last executing test programs:

1.96996667s ago: executing program 0 (id=373):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000000c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN(r0, 0x3ba0, &(0x7f0000000100)={0x48, 0x12, r1})

1.880251651s ago: executing program 0 (id=374):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
sendmmsg$inet(r0, &(0x7f0000000a40)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000200)="db", 0x1}], 0x1}}], 0x1, 0x40040)
sendmmsg(r0, &(0x7f0000003080)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000680)="c5", 0x1}], 0x1, &(0x7f00000004c0)=[{0x10, 0x115, 0x5}], 0x10}}], 0x1, 0x4044044)

1.879867239s ago: executing program 0 (id=375):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000000)={0x0, @in6={{0xa, 0x0, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0x8a}, 0x9c)
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f00000000c0)=0x6, 0x4)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0x34000, 0xe0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @loopback}}, 0x0, 0x0, 0x0, 0x0, 0x54}, 0x9c)

1.819737587s ago: executing program 0 (id=376):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000008c0)='./file0\x00', 0x1008490, &(0x7f0000000a40)={[{@grpid}, {@grpquota}]}, 0x4, 0x4eb, &(0x7f0000000a80)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=")
quotactl$Q_QUOTAOFF(0xffffffff80000300, &(0x7f0000000300)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)

1.570622341s ago: executing program 0 (id=378):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x3000003, 0x4031, 0xffffffffffffffff, 0x0)
r0 = memfd_create(&(0x7f0000000ac0)='\x103q}2\x9a\xce\xaf\x03\xdfy[\xd9\xffR8\xf4\x00\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94\xa0\x00\x00\x00\x90+\xd6\x05\r\x84\x87\x1c\b\xdb\xe2\x00\x00A\x90m\xb6&\xd0\x9d\x00\x00\xc5\xb8,\f\xd4s\xb2\x99/\xc0\x9a\xf2O\xdb\x00\x00\x00\x00\x00\x00\r\x1b\xd3\xff<\x83d\x10\x10\xd7\x01M\x7fML\x18\'\x1a<z\xebz\xfee7{l\x16}\xa0I\x7f\xb5)l\xbb\x02\xfa\xb7\xb6\xa0]\xda8\xe0~\x1c \x91\t\x8b\xbd\x1f\xb3834d1i\x9b\x94\xa6\\\x0e\xe2\xfa\xe5!\xd3\xcf\xfc\xce\xba\xe2\x9f\x05xgL!\x14Y+\xb3\x1axi)<\xf7\x98\xc1\xba\xf4|\xe7|\xc4\xd7\x03\x00\x00\x00\x04D\x15E^7%8\x94y\x98\xf0l\xa0\'Q%\xd4\xda\xee\x81}\xcc\xfd\xa2\xe3M~x\x96\xe3]\xd70\xa2\x17\xca\xde\x1b\xaa\xe0l\xfc\x85\x8fc\x1c{|e\x8bs\xb0\x85E\xcf;p)\xf8\xa6\xaa&QC4V\x81\x04\xcf\xd2\x81\xdc\xdf\xd7<\x9f\x93\x8bX\xd4\xea\xb2\xff\b\x92\xc7\x00\xef\xff\x00\x93\x1f\x92\xa7\xfcF\xbb\xbd{:IR\xea\xd8$\xe2\xa0\xc2\x8b\x1a\xead\xb8\xe1:6\x15M\x1d\xdak\x8c\x909\xd8\xb3\x02\xe0\x04\x9c\xc2\x06|\xf0\x0f\xa6Y&r\x9b\xc7\x1d\xe7jDf\x87@\x8fg\x15RJwe\xe2\xdcunu\xff`\xa40\xce\xffB%\xe4k\xff\x8d\x06\xff\xff\xff\xff\xff\xff\xff\xff[M \xea\x03\xfd=\xe0^\xa8\xed)\xe8Z\xe8\x99&\x87\x04\xa4\t\xaa\xd8\xd6\xd5pG\xcb\xc4\x8b\xf7\xb8#\xcb\xd8|\xa5\xa6S\x8b\x8cv\xb7)\x02k\xf3L\x03\xbb\xfa\xe1\\\xf1\x8cUj\xd5\xa5\x88GL\xe7_\xfd\x17C=G\x0f\xe9u\x1d\xfeg\xfex\xcd\xaa\xad\x906\xd0sy\xc6T\x93\xae\xd5r\xc8G\xc5\xfdS\xff\x04:`\x1e\xe3;l\xcd\xa1`Yb&\xd4\xf4\x8eum\x04\x00~\xfa\x05\xd7\xe7X\xc7/\xae5\x93wwT\x13\xbd,\xd6\x16\x84\xcd\xd1\xd8\xe1P_\xbf0\xd8\x8d%Yh\xb5\xb4\"7{\x95\xc9\xd0\xee\xe1\x1d\x80\xcc]-\xc2\xa1\x02EL\xffI\xd9\xf5\xcfk\x8a&i\xc1\xff9T\x8e\xe2rY\xa3\xd2H9\xfe\x0e\x1e\xac\x0f\xc3\x9b{\xd9\xcc\xbe\xa9\x93\xe0\xa4W\x1cn>\xc1\xf1\x9e\"\x93\x19\x01\x80\x00\x00y\xd2~%\x99\xe6\x00o\xca\xe0\xc6\xd4\xf5\xa0\xc8P\xd6;\xf3\xc6~E\xacI\xd4\xe9\xa1|>\x91.K\x81\xa9+\xcf\xff\xcb\xfa\x0f\xe7n\x83H\x12\xac\x80\x16\xf8\x87Q\x97Az\n`\xb6\xe13A\xec\x8d(\\D\xec\xa6\t1\xa0h\xfc\x1f\xdd1@-4\xb4:\xf8\xd5wP \x84m\xe2\xd9\xfcb\xa0\xc3\xc9\xe7W\x86\xd7$\xa4ml\xee\x00\x00\x00\x00\x00\x00,\xb1|\x0f\"\x1dL\x10\x8e\x17D\xca\x8b\xe5\xca\xc1\xcf\xb2\xdc\xfc\x14+@\xdc\x9fXo\xd7\xc3\x1a\xfeA\xc2\x9a\xce\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xfb{\xf5\xdby\x9d;;30\xa7\x94\xfdh)\xa0\"r\xa4\xf4\n\xf7\xb4\xder\xc8\xf2\xa5\xc0\x15\xc5E\xf6\x1dTB\xa2\xa6\xfbN\xb7\xed\xad\x9e\xb6\x87.\xf7=\xd3U\xf0\x1dH\x99\xe6\x97\x92g\xdf\ra\x82\xc7\x00\x92\xdfB\xb2\xac\xf3V\ve\xdd(\x85u\x04\xfcD[\xa4\b\xc8Bt_\x19\xb4\xd9\x97\tD\x8a\xa6\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0xf)
mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0xb, 0x801b013, r0, 0x0)
pread64(r0, &(0x7f000001a240)=""/102385, 0x18ff1, 0x1135)

1.450874535s ago: executing program 0 (id=379):
r0 = syz_usb_connect(0x2, 0x24, &(0x7f00000004c0)={{0x12, 0x1, 0x0, 0xe3, 0xdd, 0xef, 0x20, 0x1d50, 0x60a1, 0xa14f, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x9d, 0x14, 0x4e}}]}}]}}, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000240)={0x1c, &(0x7f0000000140)=ANY=[], 0x0, 0x0})
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000640)={0x44, &(0x7f00000001c0)={0x0, 0xe}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, &(0x7f00000009c0)={0x84, &(0x7f0000000c40)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000bc0)={0x34, &(0x7f00000006c0)={0x0, 0x9}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$printer(r0, 0x0, &(0x7f0000000480)={0x34, &(0x7f0000000280)={0x20, 0xc}, 0x0, 0x0, 0x0, 0x0, 0x0})

1.349883996s ago: executing program 2 (id=381):
syz_emit_ethernet(0x52, &(0x7f0000000000)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0xc, 0x4, 0x0, 0x0, 0x44, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local, {[@timestamp_addr={0x44, 0x1c, 0x79, 0x1, 0xc, [{@multicast2}, {@local, 0x374}, {@empty, 0x4d2}]}]}}, {{0x4e22, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}, 0x0)

1.348372534s ago: executing program 2 (id=382):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000000c0)={0x14, 0x5e, 0x1, 0x0, 0x0, "", [@nested={0x4, 0x13a}]}, 0x14}], 0x1}, 0x0)

1.199739956s ago: executing program 2 (id=383):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000380)="2e00000010008188e6b62aa73772cc9f1ba1f848110000005e140602000065ed0e000a001000000002900000121f", 0x2e}], 0x1}, 0x140)

908.642535ms ago: executing program 2 (id=384):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x1c0)
mount$tmpfs(0x0, &(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000240), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, 0x0, 0x1c0)
syz_mount_image$exfat(&(0x7f0000000340), &(0x7f0000000080)='./file0\x00', 0x1000000, &(0x7f0000000840)=ANY=[@ANYBLOB="646d61736b3d30303030303030303030303030303030303030303030372c666d61736b3d30303030303030303030303030303030303030303030322c696f636861727365743d69736f383835392d31332c616c6c6f775f7574696d653d30303030303030303030303030303030303030303030312c646d61736b3d30303030303030303030303030303337313630373234312c696f636861727365743d63703933322c6572726f72733d72656d6f756e742d726f2c666d61736b3d30303030303030303030303030303030303030303030352c756d61736b3d30303030303030303030303030303030303030303030362c696f636861727365743d63703836362c00ce0a5a71797b7256e90d2c78b433e66c4b4bc11d1f2c4d0cc1067826fa1a2c7e4d91d9b0179d604e463f435112f83befe3fe654c7636195294441b3602771ab07c8432acef3d5d173bdcde62c060457d460e95674bf5088b838b15ca8513626878d244b25d4f64d3c7eeeeeb484c2ffa3f8b4ad3ae9cb028b2b4d6e1aa1ec5406b99aa5b65ee0d12a169116f65688cbd61df820a0edfc5c40da44e70327aafebaa4a7c8bb964a37c5d89a99fb4fd0b149070fb825786654ff7ddcf75358ded9cd800000000a0c3328e6a138baad4bd205d6fb08d", @ANYRES8, @ANYBLOB="ebe050f9a6e26556b98b3a694ca1d9f8df1d1907a2607c94fad06b78ed9f520e602e86e81adc6386a9cd7f05df985b7d7649fbe21aac9ea3cd407d5b9c5b0b7ff5572dc06f5dc6fa7d1206852880bc490a27a1ec2e3d77acc8c7454c8cfc31b1cddd5727a3a7bb058f019d781f3174f03a4f699b28b8ee3491fe8da4a5d8b2431b5b560ae1638b532ebadbb95c3d0ecece79ca4492a146892118cd97d3a346c6e0eccede0661be772eb19221fdc8f58e6d741bd5212bb2a9b57a1666e4bb084eecf00117c99520a8", @ANYRESHEX, @ANYRESHEX], 0x1, 0x1517, &(0x7f00000046c0)="$eJzs3AnYjVXXOPC19t43D4mTZMpee92cZNgkSYaEDEmSJEmmhCRJkpBMmZKQhMxJ5pBMIZnneU6SV5IkISHJ/l+q7/W9X19fXd/b/+99/8/6XdfNXs991jrrPut5zrnPfT3n+brdwEp1KpevxczwT8Ff/usKACkA0AcAMgFABADFMhfLfGl/Oo1d/7k7EX+tB6dc6Q7ElSTzT91k/qmbzD91k/mnbjL/1E3mn7rJ/FM3mb8QqdmWqTmukS31bn/++r/7n3fL9f9/Q/L6//+tP/WTJvNP3WT+qZvMP3WT+aduMv/UTeafusn8UzeZvxCp2RW79qwB4F/g+vef2P7+WP16iftK9/M7W/S/yrty33lCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIVKTc+EyAwD/sb7SfQkhhBBCCCGEEOKvE9Je6Q6EEEIIIYQQQgjxfx8CGA0GIkgDaSEF0kF6uAoywNWQETJBAq6BzHAtZIHrICtkg+yQA3KGTJALLBA4YIghN+SBJNwAeeFGyAf5oQAUBA+FoDDcBEXgZigKt0AxmLUA4DYoASWhFJSG26EM3AFloRyUhzuhAlSESlAZ7oIqcDdUhXugGtwL1eE+qAH3Q014AGrBg1AbHoI68DDUhUegHtSHBtAQGv2v8l+ATvAidIYu0BW6QXd4CXpAT+gFvaEPvAx94RXoB69CfxgAA+E1GASvw2B4A4bAUBgGb8JwGAEjYRSMhjEwFt6CcfA2jId3YAJMhEkwGabAVJgG78J0mAEz4T2YBe/DbJgDc2EezIcPYAEshEXwISyGj2AJLIVlsBxWwEpYBathDZ6AdbAeNsBG2ASbYQtshW2wHXbATtgFu8vtgY9hL3wC++BT2A+f/TYf1v4P+WfhH/PbIyCgQoUGDabBNJiCKZge02MGzIAZMSMmMIGZMTNmwSyYFbNidsyOOTEn5sJcSEjIyJgbc2MSk5gX82I+zIcFsAB69FgYC2MRvBmLYlEshsWwOBbHElgSS2JpLI1lsAyWxbJY/rY5AFgBK2ElvAvvwruxKlbFalgNq2N1rIE1sCbWxFpYC2tjbayDdbAu1sV6WA8bYANshI2wMTbGJtgEm2EzbI7NsQW2wJbYElthK2yNrbENtsG22BbbYTtsjx2wA76AL+CL+CJ2wQqqG3bH7tgDe2Av7I298WXsi6/gK/gq9scBOBBfw9fwdRyMZ3AIDsVhOAzLqBE4EkchqzE4FsfiOByH43E8TsCJOBEn4xScitNwGk7HGTgD38NZ+D6+j3NwDs7D+TgfF+BCXISLcDGexSW4FJfhclyBK3EFrsY1uBrX4XpchxtxI27GzbgVt+J23I47cSfuxt34MX6Mn+An2B/34348gAfwIB7EQ3gID+NhPIJHtl4FgMfwGB7H43gCT+IpPImn8TSewbN4Ds/heTyPF/C5nF/W3p1/bX9QlxhlVBqVRqWoFJVepVcZVAaVUWVUCZVQmVVmlUVlUVlVVpVdZVc5VU6VS+VSpEixilVulVslVVLlVXlVPpVPFVAFlFdeFVaFVRFVRBVVRVUxdasqrm5TJVRJ1dSXVqVVGdXMl1XlVHlVXlVQFVUlVVlVVlVUFVVVVVXVVDVVXVVXNdT9qqbqhr3wQXVpMnXUAKyrBmI9VV81UA3V6/ioaqwGYxPVVDVTj6uhOARbqMa+pXpKtVIjsbV6Ro3CZ1VbNQbbqedVe9VBdVQvqE6qie+suqgJ2E11V5Oxh+qpeqneajpWVJcmVkm9qvqrAWqgek3Nw9fVYPWGGqKGqmHqTTVcjVAj1Sg1Wo1RY9Vbapx6W41X76gJaqKapCarKWqqmqbeVdPVDDVTvadmqffVbDVHzVXz1Hz1gVqgFqpF6kO1WH2klqilaplarlaolWqVWq3WqLVqnVqvNqiNapParLaorWqb2q52qJ1ql9qt9qiP1V71idqnPlX71WfqgPqbOqg+V4fUF+qw+lIdUV+po+prdUx9o46rLuqEOqlOqe/UafW9OqPOqnPqB3Ve/aguqJ/URRUUaNRKa210pNPotDpFp9Pp9VU6g75aZ9SZdEJfozPra3UWfZ3OqrPp7DqHzqmv17m01aSdZh3r3DqPTuobdF59o86n8+sCuqD2upAurG/SRfTNuqi+RRfTt+ri+jZdQpfUpXRpfbsuo+/QZXU5XV7fqSvoirqSrqzv0lX03bqqvkdX0/fq6vo+XUPfr2vqB3Qt/aCurR/SdfTDuq5+RNfT9XUD3VA30o/qxvox3UQ31c3047q5fkK30E/qlvop3Uo/rVvrZ3Qb/axuq5/T7fTzur3uoDvqn/RFHXRn3UV31d2i7vol3UP31L10b91Hv6z76ld0P/2q7q8H6IH6NT1Iv64H6zf0ED1UD9Nv6uF6hB6pR+nReoweq9/S4/Tberx+R0/QE/UkPVlP0VN1r18rzfwT+W//N/n9fr73zXqL3qq36e16h96pd+ndeo/eo/fqvXqf3qf36/36gD6gD+qD+pA+pA/rw/qIPqKP6qP6mD6mj+vj+oQ+qX/Q3+nT+nt9Rp/VZ/UP+rw+ry/8+hiAQaOMNsZEJo1Ja1JMOpPeXGUymKtNRpPJJMw1JrO51mQx15msJpvJbnKYnOZ6k8tYQ8YZNrHJbfKYpLnB5DU3mnwmvylgChpvCpnC5qZ/Ov93+ls+6ZeTl9AFwDQ2jU0T08Q0M81Mc9PctDAtTEvT0rQyrUxr09q0MW1MW9PWtDPtTHvT3nQ0HU0n08l0RjBdTVfT3bxkepieppfpbfqYl01f09f0M/1Mf9PfDDQDzSAzyAw2g80QM8QYABhuhpuRZqQZbUabsWasGWfGmfFmvJlgJphJZpKZYqaYaWaamW6mm5lmppllZpnZZraZa+aa+Wa+WWAWmEVmkVlsFpslZqlZapab5WalWWlWm9VmrVlr1pv1ZqPZaJaYLWaL2Wa2mR1mh9lldpk9Zo/Za/aafWaf2W/2mwPmgDloDppD5pA5bA6bI+aIOWqOmmPmmDlujpsT5oQ5ZU6Z0+a0OWPOmHPmnDlvzpsL5oK5aC5eOu2LVKQiE5koTZQmSolSovRR+ihDlCHKGGWMElEiyhxljrJE10VZo2xR9ihHlDO6PsoV2YgiF3EUR7mjPFEyuiHKG90Y5YvyRwWigpGPCkWFo5uiItHNUdHolqhYdGtUPLotKhGVjEpFpaPbozLRHVHZqFxUProzqhBVjCpFlaO7oirR3VHV6J6oWnRvVD26L6oR3R/VjB6IakUPRrWjh6I60cNR3eiRqF5UP2oQNYwa/aX1QziT7THf2XaxaaGb7W5fsj1sT9vL9rZ97Mu2r33F9rOv2v52gB1oX7OD7Ot2sH3DDrFD7TD7ph1uR9iRdpQdbcfYsfYtO86+bcfbd+wEO9FOspPtFDvVTrPv2ul2hp1p37Oz7Pt2tp1j59p5dr79wC6wC+0i+6FdbD+yS+xSu8wutyvsSrvKrrZr7Fq7zq63G+xGu8lutlvsVrvNbrc77E67y+62e+zHdq/9xO6zn9r99jN7wKb8en7/hT1sv7RH7Ff2qP3aHrPf2OP2W3vCnrSn7Hf2tP3enrFn7Tn7gz1vf7QX7E/2og2XTu4vvbyTIUNpKA2lUAqlp/SUgTJQRspICUpQZspMWSgLZaWslJ2yU07KSbkoF13CxJSbclOSkpSX8lI+ykcFqAB58lSYClMRKkJFqSgVo2JUnIpTCSpBpagU3U630x10B5WjcnQn3UkVqSJVpspUhapQVapK1agaVafqVINqUE2qSbWoFtWm2lSH6lBdqkv1qB41oAbUiBpRY2pMTagJNaNm1JyaUwtqQS2pJbWiVtSaWlMbakNtqS21o3bUntpTR+pInagTdabO1JW6UnfqTj2oB/WiXtSH+lBf6kv9qB/1p/40kAbSIBpEg2kwDaGhNIzepOE0gkbSKBpNY2gsjaVxNI7G03iaQBNoEk2iKTSFptE0mk7TaSbNpFk0i2bTbJpLc2k+zacFtIAW0SJaTItpCS2hZbSMVtAKWkWraA2toXW0jjbQBtpEm2gLbaFttI120A7aRbtoD+2hvbSX9tE+2k/76QAdoIN0kA7RITpMh+kIHaGjdJSO0TE6TsfpBJ2gU3SKTtNpOkNn6Bydo/P0I12gn+giBUpx6Vx6d5XL4K52GV0m91/j7C6Hy+mud7mcdVldtn+IyTmXz+V3BVxB510hV9jd9Ju4hCvpSrnS7nZXxt3hyv4mrrJmxy+/iO7udZXdXa6Ku9tVdfe4au5eV93d52q4h11N94ir5eq72q6hq+MednXdI66eq+8auIauuXvCtXBPupbuKdfKPf2beIFb6Na4tW6dW+/2uk/cOfeDO+q+dufdj66z6+L6uJddX/eK6+dedf3dgN/Ew9ybbrgb4Ua6UW60G/ObeJKb7Ka4qW6ae9dNdzN+E893H7hZbpGb7ea4uW7ez/Glnha5D91i95Fb4pa6ZW65W+FWulVu9d97Xe42uk1us9vjPnbb3Ha3w+10u9zun+NLx7HPfer2u8/cEfeVO+g+d4fcMXfYfflzfOn4jrlv3HH3rTvhTrpT7jt32n3vzrizPx//pWP/zv3kLrrggJEVazYccRpOyymcjtPzVZyBr+aMnIkTfA1n5ms5C1/HWTkbZ+ccnJOv51xsmdgxc8y5OQ8n+QbOyzdyPs7PBbggey7EhfkmLsI3c1G+hYvxrVycb+MSXJJLcWm+ncvwHVyWy3F5vpMrcEWuxJX5Lq7Cd3NVvoer8b1cne/jGnw/1+QHuBY/yLX5Ia7DD3NdfoTrcX1uwA25ET/KjfkxbsJNuRk/zs35CW7BT3JLfopb8dPcmp/hNvwst+XnuB0/z+25A3fkF7gTv8iduQt35W7cHYF7cE/uxb25D7/MffkV7sevcn8ewAP5NR7Er/NgfoOH8FAexm/ycB7BI3kUj+YxPJbf4nH8No/nd3gCT+RJPJmn8FSexu/ydJ7BM/k9nsXv82yew3N5Hs/nD3gBL+RF/CEv5o94CS/lZbycV/BKXsWreQ2v5XW8njfwRt7Em3kLb+VtvJ2Rd/KuS0/z/DHv5U94H3/K+/kzPsB/44P8OR/iL/gwf8lH+Cs+yl/zMf6Gj/O3fIJP8in+jk/z93yGz/I5/oHP8498gX/iixwYYoxVrGMTR3GaOG2cEqeL08dXxRniq+OMcaY4EV8TZ46vjbPE18VZ42xx9jhHnDO+Ps4V25hiF3Mcx7njPHEyviHOG98Y54vzxwXigrGPC8WF45viIvHNcdH4lrhYfGtcPL4tLhGXjB++t3R8e1wmviMuG5eLy8d3xhXiinGluHJ8V1wlvjuuGt8TV4vvjYvG98U14vvjmvEDca34wbh2/FBcJ344rhs/EteL68cN4oZxo/jRuHH8WNwkbho3ix+Pm8dPxC3iJ+OW8VNxq/jpP9zfNe4Wd49fil+KQ7hHz03OS85PfpBckFyYXJT8MLk4+VFySXJpcllyeXJFcmVyVXJ1ck1ybXJdcn1yQ3JjclNyczKEymnBo1dee+Mjn8an9Sk+nU/vr/IZ/NU+o8/kE/4an9lf67P463xWn81n9zl8Tn+9z+WtJ+88+9jn9nl80t/g8/obfT6f3xfwBb33hXxh39A38o18Y/+Yb+Kb+gge94/7J/wT/kn/pH/Kt/JP+9b+Gd/GP+vb+uf8c/5539538B39C76Tf9F39l18V9/Vd/fdfQ/fw/fyvXwf38f39X19P9/P9/f9/UA/0A/yg/xgP9gP8UP8MD/MD/fD/Ug/0o/2o/1YP9aP8+P8eD/eT/AT/CQ/yU/xU/w0P81P99P9TD/Tz8o3y8/2s/1cP9fP9/P9Ar/AL/KL/GK/2C/xS/wyv8yv8Cv8Kr/Kr/Fr/Dq/zm/wG/wmv8lv8Vv8Nr/N7/A7/C6/y+/xe/xev9fv8/v8fr/fH/AHzgV/0B/yX/jD/kt/xH/lj/qv/TH/jT/uv/Un/El/yn/nT/vv/Rl/1p/zP/jz/kd/wf/kL/rgxybeSoxLvJ0Yn3gnMSExMTEpMTkxJTE1MS3xbmJ6YkZiZuK9xKzE+4nZiTmJuYl5ifmJDxILEgsTixIfJhYnPkosSSxNLEssT6xIrEyEcP22OOQOeUIy3BDyhhtDvpA/FAgFgw+FQuFwUygSbg5Fwy2hWLg1FA+3hRKhZCgVHgn1Qv3QIDQMjcKjoXF4LDQJTUOz8HhoHp4ILcKToWV4KrQKT4fW4ZnQJjwb2obnQrvwfGgfOoSO4YXQKbwYOgcduoZuoXt4KfQIPUOv0Dv0CS+HvuGV0C+8GvqHAWFgeC0MCq+HweGNMCQMDcPCm2F4GBFGhlFhdBgTxoa3wrjwdhgf3gkTwsQwKUwOU8LUMC28G6aHGWFmeC/MCu+H2WFOmBvmhfnhg7AgLAyLwodhcfgoLAlLw7KwPEDKyrAqrA5rwtqwLqwPG8LGsClsDlvC1rAtbA87ws6wK+wOe8LHYW/4JOwLn4b94bNwIPwtHAyfh0Phi3A4fBmOhK/C0fB1OBa+CcfDt+FEOBlOhe/C6fB9OBPOhnPhh3A+/BguhJ/CRfnMmhBCCCHEn6L/YH+3f4jU3/9Vv36lOwBcvT3H4f9ac0PWX9Y9Vc7mCQB4qku7B/9jq1Cha9euv952iYYozxwASFzOTwOX46XQDJ6AltAUivy3/fVUHc7zH9RP3gqQ/j/lpMDl+HL9m3+n/ohZf1h/DkC+PJdz0sHl+HL9or+pHf1cP1vjP6if7vOxAE3+U14GuBxfrl8YHoOnoeU/3FIIIYQQQgghhPhFT1WqzR+9v730/jynuZyTFn6JzZ94fw6/fMJACCGEEEIIIYQQV9CzHTo++WjLlk3b/M6i3O/vkkVqWaT512jj334B8C/Rxp9bXOlnJiGEEEIIIcRf7fJJ/5XuRAghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESL3+X/w5sSt9jEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIcSV9n8CAAD//yldK4M=")
openat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x4842, 0x0)
r0 = landlock_create_ruleset(&(0x7f00000002c0)={0x1}, 0x18, 0x0)
setxattr$trusted_overlay_redirect(&(0x7f0000000800)='./file0/file2\x00', &(0x7f0000000840), &(0x7f0000000880)='./file0/file1\x00', 0xe, 0x1)
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
landlock_restrict_self(r0, 0x0)
mount$tmpfs(0x0, &(0x7f0000000300)='./file0/file1\x00', 0x0, 0x0, 0x0)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000280)={0x29e9c934, 0x3, 0x0, 0x4}, 0x10)
umount2(&(0x7f0000000380)='./file0/file0\x00', 0x0)
move_mount(0xffffffffffffff9c, &(0x7f00000003c0)='./file0/file0\x00', 0xffffffffffffff9c, &(0x7f0000000400)='./file0/file0\x00', 0x0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSKBENT(r2, 0x4b47, &(0x7f0000000340)={0x8, 0x0, 0x8000})
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x840, &(0x7f0000000340)={[{@test_dummy_encryption_v1}, {@test_dummy_encryption_v1}, {@nomblk_io_submit}, {@nomblk_io_submit}]}, 0x1, 0x241, &(0x7f0000000540)="$eJzs3U9oFFccB/DfzO42TbKUtL0UCm2hlNIGQnor9JJeWgiUEEoptIUUES9KIsQEb4knLx70rJKTlyDejB4ll+BFETxFzSFeBA0eDB70sDI7iUSz/oGJO+J8PjC7M7vvze8Ns983exkmgMoaiIiRiKhFxGBENCIi2dngm3wZ2Npc6F2ZiGi1/nyYtNvl27ntfv0RMR8RP0fEcprEwXrE7NK/649Xf//+xEzju3NL//R29SC3bKyv/bF5duz4xdGfZq/fvD+WxEg0XziuvZd0+KyeRHz2Loq9J5J62SPgbYwfvXAry/3nEfFtO/+NSCM/eSenP1puxI9nXtX31IMbX3ZzrMDea7Ua2TVwvgVUThoRzUjSoYjI19N0aCj/D3+71pcempo+MnhgamZyf9kzFbBXmhFrv13uudT/Uv7v1fL8Ax+uLP9/jS/eydY3a2WPBuimLP+D/8/9EPIPlSP/UF3yD9Ul/1Bdr8t/WtKYgO5w/Yfqkn+oLvmH6pJ/qC75h+ramX8AoFpaPWXfgQyUpez5BwAAAAAAAAAAAAAAAAAA2G2hd2Vie+lWzaunIzZ+jYh6p/q1recQfNx+7XuUZM2eS/Juhfz3dcEdFHS+5LuvP7lbbv1rX5Vbf24yYv5YRAzX67t/f0nh52B8+obvG/sKFijol7/Lrf90sdz6o6sRV7L5Z7jT/JPGF+33zvNPMzt/BesfflJwBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTNswAAAP//ceptKw==")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FITRIM(r3, 0xc0185879, &(0x7f0000000080)={0x0, 0x2000003})
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$FITRIM(r4, 0xc0185879, &(0x7f0000000080)={0x0, 0x2000003})
syz_usb_connect(0x3, 0x24, 0x0, 0x0)
r5 = syz_open_dev$I2C(&(0x7f0000000000), 0x1, 0x0)
ioctl$I2C_FUNCS(r5, 0x705, &(0x7f0000000040)=0x3)

390.769882ms ago: executing program 1 (id=386):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000b00)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@data_err_ignore}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@auto_da_alloc}, {@abort}, {@user_xattr}, {@bh}, {@errors_remount}]}, 0x1, 0x55f, &(0x7f0000000580)="$eJzs3d9rU+cbAPDnpK2/v18riGxjjIIXczhT2+6Hg124y7HJhO3ehfZYpKmRJhXbCdOLebObIYMxJozdb/e7lP0D+yuETZAhZbvYTcZJT2q0SRNrtNF8PnDkfXNO+p4n73le35M3IQEMrYnsn0LEyxHxTRJxMCKSfN9o5Dsn1o9bu391NtuSqNc//StpHJfVm3+r+bz9eeWliPjtq4jjhc3tVldWF0rlcrqU1ydri5cmqyurJy4slubT+fTi9MzMqbdnpt97952+xfrG2X++/+T2h6e+Prr23S93D91M4nQcyPe1xvEErrVWJmIif03G4vQjB071obFBkuz0CbAtI3mej0U2BhyMkTzrgRfflxFRB4ZUIv9hSDXnAc17+z7dBz837n2wfgO0Of7R9fdGYk/j3mjfWvLQnVF2vzveh/azNn7989bNbIv+vQ8B0NW16xFxcnR08/iX5OPf9p3s4ZhH2zD+wbNzO5v/vNlu/lPYmP9Em/nP/ja5ux3d879wtw/NdJTN/95vO//dWLQaH8lr/2vM+caS8xfKaTa2/T8ijsXY7qy+1XrOqbU79U77Wud/2Za135wL5udxd3T3w8+ZK9VKTxJzq3vXI15pO/9NNvo/adP/2etxtsc2jqS3Xuu0r3v8T1f9p4jX2/b/gxWtZOv1ycnG9TDZvCo2+/vGkd87tb/T8Wf9v2/r+MeT1vXa6uO38eOef9NO+x6KP3q//nclnzXKu/LHrpRqtaWpiF3Jx5sfn37w3Ga9eXwW/7GjW49/7a7/vRHxeY/x3zj886s9xd+t/5/CImsW/9xj9f/jF+589MUP248/6/+3GqVj+SO9jH+9nuCTvHYAAAAAAAAwaAoRcSCSQnGjXCgUi+uf7zgc+wrlSrV2/Hxl+eJcNL4rOx5jheZK98GWz0NM5Z+HbdanH6nPRMShiPh2ZG+jXpytlOd2OngAAAAAAAAAAAAAAAAAAAAYEPs7fP8/88fITp8d8NT5yW8YXl3zvx+/9AQMJP//w/CS/zC85D8ML/kPw0v+w/CS/zC85D8ML/kPAAAAAAAAAAAAAAAAAAAAAAAAAAAAfXX2zJlsq6/dvzqb1ecurywvVC6fmEurC8XF5dnibGXpUnG+Upkvp8XZymK3v1euVC5NTcfylclaWq1NVldWzy1Wli/Wzl1YLM2n59KxZxIVAAAAAAAAAAAAAAAAAAAAPF+qK6sLpXI5XVJQ2FZhdDBOY3UhYiBO40Up7PTIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP/BcAAP//8NI25Q==")
lsetxattr$trusted_overlay_upper(&(0x7f00000001c0)='./file1\x00', &(0x7f0000000180), &(0x7f00000001c0)=ANY=[], 0x361, 0x0)
lsetxattr$security_ima(&(0x7f0000000080)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000200)=ANY=[], 0x9, 0x1)
lsetxattr$system_posix_acl(&(0x7f0000000000)='./file1\x00', &(0x7f00000003c0)='system.posix_acl_access\x00', &(0x7f0000000140)=ANY=[@ANYBLOB="0200000001000000000000000400000000000000100000000000000020"], 0x24, 0x0)
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000480)=ANY=[], 0xfe37, 0x0)

336.398594ms ago: executing program 2 (id=387):
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000780)='./file0\x00', 0x200010, &(0x7f0000000080)=ANY=[@ANYBLOB="64656275672c757466383d312c757466383d302c757466383d312c73686f72746e616d653d77696e39352c636865636b3d7374726963742c73686f72746e616d653d77696e6e742c73686f72746e616d653d6c6f7765722c002bc08d8cca74e8ecafb48437094fe1a4a2383bd9d85bff651d1101fd722e01b9b5d22f08b5fc0ac7cbf33fb553a90ae4d01d71ddeeb089f517aeaaa271899287d5b8949b22b23c2807b7d81714b89e9682f6c3faa6107733a77a4cf985560ed64ec24e255dee3654aa2ba55be4bf3ae257adba34bed8e32e4122bb46aa57a75dab0288098e42f886f09bdf63537db28a454b02a4204a7e7dac3c30a6d4b5c814916b02", @ANYRES64, @ANYRESHEX], 0x1, 0x277, &(0x7f00000001c0)="$eJzs2s9rI2UYB/BnarXpLt1U/MUuiC96UC/DtmcPu0gFsaCoFVZBdtambuyYlE4oRMT2pFf/BM/i0Zsge/TSi3+BB2+99LgHMTJNWrOlaF3cppTP55A8zMx3frxv8vIEsvfat5+vr1X5WtGLqSyLqRuxE/ezmI+pOLQTr75865fn37v14Vs3l5cbo62LKaUrL/z80Zc/vHivd/mDH6/8NBO78x/v7S/+vvvs7tW9P9+/265Su0qdbq8+V7fbK+6UrbTartbzlN4pW0XVSu1O1drspSLdOdy/VnY3Nvqp6KzOXdrYbFVVKjr9tN7qp1439Tb7qfi0aHdSnudp7lJw4O7DxVa+vz8YxP7g8dsxGAxmv4vL92Lut2hG9mTKnrqRPXM7e24nu7o/GDSPR2f/h7tm4h56/rkQRov60rspNSLKb7ZWtlaG7/XeRtxci3aU0YrrMRt/RP0xGRnWb7y5vHQ9HZiPr8vtUX57a+WxiJipTzLML0Qz5k/OLwzz6TBfp+rXenU/uv5iNOPpk/OLx/LD6zfilZfG8nk049dPohtlrEadje3RECx9tZDS628vH8tfOzgOAOCiydORun+rm7ax/i0izx/YP9YfDfNj/WFzrD984oT+8Fh/NR3Xpif77ERU/S/Wi7JsbdY/8A6Koy2nKGZGZ/lvqXNezI4Pyz8WEdn4WD66G5t6YM7OeFimTzkaimGRXYyvQ8RnZ7kQMRF/T/q/Hto4kxsCAAAAAAAAAADgVM7i74STfkYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOB8+ysAAP//8BK2LQ==")
syz_emit_ethernet(0x66, &(0x7f0000000040)={@local, @empty, @void, {@ipv6={0x86dd, @icmpv6={0x1, 0x6, '\x00\'$', 0x30, 0x3a, 0xff, @rand_addr=' \x01\x00', @mcast2, {[], @pkt_toobig={0x2, 0x0, 0x0, 0x2, {0x6, 0x6, ':yE', 0x2, 0x3a, 0xff, @private2={0xfc, 0x2, '\x00', 0x1}, @local}}}}}}}, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)

326.861731ms ago: executing program 1 (id=388):
r0 = syz_io_uring_setup(0x1f87, &(0x7f0000000080)={0x0, 0x0, 0x13580}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000001c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x65c6ecdee208ddb6, @fd_index=0x8, 0x1, 0x0})
io_uring_enter(r0, 0x15f1, 0xff98, 0x69, 0x0, 0x0)

227.110819ms ago: executing program 2 (id=389):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f00000002c0)='./file0\x00', 0x44, &(0x7f00000000c0)=ANY=[], 0x1, 0x6216, &(0x7f000000cb40)="$eJzs3c2OHFfZB/Cn+ms+/CaxsojyRghNEgMJIf4MxhAgyQIWbFggb5GtySSycADZBjmWhSeaDQsuAoTEEhBLVlxAFmzZcQFYspGArFKoZs4Z1zTT7rGd7uqZ8/tJk6qnTtX0qfy7prtdVX0CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIjvffcHZ6qIuPTztOB4xP9FP6IXsdLUaxGxsnY8rz+IiOdjuzmei4jhUkSVG5+JeCMiPn464t792+vNorMH7Md3/vi33/7w2Pf/+vvhqX//6Ub/zUnr3bz5q3/9+c7j7y8AAACUqK7rukof819In+97XXcKAJiL/PpfJ3m5euHqzQXrj1qtVqsPYd1W7+9Ou4iIzfY2zXsGp+MB4JDZjE+67gIdkn/RBhFxrOtOAAut6roDzMS9+7fXq5Rv1X49WNtpz9eC7Ml/s9q9v2PSdJrxa0zm9fzain48O6E/K3PqwyLJ+ffG87+00z5K6806/3mZlP9o59an4uT8++P5jzk6+ff2zb9UOf/BI+Xflz8AAAAAACyw/O//xzs+/7v05LtyIA87/7s2pz4AAAAAAAAAwGftScf/21UZ/w8AAAAWVfNZvfHrpx8sm/RdbM3yi1XEU2PrA4VJN8usdt0PAAAAAAAAAAAAACjJYOca3otVxDAinlpdreu6+Wkbrx/Vk25/2JW+/1Cyrv/IAwDAjo+fHruXv4pYjoiL6bv+hqurq3W9vLJar9YrS/n97GhpuV5pfa7N02bZ0ugAb4gHo7r5Zcut7dqmfV6e1j7++5rHGtX9A3RsPjoMHAAiYufV6J5XpCOmrp+Jrt/lcDg4/o8exz8H0fXzFAAAAJi9uq7rKn2d9wvpnH+v604BAHORX//Hzwuo1Wq1Wq0+enVbvb877SIiNtvbNO8ZDMcPAIfMZnzSdRfokPyLNoiI57vuBLDQqq47wEzcu397vUr5Vu3XgzS+e74WZE/+m9X2dnn7/abTjF9jMq/n11b049kJ/XluTn1YJDn/3nj+l3baR2m9Wec/L5Pyb/bzeAf96VrOvz+e/5ijk39v3/xLlfMfPFL+ffkDAAAAAMACy//+f3yhzv+OHnd3pnrY+d+1mT0qAAAAAAAAAMzWvfu31/N9r/n8/+f2Wc/9n0dTzr+Sf5Fy/un+/90Lb14ZW6/fmr/7zoP8/3n/9vrvbvzj//P0oPkv5ZkqPbOq9Iyo0iNVgzR9zB2bYGvYHzWPNKx6/UG65qcevhdX4mpsxOk96/bS8fCg/cye9qanw+32ur/TfnZP+2C3PW9/bk/7MF3pVK/k9pOxHj+Jq/HudnvTtjRl/5entNdT2nP+fcd/kXL+g9ZPk/9qaq/Gpo27H/X+57hvT/d7nLevfP6Xp2e/O1NtRX9339qa/Xupg/5s/z85disiNq6dvHn5xo1rZyJNjo3iZ9fz0rORJp+xnP8w/eT8X3l5pz3/3W8fr3c/Gj1y/otiKwYT83+5Nd/s76tz7lsXcv6j9JPzfze173/8H+b8Jx//r3XQHwAAAAAAAAAAAAAAAHiYuq63bxF9OyLOp/t/uro3EwCYr/z6Xyd5+bzq/uNu/4e9+9FV/9XqOdfVgvVnrvWn9WL1R72Q9X8WrD8LV7fV+3urXUTEX9rbNO8ZfrHfLwMAFtmnEfH3rjtBZ+RfsPx9f830RNedAebq+oe3fnT56tWNa9e77gkAAAAAAAAA8Ljy+J9rrfGfT9R1fWdsvT3jv74Ta086/ucgz+wOMDphoOr+o+/Tw2z1Rv1ea7jxF2PS+N/D3bmHjf89mPJ4wyntoyntS1Pal6e073ujR0vO/8XWeOcnIuKFseHXSxj/dXzM+xLk/F9qPZ+b/L80tl47//o3hzn/3p78T9344Kenrn946/UrH1x+f+P9jR+fO3Pm9Lnz5y9cuHDqvStXN07v/LfDHs9Wzj+Pfe060LLk/HPm8i9Lzv8LqZZ/WXL+X0y1/MuS88/v9+Rflpx//uwj/7Lk/F9NtfzLkvP/cqrlX5ac/2upln9Zcv5fSbX8y5Lzfz3V8i9Lzv9kquVflpz/qVQfMP+VWfeL+cj55zNcjv+y5PzzlQ3yL0vO/2yq5V+WnP+5VMu/LDn/N1It/7Lk/L+aavmXJed/PtXyL0vO/2upln9Zcv4XUi3/suT8v55q+Zcl5/+NVMu/LDn/N1Mt/7Lk/L+ZavmXJef/rVTLvyw5/2+nWv5lyfm/lWr5l+XB9/+bMWNmRjODw3egdf2XCQAAAAAAAAAAAAAYN4/LibveRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOC/7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWEHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKe/cWI9dd3wH8zN68diA2EFInNWHtGGOcTXZ9iS+0LiZcG24lIRR6wXa9a7PgG167BBrVjgIlEkZFFW3DQ1tAqM1LhVXxQKuA8oBaVapE2gf6gqhQeYiqgAJSVVpBtpo5//9/Z2ZnZ3a9483Zcz4fKfllZ87MOXPmP7P7tfPdAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg2dY3TX+mlmVZrVbLL9iUZS+pz/VjmxqXvP7FPT4AAABg5X7R+PfzG9MFR5Zwo6Zt/umO73x9bm5uLvvA4J8Of2FuLl0xlmXD67KscV107QcfrDVvEzyWjdYGmr4e6LH7wR7XD/W4frjH9SM9rl/X4/rRHtcvOAELrM9q6c62N/5zU35Ks1uy4cZ12zvc6rHauoH6uUu3zWqN28wNn8xmstPZdDbZsn2+ba2x/VNb6/t6exb3NdC0ry31FfKTR07EY6iFc7y9ZV/z9xn96I3Z2E9/8siJv7743G2dZs/T0HJ/+XHu3FY/zk+FS/JjrWXr0jmJxznQdJxbOjwngy3HWWvcrv7f7cf5/BKPc3D+MFdV+3M+mg00/vuZxnkaqmUdztOWcNnP7syy7Mr8Ybdvs2Bf2UC2oeWSgfnnZzRfkfX7qC+ll2dDy1qnW5ewTutzanvrOm1/TcTnf2u43dAix9D8NP3o0ZGm5/3nc9ezTqP6o17stdK+Bvv9WinKGozr4pnGg3684xrcHh7/IzsWX4Md106HNZged9Ma3NZrDQ6MDDaOOT0JtcZt5tfg7pbtBxt7qjXmszu6r8GJi2fOT8x+4pN3z5w5fmr61PTZvbt3T+7dv//gwYMTJ2dOT0/m/77Os118G7KB9BrYFs5dfA28tm3b5qU69+WRBe+/1/s6HO3yOtzUtm2/X4dD7Q+utjovyIVrOn9tvK9+0kevDmSLvMYaz8+ulb8O0+Nueh0ONb0OO35P6fA6HFrC67C+zfldS/uZZajpn07HsPj3gpWtwU1Na7D955H2Ndjvn0eKsgZHw7r43q7FvxdsCcf7+Phyfx4ZXLAG08MN7z31S9LP+6MHG6PTury9fsVNI9ml2ekL9zx8/OLFC7uzMFbFK5rWSvt63dD0mLIF63Vg2ev1yMwdj9/e4fJN4VyN3l3/1+iiz1V9m333dH+uGt/dOp/Plkv3ZGH02Wqfz07fzevncyTLvvjtRx/45iNffNOi57OeNz81sfKfxVMubXr/HV7k/Tfm/hfy/aW7emxweCh//Q6mszPc8n7c+lQNNd67ao19Pz+xtPfj4fDPar8f39Ll/Xhz27b9fj8ebn9w8f241utPO1am/fkcDevk9GT39+P6Npv3LHdNDnV9P74zzFo4/68LSSHloqa1s9i6TfsaGhoOj2so7qF1ne5t2X44ZLP6vp7cc33rdOed+X0Npkc3b7XW6Vjbtv1ep+nPvhZbp7Vef/p2fdqfz9GwLm7Z232d1rd5et/K3zvXx/9seu8c6bUGhwdH6sc8nBZh4/0+m1sf1+A92YnsXHY6m2pcO9JYT7XGvsbvXdoaHAn/rPZ75eYua3Bn27b9XoPp+9hia682tPDB90H78zka1sUT93Zfg/Vt3nygvz+77gyXpG2afnZt//O1xf7M6/a203Sj1spQOM5vH+j+Z7P1bU4fXG7O7H6e7gqX3NThPLW/fhd7TU1lq3OeNofjfO7g4uepfjz1bb5waInr6UiWZZc/dl/jz3vD36/83aXvfr3l7106/Z3O5Y/d9+OXnvzH5Rw/AGvfC/nYkH+va/qbqaX8/T8AAACwJsTcPxBmIv8DAABAacTcH/+v8ET+BwAAgNKIuX8ozKQi+X/zm5+beeFylpr5c0G8Pp2G+/PtYsd1Mnw9Njevfvl9X53+73+4vLR9D2RZ9vP7/6Dj9pvvj8eVGwvHee0trZcv8PW7l7TvYw9dTvtt7q9/Kdx/fDxLXQadKriTWZY9tfFzjf2MffBqYz59/7HGfODK44/Vt3n+UP51vP2zr8i3/4tQ/j1y8njL7Z8N5+GHYU6+o/P5iLf72tXXbTnw/vn9xdvVtt3ceNhPfCi/3/h7cj7/WL59PM+LHf83P/vk1+rbP/yazsd/eaDz8T8Z7verYf7vq/Ltm5+D+tfxdp8Oxx/3F293z1e+1fH4r30m3/78W/PtjoUZ978zfL39rc/NNJ+vh2vHWx5X9rZ8u7j/ye/+ceP6eH/x/tuPf/To1Zbz0b4+nv63/H4m2raPl8f9RH/ftv/6/TSvz7j/J//oWMt57rX/aw88+6r6/bbv/6627c5/bFdj//P31/obm/7y05/ruL94PEf+9nzL4zny3vA6Dvt/4kNhPYbr/+9afn/tv13h2Htb33/i9l/adLnl8URv/2m+/2tvONWY60bXb7jpJS+9+cqr6+cuy55Zl99fr/2f+qtzLcf/5Vvz8xGvjx399v0vJu7/wsfHz56bvTQzlc7qIxsbvzvnnfnxxOPdGN5b278+eu7ih6cvjE2OTWbZWHl/hd51+0qYP87Hle5bzy14B931UHg+b//zpzbs+NfPxsv//X355VffkX/fem3Y7vPh8k3h+Vve/hd6Yuutjdd37elwhHMLf1/wSmzZ/l8Hl7RhePztPxfE9X7+lR9unIf6dY3vG/F1vcLj//5Ufj/fCOd1Lvxm5m23zu+vefv4uxGuPpi/3ld8/sLbXHxe/yY83+/6YX7/8bji4/1++DnmW5tb3+/i+vjG5YH2+2/8Fo8r4f0ku5JfH7eK5/vq87d2PLz4e0iyK7c1vv6TdD+3LethLmb2E7MTp2fOXnp44uL07MWJ2U988uiZc5fOXjza+F2eRz/S6/bz708bGu9PU9P792WNd6tz+bjBXuzjP//QiakDkzumpk8ev3Ty4kPnpy+cOjE7e2J6anbH8ZMnpz/e6/YzU4d37zm098Ce8VMzU4cPHjq099D4zNlz9cPID6qH/ZMfHT974WjjJrOH9x3afe+9+ybHz5ybmj58YHJy/FKv2ze+N43Xb/374xemTx+/OHNmenx25pPTh3cf2r9/T8/fBnjm/MnZsYkLl85OXJqdvjCRP5axi42L69/7et2ecpr9j/zn2Xa1/BfxZe+5a3/6/ax1X3100bvKN2n7BaLPhd9F888vO39wKV/H3D8cZlKR/A8AAABVEHP/SJiJ/A8AAAClEXP/ujAT+R8AAABKI+b+0TCTiuT/0vX/N19e0v71//X/m8+X/n/F+v8PFq3/n79f6P/3x0r79/r/gf6//r/+v/6//j99ULT+f8z967OskvkfAAAAqiDm/g1hJvI/AAAAlEbM/TeFmcj/AAAAUBox978kzKQi+V//X/9f/1//X/+/8/71/9cm/f/u9P970P+fyKrV/7/Sz+PX/9f/Z6Gi9f9j7n9pmElF8j8AAABUQcz9N4eZyP8AAABQGjH3bwwzkf8BAACgNGLu3xRmUpH8r//ftf/fXkNelP5/6/Hr/3deH/r/+v/6/zee/n93+v896P/7/H/9f/1/+qpo/f+Y+18WZlKR/A8AAABVEHP/y8NM5H8AAAAonqHru1nM/a8IM1mQ/69zBwAAAMCLLub+W7K2InhF/v5f/9/n/xe//78uXaf/r/+fFbL/P5jp/xeH/n93+v896P/r/+v/6//TV0Xr/zdyfzaavTLMpCL5HwAAAKog5v5bw0zkfwAAACiNmPt/KcxE/gcAAIDSiLl/c5hJRfK//r/+f/H7/z7/X/+/6P1/n/9fJPr/3en/96D/r/+v/6//T18Vrf8fc/9tYSYVyf8AAABQBTH33x5mIv8DAABAacTc/8thJvI/AAAAlEbM/VvCTCqS//X/C97/j81R/X/9f/1//X/9/yXR/+9O/78H/X/9f/1//X/6qmj9/5j7XxVmUpH8DwAAAFUQc/8dYSbyPwAAAJRGzP2vDjOR/wEAAKA0Yu4fCzOpSP7X/y94/z/vwY/4/H/9f/1//X/9/6XR/+9O/78H/X/9/770/+cu6//r/5MrWv8/5v6tYSYVyf8AAABQBTH3bwszkf8BAACgNGLuvzPMRP4HAACA0oi5f3uYSUXyv/7/muj/Z/r/+v/6//r/+v9Lo//fnf5/D/r/+v8+/1//n74qWv8/5v7XhJlUJP8DAABAFcTcvyPMRP4HAACA0oi5/7VhJvI/AAAAlEbM/TvDTCqS//X/9f/1//X/9f8771//f23S/+9O/78H/X/9f/1//X/6qmj9/5j7XxdmUpH8DwAAAFUQc/+uMBP5HwAAAEoj5v67wkzkfwAAACiNmPvHw0wqkv/1//X/9f/1//X/O+9f/39t0v/vTv+/B/1//X/9f/1/+qpo/f+Y++8OM6lI/gcAAIAqiLn/njAT+R8AAABKI+b+iTAT+R8AAABKI+b+yTCTiuR//X/9f/1//f9l9f9fPX+/+v85/f9i0f/vTv+/B/1//f8Xvf8/rP9PqRSt/x9z/+4wk4rkfwAAAKiCmPv3hJnI/wAAAFAaMffvDTOR/wEAAKA0Yu7fF2ZSkfyv/6//r/+v/+/z/zvvX/9/bdL/767//f/4EPX/9f/1/33+v/4/CxWt/x9z/71hJhXJ/wAAAFAFMffvDzOR/wEAAKA0Yu4/EGYi/wMAAEBpxNx/MMykIvlf/1//X/9f/1//v/P+9f/XJv3/7nz+fw/6//r/+v/6/6zQg3/Y/FXR+v8x9x8KM6lI/gcAAIAqiLn/9WEm8j8AAACURsz9vxJmIv8DAABAacTc/6thJhXJ//r/Ld3z+sPV/9f/1//X/2/Q/1+b9P+70//vQf9f/1//X/+fvlq0/x+i92r3/2PuPxxmUpH8DwAAAFUQc/+vhZnI/wAAAFAaMfe/IcxE/gcAAIDSiLn/SJhJRfK//r/P/9f/1//X/++8/9Xu/4/E+9X/XxH9/+70/3vQ/9f/1//X/6evivb5/zH3vzHMpCL5HwAAAKog5v77wkzkfwAAACiNmPvfFGYi/wMAAEBpxNz/5jCTiuR//X/9f/1//X/9/8779/n/a5P+f3f6/8GdGzsfgP6//r/+v/4/fVW0/n/M/W8JM6lI/gcAAIAqiLn/rWEm8j8AAACURsz9bwszkf8BAACgNGLuf3uYSUXyv/6//r/+v/6//n/n/ev/r036/93p//eg/6//r/+v/09fFa3/H3P/r4eZVCT/AwAAQBXE3H9/mIn8DwAAAKURc/87wkzkfwAAACiNmPvfGWZSkfyv/6//r/+v/6//33n/+v9rk/5/d2us//+Lm8Pl+v85/f9iH/9y+/9DbV/fkP7/Dxbr/8+ta7+9/j83QtH6/zH3vyvMpCL5HwAAAKog5v53h5nI/wAAAFAaMfe/J8xE/gcAAIDSiLn/N8JMKpL/9f/rxzHfXtb/L2v/f0D/X/9f/78i9P+7W2P9f5//30b/v9jH7/P/9f9ZqGj9/5j73xtmUpH8DwAAAFUQc/8DYSbyPwAAAJRGzP0PhpnI/wAAAFAaMfe/L8ykIvlf/9/n/1ej/+/z/zP9f/3/itD/707/vwf9f/3/ovX//1P/n7WtaP3/mPsfCjOpSP4HAACAKoi5//1hJvI/AAAAlEbM/b8ZZiL/AwAAQGnE3P+BMJOK5H/9/7XS/x9bo/3/R/X/b2D//46b8+30//X/maf/353+fw/6//r/Rev/+/x/1rii9f9j7v9gmMnS8//okrcEAAAAXhQx9/9WmElF/v4fAAAAqiDm/t8OM5H/AQAAoDRi7v+dMJOK5H/9/7XS//f5/5n+v8//b3s8+v/6/52sXv8/vvPo/+v/6/9H+v/6//r/tCta/z/m/t8NM6lI/gcAAIAqiLn/Q2Em8j8AAACsCZ3+n+x2MfcfDTOR/wEAAKA0Yu4/FmZSkfyv/6//r/9f0P7/n237l+99593Hduv/6//r/y/Lqn7+f/3F7/P/9f/1/xP9f/1//X/aFa3/H3P/8TCTiuR/AAAAqIKY+38vzET+BwAAgNKIuf9EmIn8DwAAAKURc/9UmElF8r/+v/6//n9B+/9r+PP/4/nQ/2/Vt/5/fNPV/+8o79+nVXRj+//vn++J6/8vt/8/0vFS/X/9/7V8/Pr/+v8sVLT+f8z902EmFcn/AAAAUAUh9w+czOf8FfI/AAAAlEbM/afCTOR/AAAAKI2Y+z8cZlKR/K//r/+v/6//7/P/O++/W/+/NuTz/4sq9e9/1nih6P+3KU7/vzP9f/3/tXz8+v/6/yxUtP5/zP0zYSYVyf8AAABQBTH3fyTMRP4HAACA0oi5/6NhJvI/AAAAlEbM/afDTCqS//X/9f/1//X/9f8777+wn/+v/9/VSvv3+v+B/n+1+///o/+v/6//T38Urf8fc/+ZMJOK5H8AAACogv9n706aLKvLPI7f7C66soJe9K4X3YuO6N71S2DRve5+AS7cuDHCcIEKKs4UziOKirMiOA84gCCigvMATiiKA6g4izNOiBJlkPU8T1Vmnjw3s+pm5jn//+ezqEfSSu6VqKjiV1lfT+7+8+MW+x8AAACakbv/UXGL/Q8AAADNyN3/6Lilk/2v/z+b/v9Upaz/3/z+J9H//4/+f6fX1//r/1um/x+n/19C/+/5//p//T8rNbX+P3f/Y+KWTvY/AAAA9CB3/wVxi/0PAAAAzcjdf2HcYv8DAABAM3L3PzZu6WT/b+n/1xZ99v+Z8Xr+f0v9v+f/7/j6+n/9f8sOtv+/5MGf+fT/+n/9f9D/76r/P7rT5+v/adHU+v/c/Y+LWzrZ/wAAANCD3P2Pj1vsfwAAAGhG7v6L4hb7HwAAAJqRu/8JcUsn+391z/8/tvHxmfb/Rf+v/9/4gP5f/6//ny3P/x/XU/9/4e3nnn/v9f92w15eX/+v//f8f/0/qzW1/j93/xPjlk72PwAAAPQgd/+T4hb7HwAAAJqRu//JcYv9DwAAAM3I3f+UuKWT/b+6/n/Wz/8v+n/9/8YH9P/6f/3/bOn/x/XU/5/J6+v/9f/6f/0/qzW1/j93/1Pjlk72PwAAAPQgd//T4hb7HwAAAJqRu//iuMX+BwAAgGbk7j8et3Sy//X/+9//P6D/1//H1f/r//X/+0//P07/v4T+X/+v/9f/s1JT6/9z918St3Sy/wEAAKAHufufHrfY/wAAANCM3P3PiFvsfwAAAGhG7v5nxi2d7H/9v+f/6/+X9/8X6P+D/l//P336/3H6/yX0/2fbz5+j/9f/6/853R77//tHftpeSf+fu/9ZcUsn+x8AAAB6kLv/2XGL/Q8AAADNyN3/nLjF/gcAAIBm5O5/btzSyf7X/+v/9f+e/3/G/f/2H3ob9P/D9P8HQ/8/bjL9/9qRwQ/r/2ff/3v+v/5f/88mU3v+f+7+58Utnex/AAAA6EHu/ufHLSP7f8+/mQ8AAAAcqtz9L4hbfP0fAAAAZi+rs9z9L4xbOtn/+n/9v/5f/+/5/8OvP9b/33Da+9P/T4v+f9xk+v8d6P/1/3N+//p//T/bTa3/z93/orilk/0PAAAAPcjdf2ncYv8DAABAM3L3vzhusf8BAACgGbn7XxK3dLL/h/v/U/+9/n939P+b37/+f/jHx6r6//w76v9H+///9fz/Pun/xx18/39U/7/576//30eH/f4b7/+PLft8/T9Dptb/5+6/LG7pZP8DAABAD3L3vzRusf8BAACgGbn7Xxa32P8AAADQjNz9L49bOtn/nv+v/9f/z6//9/z/kw7z+f+LA+//j+j/d0n/P87z/5fQ/+v/9f+e/89KTa3/z91/edzSyf4HAACAHlx+32Jj979isbD/AQAAYI5O/7MDW/9Aacjd/8q4xf4HAACAZuTuf1Xc0sn+1//r//X/+n/9//DrT6v/9/z/3dL/j9P/L6H/349+/khj/f8VO33+FPr/i/X/TMym/v+mUx8/rP4/d/+r45ZO9j8AAAD0IHf/a+IW+x8AAACakbv/tXGL/Q8AAADNyN3/urilk/2/7/3/sZ1fe+b9/6byRP+/+f3r/zfT/8ePB/2//v8A6P/H6f+X0P97/r/n/+v/WalT/f/mnw8Pq//P3f/6uKWT/Q8AAAA9yN3/hrjF/gcAAIBm5O6/Im6x/wEAAKAZufvfGLd0sv89/9/z//X/+n/9//Dr6//nSf8/Tv+/hP5f/6//1/+zUpue/3+aw+r/c/dfGbd0sv8BAACgB7n7r4pb7H8AAABoRu7+N8Ut9j8AAAA0I3f/m+OWTva//n9/+//8uP5f/7/Q/+v/9f8Hotv+f23oV6Ltduj/b33E8f/f/BH9v/5f/6//1/+zApPo/0+c+rfL3P1viVs62f8AAADQg9z9b41b7H8AAABoRu7+t8Ut9j8AAAA0I3f/2+OWPe7/f1npuzo4+n/P/9f/6//1/8Ovr/+fp277/13y/P8l9P/6f/2//p+VmkT/f9pf5+5/R9zi6/8AAADQjNz974xb7H8AAABoRu7+d8Ut9j8AAAA0I3f/u+OWTva//l//r/+fZf9/XnwX/f8E+//1xTD9/8HQ/4/T/y+h/9f/6//1/6zU1Pr/3P1Xxy2d7H8AAADoQe7+98Qt9j8AAAA0I3f/e+MW+x8AAACakbv/fXFLJ/tf/6//1//Psv/3/P8J9/870f8fDP3/OP3/YrG4ZuQNDPX/J47q//X/+n/9P2doav1/7v73xy2d7H8AAADoQe7+a+IW+x8AAACakbv/2rjF/gcAAIBm5O7/QNzSyf7X/+v/9f/6f/3/8Ovr/+dJ/z9O/7+E5//r//X/+n9Wamr9f+7+6+KWTvY/AAAA9CB3//Vxi/0PAAAAzcjd/8G4xf4HAACAZuTuvyFu6WT/6//1//p//f++9P/H9f9b6f8Pxv71/wv9v/5f/7+E/l//r/9nq4Pq/++Pn++X9f+5+z8Ut3Sy/wEAAKAHuftvjFvsfwAAAGhG7v4Pxy32PwAAADQjd/9H4pZO9r/+X/+v/9f/e/7/8Ovr/+fJ8//H6f+X0P/r//X/+n9W6qD6/516/61/nbv/o3FLJ/sfAAAAepC7/6a4xf4HAACAZuTuvzlusf8BAACgGbn7Pxa3dLL/9f/6/839/2Kh/9f/6/9POoD+f32h/185/f84/f8S+v82+/9/WDTU/x/b8fP1/0zR1Pr/3P0fj1s62f8AAADQg9z9n4hb7H8AAABoRu7+T8Yt9j8AAAA0I3f/p+KWlvb/Azunb/Pv/49u+UT9/2KxuPMiz//X/4+8vv5/Mv1//VPV/6+O/n/cv//XPXes7+Y76v/1/y31/57/r//n0Eyt/8/d/+m4paX9DwAAAJ3L3f+ZuMX+BwAAgGbk7v9s3GL/AwAAQDNy938ubulk/8+//9/6ifr/xVk9/1//v/EB/b/+X/8/W2fb31+5Hr+mtdv/e/7/GP3/0n5+bYd/71no//X/+n8GTK3/z93/+bilk/0PAAAAPcjdf0vcYv8DAABAM3L33xq32P8AAADQjNz9X4hbOtn/+n/9/5z6/3X9f/X/6/p//b/+f9BUnv9/3nn/d5v+X//fYv8/Rv+v/9f/s9XU+v/c/V+MWzrZ/wAAANCD3P1filvsfwAAAGhG7v4vxy32PwAAADQjd/9X4pZO9v/2/v+cxclC9aSh/j8aNf3/afT/m9+/5/8P//jw/H/9v/5//02l//f8/zN7//p//f+c3/+e+v//2P75+n9aNLX+P3f/bXFLJ/sfAAAAepC7/6txi/0PAAAAzcjd/7W4xf4HAACAZuTuvz1u6WT/e/6//l//r//X/w+/vv5/nvT/4/T/S+j/z76fz59V9f/zff7/P+r/WZ2p9f+5+78et2wMv//85zP8nwkAAABMSO7+b8QtnXz9HwAAAHqQu/+OuMX+BwAAgGbk7v9m3NLJ/tf/6//1//p//f/w6+v/50n/P07/v0Q//f/60AcPu58/W4f9/pvp/z3/nxWaWv+fu/9bcUsn+x8AAADadt/Gt7n7vx232P8AAADQjNz934lb7H8AAABoRu7+O+OWTva//l//337//zD9/5bX1//r/1um/89f0Yfp/5fop/8fdNj9/Nzfv/5f/892U+v/c/ffFbd0sv8BAACgB7n7vxu32P8AAADQjNz934tb7H8AAABoRu7+78ctnex//X9f/f/aosf+3/P/9f/6/57Mp/+/6sjQRz3/X/+v/5/v+9f/6//Zbmr9f+7+u9eOdLn/AQAAYK4e8t+PvGu33/fujW/XFz+IW+x/AAAAaEbu/h/GLfY/AAAANCN3/4/ilk72v/6/r/6/z+f/6//1//r/nsyn/x+m/9f/6//n+/576P//aeTz9f8MmVr/n7v/x3HLacNv8P+gBwAAADg8Y78pNSB3/0/ilk6+/g8AAAA9yN3/07hl2/4/scs/1Q4AAABMTe7+n8UtnXz9X/8/8f5/sU/9f3w//f9J+n/9/9Dr6//nSf8/7iz7/xNr+n/9/wj9f/v9/xj9P0Om1v/n7r/xukWX+x8AAAAatel3FH6+8e364p64xf4HAACAZuTu/0XcYv8DAABAM3L3/zJu6WT/6/8n3v+f0fP/j9V/8vz/zvv/S9cHX1//r/9vmf5/nOf/L6H/1//r//X/rNQe+v+NQbrf/X/u/l/FLZ3sfwAAAOhB7v5fxy32PwAAADQjd/9v4hb7HwAAAJqRu/+3cUsn+1//fwj9/2VHF4t97f938fx//X8f/f8Or99O//+v5x6/5aEPv/Zq/T+nHGT/nz8W9P/6f/3/Sfp//b/+n62m9vz/3P2/i1s62f8AAADQg9z998Yt9j8AAAA0I3f/7+OWB/f/zYf1rgAAAIBVyt3/h7ilk6//6/9bfP7/PPv//Gd9CP3/8fn1/9kU997/e/6//n87z/8fp/9fQv+v/9f/6/9Zqan1/7n7/xi3dLL/AQAAoAe5+/8Ut+T+X9vzb90DAAAAE5O7/89xi6//AwAAQDNy998Xt3Sy//X/+v+p9P/J8/9PfZ7n/5+k/9f/74X+f5z+fwn9v/5f/6//Z6Wm1v/n7v9L3NLJ/gcAAIAe5O6/P26x/wEAAKAZufv/GrfY/wAAANCM3P1/i1s62f/6f/2//l//r/8ffn39/zzp/8fp/5fQ/+v/9f/6f1Zqav1/7v6/BwAA//+l7G5O")
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x185)

226.858294ms ago: executing program 1 (id=390):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x0})
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r0, 0x7a5, &(0x7f0000000100)={{@my=0x0}, 0x0, 0x1})
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r0, 0x7a5, &(0x7f0000000040)={{@host, 0xff}, 0x1, 0x1, 0x9})
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r0, 0x7a5, &(0x7f0000007300)={{@my=0x0, 0xf45}, 0x1, 0x2, 0xd6})

148.046798ms ago: executing program 1 (id=391):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_int(r0, &(0x7f0000000040)='hugetlb.1GB.limit_in_bytes\x00', 0x2, 0x0)
r2 = open(&(0x7f00000000c0)='./bus\x00', 0x1e5842, 0x0)
r3 = open(&(0x7f0000000080)='./bus\x00', 0x145542, 0x40)
ftruncate(r3, 0x2007ffd)
sendfile(r1, r2, 0x0, 0x1000a3)

77.77024ms ago: executing program 1 (id=392):
syz_emit_ethernet(0x76, &(0x7f0000000d80)={@link_local, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "f53244", 0x40, 0x3a, 0x0, @remote, @mcast2, {[], @param_prob={0x2, 0x0, 0x0, 0x500, {0x0, 0x6, "000100", 0x0, 0x0, 0x0, @private1={0xfc, 0x1, '\x00', 0x2}, @remote, [@hopopts={0x3a}], "3356d55afb0de3af"}}}}}}}, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r0, 0x29, 0x1b, &(0x7f0000000000)={@remote}, 0x20)

0s ago: executing program 1 (id=393):
r0 = syz_open_dev$usbfs(&(0x7f0000000080), 0x77, 0x101301)
ioctl$USBDEVFS_CONNECTINFO(r0, 0x80045503, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:19003' (ED25519) to the list of known hosts.
syzkaller login: [   56.711972][ T5832] cgroup: Unknown subsys name 'net'
[   56.874575][ T5832] cgroup: Unknown subsys name 'cpuset'
[   56.880426][ T5832] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   58.970234][ T5832] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   63.453217][ T5237] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   63.455916][ T5237] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   63.458761][ T5237] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   63.461365][ T5237] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   63.463844][ T5237] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   63.476070][   T54] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   63.479107][   T54] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   63.482039][   T54] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   63.485819][   T54] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   63.489121][   T54] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   63.573327][ T5237] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   63.576481][ T5237] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   63.579418][ T5237] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   63.583986][ T5237] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   63.590798][ T5237] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   63.733008][ T5846] chnl_net:caif_netlink_parms(): no params data found
[   63.765816][ T5851] chnl_net:caif_netlink_parms(): no params data found
[   63.857401][ T5846] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.861032][ T5846] bridge0: port 1(bridge_slave_0) entered disabled state
[   63.864241][ T5846] bridge_slave_0: entered allmulticast mode
[   63.868029][ T5846] bridge_slave_0: entered promiscuous mode
[   63.885227][ T5846] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.888170][ T5846] bridge0: port 2(bridge_slave_1) entered disabled state
[   63.891042][ T5846] bridge_slave_1: entered allmulticast mode
[   63.893874][ T5846] bridge_slave_1: entered promiscuous mode
[   63.924464][ T5851] bridge0: port 1(bridge_slave_0) entered blocking state
[   63.927523][ T5851] bridge0: port 1(bridge_slave_0) entered disabled state
[   63.930691][ T5851] bridge_slave_0: entered allmulticast mode
[   63.934581][ T5851] bridge_slave_0: entered promiscuous mode
[   63.957853][ T5846] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   63.964561][ T5851] bridge0: port 2(bridge_slave_1) entered blocking state
[   63.967592][ T5851] bridge0: port 2(bridge_slave_1) entered disabled state
[   63.971388][ T5851] bridge_slave_1: entered allmulticast mode
[   63.975216][ T5851] bridge_slave_1: entered promiscuous mode
[   63.981713][ T5846] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   64.029390][ T5846] team0: Port device team_slave_0 added
[   64.053667][ T5846] team0: Port device team_slave_1 added
[   64.062553][ T5851] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   64.092972][ T5851] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   64.096913][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_0
[   64.099829][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   64.110863][ T5846] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   64.144401][ T5846] batman_adv: batadv0: Adding interface: batadv_slave_1
[   64.147471][ T5846] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   64.158812][ T5846] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   64.201304][ T5851] team0: Port device team_slave_0 added
[   64.232063][ T5851] team0: Port device team_slave_1 added
[   64.277812][ T5846] hsr_slave_0: entered promiscuous mode
[   64.282214][ T5846] hsr_slave_1: entered promiscuous mode
[   64.290836][ T5856] chnl_net:caif_netlink_parms(): no params data found
[   64.297434][ T5851] batman_adv: batadv0: Adding interface: batadv_slave_0
[   64.300810][ T5851] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   64.312453][ T5851] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   64.318465][ T5851] batman_adv: batadv0: Adding interface: batadv_slave_1
[   64.321567][ T5851] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   64.332051][ T5851] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   64.418436][ T5851] hsr_slave_0: entered promiscuous mode
[   64.423783][ T5851] hsr_slave_1: entered promiscuous mode
[   64.426557][ T5851] debugfs: 'hsr0' already exists in 'hsr'
[   64.428910][ T5851] Cannot create hsr debugfs directory
[   64.543699][ T5856] bridge0: port 1(bridge_slave_0) entered blocking state
[   64.547003][ T5856] bridge0: port 1(bridge_slave_0) entered disabled state
[   64.550313][ T5856] bridge_slave_0: entered allmulticast mode
[   64.554371][ T5856] bridge_slave_0: entered promiscuous mode
[   64.559040][ T5856] bridge0: port 2(bridge_slave_1) entered blocking state
[   64.563862][ T5856] bridge0: port 2(bridge_slave_1) entered disabled state
[   64.566962][ T5856] bridge_slave_1: entered allmulticast mode
[   64.570781][ T5856] bridge_slave_1: entered promiscuous mode
[   64.627598][ T5856] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   64.634426][ T5856] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   64.687064][ T5856] team0: Port device team_slave_0 added
[   64.702814][ T5856] team0: Port device team_slave_1 added
[   64.737549][ T5856] batman_adv: batadv0: Adding interface: batadv_slave_0
[   64.742385][ T5856] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   64.752832][ T5856] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   64.757151][ T5846] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   64.765533][ T5856] batman_adv: batadv0: Adding interface: batadv_slave_1
[   64.768430][ T5856] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   64.781728][ T5856] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   64.786694][ T5846] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   64.809635][ T5846] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   64.825543][ T5846] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   64.873742][ T5856] hsr_slave_0: entered promiscuous mode
[   64.876180][ T5856] hsr_slave_1: entered promiscuous mode
[   64.878860][ T5856] debugfs: 'hsr0' already exists in 'hsr'
[   64.881809][ T5856] Cannot create hsr debugfs directory
[   64.885032][ T5851] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   64.893447][ T5851] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   64.897792][ T5851] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   64.902893][ T5851] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   65.052868][ T5856] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   65.061102][ T5856] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   65.070657][ T5856] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   65.083538][ T5856] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   65.136395][ T5846] 8021q: adding VLAN 0 to HW filter on device bond0
[   65.171969][ T5846] 8021q: adding VLAN 0 to HW filter on device team0
[   65.188140][   T26] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.191387][   T26] bridge0: port 1(bridge_slave_0) entered forwarding state
[   65.210072][   T26] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.213129][   T26] bridge0: port 2(bridge_slave_1) entered forwarding state
[   65.224308][ T5851] 8021q: adding VLAN 0 to HW filter on device bond0
[   65.258157][ T5851] 8021q: adding VLAN 0 to HW filter on device team0
[   65.277007][   T26] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.279608][   T26] bridge0: port 1(bridge_slave_0) entered forwarding state
[   65.293413][   T26] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.295963][   T26] bridge0: port 2(bridge_slave_1) entered forwarding state
[   65.305131][ T5856] 8021q: adding VLAN 0 to HW filter on device bond0
[   65.363063][ T5856] 8021q: adding VLAN 0 to HW filter on device team0
[   65.377604][   T68] bridge0: port 1(bridge_slave_0) entered blocking state
[   65.380628][   T68] bridge0: port 1(bridge_slave_0) entered forwarding state
[   65.399806][   T68] bridge0: port 2(bridge_slave_1) entered blocking state
[   65.402796][   T68] bridge0: port 2(bridge_slave_1) entered forwarding state
[   65.426857][ T5846] 8021q: adding VLAN 0 to HW filter on device batadv0
[   65.467851][ T5856] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   65.520609][ T5237] Bluetooth: hci1: command tx timeout
[   65.520813][   T54] Bluetooth: hci0: command tx timeout
[   65.535254][ T5846] veth0_vlan: entered promiscuous mode
[   65.547388][ T5846] veth1_vlan: entered promiscuous mode
[   65.581383][ T5846] veth0_macvtap: entered promiscuous mode
[   65.585270][ T5846] veth1_macvtap: entered promiscuous mode
[   65.627832][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_0
[   65.636067][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_1
[   65.644111][ T5851] 8021q: adding VLAN 0 to HW filter on device batadv0
[   65.653145][ T5856] 8021q: adding VLAN 0 to HW filter on device batadv0
[   65.670696][   T54] Bluetooth: hci2: command tx timeout
[   65.679475][   T13] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   65.685264][   T13] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   65.694223][   T13] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   65.697994][   T13] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   65.785759][ T5856] veth0_vlan: entered promiscuous mode
[   65.793197][   T26] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   65.798013][ T5851] veth0_vlan: entered promiscuous mode
[   65.805969][ T5856] veth1_vlan: entered promiscuous mode
[   65.809421][   T26] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   65.833425][ T5851] veth1_vlan: entered promiscuous mode
[   65.837647][   T26] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   65.841179][   T26] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   65.860770][ T5856] veth0_macvtap: entered promiscuous mode
[   65.875357][ T5856] veth1_macvtap: entered promiscuous mode
[   65.903355][ T5846] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   65.909954][ T5856] batman_adv: batadv0: Interface activated: batadv_slave_0
[   65.919461][ T5856] batman_adv: batadv0: Interface activated: batadv_slave_1
[   65.928051][ T5851] veth0_macvtap: entered promiscuous mode
[   65.941294][   T12] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   65.946974][ T5851] veth1_macvtap: entered promiscuous mode
[   65.951876][   T12] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   65.955595][   T12] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   65.959332][   T12] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   65.994068][ T5851] batman_adv: batadv0: Interface activated: batadv_slave_0
[   66.024467][ T5851] batman_adv: batadv0: Interface activated: batadv_slave_1
[   66.091090][   T13] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   66.094181][   T13] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   66.105567][   T13] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   66.109688][   T13] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   66.118265][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.121961][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.271542][ T1097] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.282117][ T1097] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.527303][   T68] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.530218][   T68] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.578295][   T68] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.589907][   T68] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.663060][ T5922] input: syz0 as /devices/virtual/input/input4
[   66.744703][ T5927] syz_tun: refused to change device tx_queue_len
[   66.747434][ T5927] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[   67.020425][  T793] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   67.180503][  T793] usb 3-1: Using ep0 maxpacket: 16
[   67.186382][  T793] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   67.194786][  T793] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[   67.213202][  T793] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[   67.218188][  T793] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[   67.229400][  T793] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   67.240941][  T793] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[   67.243955][  T793] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[   67.246846][  T793] usb 3-1: Manufacturer: syz
[   67.252546][  T793] usb 3-1: config 0 descriptor??
[   67.360805][ T5914] usb 2-1: new low-speed USB device number 2 using dummy_hcd
[   67.522624][  T793] rc_core: IR keymap rc-hauppauge not found
[   67.525313][  T793] Registered IR keymap rc-empty
[   67.528754][  T793] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[   67.533693][ T5914] usb 2-1: unable to get BOS descriptor or descriptor too short
[   67.538086][ T5914] usb 2-1: config 0 has an invalid interface number: 105 but max is 0
[   67.544697][ T5914] usb 2-1: config 0 has no interface number 0
[   67.547255][ T5914] usb 2-1: config 0 interface 105 altsetting 10 endpoint 0xE is Bulk; changing to Interrupt
[   67.553125][  T793] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[   67.556110][ T5914] usb 2-1: config 0 interface 105 has no altsetting 0
[   67.563299][ T5914] usb 2-1: string descriptor 0 read error: -22
[   67.565956][ T5914] usb 2-1: New USB device found, idVendor=1943, idProduct=2250, bcdDevice= 0.01
[   67.569725][ T5914] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   67.576455][  T793] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0
[   67.584018][ T5914] usb 2-1: config 0 descriptor??
[   67.586920][ T5937] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[   67.589402][  T793] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input5
[   67.590801][   T54] Bluetooth: hci0: command tx timeout
[   67.596882][   T54] Bluetooth: hci1: command tx timeout
[   67.606580][ T5914] usb 2-1: Found UVC 0.00 device <unnamed> (1943:2250)
[   67.609354][ T5914] usb 2-1: No valid video chain found.
[   67.612618][  T793] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[   67.617215][ T5914] go7007 2-1:0.105: Sensoray 2250 found
[   67.619894][ T5914] go7007 2-1:0.105: probe with driver go7007 failed with error -12
[   67.641372][  T793] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[   67.670844][  T793] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[   67.690984][  T793] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[   67.738078][  T793] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[   67.753744][   T54] Bluetooth: hci2: command tx timeout
[   67.781947][  T793] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[   67.801959][  T793] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[   67.820659][ T5914] usb 2-1: USB disconnect, device number 2
[   67.830526][  T793] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[   67.861853][  T793] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[   67.882255][  T793] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[   67.886632][ T5941] loop0: detected capacity change from 0 to 32768
[   67.899559][ T5941] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.11 (5941)
[   67.911832][  T793] mceusb 3-1:0.0: Registered  with mce emulator interface version 1
[   67.914550][  T793] mceusb 3-1:0.0: 2 tx ports (0x1 cabled) and 2 rx sensors (0x0 active)
[   67.918858][ T5941] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   67.923628][ T5941] BTRFS info (device loop0): using crc32c (crc32c-lib) checksum algorithm
[   67.948364][  T793] usb 3-1: USB disconnect, device number 2
[   68.035030][ T5941] BTRFS info (device loop0): enabling ssd optimizations
[   68.038024][ T5941] BTRFS info (device loop0): enabling free space tree
[   68.068882][ T5941] BTRFS error (device loop0): unable to set label with more than 255 bytes
[   68.133969][ T5851] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   68.341177][ T5963] netlink: 24 bytes leftover after parsing attributes in process `syz.0.14'.
[   68.419735][ T5967] netlink: 132 bytes leftover after parsing attributes in process `syz.0.16'.
[   68.493985][ T5969] bridge0: port 1(bridge_slave_0) entered disabled state
[   68.577286][ T5973] bridge_slave_0 (unregistering): left allmulticast mode
[   68.582953][ T5973] bridge_slave_0 (unregistering): left promiscuous mode
[   68.586250][ T5973] bridge0: port 1(bridge_slave_0) entered disabled state
[   68.989702][ T5980] loop2: detected capacity change from 0 to 4096
[   68.993446][ T5980] =======================================================
[   68.993446][ T5980] WARNING: The mand mount option has been deprecated and
[   68.993446][ T5980]          and is ignored by this kernel. Remove the mand
[   68.993446][ T5980]          option from the mount to silence this warning.
[   68.993446][ T5980] =======================================================
[   69.033781][ T5981] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   69.138254][ T5985] netlink: 'syz.2.23': attribute type 10 has an invalid length.
[   69.149446][ T5985] team0: Port device dummy0 added
[   69.156962][ T5985] netlink: 'syz.2.23': attribute type 10 has an invalid length.
[   69.161400][ T5985] team0: Failed to send port change of device dummy0 via netlink (err -105)
[   69.168958][ T5985] team0: Failed to send options change via netlink (err -105)
[   69.172453][ T5985] team0: Failed to send port change of device dummy0 via netlink (err -105)
[   69.176394][ T5985] team0: Port device dummy0 removed
[   69.184326][ T5985] bond0: (slave dummy0): Enslaving as an active interface with an up link
[   69.297450][ T5987] loop2: detected capacity change from 0 to 2048
[   69.311342][ T5987] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[   69.417874][ T5993] netlink: 16 bytes leftover after parsing attributes in process `syz.2.27'.
[   69.671665][   T54] Bluetooth: hci1: command tx timeout
[   69.680246][   T54] Bluetooth: hci0: command tx timeout
[   69.840279][   T54] Bluetooth: hci2: command tx timeout
[   71.122927][ T1362] ieee802154 phy0 wpan0: encryption failed: -22
[   71.125906][ T1362] ieee802154 phy1 wpan1: encryption failed: -22
[   71.132398][ T5897] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   71.190491][   T97] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[   71.245146][ T6028] netlink: 16 bytes leftover after parsing attributes in process `syz.2.43'.
[   71.290725][ T5897] usb 1-1: Using ep0 maxpacket: 8
[   71.294415][ T5897] usb 1-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   71.299818][ T5897] usb 1-1: config 0 interface 0 has no altsetting 0
[   71.302645][ T5897] usb 1-1: New USB device found, idVendor=04b4, idProduct=0001, bcdDevice= 0.00
[   71.306306][ T5897] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   71.312918][ T5897] usb 1-1: config 0 descriptor??
[   71.346941][   T97] usb 2-1: New USB device found, idVendor=0547, idProduct=6801, bcdDevice=43.6f
[   71.351438][   T97] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   71.354914][   T97] usb 2-1: Product: syz
[   71.356726][   T97] usb 2-1: Manufacturer: syz
[   71.358744][   T97] usb 2-1: SerialNumber: syz
[   71.373659][   T97] usb 2-1: config 0 descriptor??
[   71.390594][   T97] gspca_main: touptek-2.14.0 probing 0547:6801
[   71.551027][    T9] usb 3-1: new low-speed USB device number 3 using dummy_hcd
[   71.586068][ T5847] usb 2-1: USB disconnect, device number 3
[   71.701812][    T9] usb 3-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10
[   71.706110][    T9] usb 3-1: config 0 interface 0 has no altsetting 0
[   71.708782][    T9] usb 3-1: New USB device found, idVendor=05ac, idProduct=0273, bcdDevice= 0.00
[   71.712158][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   71.716835][    T9] usb 3-1: config 0 descriptor??
[   71.722865][    T9] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input6
[   71.741830][ T5897] cypress 0003:04B4:0001.0001: hidraw0: USB HID v0.02 Device [HID 04b4:0001] on usb-dummy_hcd.0-1/input0
[   71.750382][ T5237] Bluetooth: hci1: command tx timeout
[   71.752419][   T54] Bluetooth: hci0: command tx timeout
[   71.920247][ T5237] Bluetooth: hci2: command tx timeout
[   71.922860][ T6028] fuse: Unknown parameter '0x000000000000000300000000000000000000'
[   71.929061][ T5281] bcm5974 3-1:0.0: could not read from device
[   71.932808][ T5897] usb 1-1: USB disconnect, device number 2
[   71.937670][ T5281] bcm5974 3-1:0.0: could not read from device
[   71.943666][ T5281] bcm5974 3-1:0.0: could not read from device
[   71.945940][    T9] usb 3-1: USB disconnect, device number 3
[   71.953163][ T5281] bcm5974 3-1:0.0: could not read from device
[   71.959234][ T5281] bcm5974 3-1:0.0: could not read from device
[   72.487656][ T6034] program syz.0.45 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   72.496295][ T6034] ata1.00: non-matching transfer count (0/2)
[   72.609723][ T6042] netlink: 'syz.2.49': attribute type 11 has an invalid length.
[   73.205937][ T6053] loop1: detected capacity change from 0 to 256
[   73.928429][ T6057] loop1: detected capacity change from 0 to 32768
[   73.939091][ T6057] bcachefs (/dev/loop1): error validating superblock: Invalid superblock section replicas_v0: no devices in entry (unknown data_type 127): 1/0 []
[   73.939091][ T6057] replicas_v0 (size 24):
[   73.939091][ T6057] btree: 1 [0] journal: 1 [0] user: 1 [255] (unknown data_type 127): 0 []
[   73.939091][ T6057] 
[   73.959487][ T6057] bcachefs: bch2_fs_get_tree() error: invalid_replicas_entry
[   74.014852][ T6065] netlink: 224 bytes leftover after parsing attributes in process `syz.1.58'.
[   74.339313][ T6063] loop2: detected capacity change from 0 to 32768
[   74.417613][ T6063] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[   74.417625][ T6063]   allowing incompatible features above 0.0: (unknown version)
[   74.417629][ T6063]   features: 
[   74.438812][ T6063] bcachefs (loop2): Using encoding defined by superblock: utf8-12.1.0
[   74.446661][ T6063] bcachefs (loop2): initializing new filesystem
[   74.456011][ T6063] bcachefs (loop2): going read-write
[   74.472320][ T6063] bcachefs (loop2): marking superblocks
[   74.496265][ T6063] bcachefs (loop2): initializing freespace
[   74.514498][ T6063] bcachefs (loop2): done initializing freespace
[   74.522639][ T6063] bcachefs (loop2): reading snapshots table
[   74.525124][ T6063] bcachefs (loop2): reading snapshots done
[   74.563677][ T6063] bcachefs (loop2): done starting filesystem
[   74.643985][ T6063] syz.2.57 (6063) used greatest stack depth: 15384 bytes left
[   74.674240][ T5856] bcachefs (loop2): shutting down
[   74.676242][ T5856] bcachefs (loop2): going read-only
[   74.678209][ T5856] bcachefs (loop2): finished waiting for writes to stop
[   74.684935][   T33] audit: type=1326 audit(1756759251.835:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6103 comm="syz.0.70" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fca0e78ebe9 code=0x0
[   74.693879][ T5856] bcachefs (loop2): flushing journal and stopping allocators, journal seq 4
[   74.717346][ T5856] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 4
[   74.722173][ T5856] bcachefs (loop2): clean shutdown complete, journal seq 5
[   74.725345][ T5856] bcachefs (loop2): marking filesystem clean
[   74.743373][ T5856] bcachefs (loop2): shutdown complete
[   75.783926][ T6122] loop0: detected capacity change from 0 to 32768
[   75.787575][ T6122] XFS: noikeep mount option is deprecated.
[   75.790316][ T6122] XFS: noikeep mount option is deprecated.
[   75.881139][ T6122] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   75.949274][ T6122] XFS (loop0): Ending clean mount
[   75.969486][ T6122] XFS (loop0): Quotacheck needed: Please wait.
[   75.996521][ T6122] XFS (loop0): Quotacheck: Done.
[   76.025463][   T33] audit: type=1800 audit(1756759253.175:3): pid=6122 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.78" name="bus" dev="loop0" ino=9290 res=0 errno=0
[   76.040937][ T6137] loop1: detected capacity change from 0 to 1024
[   76.059898][ T5851] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   76.071274][ T6137] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   76.167399][ T5846] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.317115][ T6143] loop0: detected capacity change from 0 to 4096
[   76.334235][ T6143] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512).
[   76.342234][ T6143] ntfs3(loop0): $Volume is corrupted.
[   76.541160][ T6160] loop0: detected capacity change from 0 to 2048
[   76.554802][ T6160] UDF-fs: warning (device loop0): udf_fill_super: No fileset found
[   76.649545][ T6165] loop0: detected capacity change from 0 to 1024
[   76.676087][ T6165] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   76.691207][ T6165] EXT4-fs (loop0): shut down requested (2)
[   76.899176][ T6167] loop2: detected capacity change from 0 to 4096
[   76.907118][ T6167] ntfs3: Invalid value for umask.
[   77.128102][ T5851] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.265799][ T6162] loop1: detected capacity change from 0 to 32768
[   77.280679][ T6162] 
[   77.280679][ T6162]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   77.280679][ T6162] 
[   77.302970][ T6162] 
[   77.302970][ T6162]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   77.302970][ T6162] 
[   77.307901][ T6162] 
[   77.307901][ T6162]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   77.307901][ T6162] 
[   77.312510][ T6162] 
[   77.312510][ T6162]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   77.312510][ T6162] 
[   77.316653][ T6162] 
[   77.316653][ T6162]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   77.316653][ T6162] 
[   77.323663][ T6162] 
[   77.323663][ T6162]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   77.323663][ T6162] 
[   77.328700][ T6162] 
[   77.328700][ T6162]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   77.328700][ T6162] 
[   77.334053][ T6162] 
[   77.334053][ T6162]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   77.334053][ T6162] 
[   77.337730][ T6162] 
[   77.337730][ T6162]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   77.337730][ T6162] 
[   77.354555][  T117] 
[   77.354555][  T117]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   77.354555][  T117] 
[   77.359186][ T6162] 
[   77.359186][ T6162]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   77.359186][ T6162] 
[   77.369119][ T6162] 
[   77.369119][ T6162]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   77.369119][ T6162] 
[   77.378817][ T6162] 
[   77.378817][ T6162]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   77.378817][ T6162] 
[   77.386791][ T6162] 
[   77.386791][ T6162]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   77.386791][ T6162] 
[   77.399735][ T6162] 
[   77.399735][ T6162]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   77.399735][ T6162] 
[   77.404788][ T6162] 
[   77.404788][ T6162]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   77.404788][ T6162] 
[   77.409104][ T6162] 
[   77.409104][ T6162]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   77.409104][ T6162] 
[   77.424260][ T6162] 
[   77.424260][ T6162]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   77.424260][ T6162] 
[   77.433471][  T117] 
[   77.433471][  T117]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   77.433471][  T117] 
[   77.437658][ T6162] 
[   77.437658][ T6162]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   77.437658][ T6162] 
[   77.442318][ T6162] 
[   77.442318][ T6162]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   77.442318][ T6162] 
[   77.446542][ T6162] 
[   77.446542][ T6162]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   77.446542][ T6162] 
[   77.453907][ T6162] 
[   77.453907][ T6162]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   77.453907][ T6162] 
[   77.461719][ T6162] 
[   77.461719][ T6162]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   77.461719][ T6162] 
[   77.466536][ T6162] 
[   77.466536][ T6162]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   77.466536][ T6162] 
[   77.471621][ T6162] 
[   77.471621][ T6162]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   77.471621][ T6162] 
[   77.475861][ T6162] 
[   77.475861][ T6162]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   77.475861][ T6162] 
[   77.494066][  T118] 
[   77.494066][  T118]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   77.494066][  T118] 
[   77.515194][ T6162] 
[   77.515194][ T6162]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   77.515194][ T6162] 
[   77.519597][ T6162] 
[   77.519597][ T6162]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   77.519597][ T6162] 
[   77.526946][ T6162] 
[   77.526946][ T6162]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   77.526946][ T6162] 
[   77.531286][ T6162] 
[   77.531286][ T6162]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   77.531286][ T6162] 
[   77.538111][ T6162] 
[   77.538111][ T6162]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   77.538111][ T6162] 
[   77.584902][ T5846] 
[   77.584902][ T5846]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   77.584902][ T5846] 
[   77.593058][ T5846] 
[   77.593058][ T5846]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   77.593058][ T5846] 
[   78.325763][ T6202] loop0: detected capacity change from 0 to 164
[   78.357476][ T6202] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   78.369079][ T6202] rock: corrupted directory entry. extent=28, offset=16056320, size=0
[   78.630682][ T6222] loop0: detected capacity change from 0 to 256
[   78.633045][ T6222] exfat: Deprecated parameter 'namecase'
[   78.644752][ T6222] exfat: Deprecated parameter 'utf8'
[   78.663607][ T6222] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[   78.674256][ T6222] process 'syz.0.114' launched '/dev/fd/4' with NULL argv: empty string added
[   78.682264][    T9] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[   78.840269][    T9] usb 2-1: Using ep0 maxpacket: 32
[   78.846837][    T9] usb 2-1: unable to get BOS descriptor or descriptor too short
[   78.852056][    T9] usb 2-1: config 128 has an invalid interface number: 127 but max is 3
[   78.855459][    T9] usb 2-1: config 128 has an invalid descriptor of length 0, skipping remainder of the config
[   78.859477][    T9] usb 2-1: config 128 has 1 interface, different from the descriptor's value: 4
[   78.877207][    T9] usb 2-1: config 128 has no interface number 0
[   78.880408][    T9] usb 2-1: config 128 interface 127 altsetting 14 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[   78.886006][    T9] usb 2-1: config 128 interface 127 has no altsetting 0
[   78.893855][    T9] usb 2-1: New USB device found, idVendor=0582, idProduct=295c, bcdDevice=d4.55
[   78.897688][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   78.902116][    T9] usb 2-1: Product: syz
[   78.903799][    T9] usb 2-1: Manufacturer: syz
[   78.905832][    T9] usb 2-1: SerialNumber: syz
[   78.993827][ T6243] loop2: detected capacity change from 0 to 256
[   79.045906][ T6235] loop0: detected capacity change from 0 to 40427
[   79.061598][ T6235] F2FS-fs (loop0): Image doesn't support compression
[   79.063881][ T6235] F2FS-fs (loop0): build fault injection rate: 690
[   79.066041][ T6235] F2FS-fs (loop0): build fault injection type: 0x35f7
[   79.077682][ T6235] F2FS-fs (loop0): invalid crc value
[   79.172801][ T6235] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   79.180692][    T9] usb 2-1: USB disconnect, device number 4
[   79.185812][ T6235] F2FS-fs (loop0): Start checkpoint disabled!
[   79.192863][ T6235] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[   79.201465][ T5848] udevd[5848]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:128.127/sound/card3/controlC3/../uevent} for writing: No such file or directory
[   79.315287][   T68] kworker/u10:2: attempt to access beyond end of device
[   79.315287][   T68] loop0: rw=1, sector=45096, nr_sectors = 24 limit=40427
[   79.324767][   T68] kworker/u10:2: attempt to access beyond end of device
[   79.324767][   T68] loop0: rw=2049, sector=45120, nr_sectors = 8 limit=40427
[   79.331487][   T68] CPU: 1 UID: 0 PID: 68 Comm: kworker/u10:2 Not tainted syzkaller #0 PREEMPT(full) 
[   79.331502][   T68] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   79.331509][   T68] Workqueue: writeback wb_workfn (flush-7:0)
[   79.331527][   T68] Call Trace:
[   79.331532][   T68]  <TASK>
[   79.331537][   T68]  dump_stack_lvl+0x189/0x250
[   79.331556][   T68]  ? __pfx_dump_stack_lvl+0x10/0x10
[   79.331570][   T68]  ? __pfx_queue_work_on+0x10/0x10
[   79.331581][   T68]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   79.331598][   T68]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   79.331622][   T68]  f2fs_handle_critical_error+0x37c/0x540
[   79.331645][   T68]  f2fs_write_end_io+0x886/0xb60
[   79.331670][   T68]  __submit_merged_bio+0x27a/0x6a0
[   79.331692][   T68]  __submit_merged_write_cond+0x255/0x530
[   79.331713][   T68]  f2fs_write_data_pages+0x261d/0x3000
[   79.331763][   T68]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   79.331793][   T68]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[   79.331835][   T68]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[   79.331863][   T68]  ? trace_f2fs_writepages+0x7f/0x200
[   79.331881][   T68]  ? f2fs_write_node_pages+0x478/0x6e0
[   79.331916][   T68]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   79.331934][   T68]  do_writepages+0x32e/0x550
[   79.331955][   T68]  ? reacquire_held_locks+0x127/0x1d0
[   79.331966][   T68]  ? writeback_sb_inodes+0x384/0x1010
[   79.331990][   T68]  __writeback_single_inode+0x145/0xff0
[   79.332004][   T68]  ? do_raw_spin_unlock+0x4d/0x240
[   79.332022][   T68]  writeback_sb_inodes+0x6c7/0x1010
[   79.332034][   T68]  ? lockdep_hardirqs_on+0x9c/0x150
[   79.332071][   T68]  ? __pfx_writeback_sb_inodes+0x10/0x10
[   79.332118][   T68]  ? rcu_is_watching+0x15/0xb0
[   79.332137][   T68]  wb_writeback+0x43b/0xaf0
[   79.332158][   T68]  ? queue_io+0x331/0x590
[   79.332174][   T68]  ? __pfx_wb_writeback+0x10/0x10
[   79.332195][   T68]  ? _raw_spin_unlock_irq+0x23/0x50
[   79.332214][   T68]  wb_workfn+0x409/0xef0
[   79.332240][   T68]  ? __pfx_wb_workfn+0x10/0x10
[   79.332257][   T68]  ? __lock_acquire+0xab9/0xd20
[   79.332284][   T68]  ? process_scheduled_works+0x9ef/0x17b0
[   79.332300][   T68]  ? _raw_spin_unlock_irq+0x23/0x50
[   79.332313][   T68]  ? process_scheduled_works+0x9ef/0x17b0
[   79.332324][   T68]  ? process_scheduled_works+0x9ef/0x17b0
[   79.332337][   T68]  process_scheduled_works+0xae1/0x17b0
[   79.332372][   T68]  ? __pfx_process_scheduled_works+0x10/0x10
[   79.332397][   T68]  worker_thread+0x8a0/0xda0
[   79.332456][   T68]  kthread+0x711/0x8a0
[   79.332476][   T68]  ? __pfx_worker_thread+0x10/0x10
[   79.332488][   T68]  ? __pfx_kthread+0x10/0x10
[   79.332503][   T68]  ? _raw_spin_unlock_irq+0x23/0x50
[   79.332517][   T68]  ? lockdep_hardirqs_on+0x9c/0x150
[   79.332531][   T68]  ? __pfx_kthread+0x10/0x10
[   79.332545][   T68]  ret_from_fork+0x3fc/0x770
[   79.332560][   T68]  ? __pfx_ret_from_fork+0x10/0x10
[   79.332577][   T68]  ? __switch_to_asm+0x39/0x70
[   79.332590][   T68]  ? __switch_to_asm+0x33/0x70
[   79.332602][   T68]  ? __pfx_kthread+0x10/0x10
[   79.332616][   T68]  ret_from_fork_asm+0x1a/0x30
[   79.332644][   T68]  </TASK>
[   79.332649][   T68] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[   79.346620][ T6246] loop2: detected capacity change from 0 to 32768
[   79.465088][ T6246] jfs_mount: dbMount failed w/rc = -22
[   79.468164][ T6246] Mount JFS Failure: -22
[   79.469659][ T6246] jfs_mount failed w/return code = -22
[   80.005863][ T6260] netlink: 'syz.1.130': attribute type 1 has an invalid length.
[   80.008635][ T6260] netlink: 1284 bytes leftover after parsing attributes in process `syz.1.130'.
[   80.854634][ T6275] IPv4: Oversized IP packet from 127.202.26.0
[   81.024660][ T6279] program syz.2.139 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   81.310322][    T9] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   81.460218][    T9] usb 1-1: Using ep0 maxpacket: 16
[   81.478587][    T9] usb 1-1: New USB device found, idVendor=1604, idProduct=8007, bcdDevice=af.a6
[   81.487252][    T9] usb 1-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[   81.497439][    T9] usb 1-1: Product: syz
[   81.499290][    T9] usb 1-1: Manufacturer: syz
[   81.501536][    T9] usb 1-1: SerialNumber: syz
[   81.541327][    T9] usb 1-1: config 0 descriptor??
[   81.606577][ T6295] loop2: detected capacity change from 0 to 32768
[   81.626044][ T6295] (syz.2.145,6295,0):ocfs2_verify_volume:2314 ERROR: bad root_blkno: 0
[   81.629582][ T6295] (syz.2.145,6295,0):ocfs2_verify_volume:2331 ERROR: status = -22
[   81.667351][ T6295] (syz.2.145,6295,0):ocfs2_fill_super:989 ERROR: superblock probe failed!
[   81.684026][ T6295] (syz.2.145,6295,1):ocfs2_fill_super:1177 ERROR: status = -22
[   81.763772][  T793] usb 1-1: USB disconnect, device number 3
[   81.845472][ T6299] netlink: 4400 bytes leftover after parsing attributes in process `syz.2.147'.
[   82.215127][ T6318] netlink: 8 bytes leftover after parsing attributes in process `syz.1.156'.
[   82.341664][ T6324] loop0: detected capacity change from 0 to 512
[   82.351124][ T6324] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a846c118, mo2=0002]
[   82.355991][ T6324] System zones: 1-12
[   82.358354][ T6324] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #2: block 3: comm syz.0.159: lblock 0 mapped to illegal pblock 3 (length 1)
[   82.372189][ T6324] EXT4-fs warning (device loop0): dx_probe:791: inode #2: lblock 0: comm syz.0.159: error -117 reading directory block
[   82.376733][ T6324] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -117
[   82.383826][ T6324] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   82.391828][ T6324] EXT4-fs error (device loop0): ext4_xattr_block_get:593: inode #2: comm syz.0.159: corrupted xattr block 255: invalid header
[   82.422479][ T5851] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.602285][   T33] audit: type=1326 audit(1756759259.755:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6331 comm="syz.0.163" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca0e78ebe9 code=0x7ffc0000
[   82.603088][ T6338] netlink: 8 bytes leftover after parsing attributes in process `syz.0.163'.
[   82.609583][   T33] audit: type=1326 audit(1756759259.755:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6331 comm="syz.0.163" exe="/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7fca0e78ebe9 code=0x7ffc0000
[   82.609603][   T33] audit: type=1326 audit(1756759259.755:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6331 comm="syz.0.163" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca0e78ebe9 code=0x7ffc0000
[   82.774072][ T6342] loop2: detected capacity change from 0 to 512
[   82.781656][    T9] usb 2-1: new full-speed USB device number 5 using dummy_hcd
[   82.788891][ T6342] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   82.801467][ T6342] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   82.809472][   T33] audit: type=1326 audit(1756759259.755:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6331 comm="syz.0.163" exe="/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fca0e78ebe9 code=0x7ffc0000
[   82.818587][   T33] audit: type=1326 audit(1756759259.755:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6331 comm="syz.0.163" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca0e78ebe9 code=0x7ffc0000
[   82.827000][   T33] audit: type=1326 audit(1756759259.755:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6331 comm="syz.0.163" exe="/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fca0e78ebe9 code=0x7ffc0000
[   82.836596][   T33] audit: type=1326 audit(1756759259.795:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6331 comm="syz.0.163" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca0e78ebe9 code=0x7ffc0000
[   82.845536][   T33] audit: type=1326 audit(1756759259.805:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6331 comm="syz.0.163" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca0e78ebe9 code=0x7ffc0000
[   82.854736][   T33] audit: type=1326 audit(1756759259.815:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6331 comm="syz.0.163" exe="/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7fca0e78ebe9 code=0x7ffc0000
[   82.863249][   T33] audit: type=1326 audit(1756759259.815:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6331 comm="syz.0.163" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca0e78ebe9 code=0x7ffc0000
[   82.893181][ T6342] EXT4-fs (loop2): 1 truncate cleaned up
[   82.896854][ T6342] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   82.933298][    T9] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   82.941753][ T5856] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.949190][    T9] usb 2-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80
[   82.955444][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   82.958742][    T9] usb 2-1: Product: syz
[   82.960838][    T9] usb 2-1: Manufacturer: syz
[   82.962720][    T9] usb 2-1: SerialNumber: syz
[   82.975586][    T9] usb 2-1: config 0 descriptor??
[   83.068742][ T6345] Sensor A: =================  START STATUS  =================
[   83.072108][ T6345] Sensor A: Test Pattern: 75% Colorbar
[   83.080245][ T6345] Sensor A: Show Information: All
[   83.082484][ T6345] Sensor A: Vertical Flip: false
[   83.084575][ T6345] Sensor A: Horizontal Flip: false
[   83.086837][ T6345] Sensor A: Brightness: 128
[   83.088736][ T6345] Sensor A: Contrast: 128
[   83.091071][ T6345] Sensor A: Hue: 0
[   83.092869][ T6345] Sensor A: Saturation: 128
[   83.094954][ T6345] Sensor A: ==================  END STATUS  ==================
[   83.195190][    T9] usb 2-1: bad CDC descriptors
[   83.197929][    T9] usb 2-1: unsupported MDLM descriptors
[   83.214115][    T9] usb 2-1: USB disconnect, device number 5
[   83.274351][ T6351] netlink: 'syz.2.170': attribute type 10 has an invalid length.
[   83.278591][ T6351] veth1_macvtap: left promiscuous mode
[   83.375581][ T6353] netlink: 16 bytes leftover after parsing attributes in process `syz.2.171'.
[   83.534937][ T6357] could not allocate digest TFM handle cryptd(blake2b-160)
[   83.577162][ T6369] netlink: 8 bytes leftover after parsing attributes in process `syz.0.177'.
[   83.968926][ T6392] loop1: detected capacity change from 0 to 1024
[   83.997606][ T6392] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   84.006150][ T6392] EXT4-fs error (device loop1): ext4_xattr_set_entry:1660: inode #16: comm syz.1.187: corrupted xattr entries
[   84.011650][ T6392] EXT4-fs (loop1): Remounting filesystem read-only
[   84.026100][ T5846] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   84.040338][  T793] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[   84.051052][ T6395] block nbd0: Attempted send on invalid socket
[   84.053898][ T6395] I/O error, dev nbd0, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[   84.058273][ T6395] block nbd0: Attempted send on invalid socket
[   84.060951][ T6395] I/O error, dev nbd0, sector 16 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[   84.143696][ T6399] input: syz1 as /devices/virtual/input/input7
[   84.212469][  T793] usb 3-1: unable to get BOS descriptor or descriptor too short
[   84.216811][  T793] usb 3-1: config 4 has an invalid interface number: 4 but max is 0
[   84.220049][  T793] usb 3-1: config 4 has no interface number 0
[   84.224020][  T793] usb 3-1: config 4 interface 4 has no altsetting 0
[   84.228332][  T793] usb 3-1: New USB device found, idVendor=0f3d, idProduct=68a3, bcdDevice=53.4f
[   84.231263][  T793] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   84.234910][  T793] usb 3-1: Product: syz
[   84.236549][  T793] usb 3-1: Manufacturer: syz
[   84.238095][  T793] usb 3-1: SerialNumber: syz
[   84.451563][  T793] sierra 3-1:4.4: Sierra USB modem converter detected
[   84.461910][  T793] usb 3-1: Sierra USB modem converter now attached to ttyUSB0
[   84.467878][  T793] usb 3-1: USB disconnect, device number 4
[   84.474275][  T793] sierra ttyUSB0: Sierra USB modem converter now disconnected from ttyUSB0
[   84.478919][  T793] sierra 3-1:4.4: device disconnected
[   84.535916][ T6411] cgroup: Bad value for 'name'
[   84.706823][ T6419] evm: overlay not supported
[   84.886729][ T6432] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   85.222791][ T6434] loop0: detected capacity change from 0 to 32768
[   85.239144][ T6434] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   85.267532][ T6434] XFS (loop0): Ending clean mount
[   85.322785][ T5851] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   85.609197][ T6464] loop1: detected capacity change from 0 to 4096
[   85.616447][ T6464] ntfs3(loop1): Different NTFS sector size (1024) and media sector size (512).
[   85.695974][ T6456] loop2: detected capacity change from 0 to 40427
[   85.719697][ T6456] F2FS-fs (loop2): invalid crc value
[   85.853931][ T6456] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[   85.858000][ T6456] F2FS-fs (loop2): Start checkpoint disabled!
[   85.866637][ T6456] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[   85.907909][ T6456] syz.2.211: attempt to access beyond end of device
[   85.907909][ T6456] loop2: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[   86.224362][ T6456] F2FS-fs (loop2): ino:10, start:0, end:8192, need to trigger GC to reclaim enough free segment when checkpoint is enabled
[   86.313015][   T26] kworker/u9:0: attempt to access beyond end of device
[   86.313015][   T26] loop2: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[   86.318524][   T26] CPU: 1 UID: 0 PID: 26 Comm: kworker/u9:0 Not tainted syzkaller #0 PREEMPT(full) 
[   86.318534][   T26] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   86.318539][   T26] Workqueue: writeback wb_workfn (flush-7:2)
[   86.318551][   T26] Call Trace:
[   86.318555][   T26]  <TASK>
[   86.318558][   T26]  dump_stack_lvl+0x189/0x250
[   86.318570][   T26]  ? __pfx_dump_stack_lvl+0x10/0x10
[   86.318578][   T26]  ? __pfx_queue_work_on+0x10/0x10
[   86.318585][   T26]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   86.318594][   T26]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   86.318608][   T26]  f2fs_handle_critical_error+0x37c/0x540
[   86.318620][   T26]  f2fs_write_end_io+0x886/0xb60
[   86.318635][   T26]  __submit_merged_bio+0x27a/0x6a0
[   86.318647][   T26]  __submit_merged_write_cond+0x255/0x530
[   86.318658][   T26]  f2fs_write_data_pages+0x261d/0x3000
[   86.318686][   T26]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   86.318727][   T26]  ? f2fs_write_meta_pages+0x357/0x450
[   86.318740][   T26]  ? __lock_acquire+0xab9/0xd20
[   86.318751][   T26]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   86.318762][   T26]  do_writepages+0x32e/0x550
[   86.318773][   T26]  ? reacquire_held_locks+0x127/0x1d0
[   86.318779][   T26]  ? writeback_sb_inodes+0x384/0x1010
[   86.318791][   T26]  __writeback_single_inode+0x145/0xff0
[   86.318799][   T26]  ? do_raw_spin_unlock+0x4d/0x240
[   86.318809][   T26]  writeback_sb_inodes+0x6c7/0x1010
[   86.318827][   T26]  ? __pfx_writeback_sb_inodes+0x10/0x10
[   86.318852][   T26]  ? rcu_is_watching+0x15/0xb0
[   86.318863][   T26]  wb_writeback+0x43b/0xaf0
[   86.318874][   T26]  ? queue_io+0x331/0x590
[   86.318884][   T26]  ? __pfx_wb_writeback+0x10/0x10
[   86.318895][   T26]  ? _raw_spin_unlock_irq+0x23/0x50
[   86.318906][   T26]  wb_workfn+0x409/0xef0
[   86.318919][   T26]  ? __pfx_wb_workfn+0x10/0x10
[   86.318928][   T26]  ? __lock_acquire+0xab9/0xd20
[   86.318943][   T26]  ? process_scheduled_works+0x9ef/0x17b0
[   86.318952][   T26]  ? _raw_spin_unlock_irq+0x23/0x50
[   86.318960][   T26]  ? process_scheduled_works+0x9ef/0x17b0
[   86.318965][   T26]  ? process_scheduled_works+0x9ef/0x17b0
[   86.318972][   T26]  process_scheduled_works+0xae1/0x17b0
[   86.318990][   T26]  ? __pfx_process_scheduled_works+0x10/0x10
[   86.319003][   T26]  worker_thread+0x8a0/0xda0
[   86.319021][   T26]  kthread+0x711/0x8a0
[   86.319030][   T26]  ? __pfx_worker_thread+0x10/0x10
[   86.319036][   T26]  ? __pfx_kthread+0x10/0x10
[   86.319045][   T26]  ? _raw_spin_unlock_irq+0x23/0x50
[   86.319053][   T26]  ? lockdep_hardirqs_on+0x9c/0x150
[   86.319062][   T26]  ? __pfx_kthread+0x10/0x10
[   86.319070][   T26]  ret_from_fork+0x3fc/0x770
[   86.319079][   T26]  ? __pfx_ret_from_fork+0x10/0x10
[   86.319088][   T26]  ? __switch_to_asm+0x39/0x70
[   86.319096][   T26]  ? __switch_to_asm+0x33/0x70
[   86.319103][   T26]  ? __pfx_kthread+0x10/0x10
[   86.319112][   T26]  ret_from_fork_asm+0x1a/0x30
[   86.319127][   T26]  </TASK>
[   86.319996][   T26] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[   86.478486][   T51] cfg80211: failed to load regulatory.db
[   86.536105][ T6474] loop0: detected capacity change from 0 to 512
[   86.539422][ T6474] EXT4-fs: Ignoring removed i_version option
[   86.548106][ T6474] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   86.597190][ T6474] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   86.603657][ T6474] EXT4-fs (loop0): 1 truncate cleaned up
[   86.608803][ T6474] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   86.632163][ T6474] EXT4-fs error (device loop0): ext4_check_all_de:659: inode #12: block 7: comm syz.0.217: bad entry in directory: inode out of bounds - offset=0, inode=16777215, rec_len=16, size=124 fake=0
[   86.645521][ T6474] EXT4-fs error (device loop0): ext4_read_inline_dir:1476: inode #12: block 7: comm syz.0.217: path /62/file0/file0: bad entry in directory: inode out of bounds - offset=24, inode=16777215, rec_len=16, size=148 fake=0
[   86.656280][ T6474] EXT4-fs error (device loop0): ext4_read_inline_dir:1476: inode #12: block 7: comm syz.0.217: path /62/file0/file0: bad entry in directory: inode out of bounds - offset=24, inode=16777215, rec_len=16, size=148 fake=0
[   86.845362][ T5851] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.954982][ T6478] loop0: detected capacity change from 0 to 512
[   86.963274][ T6478] EXT4-fs (loop0): blocks per group (34) and clusters per group (32768) inconsistent
[   87.096717][ T6480] Illegal XDP return value 1077298608 on prog  (id 32) dev N/A, expect packet loss!
[   87.151768][ T6482] loop2: detected capacity change from 0 to 1024
[   87.163532][ T6482] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[   87.182738][ T6482] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (29254!=20869)
[   87.198795][ T6482] EXT4-fs (loop2): journal inode is deleted
[   87.408074][ T6495] syz.2.225 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[   87.439748][ T6486] loop1: detected capacity change from 0 to 32768
[   87.560227][ T5847] usb 1-1: new full-speed USB device number 4 using dummy_hcd
[   87.722487][ T5847] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[   87.725951][ T5847] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[   87.729833][ T5847] usb 1-1: New USB device found, idVendor=06a3, idProduct=0ccd, bcdDevice= 0.00
[   87.733160][ T5847] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   87.738599][ T5847] usb 1-1: config 0 descriptor??
[   87.741452][ T6490] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[   87.872328][ T5914] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[   88.020269][ T5914] usb 3-1: Using ep0 maxpacket: 8
[   88.033732][ T5914] usb 3-1: config 168 has an invalid descriptor of length 0, skipping remainder of the config
[   88.042856][ T5914] usb 3-1: config 168 has an invalid descriptor of length 0, skipping remainder of the config
[   88.052309][ T5914] usb 3-1: config 168 has an invalid descriptor of length 0, skipping remainder of the config
[   88.065880][ T5914] usb 3-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[   88.069723][ T5914] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   88.079422][ T5914] usb 3-1: Product: syz
[   88.081805][ T5914] usb 3-1: Manufacturer: syz
[   88.083804][ T5914] usb 3-1: SerialNumber: syz
[   88.163767][ T5847] saitek 0003:06A3:0CCD.0002: item fetching failed at offset 0/2
[   88.168134][ T5847] saitek 0003:06A3:0CCD.0002: parse failed
[   88.171276][ T5847] saitek 0003:06A3:0CCD.0002: probe with driver saitek failed with error -22
[   88.263710][ T6511] loop1: detected capacity change from 0 to 4096
[   88.269250][ T6511] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[   88.276432][ T6511] ntfs3(loop1): mft corrupted
[   88.278126][ T6511] ntfs3(loop1): Failed to load $MFT.
[   88.312049][ T5914] adutux 3-1:168.0: interrupt endpoints not found
[   88.318609][ T5914] usb 3-1: USB disconnect, device number 5
[   88.374578][   T97] usb 1-1: USB disconnect, device number 4
[   88.481942][ T6518] loop1: detected capacity change from 0 to 1024
[   88.513492][ T6518] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   88.542534][ T5846] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   89.638717][ T6532] loop2: detected capacity change from 0 to 32768
[   89.687310][ T6532] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   89.735518][ T6538] loop0: detected capacity change from 0 to 4096
[   89.763433][ T6532] XFS (loop2): Ending clean mount
[   89.841452][ T5856] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   90.025713][ T6557] loop2: detected capacity change from 0 to 128
[   90.088893][ T6560] netlink: 12 bytes leftover after parsing attributes in process `syz.2.251'.
[   90.096197][ T6560] vlan0: entered promiscuous mode
[   90.180555][   T97] usb 1-1: new full-speed USB device number 5 using dummy_hcd
[   90.335113][   T97] usb 1-1: config 0 has an invalid interface number: 175 but max is 0
[   90.349571][   T97] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   90.354085][   T97] usb 1-1: config 0 has no interface number 0
[   90.356714][   T97] usb 1-1: config 0 interface 175 altsetting 0 has an endpoint descriptor with address 0xBC, changing to 0x8C
[   90.361712][   T97] usb 1-1: config 0 interface 175 altsetting 0 endpoint 0x8C has an invalid bInterval 0, changing to 10
[   90.366344][   T97] usb 1-1: config 0 interface 175 altsetting 0 endpoint 0x8C has invalid wMaxPacketSize 0
[   90.371897][   T97] usb 1-1: config 0 interface 175 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 16
[   90.381458][   T97] usb 1-1: New USB device found, idVendor=05e0, idProduct=0600, bcdDevice=f9.9b
[   90.387844][   T97] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   90.390506][   T97] usb 1-1: Product: syz
[   90.391849][   T97] usb 1-1: Manufacturer: syz
[   90.393314][   T97] usb 1-1: SerialNumber: syz
[   90.403056][   T97] usb 1-1: config 0 descriptor??
[   90.408906][   T97] symbolserial 1-1:0.175: symbol converter detected
[   90.418317][   T97] usb 1-1: symbol converter now attached to ttyUSB0
[   90.612494][ T5847] usb 1-1: USB disconnect, device number 5
[   90.622046][ T5847] symbol ttyUSB0: symbol converter now disconnected from ttyUSB0
[   90.625678][ T5847] symbolserial 1-1:0.175: device disconnected
[   91.707349][ T6595] syz.2.267 uses obsolete (PF_INET,SOCK_PACKET)
[   92.644623][ T6599] orangefs_mount: mount request failed with -4
[   92.671099][ T6607] overlayfs: option "index=on" is useless in a non-upper mount, ignore
[   92.673828][ T6607] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it.
[   92.677435][ T6607] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null.
[   92.681457][ T6607] overlayfs: missing 'lowerdir'
[   92.742335][ T6611] loop2: detected capacity change from 0 to 512
[   92.754661][ T6611] EXT4-fs: Ignoring removed mblk_io_submit option
[   92.769905][ T6611] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   92.808737][ T6611] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   92.817086][ T6611] ext4 filesystem being mounted at /105/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   92.839937][ T5856] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.897854][ T6619] loop2: detected capacity change from 0 to 256
[   92.928428][ T6619] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x25fbf2c1, utbl_chksum : 0xe619d30d)
[   92.946466][ T6619] fuse: Bad value for 'fd'
[   93.027567][ T6628] loop2: detected capacity change from 0 to 16
[   93.038846][ T6629] Zero length message leads to an empty skb
[   93.055711][ T6628] erofs (device loop2): mounted with root inode @ nid 36.
[   93.420443][ T5847] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[   93.604168][ T5847] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   93.623109][ T5847] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   93.627269][ T5847] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   93.633504][ T5847] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   93.637210][ T5847] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   93.648891][ T5847] usb 3-1: config 0 descriptor??
[   93.946442][ T6645] loop0: detected capacity change from 0 to 32768
[   94.014049][ T6645] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   94.068225][ T6645] XFS (loop0): Ending clean mount
[   94.093865][ T6645] XFS (loop0): Quotacheck needed: Please wait.
[   94.142097][ T5847] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[   94.221475][ T6645] XFS (loop0): Quotacheck: Done.
[   94.300319][ T5851] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   94.351826][   T97] usb 3-1: USB disconnect, device number 6
[   94.923921][ T6667] loop2: detected capacity change from 0 to 1024
[   94.941309][ T6667] EXT4-fs: Ignoring removed orlov option
[   94.951170][ T6667] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (52289!=20869)
[   94.954712][ T6667] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[   94.960818][ T6667] EXT4-fs (loop2): invalid journal inode
[   95.266007][ T5847] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[   95.271330][ T6687] loop1: detected capacity change from 0 to 16
[   95.285532][ T6687] erofs (device loop1): mounted with root inode @ nid 36.
[   95.327064][ T6689] capability: warning: `syz.1.307' uses deprecated v2 capabilities in a way that may be insecure
[   95.410310][ T5847] usb 3-1: Using ep0 maxpacket: 32
[   95.414743][ T5847] usb 3-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[   95.418796][ T5847] usb 3-1: config 0 interface 0 altsetting 16 endpoint 0x2 has an invalid bInterval 129, changing to 11
[   95.426554][ T5847] usb 3-1: config 0 interface 0 altsetting 16 has 2 endpoint descriptors, different from the interface descriptor's value: 5
[   95.434054][ T5847] usb 3-1: config 0 interface 0 has no altsetting 0
[   95.437043][ T5847] usb 3-1: New USB device found, idVendor=044f, idProduct=b65d, bcdDevice= 0.00
[   95.440859][ T5847] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   95.451810][ T5847] usb 3-1: config 0 descriptor??
[   95.620249][   T97] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[   95.774304][   T97] usb 2-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d
[   95.778219][   T97] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   95.781722][   T97] usb 2-1: Product: syz
[   95.783492][   T97] usb 2-1: Manufacturer: syz
[   95.785466][   T97] usb 2-1: SerialNumber: syz
[   95.796687][   T97] r8152-cfgselector 2-1: Unknown version 0x0000
[   95.799422][   T97] r8152-cfgselector 2-1: config 0 descriptor??
[   95.873080][ T5847] hid-thrustmaster 0003:044F:B65D.0004: hidraw0: USB HID v0.00 Device [HID 044f:b65d] on usb-dummy_hcd.2-1/input0
[   96.064201][ T5847] hid-thrustmaster 0003:044F:B65D.0004: setup data couldn't be sent
[   96.067872][    C1] hid-thrustmaster 0003:044F:B65D.0004: URB to get model id failed with error -71
[   96.083619][ T5847] usb 3-1: USB disconnect, device number 7
[   96.226690][   T24] r8152-cfgselector 2-1: USB disconnect, device number 6
[   96.454467][ T5237] Bluetooth: hci1: Malformed Event: 0x13
[   96.651537][ T6705] netlink: 4 bytes leftover after parsing attributes in process `syz.2.314'.
[   96.988566][ T6710] loop2: detected capacity change from 0 to 32768
[   97.019068][ T6716] loop0: detected capacity change from 0 to 1024
[   97.141943][ T6710] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[   97.141962][ T6710]   allowing incompatible features above 0.0: (unknown version)
[   97.141970][ T6710]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[   97.162746][ T6710] bcachefs (loop2): Using encoding defined by superblock: utf8-12.1.0
[   97.163613][ T6714] loop1: detected capacity change from 0 to 32768
[   97.165964][ T6710] bcachefs (loop2): initializing new filesystem
[   97.179377][ T6710] bcachefs (loop2): going read-write
[   97.183580][ T6714] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.318 (6714)
[   97.197623][ T6710] bcachefs (loop2): marking superblocks
[   97.214189][ T6714] BTRFS info (device loop1): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[   97.222810][ T6710] bcachefs (loop2): initializing freespace
[   97.225529][ T6714] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[   97.234630][ T6710] bcachefs (loop2): done initializing freespace
[   97.242737][ T6710] bcachefs (loop2): reading snapshots table
[   97.245229][ T6710] bcachefs (loop2): reading snapshots done
[   97.274104][ T6710] bcachefs (loop2): done starting filesystem
[   97.281907][ T6714] BTRFS info (device loop1): enabling ssd optimizations
[   97.284835][ T6714] BTRFS info (device loop1): enabling free space tree
[   97.287573][ T6714] BTRFS info (device loop1): use lzo compression, level 0
[   97.386844][ T5856] bcachefs (loop2): shutting down
[   97.388950][ T5856] bcachefs (loop2): going read-only
[   97.400437][ T5856] bcachefs (loop2): finished waiting for writes to stop
[   97.403714][ T5856] bcachefs (loop2): flushing journal and stopping allocators, journal seq 2
[   97.442272][ T5856] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 3
[   97.462311][ T5846] BTRFS info (device loop1): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[   97.467496][ T5856] bcachefs (loop2): clean shutdown complete, journal seq 4
[   97.473186][ T5856] bcachefs (loop2): marking filesystem clean
[   97.538973][ T5856] bcachefs (loop2): shutdown complete
[   97.918970][ T6757] ALSA: mixer_oss: invalid OSS volume '49'
[   97.923039][ T6757] ALSA: mixer_oss: invalid OSS volume 'Invalid'
[   97.956970][ T6761] loop0: detected capacity change from 0 to 16
[   97.959775][ T6761] erofs (device loop0): mounted with root inode @ nid 36.
[   98.375781][ T6765] loop0: detected capacity change from 0 to 32768
[   98.379233][ T6765] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.330 (6765)
[   98.398664][ T6765] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   98.403499][ T6765] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[   98.441634][ T6765] BTRFS info (device loop0): enabling ssd optimizations
[   98.443888][ T6765] BTRFS info (device loop0): enabling free space tree
[   98.469397][ T5851] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   98.929646][ T6798] netlink: 48 bytes leftover after parsing attributes in process `syz.2.321'.
[   98.939096][ T6797] netlink: 'syz.0.334': attribute type 4 has an invalid length.
[   98.960044][ T6797] netlink: 152 bytes leftover after parsing attributes in process `syz.0.334'.
[   98.993736][ T6797] : renamed from bond0 (while UP)
[   99.067626][ T6804] loop0: detected capacity change from 0 to 128
[   99.087381][ T6804] Invalid source name
[   99.095818][ T6804] UBIFS error (pid: 6804): cannot open "/dev/loop0", error -22
[   99.258926][ T6802] loop1: detected capacity change from 0 to 32768
[   99.289124][ T6802] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   99.333518][ T6802] XFS (loop1): Ending clean mount
[   99.338636][ T6802] XFS (loop1): Quotacheck needed: Please wait.
[   99.370278][   T24] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[   99.375024][ T6802] XFS (loop1): Quotacheck: Done.
[   99.389873][ T6822] loop0: detected capacity change from 0 to 2048
[   99.420549][ T6822] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   99.425173][ T5846] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   99.435952][ T6822] EXT4-fs (loop0): shut down requested (2)
[   99.482382][ T5851] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.527708][   T24] usb 3-1: Using ep0 maxpacket: 32
[   99.531149][    T9] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[   99.545373][    T9] hid-generic 0000:0000:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[   99.546963][   T24] usb 3-1: config 14 has an invalid interface number: 137 but max is 3
[   99.553635][   T24] usb 3-1: config 14 has an invalid descriptor of length 0, skipping remainder of the config
[   99.557350][   T24] usb 3-1: config 14 has 2 interfaces, different from the descriptor's value: 4
[   99.566311][   T24] usb 3-1: config 14 has no interface number 1
[   99.571029][   T24] usb 3-1: config 14 interface 137 has no altsetting 0
[   99.582056][   T24] usb 3-1: New USB device found, idVendor=0471, idProduct=0602, bcdDevice=2a.8a
[   99.585444][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   99.588505][   T24] usb 3-1: Product: syz
[   99.590048][   T24] usb 3-1: Manufacturer: syz
[   99.597417][   T24] usb 3-1: SerialNumber: syz
[   99.608531][ T6829] bridge0: port 2(bridge_slave_1) entered disabled state
[   99.612237][ T6829] bridge_slave_1: left allmulticast mode
[   99.614555][ T6829] bridge_slave_1: left promiscuous mode
[   99.617039][ T6829] bridge0: port 2(bridge_slave_1) entered disabled state
[   99.626284][ T6829] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check.
[   99.832266][   T24] ati_remote2 3-1:14.0: ati_remote2_probe(): interface 0 must have an endpoint
[   99.841702][   T24] usb 3-1: USB disconnect, device number 8
[   99.967432][ T6832] loop1: detected capacity change from 0 to 40427
[   99.975272][ T6832] F2FS-fs (loop1): build fault injection rate: 14
[   99.977763][ T6832] F2FS-fs (loop1): build fault injection type: 0x3bfe8c
[   99.989799][ T6832] F2FS-fs (loop1): invalid crc value
[   99.995761][    C1] F2FS-fs (loop1): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60
[  100.002625][    C1] F2FS-fs (loop1): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60
[  100.041777][ T6832] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  100.044678][ T6832] F2FS-fs (loop1): inject page alloc in f2fs_grab_cache_folio of __get_meta_folio+0x157/0x4f0
[  100.050222][ T6832] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  100.079860][ T6832] F2FS-fs (loop1): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x1d9/0xa40
[  100.086236][ T6832] F2FS-fs (loop1): inject page alloc in f2fs_grab_cache_folio of f2fs_new_node_folio+0x131/0xa40
[  100.096901][ T6832] F2FS-fs (loop1): inject inconsistent footer in sanity_check_node_footer of f2fs_get_dnode_of_data+0xab1/0x1cf0
[  100.106337][ T6832] F2FS-fs (loop1): inconsistent node block, node_type:0, nid:13, node_footer[nid:13,ino:3,ofs:191623,cpver:0,blkaddr:0]
[  100.173110][    C1] F2FS-fs (loop1): inject write IO error in f2fs_write_end_io of blk_update_request+0x57e/0xe60
[  100.176586][    C1] CPU: 1 UID: 0 PID: 23 Comm: ksoftirqd/1 Not tainted syzkaller #0 PREEMPT(full) 
[  100.176596][    C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  100.176600][    C1] Call Trace:
[  100.176603][    C1]  <TASK>
[  100.176606][    C1]  dump_stack_lvl+0x189/0x250
[  100.176619][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[  100.176626][    C1]  ? __pfx_queue_work_on+0x10/0x10
[  100.176633][    C1]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  100.176642][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  100.176656][    C1]  f2fs_handle_critical_error+0x37c/0x540
[  100.176668][    C1]  f2fs_write_end_io+0x886/0xb60
[  100.176679][    C1]  blk_update_request+0x57e/0xe60
[  100.176691][    C1]  blk_mq_end_request+0x3e/0x70
[  100.176698][    C1]  blk_done_softirq+0x10a/0x160
[  100.176706][    C1]  handle_softirqs+0x286/0x870
[  100.176714][    C1]  ? run_ksoftirqd+0x9b/0x100
[  100.176722][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  100.176729][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  100.176739][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  100.176744][    C1]  run_ksoftirqd+0x9b/0x100
[  100.176751][    C1]  ? __pfx_run_ksoftirqd+0x10/0x10
[  100.176760][    C1]  smpboot_thread_fn+0x542/0xa60
[  100.176766][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  100.176774][    C1]  kthread+0x711/0x8a0
[  100.176783][    C1]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  100.176789][    C1]  ? __pfx_kthread+0x10/0x10
[  100.176796][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  100.176804][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  100.176813][    C1]  ? __pfx_kthread+0x10/0x10
[  100.176822][    C1]  ret_from_fork+0x3fc/0x770
[  100.176830][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[  100.176838][    C1]  ? __switch_to_asm+0x39/0x70
[  100.176845][    C1]  ? __switch_to_asm+0x33/0x70
[  100.176852][    C1]  ? __pfx_kthread+0x10/0x10
[  100.176860][    C1]  ret_from_fork_asm+0x1a/0x30
[  100.176876][    C1]  </TASK>
[  100.176879][    C1] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  100.240634][    C1] CPU: 1 UID: 0 PID: 23 Comm: ksoftirqd/1 Not tainted syzkaller #0 PREEMPT(full) 
[  100.240644][    C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  100.240648][    C1] Call Trace:
[  100.240652][    C1]  <TASK>
[  100.240655][    C1]  dump_stack_lvl+0x189/0x250
[  100.240668][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[  100.240675][    C1]  ? __pfx_queue_work_on+0x10/0x10
[  100.240682][    C1]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  100.240691][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  100.240703][    C1]  f2fs_handle_critical_error+0x37c/0x540
[  100.240715][    C1]  f2fs_write_end_io+0x886/0xb60
[  100.240726][    C1]  blk_update_request+0x57e/0xe60
[  100.240739][    C1]  blk_mq_end_request+0x3e/0x70
[  100.240747][    C1]  blk_done_softirq+0x10a/0x160
[  100.240755][    C1]  handle_softirqs+0x286/0x870
[  100.240762][    C1]  ? run_ksoftirqd+0x9b/0x100
[  100.240771][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  100.240778][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  100.240785][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  100.240790][    C1]  run_ksoftirqd+0x9b/0x100
[  100.240797][    C1]  ? __pfx_run_ksoftirqd+0x10/0x10
[  100.240805][    C1]  smpboot_thread_fn+0x542/0xa60
[  100.240812][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  100.240820][    C1]  kthread+0x711/0x8a0
[  100.240829][    C1]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  100.240835][    C1]  ? __pfx_kthread+0x10/0x10
[  100.240842][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  100.240850][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  100.240858][    C1]  ? __pfx_kthread+0x10/0x10
[  100.240875][    C1]  ret_from_fork+0x3fc/0x770
[  100.240889][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[  100.240898][    C1]  ? __switch_to_asm+0x39/0x70
[  100.240905][    C1]  ? __switch_to_asm+0x33/0x70
[  100.240912][    C1]  ? __pfx_kthread+0x10/0x10
[  100.240923][    C1]  ret_from_fork_asm+0x1a/0x30
[  100.240945][    C1]  </TASK>
[  100.240949][    C1] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  100.318344][    C1] CPU: 1 UID: 0 PID: 23 Comm: ksoftirqd/1 Not tainted syzkaller #0 PREEMPT(full) 
[  100.318360][    C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  100.318366][    C1] Call Trace:
[  100.318372][    C1]  <TASK>
[  100.318378][    C1]  dump_stack_lvl+0x189/0x250
[  100.318399][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[  100.318413][    C1]  ? __pfx_queue_work_on+0x10/0x10
[  100.318425][    C1]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  100.318440][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  100.318458][    C1]  f2fs_handle_critical_error+0x37c/0x540
[  100.318480][    C1]  f2fs_write_end_io+0x886/0xb60
[  100.318498][    C1]  blk_update_request+0x57e/0xe60
[  100.318518][    C1]  blk_mq_end_request+0x3e/0x70
[  100.318532][    C1]  blk_done_softirq+0x10a/0x160
[  100.318547][    C1]  handle_softirqs+0x286/0x870
[  100.318561][    C1]  ? run_ksoftirqd+0x9b/0x100
[  100.318577][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  100.318589][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  100.318602][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  100.318611][    C1]  run_ksoftirqd+0x9b/0x100
[  100.318623][    C1]  ? __pfx_run_ksoftirqd+0x10/0x10
[  100.318639][    C1]  smpboot_thread_fn+0x542/0xa60
[  100.318652][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  100.318668][    C1]  kthread+0x711/0x8a0
[  100.318684][    C1]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  100.318695][    C1]  ? __pfx_kthread+0x10/0x10
[  100.318709][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  100.318723][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  100.318738][    C1]  ? __pfx_kthread+0x10/0x10
[  100.318752][    C1]  ret_from_fork+0x3fc/0x770
[  100.318766][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[  100.318780][    C1]  ? __switch_to_asm+0x39/0x70
[  100.318793][    C1]  ? __switch_to_asm+0x33/0x70
[  100.318805][    C1]  ? __pfx_kthread+0x10/0x10
[  100.318818][    C1]  ret_from_fork_asm+0x1a/0x30
[  100.318847][    C1]  </TASK>
[  100.318852][    C1] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  100.398464][    C1] CPU: 1 UID: 0 PID: 23 Comm: ksoftirqd/1 Not tainted syzkaller #0 PREEMPT(full) 
[  100.398480][    C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  100.398487][    C1] Call Trace:
[  100.398493][    C1]  <TASK>
[  100.398500][    C1]  dump_stack_lvl+0x189/0x250
[  100.398520][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[  100.398534][    C1]  ? __pfx_queue_work_on+0x10/0x10
[  100.398545][    C1]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  100.398562][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  100.398583][    C1]  f2fs_handle_critical_error+0x37c/0x540
[  100.398604][    C1]  f2fs_write_end_io+0x886/0xb60
[  100.398625][    C1]  blk_update_request+0x57e/0xe60
[  100.398648][    C1]  blk_mq_end_request+0x3e/0x70
[  100.398662][    C1]  blk_done_softirq+0x10a/0x160
[  100.398674][    C1]  handle_softirqs+0x286/0x870
[  100.398687][    C1]  ? run_ksoftirqd+0x9b/0x100
[  100.398702][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  100.398715][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  100.398727][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  100.398737][    C1]  run_ksoftirqd+0x9b/0x100
[  100.398748][    C1]  ? __pfx_run_ksoftirqd+0x10/0x10
[  100.398764][    C1]  smpboot_thread_fn+0x542/0xa60
[  100.398776][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  100.398792][    C1]  kthread+0x711/0x8a0
[  100.398808][    C1]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  100.398819][    C1]  ? __pfx_kthread+0x10/0x10
[  100.398840][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  100.398853][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  100.398868][    C1]  ? __pfx_kthread+0x10/0x10
[  100.398881][    C1]  ret_from_fork+0x3fc/0x770
[  100.398895][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[  100.398908][    C1]  ? __switch_to_asm+0x39/0x70
[  100.398919][    C1]  ? __switch_to_asm+0x33/0x70
[  100.398930][    C1]  ? __pfx_kthread+0x10/0x10
[  100.398941][    C1]  ret_from_fork_asm+0x1a/0x30
[  100.398961][    C1]  </TASK>
[  100.398966][    C1] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  100.478954][    C1] CPU: 1 UID: 0 PID: 23 Comm: ksoftirqd/1 Not tainted syzkaller #0 PREEMPT(full) 
[  100.478970][    C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  100.478976][    C1] Call Trace:
[  100.478982][    C1]  <TASK>
[  100.478988][    C1]  dump_stack_lvl+0x189/0x250
[  100.479007][    C1]  ? __pfx_dump_stack_lvl+0x10/0x10
[  100.479021][    C1]  ? __pfx_queue_work_on+0x10/0x10
[  100.479033][    C1]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  100.479048][    C1]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  100.479070][    C1]  f2fs_handle_critical_error+0x37c/0x540
[  100.479091][    C1]  f2fs_write_end_io+0x886/0xb60
[  100.479113][    C1]  blk_update_request+0x57e/0xe60
[  100.479137][    C1]  blk_mq_end_request+0x3e/0x70
[  100.479151][    C1]  blk_done_softirq+0x10a/0x160
[  100.479165][    C1]  handle_softirqs+0x286/0x870
[  100.479180][    C1]  ? run_ksoftirqd+0x9b/0x100
[  100.479196][    C1]  ? __pfx_handle_softirqs+0x10/0x10
[  100.479210][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  100.479223][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  100.479233][    C1]  run_ksoftirqd+0x9b/0x100
[  100.479246][    C1]  ? __pfx_run_ksoftirqd+0x10/0x10
[  100.479263][    C1]  smpboot_thread_fn+0x542/0xa60
[  100.479275][    C1]  ? smpboot_thread_fn+0x4d/0xa60
[  100.479292][    C1]  kthread+0x711/0x8a0
[  100.479309][    C1]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  100.479344][    C1]  ? __pfx_kthread+0x10/0x10
[  100.479359][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  100.479373][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  100.479388][    C1]  ? __pfx_kthread+0x10/0x10
[  100.479402][    C1]  ret_from_fork+0x3fc/0x770
[  100.479417][    C1]  ? __pfx_ret_from_fork+0x10/0x10
[  100.479432][    C1]  ? __switch_to_asm+0x39/0x70
[  100.479446][    C1]  ? __switch_to_asm+0x33/0x70
[  100.479458][    C1]  ? __pfx_kthread+0x10/0x10
[  100.479473][    C1]  ret_from_fork_asm+0x1a/0x30
[  100.479497][    C1]  </TASK>
[  100.479502][    C1] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  100.558888][ T5846] F2FS-fs (loop1): do_checkpoint failed err:-5, stop checkpoint
[  100.642112][ T6850] mmap: syz.0.353 (6850) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  100.868298][ T6861] loop2: detected capacity change from 0 to 1024
[  100.881002][ T6861] hfsplus: type requires a 4 character value
[  100.941688][ T6865] netlink: 4 bytes leftover after parsing attributes in process `syz.2.360'.
[  100.945371][ T6865] netlink: 4 bytes leftover after parsing attributes in process `syz.2.360'.
[  101.143445][ T6863] loop0: detected capacity change from 0 to 40427
[  101.148028][ T6863] F2FS-fs: Quota file already specified
[  101.212274][ T6876] netlink: 'syz.0.364': attribute type 10 has an invalid length.
[  101.220443][   T24] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  101.373801][   T24] usb 2-1: Using ep0 maxpacket: 16
[  101.378846][   T24] usb 2-1: config 15 has an invalid interface number: 107 but max is 0
[  101.388080][   T24] usb 2-1: config 15 has no interface number 0
[  101.390909][   T24] usb 2-1: config 15 interface 107 altsetting 8 endpoint 0x7 has invalid maxpacket 512, setting to 64
[  101.400256][   T24] usb 2-1: config 15 interface 107 altsetting 8 endpoint 0xB has invalid maxpacket 512, setting to 64
[  101.404661][   T24] usb 2-1: config 15 interface 107 has no altsetting 0
[  101.419501][   T24] usb 2-1: New USB device found, idVendor=0424, idProduct=7800, bcdDevice= d.c3
[  101.424110][   T24] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  101.427914][   T24] usb 2-1: Product: syz
[  101.429750][   T24] usb 2-1: Manufacturer: syz
[  101.435707][   T24] usb 2-1: SerialNumber: syz
[  101.611524][ T6886] loop2: detected capacity change from 0 to 40427
[  101.653439][ T6886] F2FS-fs (loop2): invalid crc value
[  101.685529][   T24] usb 2-1: USB disconnect, device number 7
[  101.712656][ T6886] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  101.726296][ T6886] F2FS-fs (loop2): Start checkpoint disabled!
[  101.729597][ T6886] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  101.765584][ T6886] syz.2.369: attempt to access beyond end of device
[  101.765584][ T6886] loop2: rw=2049, sector=77824, nr_sectors = 136 limit=40427
[  101.783784][ T6886] syz.2.369: attempt to access beyond end of device
[  101.783784][ T6886] loop2: rw=0, sector=77952, nr_sectors = 8 limit=40427
[  101.830563][ T1101] kworker/u10:8: attempt to access beyond end of device
[  101.830563][ T1101] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  101.837424][ T6903] loop0: detected capacity change from 0 to 512
[  101.842685][ T1101] CPU: 1 UID: 0 PID: 1101 Comm: kworker/u10:8 Not tainted syzkaller #0 PREEMPT(full) 
[  101.842702][ T1101] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  101.842709][ T1101] Workqueue: writeback wb_workfn (flush-7:2)
[  101.842730][ T1101] Call Trace:
[  101.842735][ T1101]  <TASK>
[  101.842740][ T1101]  dump_stack_lvl+0x189/0x250
[  101.842760][ T1101]  ? __pfx_dump_stack_lvl+0x10/0x10
[  101.842774][ T1101]  ? __pfx_queue_work_on+0x10/0x10
[  101.842785][ T1101]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  101.842802][ T1101]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  101.842828][ T1101]  f2fs_handle_critical_error+0x37c/0x540
[  101.842850][ T1101]  f2fs_write_end_io+0x886/0xb60
[  101.842878][ T1101]  __submit_merged_bio+0x27a/0x6a0
[  101.842900][ T1101]  __submit_merged_write_cond+0x255/0x530
[  101.842923][ T1101]  f2fs_write_data_pages+0x261d/0x3000
[  101.842969][ T1101]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  101.842999][ T1101]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  101.843041][ T1101]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  101.843069][ T1101]  ? trace_f2fs_writepages+0x7f/0x200
[  101.843087][ T1101]  ? f2fs_write_node_pages+0x478/0x6e0
[  101.843107][ T1101]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  101.843135][ T1101]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  101.843153][ T1101]  do_writepages+0x32e/0x550
[  101.843174][ T1101]  ? reacquire_held_locks+0x127/0x1d0
[  101.843186][ T1101]  ? writeback_sb_inodes+0x384/0x1010
[  101.843208][ T1101]  __writeback_single_inode+0x145/0xff0
[  101.843223][ T1101]  ? do_raw_spin_unlock+0x4d/0x240
[  101.843241][ T1101]  writeback_sb_inodes+0x6c7/0x1010
[  101.843278][ T1101]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  101.843353][ T1101]  ? rcu_is_watching+0x15/0xb0
[  101.843376][ T1101]  wb_writeback+0x43b/0xaf0
[  101.843399][ T1101]  ? queue_io+0x331/0x590
[  101.843417][ T1101]  ? __pfx_wb_writeback+0x10/0x10
[  101.843439][ T1101]  ? _raw_spin_unlock_irq+0x23/0x50
[  101.843459][ T1101]  wb_workfn+0x409/0xef0
[  101.843485][ T1101]  ? __pfx_wb_workfn+0x10/0x10
[  101.843503][ T1101]  ? __lock_acquire+0xab9/0xd20
[  101.843530][ T1101]  ? process_scheduled_works+0x9ef/0x17b0
[  101.843547][ T1101]  ? _raw_spin_unlock_irq+0x23/0x50
[  101.843561][ T1101]  ? process_scheduled_works+0x9ef/0x17b0
[  101.843571][ T1101]  ? process_scheduled_works+0x9ef/0x17b0
[  101.843584][ T1101]  process_scheduled_works+0xae1/0x17b0
[  101.843628][ T1101]  ? __pfx_process_scheduled_works+0x10/0x10
[  101.843655][ T1101]  worker_thread+0x8a0/0xda0
[  101.843670][ T1101]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  101.843693][ T1101]  ? __kthread_parkme+0x7b/0x200
[  101.843715][ T1101]  kthread+0x711/0x8a0
[  101.843732][ T1101]  ? __pfx_worker_thread+0x10/0x10
[  101.843743][ T1101]  ? __pfx_kthread+0x10/0x10
[  101.843760][ T1101]  ? _raw_spin_unlock_irq+0x23/0x50
[  101.843774][ T1101]  ? lockdep_hardirqs_on+0x9c/0x150
[  101.843790][ T1101]  ? __pfx_kthread+0x10/0x10
[  101.843805][ T1101]  ret_from_fork+0x3fc/0x770
[  101.843820][ T1101]  ? __pfx_ret_from_fork+0x10/0x10
[  101.843838][ T1101]  ? __switch_to_asm+0x39/0x70
[  101.843851][ T1101]  ? __switch_to_asm+0x33/0x70
[  101.843864][ T1101]  ? __pfx_kthread+0x10/0x10
[  101.843879][ T1101]  ret_from_fork_asm+0x1a/0x30
[  101.843909][ T1101]  </TASK>
[  101.843914][ T1101] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  101.890643][ T6903] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.987087][ T6903] ext4 filesystem being mounted at /139/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  102.032236][ T5851] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.188889][ T6912] warning: `syz.2.377' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  102.235805][ T5897] IPVS: starting estimator thread 0...
[  102.340277][ T6915] IPVS: using max 40 ests per chain, 96000 per kthread
[  102.391183][   T24] usb 1-1: new full-speed USB device number 6 using dummy_hcd
[  102.411659][ T6922] netlink: 'syz.2.383': attribute type 10 has an invalid length.
[  102.415281][ T6922] bond0: (slave dummy0): Releasing backup interface
[  102.453169][ T6922] team0: Port device dummy0 added
[  102.628937][   T24] usb 1-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f
[  102.638535][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  102.663702][   T24] usb 1-1: Product: syz
[  102.667638][   T24] usb 1-1: Manufacturer: syz
[  102.671266][   T24] usb 1-1: SerialNumber: syz
[  102.679528][   T24] usb 1-1: config 0 descriptor??
[  102.708375][ T6925] loop2: detected capacity change from 0 to 256
[  102.717758][ T6925] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011f41, chksum : 0x31e44978, utbl_chksum : 0xe619d30d)
[  102.733493][ T6925] exFAT-fs (loop2): error, data size is invalid(17179870234)
[  102.736422][ T6925] exFAT-fs (loop2): Filesystem has been set read-only
[  102.743858][ T6925] exFAT-fs (loop2): error, data size is invalid(17179870234)
[  102.747201][ T6925] exFAT-fs (loop2): error, data size is invalid(17179870234)
[  103.151425][   T24] airspy 1-1:0.0: Board ID: 00
[  103.152945][   T24] airspy 1-1:0.0: Firmware version: 
[  103.221960][ T6929] loop1: detected capacity change from 0 to 1024
[  103.225207][ T6929] EXT4-fs: Ignoring removed bh option
[  103.241884][ T6929] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  103.301064][ T6933] loop2: detected capacity change from 0 to 128
[  103.303463][ T5846] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  103.602751][ T6937] loop2: detected capacity change from 0 to 32768
[  103.609377][ T6937] 
[  103.609377][ T6937]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  103.609377][ T6937] 
[  103.641809][   T26] 
[  103.641809][   T26]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  103.641809][   T26] 
[  103.659570][   T26] 
[  103.659570][   T26]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  103.659570][   T26] 
[  103.675875][ T5856] 
[  103.675875][ T5856]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  103.675875][ T5856] 
[  103.681284][ T5856] 
[  103.681284][ T5856]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  103.681284][ T5856] 
[  103.689796][  T118] ==================================================================
[  103.693135][  T118] BUG: KASAN: slab-use-after-free in __mutex_lock+0x801/0x1350
[  103.696205][  T118] Read of size 8 at addr ffff88802462e108 by task jfsCommit/118
[  103.699727][  T118] 
[  103.701048][  T118] CPU: 1 UID: 0 PID: 118 Comm: jfsCommit Not tainted syzkaller #0 PREEMPT(full) 
[  103.701062][  T118] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  103.701068][  T118] Call Trace:
[  103.701074][  T118]  <TASK>
[  103.701079][  T118]  dump_stack_lvl+0x189/0x250
[  103.701095][  T118]  ? __kasan_check_byte+0x12/0x40
[  103.701113][  T118]  ? __pfx_dump_stack_lvl+0x10/0x10
[  103.701126][  T118]  ? lock_release+0x4b/0x3e0
[  103.701144][  T118]  ? __virt_addr_valid+0x4a5/0x5c0
[  103.701159][  T118]  print_report+0xca/0x240
[  103.701169][  T118]  ? __mutex_lock+0x801/0x1350
[  103.701179][  T118]  kasan_report+0x118/0x150
[  103.701195][  T118]  ? __mutex_lock+0x801/0x1350
[  103.701206][  T118]  __mutex_lock+0x801/0x1350
[  103.701217][  T118]  ? __mutex_lock+0x5bb/0x1350
[  103.701229][  T118]  ? jfs_syncpt+0x25/0x90
[  103.701241][  T118]  ? __pfx___mutex_lock+0x10/0x10
[  103.701250][  T118]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  103.701265][  T118]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  103.701282][  T118]  jfs_syncpt+0x25/0x90
[  103.701293][  T118]  txEnd+0x2e5/0x530
[  103.701330][  T118]  jfs_lazycommit+0x5ba/0xa90
[  103.701344][  T118]  ? __pfx_jfs_lazycommit+0x10/0x10
[  103.701356][  T118]  ? __pfx_default_wake_function+0x10/0x10
[  103.701370][  T118]  ? __kthread_parkme+0x7b/0x200
[  103.701382][  T118]  ? __kthread_parkme+0x1a1/0x200
[  103.701394][  T118]  kthread+0x711/0x8a0
[  103.701407][  T118]  ? __pfx_jfs_lazycommit+0x10/0x10
[  103.701419][  T118]  ? __pfx_kthread+0x10/0x10
[  103.701431][  T118]  ? _raw_spin_unlock_irq+0x23/0x50
[  103.701445][  T118]  ? lockdep_hardirqs_on+0x9c/0x150
[  103.701460][  T118]  ? __pfx_kthread+0x10/0x10
[  103.701473][  T118]  ret_from_fork+0x3fc/0x770
[  103.701484][  T118]  ? __pfx_ret_from_fork+0x10/0x10
[  103.701495][  T118]  ? __switch_to_asm+0x39/0x70
[  103.701508][  T118]  ? __switch_to_asm+0x33/0x70
[  103.701520][  T118]  ? __pfx_kthread+0x10/0x10
[  103.701534][  T118]  ret_from_fork_asm+0x1a/0x30
[  103.701551][  T118]  </TASK>
[  103.701555][  T118] 
[  103.781496][  T118] Allocated by task 6937:
[  103.783236][  T118]  kasan_save_track+0x3e/0x80
[  103.785129][  T118]  __kasan_kmalloc+0x93/0xb0
[  103.787057][  T118]  __kmalloc_cache_noprof+0x230/0x3d0
[  103.789252][  T118]  lmLogOpen+0x2d1/0xfb0
[  103.791008][  T118]  jfs_mount_rw+0xe9/0x670
[  103.792849][  T118]  jfs_fill_super+0x754/0xd80
[  103.794815][  T118]  get_tree_bdev_flags+0x40e/0x4d0
[  103.796980][  T118]  vfs_get_tree+0x92/0x2b0
[  103.798856][  T118]  do_new_mount+0x2a2/0x9e0
[  103.800678][  T118]  __se_sys_mount+0x317/0x410
[  103.802622][  T118]  do_syscall_64+0xfa/0x3b0
[  103.804466][  T118]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.806820][  T118] 
[  103.807818][  T118] Freed by task 5856:
[  103.809488][  T118]  kasan_save_track+0x3e/0x80
[  103.811462][  T118]  kasan_save_free_info+0x46/0x50
[  103.813462][  T118]  __kasan_slab_free+0x5b/0x80
[  103.815448][  T118]  kfree+0x18e/0x440
[  103.817050][  T118]  lmLogClose+0x297/0x520
[  103.818844][  T118]  jfs_umount+0x2ef/0x3c0
[  103.820598][  T118]  jfs_put_super+0x8c/0x190
[  103.822448][  T118]  generic_shutdown_super+0x135/0x2c0
[  103.824627][  T118]  kill_block_super+0x44/0x90
[  103.826524][  T118]  deactivate_locked_super+0xbc/0x130
[  103.828751][  T118]  cleanup_mnt+0x425/0x4c0
[  103.830603][  T118]  task_work_run+0x1d4/0x260
[  103.832468][  T118]  exit_to_user_mode_loop+0xec/0x110
[  103.834631][  T118]  do_syscall_64+0x2bd/0x3b0
[  103.836472][  T118]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.838848][  T118] 
[  103.839821][  T118] The buggy address belongs to the object at ffff88802462e000
[  103.839821][  T118]  which belongs to the cache kmalloc-1k of size 1024
[  103.845232][  T118] The buggy address is located 264 bytes inside of
[  103.845232][  T118]  freed 1024-byte region [ffff88802462e000, ffff88802462e400)
[  103.850814][  T118] 
[  103.851830][  T118] The buggy address belongs to the physical page:
[  103.854353][  T118] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x24628
[  103.857747][  T118] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  103.861091][  T118] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  103.864087][  T118] page_type: f5(slab)
[  103.865748][  T118] raw: 00fff00000000040 ffff88801a441dc0 dead000000000100 dead000000000122
[  103.869202][  T118] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  103.872649][  T118] head: 00fff00000000040 ffff88801a441dc0 dead000000000100 dead000000000122
[  103.876089][  T118] head: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000
[  103.879450][  T118] head: 00fff00000000003 ffffea0000918a01 00000000ffffffff 00000000ffffffff
[  103.882881][  T118] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  103.886318][  T118] page dumped because: kasan: bad access detected
[  103.888885][  T118] page_owner tracks the page as allocated
[  103.891167][  T118] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5584, tgid 5584 (run-parts), ts 36565804831, free_ts 35087474858
[  103.899428][  T118]  post_alloc_hook+0x240/0x2a0
[  103.901326][  T118]  get_page_from_freelist+0x21e4/0x22c0
[  103.903473][  T118]  __alloc_frozen_pages_noprof+0x181/0x370
[  103.905825][  T118]  alloc_pages_mpol+0x232/0x4a0
[  103.907799][  T118]  allocate_slab+0x8a/0x370
[  103.909656][  T118]  ___slab_alloc+0xbeb/0x1410
[  103.911502][  T118]  __kmalloc_noprof+0x305/0x4f0
[  103.913438][  T118]  load_elf_binary+0x326/0x2740
[  103.915446][  T118]  bprm_execve+0x99c/0x1450
[  103.917276][  T118]  do_execveat_common+0x510/0x6a0
[  103.919371][  T118]  __x64_sys_execve+0x94/0xb0
[  103.921190][  T118]  do_syscall_64+0xfa/0x3b0
[  103.922990][  T118]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.925273][  T118] page last free pid 5300 tgid 5300 stack trace:
[  103.927823][  T118]  __free_frozen_pages+0xbc4/0xd30
[  103.929885][  T118]  __put_partials+0x156/0x1a0
[  103.931845][  T118]  put_cpu_partial+0x17c/0x250
[  103.933800][  T118]  __slab_free+0x2d5/0x3c0
[  103.935619][  T118]  qlist_free_all+0x97/0x140
[  103.937350][  T118]  kasan_quarantine_reduce+0x148/0x160
[  103.939465][  T118]  __kasan_slab_alloc+0x22/0x80
[  103.941410][  T118]  __kmalloc_noprof+0x224/0x4f0
[  103.943251][  T118]  tomoyo_realpath_from_path+0xe3/0x5d0
[  103.945600][  T118]  tomoyo_path_perm+0x213/0x4b0
[  103.947563][  T118]  security_inode_getattr+0x12f/0x330
[  103.949715][  T118]  vfs_fstatat+0xb1/0x170
[  103.951436][  T118]  __x64_sys_newfstatat+0x116/0x190
[  103.953559][  T118]  do_syscall_64+0xfa/0x3b0
[  103.955406][  T118]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  103.957779][  T118] 
[  103.958789][  T118] Memory state around the buggy address:
[  103.961070][  T118]  ffff88802462e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  103.964319][  T118]  ffff88802462e080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  103.967667][  T118] >ffff88802462e100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  103.971012][  T118]                       ^
[  103.972807][  T118]  ffff88802462e180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  103.976125][  T118]  ffff88802462e200: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  103.979399][  T118] ==================================================================
[  103.982854][    C1] vkms_vblank_simulate: vblank timer overrun
[  103.985521][  T118] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  103.988438][  T118] CPU: 1 UID: 0 PID: 118 Comm: jfsCommit Not tainted syzkaller #0 PREEMPT(full) 
[  103.992134][  T118] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  103.996353][  T118] Call Trace:
[  103.997769][  T118]  <TASK>
[  103.998975][  T118]  dump_stack_lvl+0x99/0x250
[  104.000865][  T118]  ? __asan_memcpy+0x40/0x70
[  104.002706][  T118]  ? __pfx_dump_stack_lvl+0x10/0x10
[  104.004873][  T118]  ? __pfx__printk+0x10/0x10
[  104.006862][  T118]  vpanic+0x281/0x750
[  104.008502][  T118]  ? __pfx_vpanic+0x10/0x10
[  104.010367][  T118]  ? irqentry_exit+0x74/0x90
[  104.012331][  T118]  panic+0xb9/0xc0
[  104.013877][  T118]  ? __pfx_panic+0x10/0x10
[  104.015669][  T118]  ? _raw_spin_unlock_irqrestore+0xa8/0x110
[  104.017999][  T118]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  104.020401][  T118]  ? __mutex_lock+0x801/0x1350
[  104.022324][  T118]  check_panic_on_warn+0x89/0xb0
[  104.024327][  T118]  ? __mutex_lock+0x801/0x1350
[  104.026280][  T118]  end_report+0x78/0x160
[  104.028031][  T118]  kasan_report+0x129/0x150
[  104.029837][  T118]  ? __mutex_lock+0x801/0x1350
[  104.031811][  T118]  __mutex_lock+0x801/0x1350
[  104.033755][  T118]  ? __mutex_lock+0x5bb/0x1350
[  104.035715][  T118]  ? jfs_syncpt+0x25/0x90
[  104.037498][  T118]  ? __pfx___mutex_lock+0x10/0x10
[  104.039570][  T118]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  104.042066][  T118]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  104.044632][  T118]  jfs_syncpt+0x25/0x90
[  104.046321][  T118]  txEnd+0x2e5/0x530
[  104.047895][  T118]  jfs_lazycommit+0x5ba/0xa90
[  104.049814][  T118]  ? __pfx_jfs_lazycommit+0x10/0x10
[  104.051908][  T118]  ? __pfx_default_wake_function+0x10/0x10
[  104.054229][  T118]  ? __kthread_parkme+0x7b/0x200
[  104.056204][  T118]  ? __kthread_parkme+0x1a1/0x200
[  104.058224][  T118]  kthread+0x711/0x8a0
[  104.059840][  T118]  ? __pfx_jfs_lazycommit+0x10/0x10
[  104.061876][  T118]  ? __pfx_kthread+0x10/0x10
[  104.063753][  T118]  ? _raw_spin_unlock_irq+0x23/0x50
[  104.065841][  T118]  ? lockdep_hardirqs_on+0x9c/0x150
[  104.067925][  T118]  ? __pfx_kthread+0x10/0x10
[  104.069766][  T118]  ret_from_fork+0x3fc/0x770
[  104.071671][  T118]  ? __pfx_ret_from_fork+0x10/0x10
[  104.073733][  T118]  ? __switch_to_asm+0x39/0x70
[  104.075704][  T118]  ? __switch_to_asm+0x33/0x70
[  104.077610][  T118]  ? __pfx_kthread+0x10/0x10
[  104.079785][  T118]  ret_from_fork_asm+0x1a/0x30
[  104.081726][  T118]  </TASK>
[  104.083746][  T118] Kernel Offset: disabled
[  104.085492][  T118] Rebooting in 86400 seconds..

VM DIAGNOSIS:
20:41:20  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000001 RBX=0000000000000001 RCX=00c060d8039c7b00 RDX=ffff8881099f0000
RSI=ffffffff8dba7696 RDI=ffffffff8be33880 RBP=00000000ffffffff RSP=ffffc900025cfa78
R8 =ffff888109c6e367 R9 =1ffff1102138dc6c R10=dffffc0000000000 R11=ffffed102138dc6d
R12=0000000000000246 R13=ffff8881099f0000 R14=ffff88810d01dc68 R15=0000000000000000
RIP=ffffffff8b79cc13 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fd8897a9c80 ffffffff 00c00000
GS =0000 ffff8880b8618000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000555581cac608 CR3=000000002038c000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=000000000000ff00 0000000000000000 XMM01=0000000000000100 0000000000000000
XMM02=00007fd889c3db40 00007f006b736964 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00000000ff000000 XMM05=0000000000000221 0000000000002f2e
XMM06=0000000000000000 0000000000000000 XMM07=0000000000000000 0000000000000000
XMM08=ffffffffffff0000 ffffffffffff0000 XMM09=303a312d312f312d 312f316273752f30
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000037 RBX=0000000000000037 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc900023ef370
R8 =ffff8880216a8237 R9 =1ffff110042d5046 R10=dffffc0000000000 R11=ffffffff854f3b00
R12=dffffc0000000000 R13=ffffffff99afd8cb R14=ffffffff99df2420 R15=0000000000000000
RIP=ffffffff854f3b7c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8881a3c18000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000001b32621ff8 CR3=000000000df36000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=ffffffff8173daf2 ffffffff8133c57e
XMM02=00007f55ab597498 ffffffff8133c57e XMM03=00007f55ab5974a8 00007f55ab5974a0
XMM04=00007f55ac0fd100 00007f55ab597460 XMM05=00007f55ab597478 00007f55ab5974c0
XMM06=00007f55ab5974b8 00007f55ab5974b0 XMM07=00007f55ab5974a8 00007f55ab5974a0
XMM08=0000000000000000 00007f55ab412ee7 XMM09=0000000000000000 00007f55ab412fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
