d8o1QdPhlfaBzpFvrt9czZfSDtd8n2rNkT1tTfffctyU3h4HvdsW4rtt2Lut+EUq/4by1myoEjo3TW7ecPX0zvhI8ZesJfP0PBd/pdpO+ji8DncffW9bq6QdGEs+PsbmLjf367AjVnfLE0vv7lp+weP3rVj68v6P7X2l7W40EH8o/Mh1/zr4o8LmnW+VkL/mFtznyYTPk4X438CIpy2EsO7Vr9/ULF6a/0+0N//vTm5n/DpuzB1LQvhIYeM+Fjf/Hy/JPgcLgexT8l3lQHbI/b+GGn5yAgAAwPFW291R218wld9mJ4Sn8+Ry/okjzB/3V4zPmb/dfvf/9SVLm8VL8//1zef/i5JuOv7v+D/zxPH/OZ3su6IXpQ/sPqZd0aXqmBeO/8/pZH+3Of4/J8f/Hf+fi+P/LTj+P6eT/WkrfUva5ktXCOHlP3ro2Wbx0vx/W3vzf+v/zb1oX239v/WN1v/b1mj9v93W/wMAAOZVg4Xm0nleafW+UoZ09b5ShpYLBLZcYtD6f0e8/t9Lpz//m9BEaf6/u735f3w5DBRbXyjr/42sa1DVrTGwzcKAAAAAnIwa7SAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg7fXAP/zPpmbxR3973rMvXDx+xZ61F7963XmnPhnC1MzjHVm4o//G28d/fve59+x5YPUd9x0+/6OVvFxPfvu7dbljrW8OhbCv8MhgTLw2VL0zG7jw0/fs6q4mHhsK4cPFwJY9W06pJr41FMKyYuDhS5a/p5rYk5Z48IVzX6omLk0Dn1px6hvVxDl5oCPt7j8uzrrbkXb35sUhLCkEat29YnF9VbU2/jQPdKZt/NNg1kYMDMai3xjM2oiB6VhialEIK7tD6EqrerSSVdWVVvUvlayqrrSqL1dCOCeE0J1W9UJvVlV3OvIne7OqYuC0D+1//YxqYl9vCCuLgac/d+dZ1cQXkkCt8b/oDeED1ZdM2vi3e7LGe9LGb+sJ4f0hhN60xC+7sxK9aYkXu0N4VyFQa/zz3SHsCrwjxA+fuk+0Hbuu3bJhenpy+zwmevO2+sLmqenJ0Y1bpzdVkj410lFIv3X90Y/9ude/tLF6e9G96wbbSXfn5Xpmury6p+7umpO997Ff/cVKZp+PUv0xf28YCIuu3jG5ffSLG3bu3L4q+9tu9tXZ3648mm2rVQtlWy0rVrJy55XbVu7Yde2KqSs3XD55+eRVq85ePXbm2Jqxj5+5sjqqsezv8RjqnSd+qKd3Fyo5ER8AEhISCy3RWffpNnayf5CXvujPdrQnVGY+oEvTimKWjplRHo9Brz3KER/N95SWI1pVmjiUsqyeI8v19VnWlCYTs7X0ZVlmvteVJofFxjpnNmm83xlGR7sabYfh+rvFzfuzY9i8z+Sbrt00AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP/HDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwA8cCAAAAAML8rcPo2QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEsBAAD//+erI4o=")
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x800053, 0x0, 0xfc, 0x0, &(0x7f00000000c0))
rmdir(&(0x7f00000000c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
fdatasync(r0)

2.390991912s ago: executing program 0 (id=228):
syz_mount_image$iso9660(&(0x7f0000000080), &(0x7f0000000400)='./file0\x00', 0x800000, &(0x7f0000000040)=ANY=[@ANYBLOB="00fbfddc0bd5e8dee8d286b20b62086ce9b81b1660031b9dcba026117a79eba4a32d50e5c7b14c8e3f4d"], 0x1, 0x3ea, &(0x7f0000000c40)="$eJzs3M9OG0ccwPFZYleUSqhS1EAIh2nTAz3EWS/FyMppux6bSda7q5l1BKcqKhChQlo1qdRwabmkrdQ+RK59iL5R1L4B1f4xBWMw4U+Mou9HQjPe/c3Mb1bWjrxoVgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOEELdetOyLUUW9Vnixombh7yvl+f58dKU4ZVwgn+xOTk2K2ODR78//TnxSdzBSfZsRkVkyK3Y9uffzgZmWi3/6UhN6J5y93v32yvb3xw8DxytDMqrLy737u3WR39Toq0jbWXb+jpLaxbDYa7v2VtpVtHSq7ZlPVlYFRfhobuRB8IevN5qJUtbW4F3Vafqj6B5fvea7bkA9rifKNjaP7D2s2WNFhqKNOHpOdzmKWsy/iI53KVPldKTe3tjcWRyWZBdXPEuSNCvJcz6vXPa/eWGouLbtuxXM9eeSAO0AcazL+Ly3G65Lv4MD57ZfrPwAAAAAAeH85+TP27Pd/NX8O74i2DpU77rQAAAAAAMAlyv/zP5MV1aw2Kxx+/wMAAAAA8L757fAeuw+H7bGzyab4+x9hTNXZS1Y/d3b8LNzfEZW83Y3BHtP2nDNddpIXjUr5KVDzzu0i6HY/+k1ZbI7a6+ccS6AceTCBYofd/s9DEhB/iLkiaG69KNf7Z4pRpto6VLUgDh/Uhe9PT6RqNf3x2dZPIp/+71F32hGbW9sbtW++217Pc9nLetnbKTdQHNtHcfLFEC8O9j0On3E1fxBTjjtVjOsenv9E0XziLcZ8Je4UMXeminLq6PwnszHrtZNmX2ZRv+DMX4n5ImZ+4W5W3F0YkoU3KgvvcBbnuhZnyGJxVBaLF8wCAMZlc8Qq5Bxf+M9xl7u81f30O/qnB2G/CCEqc0Pu6O6oO7p7wdXtr2PvQDhpjc3G/XNgVX2dNXh94rg29JzsEt54sfO9uPX85e69rZ0nTzeebjzzvMWG+6XrLnmimk+jLFh7AABDKPPGmUp/dYzRydf1ZrPupytKmjh4JI1udZTUUapMsOJHHSUTE6dxEIdZ5bFuKSttL0lik8p2bGQSW72av/lFlq9+sarrR6kObBIq3yoZxFHqB6lsaRvIpPdVqO2KMnljm6hAt3XgpzqOpI17JlA1Ka1ShwJ1S0WpbuusGsnE6K5v1uTjOOx1lWwpGxidpHHRYX8sHbVj0827rY37YgMAcE0cvMHu7JVq2fTMrcY8RQAAMIBVGgAAAAAAAAAAAAAAAAAAAACA6+8c+//GXHGEENcgDSpULrvywXm/2PtXkM+470wArtp/AQAA//9YmqqZ")
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='map_files\x00')
getdents64(r0, &(0x7f0000000080)=""/34, 0x22)
socket$nl_generic(0x10, 0x3, 0x10)
bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f00c00e}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000001ac0)={&(0x7f0000000000)={0x1c, 0x2d, 0x1, 0x70bd26, 0x25dfdbfc, {0x4}, [@typed={0x8, 0x9, 0x0, 0x0, @binary="38eac21a"}]}, 0x1c}}, 0x20000000)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000240)={[{@index_on, 0x3a}], [], 0x2f})
openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)

1.517714641s ago: executing program 1 (id=234):
r0 = syz_open_dev$vbi(&(0x7f0000000040), 0x0, 0x2)
ioctl$VIDIOC_S_TUNER(r0, 0x4054561e, &(0x7f0000000080)={0x0, "126ebf7d9fdf9aec84c0fe4cb734f282d46938152a71b9399c8d590c79cfaf41", 0x0, 0x0, 0x0, 0x0, 0x0, 0x2})

1.517523785s ago: executing program 2 (id=235):
r0 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000140), 0x286, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r0, 0xc0285700, &(0x7f0000000000)={0xff, "340b7832c1efd131b8e6498c25f54a2700", <r1=>0xffffffffffffffff})
ioctl$sock_TIOCINQ(r1, 0x541b, 0x0)

1.443339173s ago: executing program 1 (id=236):
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100"/12], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r0, &(0x7f0000001480)="3b5250dd8df768c581177cc96346a125c5baecd7e46618851e723e8ef1628f8e5c9f", 0x22, 0x20000080, 0x0, 0x0)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000001c0), 0x680, 0x0)
ioctl$TIOCSSOFTCAR(r4, 0x5453, 0x0)

1.443093276s ago: executing program 2 (id=237):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
set_tid_address(0x0)

1.442098357s ago: executing program 2 (id=238):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = syz_io_uring_setup(0x8d2, &(0x7f00000000c0)={0x0, 0x0, 0x3010}, &(0x7f0000000040)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x1, 0x0, r0, 0x0, &(0x7f0000000380), 0x0, 0x10143})
io_uring_enter(r2, 0x47ba, 0x6204, 0x42, 0x0, 0x0)

833.461108ms ago: executing program 0 (id=239):
keyctl$negate(0xd, 0x0, 0x2, 0x0)

790.020878ms ago: executing program 0 (id=240):
syz_mount_image$nilfs2(&(0x7f0000000a40), &(0x7f0000000a80)='./bus\x00', 0x204800, &(0x7f0000000000)=ANY=[@ANYRES64=0x0, @ANYRES64], 0x1, 0xa3e, &(0x7f0000000ac0)="$eJzs3U+MG1f9APA39nrzt784/SV0SUObNNCWP91td5fwJ4KmIhIiaipulSouUZqWiDQgUgla9ZDkxI2WKmf+iFMvCBASvaCoF7hE0EhcKg6FAweiIFXiAA2J0drvee0XW2Nvdtfr9ecjzT7PfJ/nvfHOjMcz8+YFYGJVmn8XF2eKEC6//eaxfzz8921LU55s56g3/051jNVCCEUcn8rm9361ld764LVTvdIizDf/pvHwzI32e3eEEC6EA+FKqId9l6+9cXX+6RMXj186+O5bR66vzdIDAMBk+fqVI4t7//qn+3d/+IsHjoYt7enp+Lwex3fG4/6j8cA/Hf9XQvd40TF0ms7yTcWhkuWr9sjXWU4tyzfVp/zpbL61Pvm2lJRf7ZjWa7lhnKX1uB6KymzXeKUyO9v6TR6av+uni9lzZ86+cH5EFQVW3b8eDCEcMBgMkzg0do16DwTQkl8vvMOF/MzC3WnPbWqw8m88Ven9flgF673+txQXRlv+sla5NxujLX/Uy9+//J9ftMdh9WzWtSktV9qOdsbx/DpCfv/SsNt/ml9+PaI2YD1b77/Z6D194+tXz+o612Ol+tU/Xy82qy/FNH0OX87indtP/j8dl/8x0Nu/7/78f6PRiF9fG+B85iYYqj7LFQxbg3VwBcMdB54AUX7fXCNK8fy+vjy+pSS+tSS+rSS+vSS+oyQOk+zXL/8wvF4s/87Pf9MPez4snWe7J6b/N2R98vORw5af3/c7rLstP7+fGDay35589vTnn3/uWuv+/6K9/t+O6/uBOF6P29aVmCGdL8zPq7fv/a93l1Ppk+/erD739MjffL2nO1+xZ3k+oWM/c0c9Zrrft6tfvv3d+epZvm1x2JrVNz8+2Z69Lx1/VLP8U9ny1rLlmM7qkfYru2Oa1wNWIm2//e7/T+vnTKgVL5w5e/rxOJ7W0z9Ua1uWpj/RNddJuXoC423Q9j8zobv9z8729Fqlc7+wa3l60blfqGfT5/tMX4jj6Xvum9Vtzemzp7599vnVXniYcOdfefVbJ8+ePf3dDfjiL9UQNkA1vPBiAl+Mes8ErLW5l1/6ztz5V1597MxLJ188/eLpcwuHDy/Mzx/+wsLiXPO4fq7z6B7YTJa/9EddEwAAAAAAAAAAAGBQ3zt+7Nqf3/nce632/8vt/1L7/3Tnb2r//4Os/X/eTj61g0/tAHf3iDfzZE2Ep7N8tTj8f1bfPVk5e7P3fSSm7X78Yvv/VFzeMjnV575sev783pQve5zAHc9Lmc6eQZL3F/hQTC/F9GcBRqjY1ntyTMueb53W9fR8Cs+lGE/p/5bWhvQck9T+u99zndL+f/c61JHVtx7NCUe9jEBv/9T/p8EwsUOjoRcPYGMYdf+f6bxnSs/97mtbl4aU7cZT3fvL/PmlcDc2ev+Tyt9c/X+2+78beP+X9ZhXX1m5//nx9fc6ig37Bi0/X/70HOg9w5X/YSw/Lc0jYbDyGz/Nys8vCA3oZlb+9gHLv2P596+s/P/G8tPH9uihQctv1biodNcjP2+crv/l542TW9nyp2d7LpX70O+HWP4BHjXca4u5HcuHSTYu/cwOa0z6/z30oz6B/D6Mz8bxtCNM9znk/Z0MW/90f0X6Htibzb8o+X7T/+94+2JMy7aH1P9vWh/rPcYrHeO1Hp/tZt3XwLh63/U/g2Fih0ajsbYntEqMtHBG/vmP+nfCqMsf9edfJu//Nz+Gz/v/zeN5/795PO//N4/n/etVes++Hc8/z7z/3zx+XzbfvH/gmZL4R0vi+0ri95fE95fEP1YSP1gSf6Ak/mBJ/N6S+KGS+MdL4p8oiT9cEn+0JP7Jkvhml9qjTOrywyTL2+fZ/mFypOs//bb/PSVxYHwtXP3jV5/71Tfqrfb/0+3zIek63tE4ntq/fz+O59e9Q8f4UuydOP63LL7Rz3fAJMmfn5F/vz9SEgfGV7rPy/YNE6jo/cSeQZ9b1e84n/HyqZh+OqafieljMZ2N6VxMn4jp/DrVj7XxlV/+5sjrxfLv/V1ZfND7yfP2QPlzohYGrE9+fmDY+9nz5/gN627LX2FzMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgJGpNP8uLs4UIVx++81jz544M7c05cl2jnrz71THWK39vhAej2k1pj+JL2598NqpzvR2TIswH4pQtKeHZ260S9oRQrgQDoQroR72Xb72xtX5p09cPH7p4LtvHbm+dp8AAAAAbH7/CwAA//9vMBaq")

658.862931ms ago: executing program 0 (id=241):
ioctl$SCSI_IOCTL_SEND_COMMAND(0xffffffffffffffff, 0x1, &(0x7f0000000240)={0x0, 0x40000080})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x7, 0x0, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000080)={<r3=>0xffffffffffffffff})
sendmmsg$sock(r3, &(0x7f00000044c0), 0x4000000000001c0, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)

526.774685ms ago: executing program 1 (id=242):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0)
write$UHID_CREATE2(r0, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0)
r1 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
setsockopt$rose(r1, 0x104, 0x5, &(0x7f0000000000)=0x80000000, 0x4)

525.996278ms ago: executing program 1 (id=243):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000140)='/dev/comedi4\x00', 0x2, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x3000007, 0x13, r0, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x3000004, 0x3032, 0xffffffffffffffff, 0x0)

417.69692ms ago: executing program 2 (id=244):
r0 = socket(0xa, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f00000000c0)={@multicast2, @multicast1}, 0xc)

140.947951ms ago: executing program 2 (id=245):
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{0x77359400}, {0x77359400}}, 0x0)
io_cancel(0x0, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x100000001, 0x0, 0x2}, 0x0)

66.736406ms ago: executing program 1 (id=246):
openat$ptp0(0xffffffffffffff9c, &(0x7f0000000040), 0x60442, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x1, 0x7fff0000}]})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pselect6(0x40, &(0x7f0000000080)={0x0, 0x3, 0x0, 0x0, 0x8000, 0x0, 0x0, 0x7}, &(0x7f00000000c0)={0x1f, 0x0, 0x8, 0x5, 0xfffffffffffffff8, 0x0, 0x4000000000}, 0x0, 0x0, 0x0)

126.764µs ago: executing program 2 (id=247):
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)={0x14, 0x0, 0x8, 0x5, 0x0, 0x0, {0x0, 0x0, 0x8}}, 0x14}, 0x1, 0x0, 0x0, 0x4010}, 0x80)
syz_mount_image$udf(&(0x7f0000000500), &(0x7f0000000ac0)='./file0\x00', 0x2004008, &(0x7f0000000080)=ANY=[@ANYRES64=0x0], 0xfe, 0x4f5, &(0x7f00000005c0)="$eJzs3F1oJVcdAPD/mb03e5Mu7e3XdrUFgyIbW7sk2bS7GpGmXWOFoGCagj4oaT7W0HwsSSpN8aMgiqAg+KAFn/vQIrKKoPTJJx98VhH6Ij74KEEKPogoM5n7kextE3tzk83m94Pknjvzn7kzw/2fOefcmQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOLpz0wMj6Tj3goA4Ch9fvqLw6PO/wBwqjyn/w8AAKdFiiw+ESnG/7adLhbvd9SmllZfennm2mTnxfpTseSZIj7/q42MXh574skrVxuv7738YftAfGH6uYnBZ9ZWbqwvbGwszA/OrC7Nrc0vHHgN3S6/16PFARhcefGl+cXFjcHRS5d3zX65/vezd52vj18de2KuETtzbXJyui2mUn3fn34LPTw66YssfhUpXvvkL9JQRGTRfS7sU3f0Wn9U8vwrdmLm2mSxI8tLs6ub+czUSITK7pzoa+TIEeRiV4YiHs+3tU9G071qZDERKT4U2+ljEXGmkQePFT8M7r+CyhFsZAf5dl6JiGfjBOQs3KbORha/jRQr99Ti0eNLZ+AYVCKL70eKi5/eTo8V7YH8fJo3m6eeH/zc6uJaW2xK5Rn1pPcPjpK2CbexWmQxVLT4t9PHj3tjgCPVH1l8OVL8+U9fL8aVohiXvmf86lefGm4fYXpon/XksZciYvSAffJqY6wxXzY73H0CAAAAAAAAAACAO10tZfHzSPHNh2vF+2ebF8j/7r+FY94+oIdSFv+JFM//cru4Nb79uRRn2p7v0XTS7/3p7fb3155Zu7G1vnT9a5sd5w/UJl7Y2Fyfnes8O/qj1rouurDfcwygC9WUxYcjxcNTN1vfu3rKy+WtwK0v2uufan03a2nP3KLeuHvneTaNewi+MvnR9nLHr+z/cX9cvfxc9ygDQHdSyuIPkeKzL1wozqspBuKWNmgZdzZSvPOPR8q4rC8vNE7T9eJ/bXFpeWE4j/11pOj/XiM2itiBMvb+VuxIHvt0pPjxD3bH3lXGPtCKHc1jvxMpfv9a59gHW7GX89if5u2a6cFG7EBeeLCMPd+KvTS3tjzfswMMt7G8/f9GpFi+ezA1crnMl7KZfaYZ+/o3Wu39V/eu6F3a/N22/+tt014t66G8vlh860JR9xT1VaVzffWXSPGbfz9Sxu3UFX3l/HuL/6366s1I8cbbu2MbDwq5rxU7cuADCydAnv/nIsUft242c6PM/zID2/r/bfn/wbJ2aI0Z9Cb/722bVi8/9+zh7Dqcehtbr7w4u7y8sK6goKDQLBx3zQT0Wt7+fydS/Gz57WZ/t2z/n9t51+r//+tbrfb/+N4V9aj9f1/btPGyN1KtRNQ2V25UH4qobWy98vjSyuz1hesLq2PDI0+OjoyNjV6p9jU6961S18cK7jR5/n83Uqx96c3m+Pzu/n/n8b+BvSvqUf7f3zZtYFd/petdh1Mvz/+pSPGTf95s/o72XuN/jfG+oY/svDYfpt2j/H+gbVq9/Nxzh7PrAAAAAAAAAAAAcGJVUxY/ihR//WElNZ6NcZDrf295YEaPrv873zZt/ojuV+z6oAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8K6yyGItUrz11Hb6dj7hQsTF9lfgjvW/AAAA//8Qgywy")
stat(&(0x7f0000000c00)='./file0\x00', 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0xc2)
open_by_handle_at(r0, &(0x7f0000000180)=ANY=[@ANYBLOB="220000005100030005"], 0xd800)

0s ago: executing program 1 (id=248):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f00000001c0)=ANY=[@ANYBLOB='iocharset=maccyrillic,discard,gid=', @ANYRESHEX=0x0, @ANYBLOB=',errors=remount-ro,iocharset=cp936,errors=continue,iocharset=ascii,errors=remount-ro,time_offset=0x0000000000000008,errors=remount-ro,utf8,uid=', @ANYRESHEX=0x0, @ANYBLOB='8\x00'], 0x1, 0x1524, &(0x7f0000002280)="$eJzs3AuYTlXbOPD7XmvtMSbpaZLDsNa6N09yWCZJckiSQ5IkSZJTQtIkryQkhpyShiQkhyE5DCE5TEwa5/P5kJAkTZKE5JSs/yX8vb31fu/7fm/f67u+uX/XtS/rfva+1773cz+HvbeZ+a7zkBqNalZtQETwb8GL/yQDQCwADACA6wAgAICy8WXjL6zPKTH539sJ+3M9kna1K2BXE/c/e+P+Z2/c/+yN+5+9cf+zN+5/9sb9z964/4xlZ5umFbiel+y78P3/7Iy///8PySo15qs1pW7sAhDzz6Zw/7M37v//WcE/sxH3P3vj/mdXsVe7APa/AL//s4Mcf3cN9z974/4zlp1d7fvPV3uBSPZ+Dq72648xxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGWPZw2l+hAODy+GrXxRhjjDHGGGOMsT+Pz3G1K2CMMcYYY4wxxtj/PAQBEhQEEAM5IBZyQhwIALgWcsN1EIHrIR5ugDxwI+SFfJAfCkACFIRCoMGABYIQCkMRiMJNUBRuhmJQHEpASXBQChLhFigNt0IZuA3Kwu1QDu6A8lABKkIluBMqw11QBe6GqnAPVIPqUANqwr1QC+6D2nA/1IEHoC48CPXgIagPD0MDeAQawqPQCB6DxvA4NIGm0AyaQ4v/Vv5L0B1ehh7QE5KhF/SGV6AP9IV+0B8GwKswEF6DQfA6pMBgGAJvwFB4E4bBWzAcRsBIeBtGwTswGsbAWBgHqTAeJsC7MBHeg0kwGabAVEiDaTAd3ocZMBNmwQcwGz6EOTAX5sF8SIePYAEshAz4GBbBJ5AJi2EJLIVlsBxWwEpYBathDayFdbAeNsBG2ASbYQtshW2wHXbAp7ATPoNdsBv2wOewF774F/NP/U1+FwQEFChQocIYjMFYjMU4jMNcmAtzY26MYATjMR7zYB7Mi3kxP+bHBEzAQlgIDRokJCyMhTGKUSyKRbEYFsMSWAIdOkzERCyNt2IZLINlsSyWw3JYHitgBayElbAyVsYqWAWrYlWshtWwBtbAe/Fe7IW1sTbWwTpYF+tevj2FDbABNsSG2AgbYWNsjE2wCTbDZtgCW2BLbImtsBW2wTbYFttiO2yHSZiE7bE9dsAO2BE7YifshJ2xM3bBrtg166UcgC/jy9gTq4le2Bt7Yx9MydEP+2N/fBUH4mv4Gr6OKTgYh+Ab+Aa+icPwJA7HETgSR2Jl8Q6OxjFIYhymYipOwAk4ESfiJJyMk3EqpuE0nI7TcQbOxJn4Ac7GD/FDnItzcT6mYzouwIWYgRm4CE9hJi7GJbgUl+FyXIYrcRWuxDW4FtfgelyPG3EjbsbNuBW34nbcjp+iAsDPcDfuxhTci3txH+7D/bgfD+ABzMIsPIgH8RAewsN4GI/gETyKx/A4HsMTeAJP4ik8jafxLJ7Fc/hCwjcNPy2+OgXEBUooESNiRKyIFXEiTuQSuURukVtERETEi3iRR+QReUVekV/kFwkiQRQShYQRRpAIYwBAREVUFBVFRTFRTJQQJYQTTiSKRFFalBZlRBlRVtwuyok7RHlRQbR2lUQlUVm0cVXE3aKqqCqqieqihqgpaopaopaoLWqLOqKOqCvqinriIVFf9MJ++Ii40JlGYjA2FkOwiWgq5KVPsJZiGLYSrUUb8ZQYgcOxnWjpksSzor0YjR3EX8QYfF50EuOws3hRdBFdRTfxkuguWrkeoqeYhL1EbzEV+4i+op/oL2ZgdfEBzs5ZQ7wuUsRgMUS8Iebjm2KYeEsMFyPESPG2GCXeEaPFGDFWjBOpYryYIN4VE8V7YpKYLKaIqSJNTBPTxftihpgpZokPxGzxoZgj5op5Yr5IFx+JBWKhyBAfi0XiE5EpFoslYqlYJpaLFWKlWCVWizVirVgn1osNYqPYJDaLLWKr2Ca2ix3iU7FTfCZ2id1ij/hc7BVfiH3iS7FffCUOiK9FlvhGHBTfikPiO3FYfC+OiB/EUXFMHBc/ihPiJ3FSnBKnxRlxVvwszolfxHnhBUiUQkqpZCBjZA4ZK3PKOHmNzCWDS8/u9TJe3iDzyBtlXplP5pcFZIIsKAtJLY20kmQoC8siMipvkkXlzbKYLC5LyJLSyVIyUd4iS8tbZRl5mywrb5fl5B2yvKwgK8pK8k5ZWd4lIXJxH9VkdVlD1pT3ymS4T9aW98s68gFZVz4o68mHZH35sGwgH5EN5aOykXxMNpaPyyayqWwmm8sW8gnZUj4pW8nWso18SraVT8t28hmZJJ+V7aW/9BJ5XnaSL8jO8kXZRXaV3eQv8rz0sofsKaEXyN7yFdlH9pX9ZH85QL4qB8rX5CD5ukyRg+UQ+YYcKt+Uw+RbcrgcIUfKt+Uo+Y4cLcfIsXKcTJXj5QT5rpwo35OT5GQ5RU6VaXKa7HdppllS/sP8d/8gf9Cve98oN8nNcovcKrfJ7XKH/FTulDvlLrlL7pF75F65V+6T++R+uV8ekAdklsySB+VBeUgekoflYXlEHpFH5TF5Rv4oT8if5El5Sp6SZ+RZeVaeu/QcgEIllFRKBSpG5VCxKqeKU9eoXOpalVtdpyLqehWvblB51I0qr8qn8qsCKkEVVIWUVkZZRSpUhVURFVU34aUXjCqhSiqnSqlEdcu/kq+KqptVMVX8N/mX60v+O/W1UC1US9VStVKtVBvVRrVVbVU71U4lqSTVXrVXHVQH1VF1VJ1UJ9VZdVZdVBfVTXVT3VV31UP1UMkqWfVWr6g+qq/qp/qrAepVNVANVIPUIJWiUtQQNUQNVUPVMDVMDVfD1Ug1Uo1So9RoNVqNVWNVqkpVE9QENVFNVJPUJDVFTVFpKk1NV9PVDDVDzVKz1Gw1W81Rc9Q8NU+lq3S1QC1QGSpDLVKLVKZarBarpWqpWq6Wq5VqpVqtVqu1aq1ar9arTLVJbVJb1Ba1TW1TO9QOtVPtVLvULrVH7VF71V61T+1T+9V+dUAdUFkqSx1UB9UhdUgdVofVEXVEHVVH1XF1XJ1QJ9RJdVKdVqfVWXVWnVPn1Hl1/sJpXyACEahABTFBTBAbxAZxQVyQK8gV5A5yB5EgEsQH8UGe4MYgb5AvyB8UCBKCgkGhQAcmsIG41PRocFNQNLg5KBYUD0oEJQMXlAoSg1uC0sGtQZngtqBscHtQLrgjKB9UCCoGlYI7g8rBXUGV4O6ganBPUC2oHtQIagb3BrWC+4Lawf1BneCBoG7wYFAveCioHzwcNAgeCRoGjwaNgseCxsHjQZOgadAsaB60+FPn9/5kviddD91TJ+teurd+RffRfXU/3V8P0K/qgfo1PUi/rlP0YD1Ev6GH6jf1MP2WHq5H6JH6bT1Kv6NH6zF6rB6nU/V4PUG/qyfq9/QkPVlP0VN1mp6mp+v39Qw9U8/SH+jZ+kM9R8/V8/R8na4/0gv0Qp2hP9aL9Cc6Uy/WS/RSvUwv1yv0Sr1Kr9Zr9Fq9Tq/XG/RGvUlv1lv0Vr1Nb9c79Kd6p/5M79K79R79ud6rv9D79Jd6v/5KH9Bf6yz9jT6ov9WH9Hf6sP5eH9E/6KP6mD6uf9Qn9E/6pD6lT+sz+qz+WZ/Tv+jz2l84ub/w9W6UUSbGxJhYE2viTJzJZXKZ3Ca3iZiIiTfxJo/JY/KavCa/yW8STIIpZAqZC8iQKWwKm6iJmqKmqClmipkSpoRxxplEk2hKm9KmjCljypqyppwpZ8qb8qaiqWjuNHeau8xd5m5zt7nH3GOqm+qmpqlpaplaprapbeqYOqauqWvqmXqmvqlvGpgGpqFpaBqZRqaxaWyamCammWlmWpgWpqVpaVqZVqaNaWPamramnWlnkkySaW/amw6mg+loOppOppPpbDqbLqaL6Wa6me6mu+lhephkk2x6m96mj+lj+pl+ZoAZYAaagWaQGWRSTIoZYoaYoWaoGWaGmeFmhBl54UTVvGNGmzFmrBlnUk2qmWAmmIlmoplkJpkpZopJM2lmupluZpgZZpaZZWab2WaOmWPmmXkm3aSbBWaByTAZZpFZZDJNpllilphlZplZYVaYVWaVWWPWmHWwzmwwG8wms8lsMVvMNrPN7DA7zE6z0+wyu8wes8fsNXvNPrPP7Df7zQFzwGSZLHPQHDSHzCFz2Bw2R8wRc9QcNcfNcXPCnDAnzUlz2pw2Z02+S9+X3sTanDbOXmNz2Wttbnud/ds4vy1gE2xBW8hqm9fm+01srLXFbHFbwpa0zpayifaW38XlbQVb0Vayd9rK9i5b5XdxLXufrW3vt3XsA7amvfc3cV37oK1nH7P1EQFsU9vQNreN7GO2sX3cNrFNbTPb3La1T9t29hmbZJ+17e1zv4sX2IV2lV1t19i1dpfdbU/bM/aQ/c6etT/bHranHWBftQPta3aQfd2m2MG/i0fat+0o+44dbcfYsXbc7+IpdqpNs9PsdPu+nWFn/i5Otx/Z2TbDzrFz7Tw7/9f4Qk0Z9mO7yH5iM20AS+xSu8wutyvsyv9f61K73m6wG+1O+5ndYrfabXa73XH5RNjutnvs53av/cIetN/a/fYre8Aetln2m1/jC8d32H5vj9gf7FF7zB63P9oT9id1OfvCsf9of7HnrbdASECSFAUUQzkolnJSHF1Duehayk3XUYSup3i6gfLQjZSX8lF+KkAJVJAKkSZDlohCKkxFKEo30eXySlBJclSKEukWKk23Uhm6jcrS7VSO7qDyVIEqUiW6kyrTXVSF7qaqdA9Vo+pUg2rSvVSL7qPadD/VoQeoLj1I9eghqk8PUwN6hBrSo9SIHqPG9Dg1oabUjJpTC3qCWtKT1IpaUxt6itrS09SOnqEkepba03PUgf5CHel56kQvUGd6kbpQV+pGL1F3epl6UE9Kpl7Um16hPtSX+lF/GkCv0kB6jQbR65RCg2kIvUFD6U0aRm/RcBpBI+ltGkXv0GgaQ2NpHKXSeJpA79JEeo8m0WSaQlMpjabRdHqfZtBMmkUf0Gz6kObQXJpH8ymdPqIFtJAy6GNaRJ9QJi2mJbSUltFyWkEraRWtpjW0ltbRetpAG2kTbaYttJW20XbaQZ/STvqMdtFu2kOf0176gvbRl7SfvqID9DVl0Td0kL6lQ/QdHabvfU/6gY7SMTpOP9IJ+olO0ik6TWfoLP1M5+gXOk+eIMRQhDJUYRDGhDnC2DBnGBdeE+YKrw1zh9eFkfD6MD68IcwT3hjmDfOF+cMCYUJYMCwU6tCENqQwDAuHRcJoeFNYNLw5LBYWD0uEJUMXlgoTw1vC0uGtYZnwtrBseHtYLrwjLB9WCB97oFJ4Z1g5vCusEt4dVg3vCauF1cMaYc3w3rBWeF9YO7w/rBM+EJYJHwzrhQ+F9cOHwwbhI2HD8NGwUfhY2Dh8PGwSNg2bhc3DFuETYcvwybBV2DpsEz4Vtg2fDtuFz4RJ4bNh+/C5X9c/uPDvr08Oe4W9w1fCV0Lv75fzovOj6dGPoguiC6MZ0Y+ji6KfRDOji6NLokujy6LLoyuiK6Oroquja6Jro+ui66Mbohuj3tfMAQ6dcNIpF7gYl8PFupwuzl3jcrlrXW53nYu46128u8HlcTe6vC6fy+8KuARX0BVy2hlnHbnQFXZFXNTd5Iq6m10xV9yVcCWdc6VcomvuWrgWrqV70rVyrV0b95R7yj3tnnbPuGfcs669e851cH9xHd3zrpN7wb3gXnRdXFfXzb3kurvxuS++J5Ndb9fb9XF9XD/Xzw1wA9xAN9ANcoNciktxQ9wQN9QNdcPcMDfcDXcj3Ug3yo1yo91oN9aNdaku1U1wE9xEN9FNcpPcFDfFpbk0N91NdzPcDFd55sW9zHFz3Dw3z6W7dLfAXThnzHCL3CKX6TLdErfELXPL3Aq3wq1yq9wat8atc+vcBrfBbXKb3Ba3xW1z29wOt8PtdDvdLn/dxUndXrfP7XP73X53wH3tstw37qD71h1y37nD7nt3xP3gjrpj7rj70Z1wP7mT7pQ77c64s+5nd8794s4771Ij4yMTIu9GJkbei0yKTI5MiUyNpEWmRaZH3o/MiMyMzIp8EJkd+TAyJzI3Mi8yP5Ie+SiyILIwkhH5OLIo8kkkM7I4siSyNLIssjzifcEtoS/si/iov8kX9Tf7Yr64L+FLeudL+UR/iy/tb/Vl/G2+rL/dl/N3+PK+gq/oH/dNfFPfzDf3LfwTvqV/0rfyrX0b/5Rv65/27fwzPsk/69v753wH/xff0T/vO/kXfGf/ou/iu/pu/iXf3b/se/iePtn38r39K76P7+v7+f5+gH/VD/Sv+UH+dZ/iB/sh/g0/1L/ph/m3/HA/wo+MeduPunyJDON8qh/vJ/h3/UT/np/kJ/spfqpP89P8dP++n+Fn+ln+Az/bf+jn+Ll+np/v0/1HfoFf6DP8x36R/8Rn+sWXbyr7FX6lX+VX+zV+rV/n1/sNfqPf5Df7LX6r3+a3+x3+U7/Tf+Z3+d1+j//c7/Vf+H3+S7/ff+UP+K99lv/GH/Tf+kP+O3/Yf++P+B/8UX/MH/c/+hP+J3/Sn/Kn/Rl/1v/sz/lf/Hn+nTXGGGOMsX/K+CtD8ds1F2/n9/qDHPFXG/cGgGu3Fsj66/UXzijX5b047isS2kYA4NmenR+5vFSrlpycfGnbTAlBkbkAl/8n6IIYuBIvhjbwNCRBayj9h/X3FV3P0j+YP3o7QNxf5cTClfjK/F8CYPIfzP/EUyMXlAtPx/8X888FKFbkSk5OuBIvhja/3l9pDWX+Tv35Wv6D+nN+lQrQ6q9ycsGV+Er9ifAkPAdJv9mSMcYYY4wxxhi7qK+o2PHy9efln/j8o+vzBHUlJwdcif/R9TljjDHGGGOMMcauvue7dnvmiaSk1h3/9UGV/1bWPz1oDP9TM/PgDwfeA1x+RAHAvzkhwIWB/E8exeb/yL5SLr11/nbVsjM+gP8drfwzBlf5g4kxxhhjjDH2p7ty0v/bx9XVKogxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMuG/hN/TuxqHyNjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDF2tf2/AAAA//9IVQM5")
mkdir(&(0x7f0000000080)='./file1\x00', 0x0)
r0 = landlock_create_ruleset(&(0x7f00000002c0)={0x2001}, 0x18, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x200000, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r0, 0x1, &(0x7f0000000340)={0x2000, r1}, 0x0)
landlock_restrict_self(r0, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', r1, &(0x7f0000000000)='./file0\x00', 0x1)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:20902' (ED25519) to the list of known hosts.
syzkaller login: [   56.447009][ T5833] cgroup: Unknown subsys name 'net'
[   56.553199][ T5833] cgroup: Unknown subsys name 'cpuset'
[   56.559025][ T5833] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   58.509963][ T5833] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   63.571626][ T5854] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   63.574528][ T5858] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   63.577961][ T5858] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   63.578089][ T5854] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   63.583512][ T5858] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   63.587580][ T5858] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   63.587981][ T5854] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   63.593463][ T5858] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   63.598481][ T5854] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   63.603004][ T5854] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   63.663441][ T5854] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   63.667355][ T5854] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   63.671243][ T5854] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   63.674975][ T5854] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   63.678507][ T5854] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   63.910067][ T5851] chnl_net:caif_netlink_parms(): no params data found
[   64.066091][ T5855] chnl_net:caif_netlink_parms(): no params data found
[   64.157769][ T5860] chnl_net:caif_netlink_parms(): no params data found
[   64.165943][ T5851] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.168268][ T5851] bridge0: port 1(bridge_slave_0) entered disabled state
[   64.172269][ T5851] bridge_slave_0: entered allmulticast mode
[   64.175320][ T5851] bridge_slave_0: entered promiscuous mode
[   64.179644][ T5851] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.182330][ T5851] bridge0: port 2(bridge_slave_1) entered disabled state
[   64.184988][ T5851] bridge_slave_1: entered allmulticast mode
[   64.188064][ T5851] bridge_slave_1: entered promiscuous mode
[   64.281934][ T5851] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   64.303175][ T5855] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.306645][ T5855] bridge0: port 1(bridge_slave_0) entered disabled state
[   64.309957][ T5855] bridge_slave_0: entered allmulticast mode
[   64.313920][ T5855] bridge_slave_0: entered promiscuous mode
[   64.320380][ T5851] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   64.336214][ T5855] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.338843][ T5855] bridge0: port 2(bridge_slave_1) entered disabled state
[   64.342332][ T5855] bridge_slave_1: entered allmulticast mode
[   64.345213][ T5855] bridge_slave_1: entered promiscuous mode
[   64.407057][ T5851] team0: Port device team_slave_0 added
[   64.413616][ T5855] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   64.417236][ T5860] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.420501][ T5860] bridge0: port 1(bridge_slave_0) entered disabled state
[   64.422933][ T5860] bridge_slave_0: entered allmulticast mode
[   64.425751][ T5860] bridge_slave_0: entered promiscuous mode
[   64.430080][ T5851] team0: Port device team_slave_1 added
[   64.432747][ T5860] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.435615][ T5860] bridge0: port 2(bridge_slave_1) entered disabled state
[   64.438163][ T5860] bridge_slave_1: entered allmulticast mode
[   64.441958][ T5860] bridge_slave_1: entered promiscuous mode
[   64.446460][ T5855] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   64.497407][ T5851] batman_adv: batadv0: Adding interface: batadv_slave_0
[   64.500221][ T5851] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   64.511125][ T5851] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   64.533601][ T5860] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   64.538346][ T5855] team0: Port device team_slave_0 added
[   64.541849][ T5851] batman_adv: batadv0: Adding interface: batadv_slave_1
[   64.544610][ T5851] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   64.554623][ T5851] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   64.569051][ T5860] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   64.589397][ T5855] team0: Port device team_slave_1 added
[   64.623003][ T5860] team0: Port device team_slave_0 added
[   64.627945][ T5860] team0: Port device team_slave_1 added
[   64.645924][ T5855] batman_adv: batadv0: Adding interface: batadv_slave_0
[   64.648621][ T5855] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   64.657801][ T5855] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   64.680695][ T5855] batman_adv: batadv0: Adding interface: batadv_slave_1
[   64.682894][ T5855] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   64.691254][ T5855] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   64.726631][ T5851] hsr_slave_0: entered promiscuous mode
[   64.730720][ T5851] hsr_slave_1: entered promiscuous mode
[   64.742371][ T5860] batman_adv: batadv0: Adding interface: batadv_slave_0
[   64.745234][ T5860] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   64.756332][ T5860] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   64.762936][ T5860] batman_adv: batadv0: Adding interface: batadv_slave_1
[   64.765860][ T5860] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[   64.776614][ T5860] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   64.825123][ T5855] hsr_slave_0: entered promiscuous mode
[   64.827493][ T5855] hsr_slave_1: entered promiscuous mode
[   64.830405][ T5855] debugfs: 'hsr0' already exists in 'hsr'
[   64.832385][ T5855] Cannot create hsr debugfs directory
[   64.889658][ T5860] hsr_slave_0: entered promiscuous mode
[   64.894274][ T5860] hsr_slave_1: entered promiscuous mode
[   64.897329][ T5860] debugfs: 'hsr0' already exists in 'hsr'
[   64.900250][ T5860] Cannot create hsr debugfs directory
[   65.215591][ T5851] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   65.223668][ T5851] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   65.233412][ T5851] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   65.238541][ T5851] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   65.301930][ T5855] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   65.317615][ T5855] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   65.335336][ T5855] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   65.344202][ T5855] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   65.403131][ T5860] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   65.415233][ T5860] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   65.423034][ T5860] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   65.432251][ T5860] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   65.482843][ T5851] 8021q: adding VLAN 0 to HW filter on device bond0
[   65.525957][ T5851] 8021q: adding VLAN 0 to HW filter on device team0
[   65.554009][   T53] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.556301][   T53] bridge0: port 1(bridge_slave_0) entered forwarding state
[   65.573223][   T53] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.576112][   T53] bridge0: port 2(bridge_slave_1) entered forwarding state
[   65.606538][ T5855] 8021q: adding VLAN 0 to HW filter on device bond0
[   65.656286][ T5855] 8021q: adding VLAN 0 to HW filter on device team0
[   65.676127][ T3662] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.678788][ T3662] bridge0: port 1(bridge_slave_0) entered forwarding state
[   65.684579][ T5854] Bluetooth: hci0: command tx timeout
[   65.684588][ T5240] Bluetooth: hci1: command tx timeout
[   65.697477][ T5860] 8021q: adding VLAN 0 to HW filter on device bond0
[   65.711919][ T3662] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.714805][ T3662] bridge0: port 2(bridge_slave_1) entered forwarding state
[   65.760324][ T5854] Bluetooth: hci2: command tx timeout
[   65.771317][ T5860] 8021q: adding VLAN 0 to HW filter on device team0
[   65.799176][ T3662] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.802116][ T3662] bridge0: port 1(bridge_slave_0) entered forwarding state
[   65.809812][ T3662] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.812743][ T3662] bridge0: port 2(bridge_slave_1) entered forwarding state
[   65.834559][ T5860] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   65.837862][ T5860] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   65.956995][ T5851] 8021q: adding VLAN 0 to HW filter on device batadv0
[   65.976275][ T5855] 8021q: adding VLAN 0 to HW filter on device batadv0
[   66.023937][ T5851] veth0_vlan: entered promiscuous mode
[   66.042836][ T5851] veth1_vlan: entered promiscuous mode
[   66.085490][ T5860] 8021q: adding VLAN 0 to HW filter on device batadv0
[   66.088781][ T5855] veth0_vlan: entered promiscuous mode
[   66.098935][ T5855] veth1_vlan: entered promiscuous mode
[   66.126195][ T5851] veth0_macvtap: entered promiscuous mode
[   66.141773][ T5851] veth1_macvtap: entered promiscuous mode
[   66.166284][ T5851] batman_adv: batadv0: Interface activated: batadv_slave_0
[   66.181244][ T5855] veth0_macvtap: entered promiscuous mode
[   66.191054][ T5851] batman_adv: batadv0: Interface activated: batadv_slave_1
[   66.204706][ T5855] veth1_macvtap: entered promiscuous mode
[   66.208943][ T5860] veth0_vlan: entered promiscuous mode
[   66.220899][ T5860] veth1_vlan: entered promiscuous mode
[   66.230985][ T5889] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   66.235687][ T5889] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   66.242513][ T5889] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   66.251809][ T5889] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   66.270327][ T5855] batman_adv: batadv0: Interface activated: batadv_slave_0
[   66.294094][ T5855] batman_adv: batadv0: Interface activated: batadv_slave_1
[   66.323773][   T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   66.355065][   T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   66.364516][   T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   66.367235][   T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   66.374964][ T5860] veth0_macvtap: entered promiscuous mode
[   66.374990][   T53] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.388470][ T5860] veth1_macvtap: entered promiscuous mode
[   66.390674][   T53] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.447679][  T305] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.451350][  T305] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.473924][ T5860] batman_adv: batadv0: Interface activated: batadv_slave_0
[   66.488532][ T3662] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.498239][ T3662] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.506689][ T5860] batman_adv: batadv0: Interface activated: batadv_slave_1
[   66.521763][ T5851] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   66.526410][ T5880] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   66.534938][ T5880] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   66.538372][ T5880] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   66.563584][ T5880] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   66.604213][ T3596] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.607412][ T3596] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.668910][ T3662] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.673286][ T3662] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.744057][ T3662] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.747084][ T3662] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.841985][ T5926] netlink: 'syz.2.5': attribute type 29 has an invalid length.
[   66.858320][ T5928] Attempt to restore checkpoint with obsolete wellknown handles
[   66.963886][ T5934] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8'.
[   67.072894][ T5938] misc userio: The device must be registered before sending interrupts
[   67.101815][ T5942] loop2: detected capacity change from 0 to 128
[   67.299640][ T5930] loop1: detected capacity change from 0 to 32768
[   67.318994][ T5930] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[   67.351117][ T5930] XFS (loop1): Ending clean mount
[   67.365748][ T5930] XFS (loop1): Quotacheck needed: Please wait.
[   67.410939][ T5930] XFS (loop1): Quotacheck: Done.
[   67.487969][ T5860] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[   67.511477][ T5965] loop0: detected capacity change from 0 to 1024
[   67.529389][ T5965] EXT4-fs: Ignoring removed orlov option
[   67.531751][ T5965] EXT4-fs: Ignoring removed nomblk_io_submit option
[   67.558121][ T5965] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   67.651336][ T5855] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   67.760860][ T5854] Bluetooth: hci0: command tx timeout
[   67.763352][ T5972] netlink: 8 bytes leftover after parsing attributes in process `syz.1.20'.
[   67.769973][ T5854] Bluetooth: hci1: command tx timeout
[   67.847542][ T5854] Bluetooth: hci2: command tx timeout
[   68.454472][ T5994] netlink: 'syz.2.28': attribute type 1 has an invalid length.
[   68.457986][ T5994] netlink: 60 bytes leftover after parsing attributes in process `syz.2.28'.
[   68.640652][ T5917] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   68.685138][ T5996] loop2: detected capacity change from 0 to 32768
[   68.741260][ T5996] =======================================================
[   68.741260][ T5996] WARNING: The mand mount option has been deprecated and
[   68.741260][ T5996]          and is ignored by this kernel. Remove the mand
[   68.741260][ T5996]          option from the mount to silence this warning.
[   68.741260][ T5996] =======================================================
[   68.783114][ T5996] JBD2: Ignoring recovery information on journal
[   68.789467][ T5917] usb 2-1: Using ep0 maxpacket: 32
[   68.807939][ T5917] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[   68.837145][ T5917] usb 2-1: config 0 interface 0 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 0
[   68.844737][ T5996] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[   68.847176][ T5917] usb 2-1: config 0 interface 0 has no altsetting 0
[   68.856844][ T5917] usb 2-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[   68.860608][ T5917] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   68.862964][ T5917] usb 2-1: Product: syz
[   68.864212][ T5917] usb 2-1: Manufacturer: syz
[   68.865601][ T5917] usb 2-1: SerialNumber: syz
[   68.878273][ T5917] usb 2-1: config 0 descriptor??
[   68.933838][ T5851] ocfs2: Unmounting device (7,2) on (node local)
[   69.334285][ T5917] gs_usb 2-1:0.0: Configuring for 1 interfaces
[   69.409706][ T6005] netlink: 168 bytes leftover after parsing attributes in process `syz.2.32'.
[   69.623798][    T9] IPVS: starting estimator thread 0...
[   69.710207][ T6008] IPVS: using max 64 ests per chain, 153600 per kthread
[   69.744539][ T5917] gs_usb 2-1:0.0: Disabling termination support for channel 0 (-EPROTO)
[   69.748550][ T5917] gs_usb 2-1:0.0: Couldn't register candev for channel 0 (-EINVAL)
[   69.782820][ T5917] gs_usb 2-1:0.0: probe with driver gs_usb failed with error -22
[   69.815410][ T5917] usb 2-1: USB disconnect, device number 2
[   69.839967][ T5854] Bluetooth: hci0: command tx timeout
[   69.850993][ T5924] udevd[5924]: setting owner of /dev/bus/usb/002/002 to uid=0, gid=0 failed: No such file or directory
[   69.858894][ T6011] warning: `syz.2.34' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[   69.919532][ T5854] Bluetooth: hci2: command tx timeout
[   70.106012][ T6015] loop2: detected capacity change from 0 to 4096
[   70.152456][ T6018] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   70.239900][ T5854] Bluetooth: hci1: command tx timeout
[   70.382327][ T6028] loop2: detected capacity change from 0 to 1024
[   70.397929][ T6028] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   70.409619][ T6028] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[   70.413808][ T6028] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (53380!=20869)
[   70.417744][ T6028] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[   70.622899][ T6030] loop0: detected capacity change from 0 to 40427
[   70.727650][ T6028] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   70.780600][ T6030] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   70.788335][ T6030] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   71.083884][ T6042] syz.0.43: attempt to access beyond end of device
[   71.083884][ T6042] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   71.107883][ T6042] F2FS-fs (loop0): access invalid blkaddr:2048
[   71.110573][ T6042] CPU: 1 UID: 0 PID: 6042 Comm: syz.0.43 Not tainted syzkaller #0 PREEMPT(full) 
[   71.110592][ T6042] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   71.110601][ T6042] Call Trace:
[   71.110618][ T6042]  <TASK>
[   71.110631][ T6042]  dump_stack_lvl+0x189/0x250
[   71.110657][ T6042]  ? __pfx_dump_stack_lvl+0x10/0x10
[   71.110674][ T6042]  ? __pfx_f2fs_get_dnode_of_data+0x10/0x10
[   71.110700][ T6042]  ? kasan_save_track+0x3e/0x80
[   71.110715][ T6042]  ? __kasan_slab_alloc+0x6c/0x80
[   71.110735][ T6042]  __f2fs_is_valid_blkaddr+0xe52/0x14f0
[   71.110757][ T6042]  f2fs_map_blocks+0xd84/0x4130
[   71.110804][ T6042]  ? __pfx_f2fs_map_blocks+0x10/0x10
[   71.110819][ T6042]  ? xa_load+0x60/0x210
[   71.110849][ T6042]  ? xa_load+0x1ea/0x210
[   71.110871][ T6042]  f2fs_mpage_readpages+0xc1b/0x1ba0
[   71.110895][ T6042]  ? rcu_is_watching+0x15/0xb0
[   71.110920][ T6042]  ? __pfx_f2fs_mpage_readpages+0x10/0x10
[   71.110959][ T6042]  ? f2fs_readahead+0x177/0x330
[   71.110978][ T6042]  read_pages+0x17a/0x580
[   71.110999][ T6042]  ? __pfx_read_pages+0x10/0x10
[   71.111021][ T6042]  ? filemap_add_folio+0x35f/0x540
[   71.111042][ T6042]  page_cache_ra_unbounded+0x75e/0x9a0
[   71.111074][ T6042]  f2fs_readdir+0x49b/0xa60
[   71.111109][ T6042]  ? __pfx_f2fs_readdir+0x10/0x10
[   71.111122][ T6042]  ? lock_acquire+0x175/0x360
[   71.111154][ T6042]  ? down_read_killable+0x1d1/0x350
[   71.111203][ T6042]  iterate_dir+0x399/0x570
[   71.111223][ T6042]  __se_sys_getdents+0xe4/0x250
[   71.111249][ T6042]  ? __pfx___se_sys_getdents+0x10/0x10
[   71.111263][ T6042]  ? __pfx_filldir+0x10/0x10
[   71.111285][ T6042]  ? do_syscall_64+0xbe/0xfa0
[   71.111305][ T6042]  do_syscall_64+0xfa/0xfa0
[   71.111322][ T6042]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   71.111335][ T6042]  ? asm_sysvec_call_function_single+0x1a/0x20
[   71.111352][ T6042]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   71.111365][ T6042] RIP: 0033:0x7efe8eb8ec29
[   71.111379][ T6042] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   71.111390][ T6042] RSP: 002b:00007efe8fa64038 EFLAGS: 00000246 ORIG_RAX: 000000000000004e
[   71.111405][ T6042] RAX: ffffffffffffffda RBX: 00007efe8edd6180 RCX: 00007efe8eb8ec29
[   71.111416][ T6042] RDX: 00000000000000b8 RSI: 0000200000001fc0 RDI: 0000000000000009
[   71.111424][ T6042] RBP: 00007efe8ec11e41 R08: 0000000000000000 R09: 0000000000000000
[   71.111433][ T6042] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   71.111441][ T6042] R13: 00007efe8edd6218 R14: 00007efe8edd6180 R15: 00007fff4498a8d8
[   71.111464][ T6042]  </TASK>
[   71.237144][ T1361] ieee802154 phy0 wpan0: encryption failed: -22
[   71.253832][ T1361] ieee802154 phy1 wpan1: encryption failed: -22
[   71.285245][ T6042] syz.0.43: attempt to access beyond end of device
[   71.285245][ T6042] loop0: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[   71.291049][ T6042] syz.0.43: attempt to access beyond end of device
[   71.291049][ T6042] loop0: rw=0, sector=45064, nr_sectors = 8 limit=40427
[   71.310911][ T5851] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   71.913455][ T5855] syz-executor: attempt to access beyond end of device
[   71.913455][ T5855] loop0: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[   71.919807][ T5854] Bluetooth: hci0: command tx timeout
[   71.961478][ T5855] CPU: 1 UID: 0 PID: 5855 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[   71.961499][ T5855] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   71.961507][ T5855] Call Trace:
[   71.961513][ T5855]  <TASK>
[   71.961520][ T5855]  dump_stack_lvl+0x189/0x250
[   71.961543][ T5855]  ? __pfx_dump_stack_lvl+0x10/0x10
[   71.961559][ T5855]  ? __pfx_queue_work_on+0x10/0x10
[   71.961570][ T5855]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   71.961586][ T5855]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   71.961610][ T5855]  f2fs_handle_critical_error+0x37c/0x540
[   71.961632][ T5855]  f2fs_write_end_io+0x886/0xb60
[   71.961664][ T5855]  __submit_merged_bio+0x27a/0x6a0
[   71.961683][ T5855]  __submit_merged_write_cond+0x255/0x530
[   71.961734][ T5855]  f2fs_write_data_pages+0x261d/0x3000
[   71.961781][ T5855]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   71.961839][ T5855]  ? check_path+0x21/0x40
[   71.961850][ T5855]  ? check_noncircular+0xe0/0x160
[   71.961914][ T5855]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   71.961930][ T5855]  do_writepages+0x32e/0x550
[   71.961954][ T5855]  ? do_raw_spin_unlock+0x4d/0x240
[   71.961973][ T5855]  filemap_fdatawrite+0x199/0x240
[   71.961987][ T5855]  ? __pfx_filemap_fdatawrite+0x10/0x10
[   71.962043][ T5855]  ? do_raw_spin_unlock+0x4d/0x240
[   71.962062][ T5855]  f2fs_sync_dirty_inodes+0x31f/0x830
[   71.962117][ T5855]  f2fs_write_checkpoint+0x93e/0x2440
[   71.962134][ T5855]  ? __lock_acquire+0xab9/0xd20
[   71.962177][ T5855]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[   71.962243][ T5855]  kill_f2fs_super+0x2cc/0x6d0
[   71.962265][ T5855]  ? __pfx_kill_f2fs_super+0x10/0x10
[   71.962296][ T5855]  ? shrinker_free+0x2ce/0x3e0
[   71.962318][ T5855]  deactivate_locked_super+0xbc/0x130
[   71.962340][ T5855]  cleanup_mnt+0x425/0x4c0
[   71.962358][ T5855]  ? lockdep_hardirqs_on+0x9c/0x150
[   71.962376][ T5855]  task_work_run+0x1d4/0x260
[   71.962396][ T5855]  ? __pfx_task_work_run+0x10/0x10
[   71.962409][ T5855]  ? __x64_sys_umount+0x122/0x160
[   71.962426][ T5855]  ? exit_to_user_mode_loop+0x40/0x130
[   71.962447][ T5855]  exit_to_user_mode_loop+0xe9/0x130
[   71.962465][ T5855]  do_syscall_64+0x2bd/0xfa0
[   71.962479][ T5855]  ? lockdep_hardirqs_on+0x9c/0x150
[   71.962494][ T5855]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   71.962507][ T5855]  ? exc_page_fault+0xab/0x100
[   71.962524][ T5855]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   71.962536][ T5855] RIP: 0033:0x7efe8eb8ff57
[   71.962549][ T5855] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[   71.962560][ T5855] RSP: 002b:00007fff44989b68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   71.962574][ T5855] RAX: 0000000000000000 RBX: 00007efe8ec11c2d RCX: 00007efe8eb8ff57
[   71.962582][ T5855] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff44989c20
[   71.962590][ T5855] RBP: 00007fff44989c20 R08: 0000000000000000 R09: 0000000000000000
[   71.962597][ T5855] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff4498acb0
[   71.962605][ T5855] R13: 00007efe8ec11c2d R14: 000000000001164a R15: 00007fff4498acf0
[   71.962632][ T5855]  </TASK>
[   72.099214][ T5854] Bluetooth: hci2: command tx timeout
[   72.105407][ T5855] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[   72.335038][ T6050] evm: overlay not supported
[   72.348039][   T33] audit: type=1804 audit(1759226461.173:2): pid=6050 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.48" name="/newroot/6/bus/bus" dev="overlay" ino=58 res=1 errno=0
[   72.377530][   T33] audit: type=1804 audit(1759226461.173:3): pid=6050 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.48" name="/newroot/6/bus/bus" dev="overlay" ino=58 res=1 errno=0
[   72.409398][   T33] audit: type=1800 audit(1759226461.173:4): pid=6050 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.48" name="bus" dev="overlay" ino=58 res=0 errno=0
[   73.042701][ T6078] loop2: detected capacity change from 0 to 256
[   73.064578][ T6078] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   73.068616][ T6078] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[   73.094109][ T6078] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe5674ec2, utbl_chksum : 0xe619d30d)
[   73.099911][ T6078] exFAT-fs (loop2): failed to load alloc-bitmap
[   73.102409][ T6078] exFAT-fs (loop2): failed to recognize exfat type
[   73.595311][ T6084] loop2: detected capacity change from 0 to 256
[   73.683035][ T6086] netlink: 'syz.0.63': attribute type 4 has an invalid length.
[   73.691885][ T6086] netlink: 'syz.0.63': attribute type 4 has an invalid length.
[   73.997506][ T6090] lo: entered promiscuous mode
[   73.999066][ T6090] lo: entered allmulticast mode
[   74.001797][ T6090] tunl0: entered promiscuous mode
[   74.003400][ T6090] tunl0: entered allmulticast mode
[   74.005350][ T6090] gre0: entered promiscuous mode
[   74.006874][ T6090] gre0: entered allmulticast mode
[   74.009520][ T6090] gretap0: entered promiscuous mode
[   74.011218][ T6090] gretap0: entered allmulticast mode
[   74.013212][ T6090] erspan0: entered promiscuous mode
[   74.015063][ T6090] erspan0: entered allmulticast mode
[   74.017005][ T6090] ip_vti0: entered promiscuous mode
[   74.018636][ T6090] ip_vti0: entered allmulticast mode
[   74.020876][ T6090] ip6_vti0: entered promiscuous mode
[   74.022478][ T6090] ip6_vti0: entered allmulticast mode
[   74.024698][ T6090] sit0: entered promiscuous mode
[   74.026281][ T6090] sit0: entered allmulticast mode
[   74.028353][ T6090] ip6tnl0: entered promiscuous mode
[   74.030216][ T6090] ip6tnl0: entered allmulticast mode
[   74.032764][ T6090] ip6gre0: entered promiscuous mode
[   74.034671][ T6090] ip6gre0: entered allmulticast mode
[   74.037117][ T6090] syz_tun: entered promiscuous mode
[   74.038804][ T6090] syz_tun: entered allmulticast mode
[   74.040964][ T6090] ip6gretap0: entered promiscuous mode
[   74.043087][ T6090] ip6gretap0: entered allmulticast mode
[   74.045826][ T6090] bridge0: entered promiscuous mode
[   74.166767][ T6090] bridge0: entered allmulticast mode
[   74.170078][ T6090] vcan0: entered promiscuous mode
[   74.171873][ T6090] vcan0: entered allmulticast mode
[   74.174776][ T6090] bond0: entered promiscuous mode
[   74.176431][ T6090] bond_slave_0: entered promiscuous mode
[   74.178390][ T6090] bond_slave_1: entered promiscuous mode
[   74.181266][ T6090] bond0: entered allmulticast mode
[   74.183015][ T6090] bond_slave_0: entered allmulticast mode
[   74.185080][ T6090] bond_slave_1: entered allmulticast mode
[   74.188393][ T6090] team0: entered promiscuous mode
[   74.190329][ T6090] team_slave_0: entered promiscuous mode
[   74.192344][ T6090] team_slave_1: entered promiscuous mode
[   74.194616][ T6090] team0: entered allmulticast mode
[   74.196170][ T6090] team_slave_0: entered allmulticast mode
[   74.198084][ T6090] team_slave_1: entered allmulticast mode
[   74.202726][ T6090] dummy0: entered promiscuous mode
[   74.204565][ T6090] dummy0: entered allmulticast mode
[   74.208320][ T6090] nlmon0: entered promiscuous mode
[   74.219447][ T6090] nlmon0: entered allmulticast mode
[   74.283723][ T6090] caif0: entered promiscuous mode
[   74.285913][ T6090] caif0: entered allmulticast mode
[   74.288299][ T6090] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[   74.779486][ T5918] usb 3-1: new full-speed USB device number 2 using dummy_hcd
[   74.989409][  T794] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   75.021960][ T5918] usb 3-1: unable to get BOS descriptor or descriptor too short
[   75.354248][ T6106] loop1: detected capacity change from 0 to 4096
[   75.367391][ T5918] usb 3-1: not running at top speed; connect to a high speed hub
[   75.401000][ T5918] usb 3-1: config 1 interface 0 has no altsetting 0
[   75.407458][ T5918] usb 3-1: New USB device found, idVendor=05ac, idProduct=0247, bcdDevice= 0.40
[   75.411890][ T5918] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   75.415595][ T5918] usb 3-1: Product: syz
[   75.417259][ T5918] usb 3-1: Manufacturer: syz
[   75.419072][ T5918] usb 3-1: SerialNumber: syz
[   75.433095][  T794] usb 1-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[   75.436717][  T794] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   75.443981][  T794] usb 1-1: config 0 descriptor??
[   75.455399][  T794] gspca_main: STV06xx-2.14.0 probing 046d:0870
[   75.641655][ T5918] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/input/input4
[   75.649647][ T5285] bcm5974 3-1:1.0: could not read from device
[   75.662782][ T5285] bcm5974 3-1:1.0: could not read from device
[   75.670268][ T5918] usb 3-1: USB disconnect, device number 2
[   75.674076][ T5285] bcm5974 3-1:1.0: could not read from device
[   75.827117][   T33] audit: type=1326 audit(1759226464.663:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6107 comm="syz.1.71" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f111dd8ec29 code=0x7ffc0000
[   75.835883][   T33] audit: type=1326 audit(1759226464.673:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6107 comm="syz.1.71" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f111dd8ec29 code=0x7ffc0000
[   75.844256][   T33] audit: type=1326 audit(1759226464.673:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6107 comm="syz.1.71" exe="/syz-executor" sig=0 arch=c000003e syscall=72 compat=0 ip=0x7f111dd8ec29 code=0x7ffc0000
[   75.852720][   T33] audit: type=1326 audit(1759226464.673:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6107 comm="syz.1.71" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f111dd8ec29 code=0x7ffc0000
[   75.863370][   T33] audit: type=1326 audit(1759226464.673:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6107 comm="syz.1.71" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f111dd8ec29 code=0x7ffc0000
[   75.912187][  T794] gspca_stv06xx: I2C: Read error writing address: -71
[   75.922852][  T794] usb 1-1: USB disconnect, device number 2
[   75.981678][ T6112] loop1: detected capacity change from 0 to 128
[   75.992260][ T6112] ufs: ufs_fill_super(): fragment size 3263967611 is not a power of 2
[   76.052859][ T6114] loop1: detected capacity change from 0 to 512
[   76.086253][ T6114] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   76.116961][ T5860] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.169113][ T6119] loop1: detected capacity change from 0 to 8
[   76.218874][ T6119] SQUASHFS error: zlib decompression failed, data probably corrupt
[   76.224385][ T6119] SQUASHFS error: Failed to read block 0x9b: -5
[   76.226764][ T6119] SQUASHFS error: Unable to read metadata cache entry [99]
[   76.233311][ T6119] SQUASHFS error: Unable to read inode 0x127
[   76.317390][ T6123] loop1: detected capacity change from 0 to 1024
[   76.329534][ T5240] Bluetooth: hci2: command 0x0405 tx timeout
[   76.467328][ T6125] tmpfs: Bad value for 'mpol'
[   76.541749][ T6121] loop2: detected capacity change from 0 to 40427
[   76.546266][ T6121] F2FS-fs (loop2): build fault injection rate: 14
[   76.548736][ T6121] F2FS-fs (loop2): build fault injection type: 0x3bfe8c
[   76.562636][ T6121] F2FS-fs (loop2): invalid crc value
[   76.573727][    C0] F2FS-fs (loop2): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60
[   76.586775][    C0] F2FS-fs (loop2): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60
[   76.600607][ T5918] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[   76.621563][ T6121] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   76.625014][ T6121] F2FS-fs (loop2): inject page alloc in f2fs_grab_cache_folio of __get_meta_folio+0x157/0x4f0
[   76.631116][ T6121] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   76.652644][ T6121] F2FS-fs (loop2): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x1d9/0xa40
[   76.659563][ T6121] F2FS-fs (loop2): inject page alloc in f2fs_grab_cache_folio of f2fs_convert_inline_inode+0x6bd/0x880
[   76.666942][ T6121] F2FS-fs (loop2): inject no more block in inc_valid_block_count of f2fs_map_blocks+0x1912/0x4130
[   76.672362][ T6121] F2FS-fs (loop2): inject no more block in inc_valid_block_count of f2fs_map_blocks+0x1912/0x4130
[   76.676712][ T6121] F2FS-fs (loop2): inject inconsistent blkaddr in f2fs_truncate_data_blocks_range of f2fs_do_truncate_blocks+0x994/0x10c0
[   76.715562][ T6134] loop0: detected capacity change from 0 to 512
[   76.727207][ T5851] F2FS-fs (loop2): inject inconsistent footer in sanity_check_node_footer of f2fs_get_dnode_of_data+0xab4/0x1cf0
[   76.733106][ T5851] F2FS-fs (loop2): inconsistent node block, node_type:3, nid:13, node_footer[nid:13,ino:3,ofs:250273,cpver:0,blkaddr:0]
[   76.742086][ T6134] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.81: casefold flag without casefold feature
[   76.753275][ T5918] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[   76.759632][ T6134] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.81: couldn't read orphan inode 15 (err -117)
[   76.761530][ T5918] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[   76.772584][ T6134] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   76.773188][    C1] F2FS-fs (loop2): inject write IO error in f2fs_write_end_io of blk_update_request+0x57e/0xe60
[   76.781413][    C1] CPU: 1 UID: 0 PID: 23 Comm: ksoftirqd/1 Not tainted syzkaller #0 PREEMPT(full) 
[   76.781431][    C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   76.781439][    C1] Call Trace:
[   76.781444][    C1]  <TASK>
[   76.781460][    C1]  dump_stack_lvl+0x189/0x250
[   76.781483][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[   76.781499][    C1]  ? __pfx_queue_work_on+0x10/0x10
[   76.781512][    C1]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   76.781529][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   76.781551][    C1]  f2fs_handle_critical_error+0x37c/0x540
[   76.781570][    C1]  f2fs_write_end_io+0x886/0xb60
[   76.781596][    C1]  blk_update_request+0x57e/0xe60
[   76.781618][    C1]  blk_mq_end_request+0x3e/0x70
[   76.781631][    C1]  blk_done_softirq+0x10a/0x160
[   76.781680][    C1]  handle_softirqs+0x286/0x870
[   76.781701][    C1]  ? run_ksoftirqd+0x9b/0x100
[   76.781715][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[   76.781733][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[   76.781751][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[   76.781765][    C1]  run_ksoftirqd+0x9b/0x100
[   76.781778][    C1]  ? __pfx_run_ksoftirqd+0x10/0x10
[   76.781793][    C1]  smpboot_thread_fn+0x542/0xa60
[   76.781811][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[   76.781835][    C1]  kthread+0x711/0x8a0
[   76.781851][    C1]  ? __pfx_smpboot_thread_fn+0x10/0x10
[   76.781871][    C1]  ? __pfx_kthread+0x10/0x10
[   76.781887][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[   76.781902][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[   76.781915][    C1]  ? __pfx_kthread+0x10/0x10
[   76.781930][    C1]  ret_from_fork+0x4bc/0x870
[   76.781951][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[   76.781974][    C1]  ? __switch_to_asm+0x39/0x70
[   76.781988][    C1]  ? __switch_to_asm+0x33/0x70
[   76.782002][    C1]  ? __pfx_kthread+0x10/0x10
[   76.782017][    C1]  ret_from_fork_asm+0x1a/0x30
[   76.782042][    C1]  </TASK>
[   76.782048][    C1] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[   76.857101][    C1] CPU: 1 UID: 0 PID: 23 Comm: ksoftirqd/1 Not tainted syzkaller #0 PREEMPT(full) 
[   76.857122][    C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   76.857131][    C1] Call Trace:
[   76.857138][    C1]  <TASK>
[   76.857146][    C1]  dump_stack_lvl+0x189/0x250
[   76.857171][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[   76.857187][    C1]  ? __pfx_queue_work_on+0x10/0x10
[   76.857199][    C1]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   76.857214][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   76.857236][    C1]  f2fs_handle_critical_error+0x37c/0x540
[   76.857255][    C1]  f2fs_write_end_io+0x886/0xb60
[   76.857280][    C1]  blk_update_request+0x57e/0xe60
[   76.857303][    C1]  blk_mq_end_request+0x3e/0x70
[   76.857316][    C1]  blk_done_softirq+0x10a/0x160
[   76.857330][    C1]  handle_softirqs+0x286/0x870
[   76.857352][    C1]  ? run_ksoftirqd+0x9b/0x100
[   76.857367][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[   76.857388][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[   76.857409][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[   76.857427][    C1]  run_ksoftirqd+0x9b/0x100
[   76.857448][    C1]  ? __pfx_run_ksoftirqd+0x10/0x10
[   76.857462][    C1]  smpboot_thread_fn+0x542/0xa60
[   76.857481][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[   76.857505][    C1]  kthread+0x711/0x8a0
[   76.857524][    C1]  ? __pfx_smpboot_thread_fn+0x10/0x10
[   76.857542][    C1]  ? __pfx_kthread+0x10/0x10
[   76.857556][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[   76.857570][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[   76.857584][    C1]  ? __pfx_kthread+0x10/0x10
[   76.857600][    C1]  ret_from_fork+0x4bc/0x870
[   76.857620][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[   76.857674][    C1]  ? __switch_to_asm+0x39/0x70
[   76.857689][    C1]  ? __switch_to_asm+0x33/0x70
[   76.857702][    C1]  ? __pfx_kthread+0x10/0x10
[   76.857716][    C1]  ret_from_fork_asm+0x1a/0x30
[   76.857744][    C1]  </TASK>
[   76.857750][    C1] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[   76.933586][    C1] CPU: 1 UID: 0 PID: 23 Comm: ksoftirqd/1 Not tainted syzkaller #0 PREEMPT(full) 
[   76.933605][    C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   76.933614][    C1] Call Trace:
[   76.933645][    C1]  <TASK>
[   76.933653][    C1]  dump_stack_lvl+0x189/0x250
[   76.933673][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[   76.933686][    C1]  ? __pfx_queue_work_on+0x10/0x10
[   76.933697][    C1]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   76.933713][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   76.933731][    C1]  f2fs_handle_critical_error+0x37c/0x540
[   76.933749][    C1]  f2fs_write_end_io+0x886/0xb60
[   76.933774][    C1]  blk_update_request+0x57e/0xe60
[   76.933798][    C1]  blk_mq_end_request+0x3e/0x70
[   76.933810][    C1]  blk_done_softirq+0x10a/0x160
[   76.933823][    C1]  handle_softirqs+0x286/0x870
[   76.933844][    C1]  ? run_ksoftirqd+0x9b/0x100
[   76.933860][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[   76.933882][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[   76.933903][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[   76.933918][    C1]  run_ksoftirqd+0x9b/0x100
[   76.933931][    C1]  ? __pfx_run_ksoftirqd+0x10/0x10
[   76.933947][    C1]  smpboot_thread_fn+0x542/0xa60
[   76.933964][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[   76.933987][    C1]  kthread+0x711/0x8a0
[   76.934005][    C1]  ? __pfx_smpboot_thread_fn+0x10/0x10
[   76.934023][    C1]  ? __pfx_kthread+0x10/0x10
[   76.934039][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[   76.934053][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[   76.934067][    C1]  ? __pfx_kthread+0x10/0x10
[   76.934082][    C1]  ret_from_fork+0x4bc/0x870
[   76.934100][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[   76.934123][    C1]  ? __switch_to_asm+0x39/0x70
[   76.934138][    C1]  ? __switch_to_asm+0x33/0x70
[   76.934152][    C1]  ? __pfx_kthread+0x10/0x10
[   76.934164][    C1]  ret_from_fork_asm+0x1a/0x30
[   76.934190][    C1]  </TASK>
[   76.934195][    C1] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[   77.007360][    C1] CPU: 1 UID: 0 PID: 23 Comm: ksoftirqd/1 Not tainted syzkaller #0 PREEMPT(full) 
[   77.007381][    C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   77.007391][    C1] Call Trace:
[   77.007399][    C1]  <TASK>
[   77.007406][    C1]  dump_stack_lvl+0x189/0x250
[   77.007435][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[   77.007451][    C1]  ? __pfx_queue_work_on+0x10/0x10
[   77.007464][    C1]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   77.007480][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   77.007502][    C1]  f2fs_handle_critical_error+0x37c/0x540
[   77.007523][    C1]  f2fs_write_end_io+0x886/0xb60
[   77.007551][    C1]  blk_update_request+0x57e/0xe60
[   77.007575][    C1]  blk_mq_end_request+0x3e/0x70
[   77.007590][    C1]  blk_done_softirq+0x10a/0x160
[   77.007604][    C1]  handle_softirqs+0x286/0x870
[   77.007653][    C1]  ? run_ksoftirqd+0x9b/0x100
[   77.007671][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[   77.007692][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[   77.007711][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[   77.007729][    C1]  run_ksoftirqd+0x9b/0x100
[   77.007742][    C1]  ? __pfx_run_ksoftirqd+0x10/0x10
[   77.007757][    C1]  smpboot_thread_fn+0x542/0xa60
[   77.007777][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[   77.007802][    C1]  kthread+0x711/0x8a0
[   77.007820][    C1]  ? __pfx_smpboot_thread_fn+0x10/0x10
[   77.007840][    C1]  ? __pfx_kthread+0x10/0x10
[   77.007856][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[   77.007870][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[   77.007885][    C1]  ? __pfx_kthread+0x10/0x10
[   77.007900][    C1]  ret_from_fork+0x4bc/0x870
[   77.007921][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[   77.007945][    C1]  ? __switch_to_asm+0x39/0x70
[   77.007961][    C1]  ? __switch_to_asm+0x33/0x70
[   77.007976][    C1]  ? __pfx_kthread+0x10/0x10
[   77.007991][    C1]  ret_from_fork_asm+0x1a/0x30
[   77.008020][    C1]  </TASK>
[   77.008026][    C1] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[   77.071503][    C1] CPU: 1 UID: 0 PID: 23 Comm: ksoftirqd/1 Not tainted syzkaller #0 PREEMPT(full) 
[   77.071515][    C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   77.071520][    C1] Call Trace:
[   77.071525][    C1]  <TASK>
[   77.071530][    C1]  dump_stack_lvl+0x189/0x250
[   77.071544][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[   77.071553][    C1]  ? __pfx_queue_work_on+0x10/0x10
[   77.071560][    C1]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   77.071569][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   77.071581][    C1]  f2fs_handle_critical_error+0x37c/0x540
[   77.071593][    C1]  f2fs_write_end_io+0x886/0xb60
[   77.071630][    C1]  blk_update_request+0x57e/0xe60
[   77.071647][    C1]  blk_mq_end_request+0x3e/0x70
[   77.071655][    C1]  blk_done_softirq+0x10a/0x160
[   77.071663][    C1]  handle_softirqs+0x286/0x870
[   77.071678][    C1]  ? run_ksoftirqd+0x9b/0x100
[   77.071688][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[   77.071699][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[   77.071712][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[   77.071722][    C1]  run_ksoftirqd+0x9b/0x100
[   77.071729][    C1]  ? __pfx_run_ksoftirqd+0x10/0x10
[   77.071739][    C1]  smpboot_thread_fn+0x542/0xa60
[   77.071750][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[   77.071763][    C1]  kthread+0x711/0x8a0
[   77.071773][    C1]  ? __pfx_smpboot_thread_fn+0x10/0x10
[   77.071784][    C1]  ? __pfx_kthread+0x10/0x10
[   77.071792][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[   77.071800][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[   77.071808][    C1]  ? __pfx_kthread+0x10/0x10
[   77.071816][    C1]  ret_from_fork+0x4bc/0x870
[   77.071828][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[   77.071840][    C1]  ? __switch_to_asm+0x39/0x70
[   77.071849][    C1]  ? __switch_to_asm+0x33/0x70
[   77.071856][    C1]  ? __pfx_kthread+0x10/0x10
[   77.071865][    C1]  ret_from_fork_asm+0x1a/0x30
[   77.071880][    C1]  </TASK>
[   77.071883][    C1] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[   77.141648][ T5918] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[   77.145116][ T5855] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.145438][ T5918] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   77.149658][ T5851] F2FS-fs (loop2): do_checkpoint failed err:-5, stop checkpoint
[   77.157563][ T5918] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   77.161127][ T5918] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   77.178345][ T5918] usb 2-1: config 0 descriptor??
[   77.181038][ T6123] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[   77.408442][ T6146] Bluetooth: MGMT ver 1.23
[   77.498168][ T6148] loop0: detected capacity change from 0 to 256
[   77.512815][ T6148] FAT-fs (loop0): bogus logical sector size 128
[   77.515361][ T6148] FAT-fs (loop0): Can't find a valid FAT filesystem
[   77.618451][ T5918] plantronics 0003:047F:FFFF.0001: reserved main item tag 0xd
[   77.631924][ T5918] plantronics 0003:047F:FFFF.0001: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[   77.714776][ T6157] loop2: detected capacity change from 0 to 1024
[   77.717822][ T6157] EXT4-fs: Ignoring removed bh option
[   77.756043][ T6157] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   77.770478][ T6157] EXT4-fs warning (device loop2): ext4_resize_begin:72: won't resize using backup superblock at 1
[   77.924756][ T5917] usb 2-1: USB disconnect, device number 3
[   77.986458][ T5851] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.496775][   T33] audit: type=1326 audit(1759226467.333:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6169 comm="syz.1.96" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f111dd8ec29 code=0x7ffc0000
[   78.508242][   T33] audit: type=1326 audit(1759226467.343:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6169 comm="syz.1.96" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f111dd8ec29 code=0x7ffc0000
[   78.510654][  T794] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   78.521412][   T33] audit: type=1326 audit(1759226467.363:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6169 comm="syz.1.96" exe="/syz-executor" sig=0 arch=c000003e syscall=115 compat=0 ip=0x7f111dd8ec29 code=0x7ffc0000
[   78.527907][   T33] audit: type=1326 audit(1759226467.363:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6169 comm="syz.1.96" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f111dd8ec29 code=0x7ffc0000
[   78.535436][   T33] audit: type=1326 audit(1759226467.363:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6169 comm="syz.1.96" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f111dd8ec29 code=0x7ffc0000
[   78.692455][  T794] usb 3-1: Using ep0 maxpacket: 16
[   78.699406][  T794] usb 3-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[   78.703842][  T794] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   78.708924][  T794] usb 3-1: too many endpoints for config 1 interface 1 altsetting 48: 49, using maximum allowed: 30
[   78.714298][  T794] usb 3-1: config 1 interface 1 altsetting 48 has 0 endpoint descriptors, different from the interface descriptor's value: 49
[   78.721669][  T794] usb 3-1: config 1 interface 1 has no altsetting 0
[   78.727160][  T794] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   78.731392][  T794] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   78.734804][  T794] usb 3-1: Product: syz
[   78.736519][  T794] usb 3-1: Manufacturer: syz
[   78.738346][  T794] usb 3-1: SerialNumber: syz
[   78.746669][  T794] usb 3-1: selecting invalid altsetting 1
[   78.748983][  T794] usb 3-1: selecting invalid altsetting 0
[   78.752681][  T794] usb 3-1: selecting invalid altsetting 0
[   78.754880][  T794] cdc_ncm 3-1:1.0: bind() failure
[   78.815255][ T6186] loop0: detected capacity change from 0 to 256
[   78.950137][ T5918] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[   78.952598][  T794] usb 3-1: selecting invalid altsetting 0
[   78.956637][  T794] usbtest 3-1:1.1: probe with driver usbtest failed with error -22
[   78.967904][  T794] usb 3-1: USB disconnect, device number 3
[   79.100417][ T5918] usb 2-1: Using ep0 maxpacket: 32
[   79.105623][ T5918] usb 2-1: config 0 has an invalid interface number: 195 but max is 0
[   79.108919][ T5918] usb 2-1: config 0 has no interface number 0
[   79.112534][ T5918] usb 2-1: config 0 interface 195 altsetting 2 endpoint 0x82 has invalid maxpacket 512, setting to 64
[   79.117836][ T5918] usb 2-1: config 0 interface 195 has no altsetting 0
[   79.124528][ T5918] usb 2-1: New USB device found, idVendor=0846, idProduct=6100, bcdDevice=ea.26
[   79.128054][ T5918] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   79.131622][ T5918] usb 2-1: Product: syz
[   79.133412][ T5918] usb 2-1: Manufacturer: syz
[   79.135372][ T5918] usb 2-1: SerialNumber: syz
[   79.141071][ T5918] usb 2-1: config 0 descriptor??
[   79.366685][ T5918] hub 2-1:0.195: bad descriptor, ignoring hub
[   79.372145][ T5918] hub 2-1:0.195: probe with driver hub failed with error -5
[   79.413535][ T5918] usb 2-1: USB disconnect, device number 4
[   80.031484][ T6198] netlink: 'syz.1.109': attribute type 1 has an invalid length.
[   80.043564][ T6198] netlink: 15 bytes leftover after parsing attributes in process `syz.1.109'.
[   80.888461][ T5917] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[   80.939443][   T10] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   81.077020][ T5917] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[   81.083132][ T5917] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[   81.099469][   T10] usb 1-1: Using ep0 maxpacket: 32
[   81.133487][ T5917] usb 2-1: New USB device found, idVendor=1781, idProduct=0938, bcdDevice=9b.49
[   81.150875][   T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   81.155255][ T5917] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   81.158603][   T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   81.162509][ T5917] usb 2-1: Product: syz
[   81.164155][ T5917] usb 2-1: Manufacturer: syz
[   81.165915][ T5917] usb 2-1: SerialNumber: syz
[   81.168804][   T10] usb 1-1: New USB device found, idVendor=05a4, idProduct=2000, bcdDevice= 0.00
[   81.173674][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   81.177972][ T5917] usb 2-1: config 0 descriptor??
[   81.185797][ T5917] iguanair 2-1:0.0: probe with driver iguanair failed with error -12
[   81.190148][   T10] usb 1-1: config 0 descriptor??
[   81.393711][ T5918] usb 2-1: USB disconnect, device number 5
[   81.450570][   T24] cfg80211: failed to load regulatory.db
[   81.640705][   T10] ortek 0003:05A4:2000.0002: hidraw0: USB HID v0.00 Device [HID 05a4:2000] on usb-dummy_hcd.0-1/input0
[   81.814979][   T10] usb 1-1: USB disconnect, device number 3
[   82.038303][ T6241] loop1: detected capacity change from 0 to 1024
[   82.059772][ T6241] EXT4-fs: inline encryption not supported
[   82.078633][ T6241] EXT4-fs: Ignoring removed i_version option
[   82.137495][ T6241] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   82.217674][ T5860] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.525332][ T6253] loop1: detected capacity change from 0 to 512
[   82.530437][ T6253] EXT4-fs: Ignoring removed nomblk_io_submit option
[   82.543847][ T6253] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[   82.560901][ T6253] EXT4-fs (loop1): orphan cleanup on readonly fs
[   82.563801][ T6253] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[   82.566859][ T6253] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -2
[   82.607032][ T6253] EXT4-fs (loop1): 1 truncate cleaned up
[   82.610960][ T6253] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   82.619666][ T6253] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.837976][ T6255] loop0: detected capacity change from 0 to 40427
[   82.864975][ T6255] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[   82.869186][ T6255] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[   82.882922][ T6255] F2FS-fs (loop0): invalid crc value
[   82.976742][ T6255] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   83.032601][ T6255] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[   83.035123][ T6255] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   84.074415][ T6288] loop2: detected capacity change from 0 to 32768
[   84.088210][ T6288] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[   84.108403][ T6288] OCFS2: ERROR (device loop2): int ocfs2_validate_gd_self(struct super_block *, struct buffer_head *, int): Group descriptor #2304 has bad signature 
[   84.114916][ T6288] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[   84.118503][ T6288] OCFS2: File system is now read-only.
[   84.120709][ T6288] (syz.2.144,6288,0):ocfs2_search_chain:1852 ERROR: status = -30
[   84.123908][ T6288] (syz.2.144,6288,0):ocfs2_search_chain:1940 ERROR: status = -30
[   84.126740][ T6288] (syz.2.144,6288,0):ocfs2_claim_suballoc_bits:2010 ERROR: status = -30
[   84.130060][ T6288] (syz.2.144,6288,0):ocfs2_claim_suballoc_bits:2063 ERROR: status = -30
[   84.133302][ T6288] (syz.2.144,6288,0):__ocfs2_claim_clusters:2438 ERROR: status = -30
[   84.136415][ T6288] (syz.2.144,6288,0):__ocfs2_claim_clusters:2446 ERROR: status = -30
[   84.139665][ T6288] (syz.2.144,6288,0):ocfs2_local_alloc_new_window:1199 ERROR: status = -30
[   84.143402][ T6288] (syz.2.144,6288,0):ocfs2_local_alloc_new_window:1224 ERROR: status = -30
[   84.146800][ T6288] (syz.2.144,6288,0):ocfs2_local_alloc_slide_window:1298 ERROR: status = -30
[   84.150436][ T6288] (syz.2.144,6288,0):ocfs2_local_alloc_slide_window:1317 ERROR: status = -30
[   84.154026][ T6288] (syz.2.144,6288,0):ocfs2_reserve_local_alloc_bits:672 ERROR: status = -30
[   84.157455][ T6288] (syz.2.144,6288,0):ocfs2_reserve_local_alloc_bits:710 ERROR: status = -30
[   84.161896][ T6288] (syz.2.144,6288,0):ocfs2_reserve_clusters_with_limit:1172 ERROR: status = -30
[   84.165427][ T6288] (syz.2.144,6288,0):ocfs2_reserve_clusters_with_limit:1221 ERROR: status = -30
[   84.168908][ T6288] (syz.2.144,6288,0):ocfs2_expand_inline_dir:2864 ERROR: status = -30
[   84.172202][ T6288] (syz.2.144,6288,0):ocfs2_extend_dir:3211 ERROR: status = -30
[   84.175406][ T6288] (syz.2.144,6288,0):ocfs2_prepare_dir_for_insert:4316 ERROR: status = -30
[   84.178743][ T6288] (syz.2.144,6288,0):ocfs2_rename:1486 ERROR: status = -30
[   84.181685][ T6288] (syz.2.144,6288,0):ocfs2_rename:1702 ERROR: status = -30
[   84.198294][ T6288] syz.2.144 (6288) used greatest stack depth: 18024 bytes left
[   84.207315][ T5851] (syz-executor,5851,1):ocfs2_inode_is_valid_to_delete:948 ERROR: Skipping delete of system file 72
[   84.223064][ T5851] ocfs2: Unmounting device (7,2) on (node local)
[   84.353605][ T6300] iommufd_mock iommufd_mock0: Adding to iommu group 0
[   84.474428][ T6310] libceph: resolve '4' (ret=-3): failed
[   84.962389][ T6314] loop2: detected capacity change from 0 to 40427
[   84.969094][ T6314] F2FS-fs (loop2): Image doesn't support compression
[   84.971531][ T6314] F2FS-fs (loop2): LFS is not compatible with ATGC
[   85.121935][ T6328] loop2: detected capacity change from 0 to 16
[   85.133983][ T6328] erofs (device loop2): mounted with root inode @ nid 36.
[   85.463812][ T6337] loop2: detected capacity change from 0 to 2048
[   85.479620][ T6337] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=66359, location=66359
[   85.494087][ T6337] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[   85.569158][ T6339] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   85.654516][ T6342] loop2: detected capacity change from 0 to 1024
[   85.674866][ T6342] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   85.683895][ T6342] EXT4-fs (loop2): shut down requested (2)
[   85.713961][ T5851] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.017431][ T6354] loop0: detected capacity change from 0 to 512
[   86.031022][ T6354] EXT4-fs: Ignoring removed mblk_io_submit option
[   86.036039][ T6354] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   86.049564][ T6354] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   86.072059][ T6354] EXT4-fs (loop0): 1 truncate cleaned up
[   86.074562][ T6354] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   86.081047][ T6347] loop1: detected capacity change from 0 to 40427
[   86.087327][ T6347] F2FS-fs (loop1): invalid crc value
[   86.122833][ T6354] ext4: Unknown parameter '18446744073709551615'
[   86.124839][   T33] audit: type=1804 audit(1759226474.963:15): pid=6354 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.172" name="/newroot/61/bus/bus" dev="loop0" ino=18 res=1 errno=0
[   86.153704][ T5855] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.242577][ T6347] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[   86.253895][ T6347] F2FS-fs (loop1): Start checkpoint disabled!
[   86.269625][ T6347] F2FS-fs (loop1): f2fs_disable_checkpoint() finish, err:0
[   86.288780][ T6347] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[   86.341929][ T3674] kworker/u10:8: attempt to access beyond end of device
[   86.341929][ T3674] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   86.348215][ T3674] CPU: 1 UID: 0 PID: 3674 Comm: kworker/u10:8 Not tainted syzkaller #0 PREEMPT(full) 
[   86.348233][ T3674] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   86.348242][ T3674] Workqueue: writeback wb_workfn (flush-7:1)
[   86.348268][ T3674] Call Trace:
[   86.348275][ T3674]  <TASK>
[   86.348281][ T3674]  dump_stack_lvl+0x189/0x250
[   86.348302][ T3674]  ? __pfx_dump_stack_lvl+0x10/0x10
[   86.348315][ T3674]  ? __pfx_queue_work_on+0x10/0x10
[   86.348326][ T3674]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   86.348342][ T3674]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   86.348367][ T3674]  f2fs_handle_critical_error+0x37c/0x540
[   86.348388][ T3674]  f2fs_write_end_io+0x886/0xb60
[   86.348419][ T3674]  __submit_merged_bio+0x27a/0x6a0
[   86.348437][ T3674]  __submit_merged_write_cond+0x255/0x530
[   86.348465][ T3674]  f2fs_write_data_pages+0x261d/0x3000
[   86.348510][ T3674]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   86.348538][ T3674]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[   86.348578][ T3674]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[   86.348603][ T3674]  ? trace_f2fs_writepages+0x7f/0x200
[   86.348617][ T3674]  ? f2fs_write_node_pages+0x478/0x6e0
[   86.348641][ T3674]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[   86.348664][ T3674]  ? __lock_acquire+0xab9/0xd20
[   86.348685][ T3674]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   86.348700][ T3674]  do_writepages+0x32e/0x550
[   86.348718][ T3674]  ? reacquire_held_locks+0x127/0x1d0
[   86.348729][ T3674]  ? writeback_sb_inodes+0x384/0x1010
[   86.348784][ T3674]  __writeback_single_inode+0x145/0xff0
[   86.348800][ T3674]  ? do_raw_spin_unlock+0x4d/0x240
[   86.348826][ T3674]  writeback_sb_inodes+0x6c7/0x1010
[   86.348863][ T3674]  ? __pfx_writeback_sb_inodes+0x10/0x10
[   86.348915][ T3674]  ? rcu_is_watching+0x15/0xb0
[   86.348936][ T3674]  wb_writeback+0x43b/0xaf0
[   86.348957][ T3674]  ? queue_io+0x301/0x590
[   86.348974][ T3674]  ? __pfx_wb_writeback+0x10/0x10
[   86.348996][ T3674]  ? _raw_spin_unlock_irq+0x23/0x50
[   86.349015][ T3674]  wb_workfn+0x409/0xef0
[   86.349048][ T3674]  ? __pfx_wb_workfn+0x10/0x10
[   86.349072][ T3674]  ? __lock_acquire+0xab9/0xd20
[   86.349099][ T3674]  ? process_scheduled_works+0x9ef/0x17b0
[   86.349123][ T3674]  ? _raw_spin_unlock_irq+0x23/0x50
[   86.349135][ T3674]  ? process_scheduled_works+0x9ef/0x17b0
[   86.349150][ T3674]  ? process_scheduled_works+0x9ef/0x17b0
[   86.349169][ T3674]  process_scheduled_works+0xae1/0x17b0
[   86.349214][ T3674]  ? __pfx_process_scheduled_works+0x10/0x10
[   86.349247][ T3674]  worker_thread+0x8a0/0xda0
[   86.349288][ T3674]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   86.349311][ T3674]  ? __kthread_parkme+0x7b/0x200
[   86.349333][ T3674]  kthread+0x711/0x8a0
[   86.349351][ T3674]  ? __pfx_worker_thread+0x10/0x10
[   86.349368][ T3674]  ? __pfx_kthread+0x10/0x10
[   86.349384][ T3674]  ? _raw_spin_unlock_irq+0x23/0x50
[   86.349397][ T3674]  ? lockdep_hardirqs_on+0x9c/0x150
[   86.349410][ T3674]  ? __pfx_kthread+0x10/0x10
[   86.349426][ T3674]  ret_from_fork+0x4bc/0x870
[   86.349446][ T3674]  ? __pfx_ret_from_fork+0x10/0x10
[   86.349471][ T3674]  ? __switch_to_asm+0x39/0x70
[   86.349485][ T3674]  ? __switch_to_asm+0x33/0x70
[   86.349499][ T3674]  ? __pfx_kthread+0x10/0x10
[   86.349514][ T3674]  ret_from_fork_asm+0x1a/0x30
[   86.349546][ T3674]  </TASK>
[   86.358058][ T6367] loop2: detected capacity change from 0 to 4096
[   86.361013][ T3674] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[   86.376833][ T6367] ntfs3(loop2): ino=1a, mi_enum_attr
[   86.498189][ T6367] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[   87.216115][ T6386] loop1: detected capacity change from 0 to 4096
[   88.498704][ T6399] loop2: detected capacity change from 0 to 128
[   88.613977][ T6402] overlayfs: failed to decode file handle (len=6, type=251, flags=0, err=-22)
[   88.714443][ T6399] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   88.742915][ T6399] ext4 filesystem being mounted at /78/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   89.220080][ T6399] fscrypt: AES-256-CBC-CTS using implementation "cts(cbc(ecb(aes-fixed-time)))"
[   89.290172][ T6399] EXT4-fs (loop2): shut down requested (2)
[   89.322012][ T6399] fscrypt: loop2: 1 inode(s) still busy after removing key with identifier 69b2f6edeee720cce0577937eb8a6751, including ino 12
[   89.330399][ T6399] fscrypt (loop2, inode 13): Error -5 getting encryption context
[   89.333452][ T6399] EXT4-fs warning (device loop2): ext4_lookup:1799: Inconsistent encryption contexts: 12/13
[   89.374594][ T5851] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   89.503533][ T6411] loop1: detected capacity change from 0 to 512
[   89.529076][ T6411] EXT4-fs error (device loop1): ext4_iget_extra_inode:5075: inode #15: comm syz.1.191: corrupted in-inode xattr: invalid ea_ino
[   89.542152][ T6411] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.191: couldn't read orphan inode 15 (err -117)
[   89.570742][ T6411] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   89.619262][ T6414] loop2: detected capacity change from 0 to 512
[   89.623979][ T6414] EXT4-fs: Ignoring removed mblk_io_submit option
[   89.626631][ T6414] EXT4-fs: inline encryption not supported
[   89.629030][ T6414] EXT4-fs: Ignoring removed mblk_io_submit option
[   89.634361][ T6414] EXT4-fs (loop2): Test dummy encryption mode enabled
[   89.638875][ T6414] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   89.649629][ T6414] EXT4-fs (loop2): 1 truncate cleaned up
[   89.656411][ T6414] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   89.685523][ T5860] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.932490][ T6423] netlink: 'syz.1.194': attribute type 4 has an invalid length.
[   89.941494][ T6423] netlink: 152 bytes leftover after parsing attributes in process `syz.1.194'.
[   90.025343][ T6423] : renamed from bond0 (while UP)
[   90.174082][ T6414] fscrypt: AES-256-XTS using implementation "xts(ecb(aes-fixed-time))"
[   90.743233][ T5851] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.756423][ T6431] loop0: detected capacity change from 0 to 64
[   91.339429][   T10] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[   91.491613][   T10] usb 1-1: too many endpoints for config 0 interface 0 altsetting 0: 196, using maximum allowed: 30
[   91.496010][   T10] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   91.500575][   T10] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 196
[   91.505665][   T10] usb 1-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00
[   91.509892][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   91.515764][   T10] usb 1-1: config 0 descriptor??
[   91.552455][ T6446] capability: warning: `syz.2.203' uses deprecated v2 capabilities in a way that may be insecure
[   91.857343][ T5240] Bluetooth: hci2: adv larger than maximum supported
[   91.924181][ T6461] loop1: detected capacity change from 0 to 64
[   91.938455][   T10] holtek_kbd 0003:04D9:A055.0003: unknown main item tag 0x0
[   91.946766][ T6461] BFS-fs: bfs_iget(): Bad inode number loop1:00000002
[   91.953165][   T10] holtek_kbd 0003:04D9:A055.0003: unknown main item tag 0x0
[   91.963103][   T10] holtek_kbd 0003:04D9:A055.0003: hidraw0: USB HID v10.00 Device [HID 04d9:a055] on usb-dummy_hcd.0-1/input0
[   92.082461][   T33] audit: type=1400 audit(1759226480.923:16): apparmor="DENIED" operation="change_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=3AA009F5D15F47DB2D pid=6469 comm="syz.1.214"
[   92.148854][   T24] usb 1-1: USB disconnect, device number 4
[   92.201928][ T6478] loop1: detected capacity change from 0 to 256
[   92.203384][ T6477] loop2: detected capacity change from 0 to 512
[   92.228965][ T6477] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.218: casefold flag without casefold feature
[   92.237038][ T6477] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.218: couldn't read orphan inode 15 (err -117)
[   92.246642][ T6477] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   92.839586][ T6444] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[   93.012906][ T6444] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[   93.016481][ T6444] usb 2-1: config 0 has no interface number 0
[   93.021644][ T6444] usb 2-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[   93.025056][ T6444] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   93.028439][ T6444] usb 2-1: Product: syz
[   93.077572][ T6444] usb 2-1: Manufacturer: syz
[   93.079489][ T6444] usb 2-1: SerialNumber: syz
[   93.091230][ T5851] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   93.097428][ T6444] usb 2-1: config 0 descriptor??
[   93.212708][   T33] audit: type=1326 audit(1759226482.053:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6497 comm="syz.2.226" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19fa18ec29 code=0x7ffc0000
[   93.232912][   T33] audit: type=1326 audit(1759226482.073:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6497 comm="syz.2.226" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19fa18ec29 code=0x7ffc0000
[   93.259150][   T33] audit: type=1326 audit(1759226482.073:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6497 comm="syz.2.226" exe="/syz-executor" sig=0 arch=c000003e syscall=447 compat=0 ip=0x7f19fa18ec29 code=0x7ffc0000
[   93.284980][   T33] audit: type=1326 audit(1759226482.073:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6497 comm="syz.2.226" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19fa18ec29 code=0x7ffc0000
[   93.298843][   T33] audit: type=1326 audit(1759226482.073:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6497 comm="syz.2.226" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19fa18ec29 code=0x7ffc0000
[   93.309827][   T33] audit: type=1326 audit(1759226482.073:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6497 comm="syz.2.226" exe="/syz-executor" sig=0 arch=c000003e syscall=261 compat=0 ip=0x7f19fa18ec29 code=0x7ffc0000
[   93.318184][   T33] audit: type=1326 audit(1759226482.073:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6497 comm="syz.2.226" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19fa18ec29 code=0x7ffc0000
[   93.318991][ T6444] usb 2-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state
[   93.328197][   T33] audit: type=1326 audit(1759226482.073:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6497 comm="syz.2.226" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19fa18ec29 code=0x7ffc0000
[   93.346910][ T6444] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[   93.353768][ T6444] dvbdev: DVB: registering new adapter (E3C EC168 reference design)
[   93.357060][ T6444] usb 2-1: media controller created
[   93.368127][ T5881] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[   93.382344][ T6444] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[   93.388054][ T5881] hid-generic 0000:0000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   93.445076][ T6494] loop0: detected capacity change from 0 to 32768
[   93.448531][ T6494] btrfs: Deprecated parameter 'usebackuproot'
[   93.451610][ T6494] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[   93.458302][ T6494] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.225 (6494)
[   93.477836][ T6494] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   93.482289][ T6494] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm
[   93.534319][ T6444] i2c i2c-2: ec100: i2c rd failed=-71 reg=33
[   93.553865][ T6494] BTRFS info (device loop0): rebuilding free space tree
[   93.608244][ T6444] usb 2-1: USB disconnect, device number 6
[   93.626547][ T6494] BTRFS info (device loop0): allowing degraded mounts
[   93.637676][ T6494] BTRFS info (device loop0): enabling ssd optimizations
[   93.652816][ T6494] BTRFS info (device loop0): turning on flush-on-commit
[   93.655559][ T6494] BTRFS info (device loop0): enabling free space tree
[   93.658284][ T6494] BTRFS info (device loop0): force clearing of disk cache
[   93.671366][ T6494] BTRFS info (device loop0): trying to use backup root at mount time
[   93.674443][ T6494] BTRFS info (device loop0): use zstd compression, level 3
[   93.816886][ T5855] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   94.749417][   T33] audit: type=1326 audit(1759226483.573:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6540 comm="syz.2.237" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f19fa18ec29 code=0x7ffc0000
[   95.426382][ T6551] loop0: detected capacity change from 0 to 2048
[   95.453772][ T6551] NILFS (loop0): invalid segment: Checksum error in super root
[   95.457041][ T6551] NILFS (loop0): error -22 while loading super root
[   96.229120][ T6567] loop2: detected capacity change from 0 to 256
[   96.244673][ T6567] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[   96.253284][ T6567] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=512, location=512
[   96.257474][ T6567] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[   96.264308][ T6569] loop1: detected capacity change from 0 to 256
[   96.268359][ T6567] UDF-fs: Scanning with blocksize 512 failed
[   96.280032][ T6567] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[   96.281728][ T6569] exfat: Deprecated parameter 'utf8'
[   96.293236][ T6567] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   96.304567][ T6569] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[   96.372020][ T5860] BUG: sleeping function called from invalid context at fs/inode.c:1928
[   96.375482][ T5860] in_atomic(): 1, irqs_disabled(): 0, non_block: 0, pid: 5860, name: syz-executor
[   96.380596][ T5860] preempt_count: 1, expected: 0
[   96.382483][ T5860] RCU nest depth: 0, expected: 0
[   96.385185][ T5860] 2 locks held by syz-executor/5860:
[   96.387190][ T5860]  #0: ffff8881081720e0 (&type->s_umount_key#86){+.+.}-{4:4}, at: deactivate_super+0xa9/0xe0
[   96.391471][ T5860]  #1: ffff888108172998 (&s->s_inode_list_lock){+.+.}-{3:3}, at: hook_sb_delete+0xae/0xbd0
[   96.396175][ T5860] Preemption disabled at:
[   96.396183][ T5860] [<0000000000000000>] 0x0
[   96.400451][ T5860] CPU: 1 UID: 0 PID: 5860 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[   96.400467][ T5860] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   96.400474][ T5860] Call Trace:
[   96.400480][ T5860]  <TASK>
[   96.400486][ T5860]  dump_stack_lvl+0x189/0x250
[   96.400506][ T5860]  ? __pfx_dump_stack_lvl+0x10/0x10
[   96.400521][ T5860]  ? __pfx__printk+0x10/0x10
[   96.400541][ T5860]  ? print_lock_name+0xde/0x100
[   96.400561][ T5860]  __might_resched+0x495/0x610
[   96.400584][ T5860]  ? __pfx___might_resched+0x10/0x10
[   96.400601][ T5860]  ? hook_sb_delete+0x31e/0xbd0
[   96.400626][ T5860]  iput+0x2b/0xc50
[   96.400644][ T5860]  ? hook_sb_delete+0x1a8/0xbd0
[   96.400661][ T5860]  hook_sb_delete+0x6b5/0xbd0
[   96.400674][ T5860]  ? hook_sb_delete+0x1a8/0xbd0
[   96.400691][ T5860]  ? __pfx_hook_sb_delete+0x10/0x10
[   96.400703][ T5860]  ? evict_inodes+0x67d/0x6d0
[   96.400720][ T5860]  ? __pfx_evict_inodes+0x10/0x10
[   96.400742][ T5860]  security_sb_delete+0x80/0x150
[   96.400758][ T5860]  generic_shutdown_super+0xaa/0x2c0
[   96.400772][ T5860]  kill_block_super+0x44/0x90
[   96.400787][ T5860]  exfat_kill_sb+0x41/0x80
[   96.400805][ T5860]  deactivate_locked_super+0xbc/0x130
[   96.400854][ T5860]  cleanup_mnt+0x425/0x4c0
[   96.400873][ T5860]  ? lockdep_hardirqs_on+0x9c/0x150
[   96.400891][ T5860]  task_work_run+0x1d4/0x260
[   96.400909][ T5860]  ? __pfx_task_work_run+0x10/0x10
[   96.400922][ T5860]  ? __x64_sys_umount+0x122/0x160
[   96.400938][ T5860]  ? exit_to_user_mode_loop+0x40/0x130
[   96.400958][ T5860]  exit_to_user_mode_loop+0xe9/0x130
[   96.400975][ T5860]  do_syscall_64+0x2bd/0xfa0
[   96.400989][ T5860]  ? lockdep_hardirqs_on+0x9c/0x150
[   96.401003][ T5860]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.401015][ T5860]  ? exc_page_fault+0xab/0x100
[   96.401048][ T5860]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   96.401062][ T5860] RIP: 0033:0x7f111dd8ff57
[   96.401074][ T5860] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[   96.401084][ T5860] RSP: 002b:00007ffdddd8a888 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   96.401098][ T5860] RAX: 0000000000000000 RBX: 00007f111de11c2d RCX: 00007f111dd8ff57
[   96.401106][ T5860] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdddd8a940
[   96.401113][ T5860] RBP: 00007ffdddd8a940 R08: 0000000000000000 R09: 0000000000000000
[   96.401120][ T5860] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffdddd8b9d0
[   96.401129][ T5860] R13: 00007f111de11c2d R14: 00000000000177da R15: 00007ffdddd8ba10
[   96.401150][ T5860]  </TASK>

VM DIAGNOSIS:
10:01:25  Registers:
info registers vcpu 0

CPU#0
RAX=1ffff11004b46c34 RBX=ffff888025a36190 RCX=00000000000000c3 RDX=0000000000000010
RSI=0000000000000001 RDI=ffff888025a36190 RBP=0000000000000001 RSP=ffffc90004537890
R8 =0000000000000003 R9 =0000000000000004 R10=dffffc0000000000 R11=ffffffff824d41f0
R12=0000000000000000 R13=ffff888023db6080 R14=ffff888025a361a0 R15=ffff888023db6080
RIP=ffffffff824d41f5 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f62228cbc80 ffffffff 00c00000
GS =0000 ffff8880b83fc000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000200000000200 CR3=000000002add0000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=ffffffffffffffff ffff00ff00000000 XMM05=382d643463342d32 3364632d31393264
XMM06=353961316632785c 646975752d796266 XMM07=32785c6b73696466 32785c2f736b6e69
XMM08=00000000ffffffff 0000000000000000 XMM09=3361613164313232 382d613431382d64
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000001 RBX=0000000000000000 RCX=e7421d20d0687500 RDX=0000000000000000
RSI=ffffffff8dd8dcaa RDI=ffffffff8c03da60 RBP=ffffffff81742d25 RSP=ffffc900001e04b8
R8 =0000000000000000 R9 =ffffffff81742d25 R10=ffffc900001e0678 R11=ffffffff81acd510
R12=0000000000000002 R13=ffffffff8e33d320 R14=0000000000000000 R15=0000000000000246
RIP=ffffffff819dfd5d RFL=00000057 [---ZAPC] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 000055555bf55500 ffffffff 00c00000
GS =0000 ffff8881a39fc000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f19faffefc8 CR3=000000010eeaa000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=00007f19fa3a7498 00007f19fa3a7470 XMM03=00007f19fa3a74a8 00007f19fa3a74a0
XMM04=00007f19faf0d100 00007f19fa3a7460 XMM05=00007f19fa3a7478 00007f19fa3a74c0
XMM06=00007f19fa3a74b8 00007f19fa3a74b0 XMM07=00007f19fa3a74a8 00007f19fa3a74a0
XMM08=0000000000000000 00007f19fa212f0f XMM09=0000000000000000 00007f19fa212fed
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
