last executing test programs:

1m27.404509462s ago: executing program 1 (id=5):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000180)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000700)={&(0x7f00000000c0)={0x40, r1, 0x1, 0x70bd27, 0x25dddbfb, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_MESH_CONFIG={0x24, 0x23, 0x0, 0x1, [@NL80211_MESHCONF_TTL={0x5, 0x6, 0x90}, @NL80211_MESHCONF_MAX_RETRIES={0x5, 0x5, 0xf}, @NL80211_MESHCONF_POWER_MODE={0x8, 0x1a, 0x1}, @NL80211_MESHCONF_CONNECTED_TO_AS={0x5}]}]}, 0x40}}, 0x24040890)

1m27.314522315s ago: executing program 1 (id=6):
r0 = socket$inet6_icmp(0xa, 0x2, 0x3a)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000100)='veth1_to_bond\x00', 0x10)
bind$inet6(r0, &(0x7f0000000240)={0xa, 0x2, 0x1000, @empty}, 0x1c)
syz_emit_ethernet(0x3e, &(0x7f0000000000)={@broadcast, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x1, 0x6, "fbddf0", 0x8, 0x3a, 0xff, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}, @mcast2, {[], @echo_reply={0x81, 0x0, 0x0, 0x2, 0x4}}}}}}, 0x0)

1m27.227449879s ago: executing program 1 (id=7):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
write$UHID_INPUT(r1, &(0x7f0000002080)={0xc, {"a2e3ad21ed0d30f91b5d310987f70e06d038e7ff7fc6e5539b3263298b089b0708356e090890e0878f0e1ac6e7049b3350959bfc9b240d2567f3988f7ef319520100ffe8d178708c523c921b1b9b31300d075d0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb056d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498be0800000000000000f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6efcffac64f17779141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ec126c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc3db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b8247068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a204f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d9745651cf4778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b9cf60403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b54b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c5409711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5e3728ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e24919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e085cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f00000004000000000000b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d53588a0f9455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d664130bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7899484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5182cff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec6800068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ea4cd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f031755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb24ee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000681e675600", 0x1000}}, 0x1006)

1m27.067600446s ago: executing program 1 (id=11):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f0000000300)={[{@init_itable_val}, {@jqfmt_vfsold}, {@sysvgroups}, {@jqfmt_vfsold}, {@minixdf}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
socket$netlink(0x10, 0x3, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc11, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x887008, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r0, &(0x7f0000006b40)={0x2020}, 0x206e)

1m26.759490419s ago: executing program 1 (id=16):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x5e, &(0x7f0000000240)={[{@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}, {@resuid={'resuid', 0x3d, 0xee01}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6c}}, {@lazytime}, {@errors_remount}, {@errors_continue}]}, 0x3, 0x44a, &(0x7f00000006c0)="$eJzs271vG2UYAPDn7CSlXyRU5aMfQKAgylfSpKV0YAGBxFAkJBjKGJK0CnUb1ASJVhEEhMqIKjGxIEYk/gImWBAwIbHCjipVKEsLk9HZd43t2E6dOnGpfz/p3Pe9O/d9nrt77ffujQPoW6PpSxKxKyL+iIjharV+h9HqPzdWlqb/WVmaTqJcfuvvpLLf9ZWl6XzX/H0788pAROGzJA40aXfh4qWzU6XS7IWsPr547v3xhYuXnp87N3Vm9szs+ckTJ44dnXjx+OQLXckzzev6/o/mD+57/Z0rb0yfuvLuL98lef4NeXTJaLuNT5bLXW6ut3bXlJOBHgZCR4rVbhqDlf4/HMVYPXnD8dqnPQ0O2FTlcrn8QOvNy2XgLpZEryMAeiP/ok/vf/Nli4Yed4RrL1dvgNK8b2RLdctAFLJ9Bhvub7tpNCJOLf/7dbrE5jyHAACo80M6/nmu2fivELXPhe7N5lBGIuK+iNgTEccjYm9E3B9R2ffBiHiow/YbJ0nWjn8KV2tr5aTDBtaRjv9eyua26sd/+egvRopZbXcl/8Hk9Fxp9kh2TA7H4La0PtGmjR9f/f2LVttqx3/pkrafjwWzOK4ObKt/z8zU4tTt5Fzr2icR+wca8j8ZlQm8fCYgPeT7ImL/BtuYe+bbg622rZ9/G12YZyp/E/FU9fwvR935X73Qkvbzk+P3RGn2yHh+Vaz162+X32zV/m3l3wXp+d/R9Pq/mf9IUjtfu9DJ//7V0+nr5T8/b3lPs9Hrfyh5u1IeytZ9OLW4eGEiYig5WQ26dv3k6nvzer5/mv/hQ837/55YPRIHIiK9iB+OiEci4tEs9sci4vGIONTmKPz8yhPvbTz/zZXmP9PR+V8tDEXjmuaF4tmfvq9rdKST/NPzf6xSOpytuZXPv1uJq9OrGQAAAP6vChGxK5LC2M1yoTA2Vv0b/r2xo1CaX1h89vT8B+dnqr8RGInBQv6ka7jmeehEdluf1ycb6kez58ZfFrdX6mPT86WZXicPfW5ni/6f+qvY6+iATef3WtC/9H/oX/o/9C/9H/pXk/6/vRdxAFuv2ff/xz2IA9h6Df3ftB/0Eff/0L820v99ZsDdoW1fHtq6OIAttbA91v+RvILCmkIU7ogwFDap0OtPJgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgO74LwAA///lI+j0")
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x0)

1m24.397704945s ago: executing program 1 (id=33):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="9000000010000305000000000000000000000700", @ANYRES32=0x0, @ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500000005000300fd00000008000200", @ANYRES32=r0, @ANYBLOB="08000100", @ANYRES32=r1], 0x90}}, 0x0)

1m24.332859916s ago: executing program 32 (id=33):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="9000000010000305000000000000000000000700", @ANYRES32=0x0, @ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500000005000300fd00000008000200", @ANYRES32=r0, @ANYBLOB="08000100", @ANYRES32=r1], 0x90}}, 0x0)

986.034842ms ago: executing program 2 (id=963):
r0 = socket(0x10, 0x3, 0x0)
sendto$inet6(r0, &(0x7f0000000080)="7800000018002507b9409b14ffff00000204be04020506050e020409430009003f000c000a0000000d0085a168d0bf46d32345653600648d0b00120002000a0000005ade4a460c89b6ec0cff3959547f509058ba86c902000000004a32000400160005000a0000000000e000e218d1ddf66ed538f2523250", 0x78, 0x0, 0x0, 0x0)

918.905951ms ago: executing program 2 (id=965):
syz_emit_ethernet(0x4e, &(0x7f0000000200)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00\x00 ', 0x18, 0x6, 0x0, @private1, @local, {[], {{0x0, 0x4001, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0x2, 0x0, 0x0, 0x0, {[@generic={0xfe, 0x2}, @generic={0xfe, 0x2}]}}}}}}}}, 0x0)

917.657369ms ago: executing program 2 (id=967):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x6, 0x4, &(0x7f0000000140)=ANY=[@ANYBLOB="18020000a5ffffff0000000000000000850000003600000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000740)={r0, 0x0, 0xe, 0x0, &(0x7f0000000100)="178d048604bf0bfb1945014300f9", 0x0, 0x501, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x50)

857.048466ms ago: executing program 2 (id=969):
r0 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/power/pm_trace', 0x2, 0x0)
write$FUSE_NOTIFY_STORE(r0, &(0x7f0000000040)=ANY=[], 0x28)

805.193886ms ago: executing program 2 (id=970):
capset(&(0x7f0000000080)={0x20080522}, &(0x7f00000000c0)={0x200000, 0x200000, 0x80000007})
capset(&(0x7f0000000180)={0x20080522}, &(0x7f0000000200)={0x8, 0x5, 0x3, 0x0, 0xbce8, 0xfc000000})

805.010613ms ago: executing program 2 (id=971):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x0, 0x2)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000040)='.\x00', &(0x7f0000000080), 0x0, &(0x7f00000002c0)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}})

454.662753ms ago: executing program 3 (id=977):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r0, &(0x7f00000003c0)={0x28, 0x0, 0x1ffffd8ef, @my=0x0}, 0x10)
connect$vsock_stream(r0, &(0x7f00000002c0)={0x28, 0x0, 0x2710, @local}, 0x10)

366.606612ms ago: executing program 3 (id=979):
syz_mount_image$bfs(&(0x7f00000001c0), &(0x7f0000000400)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x4, &(0x7f0000000600)=ANY=[], 0x8, 0xad, &(0x7f0000000040)="$eJzs0btpA0EUBdC7H/xJ7ALcg3tw6twVbOjQkY3BjlSGOlArKmE7ULCpkhHLrkChEAhJcA7MzA3mwYW33q5e8pSUv6SUUu6SPGbKX98/nx/v490kyTJt7jPZv9y4ej4P486fp7x5y+L/4E8//HZ9la4fyuyChQEAgJPVeZ1TdfxQm6Q5VyMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA67ILAAD//1vZIlc=")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents64(r0, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)

294.230156ms ago: executing program 3 (id=981):
r0 = socket$pppoe(0x18, 0x1, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000057c0)=[{{0x0, 0x0, 0x0}, 0x3}, {{0x0, 0x0, &(0x7f0000002cc0)=[{0x0, 0xea}, {&(0x7f00000017c0)=""/130, 0x94}], 0x2}, 0xa1}], 0x2, 0x0, 0x0)
connect$pppoe(r0, &(0x7f0000000040)={0x18, 0x0, {0x1, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x1}, 'ip_vti0\x00'}}, 0x1e)
sendmmsg(r0, &(0x7f0000002340)=[{{0x0, 0x0, 0x0}}], 0x3e8, 0x0)

214.496269ms ago: executing program 3 (id=983):
creat(&(0x7f0000000000)='./bus\x00', 0xe0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000780)='./bus\x00', 0x14507e, 0x0)
io_setup(0x7d, &(0x7f0000000600)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f0000001d00)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, r0, &(0x7f0000000000)="96", 0x1, 0x0, 0x0, 0x0, r0}])

214.053314ms ago: executing program 0 (id=984):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x5, &(0x7f0000000080)={&(0x7f0000000880)=@bridge_setlink={0x270, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r1}, [@IFLA_AF_SPEC={0x8, 0x1a, 0x0, 0x1, [@AF_INET={0x10, 0x3, 0x0, 0x1, {0xc, 0x5, 0x0, 0x1, [{0x8}]}}]}, @IFLA_VF_PORTS={0x10, 0x3, 0x0, 0x1, [{0x30, 0x1, 0x0, 0x1, [@IFLA_PORT_REQUEST={0x5, 0xc}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "714abbd2547de97cbbf6efb226f19bf9"}, @IFLA_PORT_PROFILE={0xd, 0x2, ':(\x8e^[[Z@\x00'}]}, {0x60, 0x7, 0x0, 0x1, [@IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "293a02149f3b75a67093c28fd6f55a23"}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "e48f01e49713f0c2d839f940d9f088d8"}, @IFLA_PORT_REQUEST={0x5}, @IFLA_PORT_PROFILE={0x13, 0x2, 'bridge_ilave_0\x00'}, @IFLA_PORT_PROFILE={0x7, 0x2, '):\x00'}, @IFLA_PORT_REQUEST={0x5}, @IFLA_PORT_VF={0x8}]}, {0x18, 0x1, 0x0, 0x1, [@IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "4d2906d0880fc8acc30fe2020f984967"}]}, {0x50, 0x1, 0x0, 0x1, [@IFLA_PORT_HOST_UUID={0x14, 0x5, "a1085e7df341b9dc3d8008a2fe5bdaad"}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "9c7e472c916020fe41bcc5aa8f56c947"}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "80ab8be51421cfa3c9e5cbfe8217e0af"}, @IFLA_PORT_VF={0x8}, @IFLA_PORT_VF={0x8}]}, {0x60, 0x1, 0x0, 0x1, [@IFLA_PORT_REQUEST={0x5}, @IFLA_PORT_REQUEST={0x5}, @IFLA_PORT_VF={0x8}, @IFLA_PORT_REQUEST={0x5}, @IFLA_PORT_PROFILE={0xc, 0x2, 'syztnl0\x00'}, @IFLA_PORT_VF={0x8}, @IFLA_PORT_PROFILE={0x13, 0x2, 'bridge_slave_0\x00'}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "e078d277f38ed3a40a448f3f6b6763e8"}]}, {0xe0, 0xc, 0x0, 0x1, [@IFLA_PORT_VF={0x8, 0x25}, @IFLA_PORT_REQUEST={0x5}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x19, "03dd96197aca85b64424a37dbda7b694"}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x7, "eb052fcd3dd4d3e8bbcbf1de857c0e1c"}]}, {0xa4, 0x18, 0x0, 0x1, [@IFLA_PORT_VF={0x4}, @IFLA_PORT_VF={0x8}, @IFLA_PORT_INSTANCE_UUID={0x14, 0x4, "b2112a97bf9704ee57915340334b8271"}, @IFLA_PORT_HOST_UUID={0x14, 0x5, "e8635392a70f36f95f4b9b352920ebec"}]}]}, @IFLA_GSO_MAX_SEGS={0x8}, @IFLA_AF_SPEC={0x60, 0x1a, 0x0, 0x1, [@AF_INET6={0x20, 0xa, 0x0, 0x1, [@IFLA_INET6_ADDR_GEN_MODE={0x5}, @IFLA_INET6_TOKEN={0x14, 0x7, @local}]}, @AF_INET6={0x34, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x0, 0x7, @local}, @IFLA_INET6_TOKEN={0x14, 0x7, @ipv4={'\x00', '\xff\xff', @broadcast}}, @IFLA_INET6_TOKEN={0x14, 0x7, @mcast1}]}, @AF_BRIDGE={0x4}, @AF_INET6={0x0, 0xa, 0x0, 0x1, [@IFLA_INET6_ADDR_GEN_MODE, @IFLA_INET6_TOKEN={0x0, 0x7, @remote}, @IFLA_INET6_TOKEN={0x0, 0x7, @loopback}, @IFLA_INET6_ADDR_GEN_MODE, @IFLA_INET6_ADDR_GEN_MODE, @IFLA_INET6_TOKEN={0x0, 0x7, @private2}, @IFLA_INET6_TOKEN={0x0, 0x7, @private1}]}]}]}, 0x270}}, 0x0)

124.328128ms ago: executing program 0 (id=985):
r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
ioctl$VIDIOC_S_STD(r0, 0x40085618, &(0x7f00000002c0)=0xff)

124.129056ms ago: executing program 0 (id=986):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000580)=@updpolicy={0x17c, 0x19, 0x1, 0x70bd2a, 0x0, {{@in=@multicast2, @in=@remote, 0x0, 0x0, 0x0, 0x0, 0x2, 0x20, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0xff, 0x0, 0x0, 0x0, 0x2}}, [@tmpl={0xc4, 0x5, [{{@in6=@mcast1, 0x4d2, 0x33}, 0xa, @in6=@empty, 0x3501, 0x1, 0x3, 0x3b, 0x83, 0x5, 0x7}, {{@in6=@local, 0x4d6, 0x3c}, 0xa, @in6=@private1, 0x3502, 0x2, 0x0, 0x7, 0x7f, 0x0, 0x4}, {{@in=@multicast1, 0x4d5, 0x6c}, 0x8, @in6=@empty, 0x0, 0x4, 0x3, 0x3, 0x4, 0x2, 0x3}]}]}, 0x17c}}, 0x4000)

65.562457ms ago: executing program 0 (id=987):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x15, 0x4, &(0x7f0000000080)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x71, 0x10, 0x13}, [@ldst={0x4, 0x0, 0x4, 0x5}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x8, &(0x7f00000000c0), 0x366, 0x10, &(0x7f0000000000), 0x2b2}, 0x48)

65.201497ms ago: executing program 3 (id=988):
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xc, 0x4, &(0x7f0000000680)=@framed={{0x18, 0x0, 0x0, 0x0, 0xbacf, 0x0, 0x0, 0x0, 0x8}, [@generic={0x91, 0x1, 0x1, 0x63}]}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)

1.839643ms ago: executing program 0 (id=989):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder1\x00', 0x1802, 0x0)
prctl$PR_MCE_KILL(0x29, 0x0, 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x10a)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
r1 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
getdents(r1, 0x0, 0x0)
r2 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r2, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

1.586157ms ago: executing program 3 (id=990):
syz_mount_image$btrfs(&(0x7f0000005100), &(0x7f0000005140)='./file0\x00', 0x0, &(0x7f0000005180), 0x1, 0x50ed, &(0x7f00000051c0)="$eJzs3U+IVWUfB/Dnzp1x5lVw7isEtsoikGrh4CYioqtMUFF0y8VgBE4tgnThJEi0EMQW/Vt4S4paSK6kFsksjKA2LqQwArehYS7cKAaSi3Yac8957pz7HO+5d0ZtTD8fmTnnOb/zPOe5l7O43+uccwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEEF74/bNDVfVT16bPnJtp7jywZebyvul1p0OodbbX8vqOrc++8ua2HS9OxA6zL2fLRqPfkFnX81ljVc/GhX69P6+HEMaSAer58pk1pVGLq3vKA1a6fnH30U17mxuPH27Xr146e7L80lkwsdITWCn5eXVh8Vxqdn6PJHt024VTr9Zzimb90xPuX3kRAMCSTLU6i+7H0fwjbre9P60n7WbSbift+AmhXWwsRzbuqn7z3JDWV2iezSwqjPedZ1LP3/9uu5X2T9pJ1FjCPHt3zSPNRL95ziX1lZonAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ3kkbdHH6qqn7o2febcTHPngS0zl/dNrzsdQqOzvZaVa6vfP9z869utxw78uPmr4xeef6ye94vL0cLO4be48sRkCG8UKhfisBfXhtDqLXSa4cty4a3OynOxAAAAwN3k/s7vkW47i4NjPe1aJ03WOv+iLCxev7j76Ka9zY3HD7frVy+dPbn88Vp9xmvecLxuu7H4UysE4xh/0/EW63HXPaVxqqUjpnn+8fNTf1f1L+X/RnX+j++c/A8AAMDNkP/TcaoNyv/fvfbHJ1X9S/l/Q88hS/k/zjjm/5GwvPwPAAAAd7Lbnf+bpXGqDcr/4y+NfV3Vv5T/p4bL/6PFaceNv8YJ75oMYWrQ1AEAAIA+4v+7L361EPN69s1BmtefevTguarxSvm/OVz+H7ulrwoAAAC4GUe+2P5wVb2U/1vD5f/x2zprAAAAYCne+XDig6p6Kf/PDpf/V+fL/MqHrNNP8a8QDk2GMLGwMpcVfg7tp7sFAAAA4BaJOf3PT3f+ULVfKf/PVd//P97pIF7/33P/v9L1/4VCdte/J90YAAAAgHtR+Xr+eHv87MkF/Z6/P+z1/w/87+CrVccv5f/9w+X/enF5K5//BwAAAMvwX3v+3/bSONUG3f//vo/e/aWqfyn/t4fL/3G5pvjyTsT3573JENYvrOR3E/wmHm5XUpgfKxQ6WkmPbbFHXpgfLxQ65pIemydDeHBhZX9S+H8stJPClbV54UhSOB0L+fnQLRxLCifimfb52ny6aeH7WMgvsJiPV1Cs6V4SkfS42q/HQuGGPc52Dw4AAHBPieE5z7Jjvc2QRtn52qAdVg/aYWTQDvVBO4wmO6Q79tseZnsLcXv7zMalPf//yHD5P74Vq7JFv+v/Q7z+P3+uYff6/9lYaCSF+VhopXcMaMVjZGH343iMRivvcWV9twAAAAB3tfi9QH2F5wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAP+zda4xc1X0A8LPP8T68XkiqEBolm6TGcROv1zaQqKXKmlI1IqVZNxRURRQbe00WL9ixTYlRiIxNRCMEpQ1S8qEIoyiq+QC1AhFJAeEixREqj4iqKIBAoTVEQaSUJCJNkEI1e++ZvXPuzsOPNV76+0neOTP/87zz8Jx775wLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPD/w8GvXPO3zeKP/va8Z1+4ePyKPWsvfvW68059MoSJmcc7snBH/423j//87nPv2fPA6jvuO3z+R3vzcnk8DFT/dOZ3boi1Hl4cwv0dIXSngRWDWaAnvz8Y63vfYAinhNlArcRkf1YibTh8vy+EfWE2UKvqe30hDBYCFz71yMM3VxO39YWwNIRQSdt4vpK10ZcGzujNAv1pYGt3FvjVW5la4LudWQCOWXwz1F70BybqMwzPXa7B66/nuHXs7ZUOrysmhhvn+9naee5UQW/6wMQxPW2l6pgXpbfHQe+2BfBuK23nWz1txS9S+TeUt2ZDldC5aXLzhqund8ZHOsPoaFejmubpeX7m9S9tPJL0gnkdxg4MH5fX4S1PLL27a/kFj9+3YunL+z+295Vj7eaPCpu0mJ5vlZC/5hbM8xiN+zxZAG+/0rekEV+6QgibP/97n2kWL83/h5vP/+PLOd521uWOtb45lM3N4yODMfHaUDY3BwAAgAVjIew13Tr60Cea1Vea/4+0d/w/HvLPJ/PZaA+GMD6T2LskhNNmHs8Cd8XmLlsSwgdnUhP1gbVJ4GAI751JLK9VlZRYFEuMJIGfDOWB8SRwKAYmksC3YuDWJHBDDBxIAhtj4GASODcGwlT9OH5/KB9H24G+GFifbcQD8SyEXwzF1pJt9VytKgAAgOMknx321N8tnOtwrBni9PJAX6sM8QzshhkqSQ3pDLY2rWpYQ3erGjpb1VAb9+7mwy/V3NGq5tJpGB31GW7/5d98NjRRmv+PNZ//V+boSEfp+H8I62b+xtydeWS6Fl8/UZcBAAAAOAYD//viN5vFS/P/8fbO/4/7RLoKmcNjcTfEliUhjNUHsmr/sBzIjnoP5AEAAABYCGrH42vHwqfy2+wU7XQ+Xc4/cYT544H/8Tnz9x58cH2z/pbm/xPtnf/fX3+bdeJQ7MXXloSwqBD4QexlNTBjJAZ+/Mn6QD7+Q3ED3BSryk9MqFV1UyyxPgbGksC+RiV+WCtxWn0gf7Jqje+tjWMqL1EIAAAAwAkXdwfE4/Lx/P8P/Wb1Nc3Kleb/64/s/P+ZeXDp9P7pgRBWdofQlf4w4LH+bGHAGBjsyBMP9Wd1daVVXd8fwjnVgaVVvZiv/9+drjH4VF9WVQyc9qH9r59RTXyzL4SVxcDTn7vzrGpiZxKoNf6XfSF8oDratPHvLMoa70kb//qiEN5fCNSqumxRCNXGetOqHqnk1zFIq/rnSgjvKgRqVZ1dCWFXAGCBiv+Vbio+uGPXtVs2TE9Pbp/HRNyH3xc2T01Pjm7cOr2p0qBPm5I+1y1jdH15TO1e+ea5fImii+5dN9hOuvY7wbFiW/l+/NKJg/n9+F2oZ2acq3vq7q5Jh/yRD5ebCIVvUo2G3DnPQ+4vVjL7JJbqj/l7w0BYdPWOye2jX9ywc+f2VdnfdrOvzv7Gw0zZtlqVbqv+ufrWxsuj4WpZiaPdVsuKlazceeW2lTt2Xbti6soNl09ePnnVqrNXj505tmbs42eurI5qLPvbYqjL5qo6Gepbd7Y5ruM41NO7C5WciE8NCQmJhZbYOrCs6f/Jpfn/tubz//ipEz/58/UZGh3/H46H+bPHZw/zr4+Bfe0e/x9udDS/dmLASBLYHQO7HeYHAADgnSFO8uPezLhX+qfLv/Nys3Kl+f/u9n7/f5zW/68tXX9+o2X+l8cSY43W/0+X+a+t/7+70fr/6TL/tfX/970N6/9fXQskm+QX1v8HAADeCU7c+v8tl/dPLxBQytByef/0AgGlDC2X8W/3AgFHvP7/8//5V/8dmijN/29tb/5v4X4AAAA4eXz5z675nWbx0vx/X3vz/xO//l9odP7/SKPARKOFAa3/BwAAwALVaP2/4Rv7L21WrjT/P9De/D+edtFZlzvW+uZQtqZdSNe0e22o9pMBAAAAWBg6w+hoT5t561ZGXXv0bT6TLwXaLF304p8cPrLz/w+2N/+v+13GLU8svbtr+QWPv3nfiqUv7//Y3ldmj/8DAAAA86fd/RIAAAAAAAAAAAAAAMDb78X/2LOmWbz0+/+wbubxRr//j9f9i78veHdd7lhr6/X/8vsXfvqeXTNLFj42FMKHi4Ete7acEvJr8y8rBh6+ZPl7qok9aYkHXzj3pWri0jTwqRWnvlFNnJME1sdFEt+bBuJVFd9YnATi8or/ngbi9jiQBnrzwFcXZ+PoSLfVTwezbdWRbqtnB0NYUgjUttX9g1kbHekAb0sCtQF+IQ3EAf55HuhMe3XPQNarGBiMRe8YyHoFAMBJK34L7Ambp6Ynx+JX+Hh7enf9bVS3ZNn15Wo72mz+uXxpsovuXTfYTror/S46e63xnlCpDmFV6etqMUvHzCiPTy0tNt27Gwy51WpvnQ3KpY500/U2HlFfNqLRjVunN/W0HPia1llWd7fMsqo02Slm6ZzZpG3U0kZf2hhRm9umjS7H+51hdLQryfUHMTgc6rR6RbT7e/3iOn+NXgXFPFcd3vurZvWV5v/D7c3/K8VxvZFfDGB3vLLe3y2xzD8AAADMr6+u/fU34r/P3vjo083ylub/I+3N/+MerPxQcLa342C8/v/eJSHMXFp/OAvcFZu7bEkIH5xJTcQS2QX1z48lxrLAXXGHyfJYYv1EfVWLYuBAEvjJUB44mAQOxUC+l2J/yHfl/P1QCGfNpNbVl9gWSwwngc/EwEgSGI2BsSSwOAbGk8Cri/PARBL4txgIU/Xb6t7F+bYCAAA4Evk8q6f+bkjneQe6W2XoaJWhv1WGzlYZKq0yNBpFvP/tmKEnOXmlo5CpJ621L6mllCFeDP+I+1XKEH5YnzMtWGo6nn9QO9+goz7DA5/oroQmSvP/sfbm//31t1nrh+L8f/b6f1ngB7F7X4unjo/EwI8/WR/IdwwcipPdm2pVTeQl8kn7TbHEeAyMJIFtMTCeBNavywP73lMfyGfatcb31hqfyksUAgAAAHDCxR0EcTdNnP/fseMrA83Kleb/4+3N/2N7A8XGboi1Hl4cwv0ds72pBVYMZoG4H2Mw/jz+fYMhnFLYwVErMdmflehNGg7f78t+od6bVvW9vuzHB/H+hU898vDN1cRtfSEsLex9qbXxfCVroy8NnNGbBfrTwNbuLBD3/NQC3+3MAnDMansF4wsqP9WlZnjucg1ef++Ua4KmwyvtA50j31y/uZovpR2u+T7VmiN72pruv+W4Kb09Dnq3LcR327B3W/GLVP4N5a3ZUCV0bprcvOHq6Z3xkeIvWUvm6Xku/kq1nfRxeB3uPvretlZJOzCWfHyMzV1u7tdhR6zulieW3t21/ILH71ux9OX9H9v7StvdaCD+UPiR6/518EeFzTvfKiF/zS24z5MJnycL8b+BEU9bCGHdq1+/qVm8NP+faG/+353czvh13Jg7loTwkcLGfSxu/j9ekn0OFgLZp+S7yoHskPt/DTX85AQAAIDjrba7o7a/YCq/zU4IT+fJ5fwTR5g/7q8YnzN/u/3u/+tLljaLl+b/65vP/xcl3XT83/F/5onj/3M62XdFL0of2H1Mu6JL1TEvHP+f08n+bnP8f06O/zv+PxfH/1tw/H9OJ/vTVvqWtM2XrhDCy3/00LPN4qX5/7b25v/W/5t70b7a+n/rG63/t63R+n+7rf8HAADMqwYLzaXzvNLqfaUM6ep9pQwtFwhsucSg9f+OeP2/l05//jehidL8f3d78//4chgotr5Q1v8bWdegqltjYJuFAQEAADgZNdpBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwNvrgX/4n03N4o/+9rxnX7h4/Io9ay9+9brzTn0yhKmZxzuycEf/jbeP//zuc+/Z88DqO+47fP5HK3m5nvz2d+tyx1rfHAphX+GRwZh4bah6ZzZw4afv2dVdTTw2FMKHi4Ete7acUk18ayiEZcXAw5csf081sSct8eAL575UTVyaBj614tQ3qolz8kBH2t1/XJx1tyPt7s2LQ1hSCNS6e8Xi+qpqbfxpHuhM2/inwayNGBiMRb8xmLURA9OxxNSiEFZ2h9CVVvVoJauqK63qXypZVV1pVV+uhHBOCKE7reqF3qyq7nTkT/ZmVcXAaR/a//oZ1cS+3hBWFgNPf+7Os6qJLySBWuN/0RvCB6ovmbTxb/dkjfekjd/WE8L7Qwi9aYlfdmcletMSL3aH8K5CoNb457tD2BV4R4gfPnWfaDt2Xbtlw/T05PZ5TPTmbfWFzVPTk6Mbt05vqiR9aqSjkH7r+qMf+3Ovf2lj9faie9cNtpPuzsv1zHR5dU/d3TUne+9jv/qLlcw+H6X6Y/7eMBAWXb1jcvvoFzfs3Ll9Vfa33eyrs79deTTbVqsWyrZaVqxk5c4rt63csevaFVNXbrh88vLJq1advXrszLE1Yx8/c2V1VGPZ3+Mx1DtP/FBP7y5UciI+ACQkJBZaorPu023sZP8gL33Rn+1oT6jMfECXphXFLB0zozweg157lCM+mu8pLUe0qjRxKGVZ3TrLmtJkYjZLX5Zl5ntdaXJYrKlzZpPG+51hdLSr0XYYrr9b3Lw/O4bN+0y+6dpNAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwf+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCjtwLAAAAAAgzN86jJ4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALgUAAD//wNUIwc=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000000)={0x8, 0x5, 0x33, 0x97, 0x6})

0s ago: executing program 0 (id=991):
setresuid(0x0, 0xee01, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = getpgid(0x0)
fcntl$setownex(r1, 0xf, &(0x7f0000000140)={0x2, r2})
sendmmsg$unix(r0, &(0x7f0000006c40)=[{{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000000)="11", 0x1}], 0x1}}], 0x1, 0x40015)

kernel console output (not intermixed with test programs):

ot using interface batadv_slave_1 (retrying later): interface not active
[   69.258017][   T95] usb 1-1: config 0 descriptor??
[   69.327171][ T5990] hsr_slave_0: entered promiscuous mode
[   69.329441][ T5990] hsr_slave_1: entered promiscuous mode
[   69.331658][ T5990] debugfs: 'hsr0' already exists in 'hsr'
[   69.338466][ T5990] Cannot create hsr debugfs directory
[   69.353859][   T12] hsr_slave_0: left promiscuous mode
[   69.356783][   T12] hsr_slave_1: left promiscuous mode
[   69.358963][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   69.361351][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[   69.365023][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   69.368231][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[   69.386038][   T12] veth1_macvtap: left promiscuous mode
[   69.393443][   T12] veth0_macvtap: left promiscuous mode
[   69.395751][   T12] veth1_vlan: left promiscuous mode
[   69.397519][   T12] veth0_vlan: left promiscuous mode
[   69.487579][   T95] radio-si470x 1-1:0.0: DeviceID=0x0000 ChipID=0x0000
[   69.489964][   T95] radio-si470x 1-1:0.0: This driver is known to work with firmware version 12, but the device has firmware version 0.
[   69.648578][   T12] team0 (unregistering): Port device team_slave_1 removed
[   69.666545][   T12] team0 (unregistering): Port device team_slave_0 removed
[   69.691447][   T95] radio-si470x 1-1:0.0: software version 0, hardware version 0
[   69.695097][   T95] radio-si470x 1-1:0.0: This driver is known to work with hardware version 1, but the device has hardware version 0.
[   69.699490][   T95] radio-si470x 1-1:0.0: If you have some trouble using this driver, please report to V4L ML at linux-media@vger.kernel.org
[   69.896245][   T95] radio-si470x 1-1:0.0: submitting int urb failed (-90)
[   70.111799][ T5990] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   70.119328][ T5990] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   70.126500][ T5990] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   70.135521][ T5990] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   70.250058][ T5990] 8021q: adding VLAN 0 to HW filter on device bond0
[   70.271774][ T5990] 8021q: adding VLAN 0 to HW filter on device team0
[   70.299509][   T32] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.302545][   T32] bridge0: port 1(bridge_slave_0) entered forwarding state
[   70.329764][   T32] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.332430][   T32] bridge0: port 2(bridge_slave_1) entered forwarding state
[   70.384791][ T5848] Bluetooth: hci0: command tx timeout
[   70.509615][ T5990] 8021q: adding VLAN 0 to HW filter on device batadv0
[   70.574124][ T5990] veth0_vlan: entered promiscuous mode
[   70.588172][ T5990] veth1_vlan: entered promiscuous mode
[   70.613835][ T5990] veth0_macvtap: entered promiscuous mode
[   70.623851][ T5990] veth1_macvtap: entered promiscuous mode
[   70.646854][ T5990] batman_adv: batadv0: Interface activated: batadv_slave_0
[   70.654386][ T5990] batman_adv: batadv0: Interface activated: batadv_slave_1
[   70.661433][   T13] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   70.667770][   T13] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   70.681427][   T13] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   70.685225][   T13] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   70.718956][   T95] radio-si470x 1-1:0.0: si470x_get_report: usb_control_msg returned -71
[   70.734381][   T95] radio-si470x 1-1:0.0: probe with driver radio-si470x failed with error -22
[   70.746343][   T95] usb 1-1: USB disconnect, device number 3
[   70.771244][   T26] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   70.775597][   T26] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   70.804943][   T26] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   70.812448][   T26] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   70.864197][ T5848] Bluetooth: hci1: command tx timeout
[   70.864228][   T54] Bluetooth: hci2: command tx timeout
[   70.906323][ T6055] loop2: detected capacity change from 0 to 32768
[   71.122802][   T10] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   71.262862][   T47] usb 3-1: new full-speed USB device number 3 using dummy_hcd
[   71.287728][   T10] usb 4-1: New USB device found, idVendor=0eb1, idProduct=7007, bcdDevice= 2.05
[   71.290769][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   71.296830][   T10] usb 4-1: Product: syz
[   71.302408][   T10] usb 4-1: Manufacturer: syz
[   71.308593][   T10] usb 4-1: SerialNumber: syz
[   71.315683][   T10] usb 4-1: config 0 descriptor??
[   71.326509][   T10] go7007 4-1:0.0: probe with driver go7007 failed with error -12
[   71.347944][ T1364] ieee802154 phy0 wpan0: encryption failed: -22
[   71.352791][ T1364] ieee802154 phy1 wpan1: encryption failed: -22
[   71.433072][   T47] usb 3-1: unable to get BOS descriptor or descriptor too short
[   71.444563][   T47] usb 3-1: not running at top speed; connect to a high speed hub
[   71.452049][   T47] usb 3-1: config 17 has an invalid interface number: 8 but max is 1
[   71.455802][   T47] usb 3-1: config 17 has 1 interface, different from the descriptor's value: 2
[   71.459563][   T47] usb 3-1: config 17 has no interface number 0
[   71.469901][   T47] usb 3-1: config 17 interface 8 altsetting 6 endpoint 0x3 has an invalid bInterval 0, changing to 10
[   71.476317][   T47] usb 3-1: config 17 interface 8 has no altsetting 0
[   71.481836][   T47] usb 3-1: New USB device found, idVendor=0763, idProduct=2001, bcdDevice=2c.ff
[   71.486046][   T47] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   71.490476][   T47] usb 3-1: Product: syz
[   71.502232][   T47] usb 3-1: Manufacturer: syz
[   71.504567][   T47] usb 3-1: SerialNumber: syz
[   71.533748][ T5313] usb 4-1: USB disconnect, device number 2
[   71.731082][   T47] usb 3-1: selecting invalid altsetting 0
[   71.750390][   T47] usb 3-1: USB disconnect, device number 3
[   71.752984][   T95] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[   71.775186][ T6085] udevd[6085]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:17.8/sound/card3/controlC3/../uevent} for writing: No such file or directory
[   71.918849][   T95] usb 1-1: New USB device found, idVendor=6189, idProduct=182d, bcdDevice= 1.73
[   71.922824][   T95] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   71.926117][   T95] usb 1-1: Product: syz
[   71.927871][   T95] usb 1-1: Manufacturer: syz
[   71.929890][   T95] usb 1-1: SerialNumber: syz
[   71.940931][   T95] usb 1-1: config 0 descriptor??
[   72.094431][ T6088] loop3: detected capacity change from 0 to 1024
[   72.099461][ T6088] EXT4-fs: Ignoring removed nomblk_io_submit option
[   72.109409][ T6088] EXT4-fs: Invalid want_extra_isize 130
[   72.326796][ T6098] loop3: detected capacity change from 0 to 512
[   72.331400][ T6098] EXT4-fs: Ignoring removed oldalloc option
[   72.380091][ T6098] EXT4-fs error (device loop3): ext4_xattr_inode_iget:433: comm syz.3.62: Parent and EA inode have the same ino 15
[   72.400511][ T6098] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   72.406810][ T6098] EXT4-fs error (device loop3): ext4_xattr_inode_iget:433: comm syz.3.62: Parent and EA inode have the same ino 15
[   72.417062][ T6102] netlink: 212376 bytes leftover after parsing attributes in process `syz.2.63'.
[   72.417361][ T6098] EXT4-fs (loop3): 1 orphan inode deleted
[   72.427663][ T6098] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   72.457809][ T6098] EXT4-fs error (device loop3): ext4_lookup:1787: inode #15: comm syz.3.62: unexpected EA_INODE flag
[   72.463972][   T54] Bluetooth: hci0: command tx timeout
[   72.539976][ T5990] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   72.646487][ T6113] MPI: mpi too large (113288 bits)
[   73.283940][   T95] asix 1-1:0.0 (unnamed net_device) (uninitialized): Failed to read reg index 0x0000: -71
[   73.291433][   T95] asix 1-1:0.0 (unnamed net_device) (uninitialized): Error reading PHY_ID register: ffffffb9
[   73.312564][   T95] asix 1-1:0.0: probe with driver asix failed with error -71
[   73.329057][   T95] usb 1-1: USB disconnect, device number 4
[   73.347696][ T6132] loop3: detected capacity change from 0 to 1024
[   73.372240][ T6132] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   73.398726][ T5990] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.653612][ T6144] loop3: detected capacity change from 0 to 4096
[   73.672451][ T6144] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512).
[   73.680716][ T6148] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[   74.035768][   T10] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[   74.055068][ T6170] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   74.067927][ T6172] loop2: detected capacity change from 0 to 512
[   74.095321][ T6172] EXT4-fs error (device loop2): ext4_xattr_inode_iget:433: comm syz.2.92: Parent and EA inode have the same ino 15
[   74.111776][ T6172] EXT4-fs (loop2): 1 orphan inode deleted
[   74.128972][ T6172] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   74.193331][   T10] usb 4-1: config 0 has an invalid interface number: 173 but max is 0
[   74.196384][   T10] usb 4-1: config 0 has no interface number 0
[   74.209587][   T10] usb 4-1: New USB device found, idVendor=2040, idProduct=4982, bcdDevice=95.d3
[   74.222835][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   74.242076][   T10] usb 4-1: config 0 descriptor??
[   74.273905][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.479280][   T10] hdpvr 4-1:0.173: unexpected answer of status request, len -71
[   74.485134][   T10] hdpvr 4-1:0.173: device init failed
[   74.487621][   T10] hdpvr 4-1:0.173: probe with driver hdpvr failed with error -12
[   74.496135][   T10] usb 4-1: USB disconnect, device number 3
[   74.542885][   T54] Bluetooth: hci0: command tx timeout
[   75.483566][ T6199] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   75.574754][ T6208] netlink: 36 bytes leftover after parsing attributes in process `syz.0.109'.
[   75.681809][ T6218] misc userio: No port type given on /dev/userio
[   75.770198][ T6225] loop0: detected capacity change from 0 to 736
[   75.839958][ T6225] rock: directory entry would overflow storage
[   75.843933][ T6225] rock: sig=0x00, size=4, remaining=3
[   76.274916][ T6236] netlink: 4 bytes leftover after parsing attributes in process `syz.3.122'.
[   76.305966][ T6239] loop3: detected capacity change from 0 to 2048
[   76.324218][ T6239] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   76.332328][   T33] audit: type=1800 audit(1756996401.372:2): pid=6239 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.123" name="file1" dev="loop3" ino=15 res=0 errno=0
[   76.339861][   T33] audit: type=1800 audit(1756996401.382:3): pid=6239 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.123" name="file2" dev="loop3" ino=16 res=0 errno=0
[   76.340138][ T6239] EXT4-fs (loop3): Online defrag not supported with bigalloc
[   76.367173][ T5990] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   76.434191][ T6246] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(3)
[   76.437047][ T6246] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   76.440945][ T6246] vhci_hcd vhci_hcd.0: Device attached
[   76.632770][   T54] Bluetooth: hci0: command tx timeout
[   76.724714][ T5909] usb 39-1: new low-speed USB device number 2 using vhci_hcd
[   76.727932][   T47] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[   76.902751][   T47] usb 4-1: Using ep0 maxpacket: 16
[   76.907128][   T47] usb 4-1: config 0 has no interfaces?
[   76.911367][   T47] usb 4-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[   76.924844][   T47] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   77.102178][   T47] usb 4-1: config 0 descriptor??
[   77.212374][ T6260] loop0: detected capacity change from 0 to 128
[   77.225370][ T6260] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[   77.238647][ T6260] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   77.349939][ T6247] vhci_hcd: cannot find a urb of seqnum 0 max seqnum 1
[   77.373578][   T10] usb 4-1: USB disconnect, device number 4
[   77.401621][ T5861] vhci_hcd: stop threads
[   77.429416][ T5861] vhci_hcd: release socket
[   77.461000][ T5861] vhci_hcd: disconnect device
[   77.594923][ T6266] loop2: detected capacity change from 0 to 8
[   77.621720][ T6266] SQUASHFS error: Unable to read inode 0x6
[   77.867618][ T6268] loop2: detected capacity change from 0 to 256
[   77.873947][ T6268] exfat: Deprecated parameter 'utf8'
[   77.938039][ T6268] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x40a90196, utbl_chksum : 0xe619d30d)
[   78.516006][ T6298] netlink: 4 bytes leftover after parsing attributes in process `syz.3.138'.
[   78.519916][ T6298] bridge_slave_1: left allmulticast mode
[   78.522261][ T6298] bridge_slave_1: left promiscuous mode
[   78.535613][ T6298] bridge0: port 2(bridge_slave_1) entered disabled state
[   78.566817][ T6298] bridge_slave_0: left allmulticast mode
[   78.581011][ T6298] bridge_slave_0: left promiscuous mode
[   78.595093][ T6298] bridge0: port 1(bridge_slave_0) entered disabled state
[   79.078741][ T6318] tipc: Started in network mode
[   79.083812][ T6318] tipc: Node identity eef83283db5e, cluster identity 4711
[   79.098807][ T6318] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   79.111549][ T6318] syzkaller0: entered promiscuous mode
[   79.115321][ T6318] syzkaller0: entered allmulticast mode
[   79.155782][ T6318] tipc: Resetting bearer <eth:syzkaller0>
[   79.162492][ T6317] tipc: Resetting bearer <eth:syzkaller0>
[   79.182510][ T6317] tipc: Disabling bearer <eth:syzkaller0>
[   79.296295][ T6328] loop2: detected capacity change from 0 to 1024
[   79.313775][ T6328] hfsplus: Unknown parameter 'u.sk'
[   79.526879][ T6326] loop3: detected capacity change from 0 to 40427
[   79.537965][ T6326] F2FS-fs (loop3): build fault injection rate: 19
[   79.540347][ T6326] F2FS-fs (loop3): build fault injection type: 0x3bfe8c
[   79.610029][ T6326] F2FS-fs (loop3): invalid crc value
[   79.625874][ T6326] F2FS-fs (loop3): inject page alloc in f2fs_grab_cache_folio of f2fs_ra_meta_pages+0x615/0x970
[   79.690814][ T6326] F2FS-fs (loop3): inject slab alloc in f2fs_kmem_cache_alloc of read_node_folio+0x20a/0x3f0
[   79.698709][ T6326] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   79.707160][ T6326] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[   79.779242][ T6340] __vm_enough_memory: pid: 6340, comm: syz.2.153, bytes: 4503599627366400 not enough memory for the allocation
[   79.959251][ T6326] F2FS-fs (loop3): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x1d9/0xa40
[   79.966929][ T6326] syz.3.149: attempt to access beyond end of device
[   79.966929][ T6326] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   79.997747][ T5990] syz-executor: attempt to access beyond end of device
[   79.997747][ T5990] loop3: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[   80.004229][ T5990] CPU: 1 UID: 0 PID: 5990 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[   80.004241][ T5990] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   80.004246][ T5990] Call Trace:
[   80.004249][ T5990]  <TASK>
[   80.004254][ T5990]  dump_stack_lvl+0x189/0x250
[   80.004267][ T5990]  ? __pfx_dump_stack_lvl+0x10/0x10
[   80.004276][ T5990]  ? __pfx_queue_work_on+0x10/0x10
[   80.004283][ T5990]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   80.004293][ T5990]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   80.004307][ T5990]  f2fs_handle_critical_error+0x37c/0x540
[   80.004322][ T5990]  f2fs_write_end_io+0x886/0xb60
[   80.004336][ T5990]  __submit_merged_bio+0x27a/0x6a0
[   80.004349][ T5990]  __submit_merged_write_cond+0x255/0x530
[   80.004361][ T5990]  f2fs_write_data_pages+0x261d/0x3000
[   80.004386][ T5990]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   80.004402][ T5990]  ? rcu_is_watching+0x15/0xb0
[   80.004423][ T5990]  ? check_path+0x21/0x40
[   80.004430][ T5990]  ? check_noncircular+0xe0/0x160
[   80.004487][ T5990]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   80.004499][ T5990]  do_writepages+0x32e/0x550
[   80.004521][ T5990]  ? do_raw_spin_unlock+0x4d/0x240
[   80.004536][ T5990]  filemap_fdatawrite+0x199/0x240
[   80.004550][ T5990]  ? __pfx_filemap_fdatawrite+0x10/0x10
[   80.004585][ T5990]  ? do_raw_spin_unlock+0x4d/0x240
[   80.004595][ T5990]  f2fs_sync_dirty_inodes+0x31f/0x830
[   80.004609][ T5990]  f2fs_write_checkpoint+0x95a/0x1df0
[   80.004627][ T5990]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[   80.004655][ T5990]  ? kill_f2fs_super+0x298/0x6c0
[   80.004664][ T5990]  kill_f2fs_super+0x2c3/0x6c0
[   80.004690][ T5990]  ? __pfx_kill_f2fs_super+0x10/0x10
[   80.004698][ T5990]  ? radix_tree_delete_item+0x2b6/0x400
[   80.004717][ T5990]  ? shrinker_free+0x2ce/0x3e0
[   80.004727][ T5990]  deactivate_locked_super+0xbc/0x130
[   80.004737][ T5990]  cleanup_mnt+0x425/0x4c0
[   80.004750][ T5990]  ? lockdep_hardirqs_on+0x9c/0x150
[   80.004767][ T5990]  task_work_run+0x1d4/0x260
[   80.004783][ T5990]  ? __pfx_task_work_run+0x10/0x10
[   80.004795][ T5990]  ? __x64_sys_umount+0x122/0x160
[   80.004813][ T5990]  ? exit_to_user_mode_loop+0x40/0x110
[   80.004830][ T5990]  exit_to_user_mode_loop+0xec/0x110
[   80.004846][ T5990]  do_syscall_64+0x2bd/0x3b0
[   80.004854][ T5990]  ? lockdep_hardirqs_on+0x9c/0x150
[   80.004868][ T5990]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.004878][ T5990]  ? exc_page_fault+0x9f/0xf0
[   80.004895][ T5990]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   80.004905][ T5990] RIP: 0033:0x7fa3aa58ff17
[   80.004916][ T5990] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[   80.004924][ T5990] RSP: 002b:00007ffc1d78a878 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   80.004936][ T5990] RAX: 0000000000000000 RBX: 00007fa3aa611c05 RCX: 00007fa3aa58ff17
[   80.004943][ T5990] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffc1d78a930
[   80.004949][ T5990] RBP: 00007ffc1d78a930 R08: 0000000000000000 R09: 0000000000000000
[   80.004956][ T5990] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffc1d78b9c0
[   80.004963][ T5990] R13: 00007fa3aa611c05 R14: 00000000000137da R15: 00007ffc1d78ba00
[   80.004981][ T5990]  </TASK>
[   80.007023][ T5990] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[   80.501817][ T6349] loop3: detected capacity change from 0 to 1024
[   80.609661][   T33] audit: type=1800 audit(1756996405.652:4): pid=6349 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.157" name="file1" dev="loop3" ino=20 res=0 errno=0
[   81.159997][ T6375] loop2: detected capacity change from 0 to 32768
[   81.173165][ T6375] (syz.2.167,6375,0):ocfs2_get_clusters:616 ERROR: status = -34
[   81.176560][ T6375] (syz.2.167,6375,0):ocfs2_extent_map_get_blocks:681 ERROR: status = -34
[   81.180633][ T6375] (syz.2.167,6375,0):ocfs2_map_slot_buffers:378 ERROR: status = -34
[   81.185926][ T6375] (syz.2.167,6375,0):ocfs2_init_slot_info:426 ERROR: status = -34
[   81.191483][ T6375] (syz.2.167,6375,0):ocfs2_initialize_super:2222 ERROR: status = -34
[   81.194949][ T6375] (syz.2.167,6375,0):ocfs2_fill_super:1177 ERROR: status = -34
[   81.222915][   T95] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[   81.379389][   T95] usb 4-1: New USB device found, idVendor=13d8, idProduct=0011, bcdDevice=d0.62
[   81.387326][   T95] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   81.402794][   T95] usb 4-1: Product: syz
[   81.404643][   T95] usb 4-1: Manufacturer: syz
[   81.406586][   T95] usb 4-1: SerialNumber: syz
[   81.422324][   T95] usb 4-1: config 0 descriptor??
[   81.439783][   T95] usb 4-1: selecting invalid altsetting 1
[   81.442216][   T95] comedi comedi5: could not switch to alternate setting 1
[   81.451936][   T95] usbduxfast 4-1:0.0: driver 'usbduxfast' failed to auto-configure device.
[   81.663362][   T24] cfg80211: failed to load regulatory.db
[   81.773777][   T95] usb 4-1: USB disconnect, device number 5
[   81.783555][ T6400] loop0: detected capacity change from 0 to 32768
[   81.819140][ T6400] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   81.832711][ T5909] vhci_hcd: vhci_device speed not set
[   81.850400][ T6400] XFS (loop0): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[   81.857951][ T6400] XFS (loop0): Starting recovery (logdev: internal)
[   81.863908][ T6400] XFS (loop0): Metadata CRC error detected at xfs_allocbt_read_verify+0x42/0xe0, xfs_bnobt block 0x8 
[   81.867807][ T6400] XFS (loop0): Unmount and run xfs_repair
[   81.869857][ T6400] XFS (loop0): First 128 bytes of corrupted metadata buffer:
[   81.872577][ T6400] 00000000: 41 42 54 42 00 00 00 02 ff ff ff ff ff ff ff ff  ABTB............
[   81.875907][ T6400] 00000010: 00 00 00 00 00 00 00 08 00 00 00 01 00 00 00 10  ................
[   81.878718][ T6400] 00000020: c4 96 e0 5e 54 0d 4c 72 b5 91 04 d7 9d 8b 4e eb  ...^T.Lr......N.
[   81.881531][ T6400] 00000030: 00 00 00 00 c8 fc 31 e4 00 00 04 4e 00 00 00 02  ......1....N....
[   81.884497][ T6400] 00000040: 00 00 04 60 00 00 0b a0 00 00 00 00 00 00 00 00  ...`............
[   81.887629][ T6400] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[   81.891437][ T6400] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[   81.895417][ T6400] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[   81.900120][ T6400] XFS (loop0): Filesystem has been shut down due to log error (0x2).
[   81.902815][ T6400] XFS (loop0): Please unmount the filesystem and rectify the problem(s).
[   81.906691][ T6400] XFS (loop0): log mount/recovery failed: error -74
[   81.914140][ T6400] XFS (loop0): log mount failed
[   82.167012][   T33] audit: type=1800 audit(1756996407.212:5): pid=6418 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.182" name="/" dev="9p" ino=2 res=0 errno=0
[   82.306284][ T6428] loop3: detected capacity change from 0 to 256
[   82.309799][ T6427] Device name not specified.
[   82.309799][ T6427] 
[   82.336868][ T6428] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x987a2e96, utbl_chksum : 0xe619d30d)
[   82.396731][ T6431] loop0: detected capacity change from 0 to 512
[   82.405922][ T6431] EXT4-fs (loop0): VFS: Can't find ext4 filesystem
[   82.552249][ T6441] loop0: detected capacity change from 0 to 128
[   82.614982][ T6441] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   82.619503][ T6447] netlink: 36 bytes leftover after parsing attributes in process `syz.3.191'.
[   82.632709][ T6447] netlink: 16 bytes leftover after parsing attributes in process `syz.3.191'.
[   82.636164][ T6447] netlink: 36 bytes leftover after parsing attributes in process `syz.3.191'.
[   82.639083][ T6447] netlink: 36 bytes leftover after parsing attributes in process `syz.3.191'.
[   82.644278][ T6441] ext4 filesystem being mounted at /59/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   82.750396][ T5850] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   82.817160][ T6457] sock: sock_set_timeout: `syz.0.192' (pid 6457) tries to set negative timeout
[   82.912070][ T6462] sp0: Synchronizing with TNC
[   82.959221][ T6460] loop3: detected capacity change from 0 to 4096
[   83.490731][ T6470] loop3: detected capacity change from 0 to 512
[   83.496521][ T6470] EXT4-fs (loop3): Test dummy encryption mode enabled
[   83.515530][ T6470] EXT4-fs (loop3): warning: mounting unchecked fs, running e2fsck is recommended
[   83.526133][ T6470] EXT4-fs (loop3): Errors on filesystem, clearing orphan list.
[   83.532067][ T6470] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   83.540394][ T6470] EXT4-fs (loop3): shut down requested (2)
[   83.562393][ T5990] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.792767][  T794] usb 3-1: new full-speed USB device number 4 using dummy_hcd
[   83.804548][   T54] Bluetooth: hci1: Unknown advertising packet type: 0x7f
[   83.804587][   T54] Bluetooth: hci1: Unknown advertising packet type: 0x72
[   83.807894][   T54] Bluetooth: hci1: Malformed LE Event: 0x0d
[   83.814540][ T6484] netlink: 4 bytes leftover after parsing attributes in process `syz.0.202'.
[   83.945748][  T794] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xD has invalid wMaxPacketSize 0
[   83.954770][  T794] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[   83.970027][  T794] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xD has invalid wMaxPacketSize 0
[   83.979263][  T794] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[   83.990418][  T794] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xD has invalid wMaxPacketSize 0
[   83.998475][  T794] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[   84.007482][  T794] usb 3-1: New USB device found, idVendor=0451, idProduct=5152, bcdDevice=c0.b9
[   84.012484][  T794] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   84.020867][  T794] usb 3-1: Product: syz
[   84.024583][  T794] usb 3-1: Manufacturer: syz
[   84.028584][  T794] usb 3-1: SerialNumber: syz
[   84.038809][  T794] usb 3-1: config 0 descriptor??
[   84.046532][  T794] ti_usb_3410_5052 3-1:0.0: TI USB 5052 2 port adapter converter detected
[   84.050930][  T794] ti_usb_3410_5052 3-1:0.0: missing endpoints
[   84.256570][  T794] usb 3-1: USB disconnect, device number 4
[   84.910743][ T6505] loop7: detected capacity change from 0 to 7
[   84.918696][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   84.922695][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[   84.926412][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   84.930206][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[   84.934293][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   84.937789][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[   84.941361][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   84.944912][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[   84.949928][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   84.953445][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[   84.957621][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   84.960469][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[   84.963851][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   84.966742][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[   84.969240][ T6085] ldm_validate_partition_table(): Disk read failed.
[   85.002776][ T6506] Invalid logical block size (6)
[   85.007133][    C0] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   85.010984][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[   85.014510][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   85.018399][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[   85.022006][    C1] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   85.025773][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[   85.030733][ T6085] Dev loop7: unable to read RDB block 0
[   85.034202][ T6085]  loop7: unable to read partition table
[   85.036817][ T6085] loop7: partition table beyond EOD, truncated
[   85.044092][ T6505] ldm_validate_partition_table(): Disk read failed.
[   85.047659][ T6505] Dev loop7: unable to read RDB block 0
[   85.050387][ T6505]  loop7: unable to read partition table
[   85.053585][ T6505] loop7: partition table beyond EOD, truncated
[   85.056391][ T6505] loop_reread_partitions: partition scan of loop7 (Cj̖P=ý?}X	%`ր{֐ȵ4FLQk݊) failed (rc=-5)
[   85.351522][ T6510] netlink: 'syz.0.210': attribute type 12 has an invalid length.
[   85.356261][ T6510] netlink: 4 bytes leftover after parsing attributes in process `syz.0.210'.
[   85.362960][ T5909] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[   85.370237][   T13] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[   85.372891][ T6510] netlink: 'syz.0.210': attribute type 12 has an invalid length.
[   85.373735][   T13] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[   85.377299][ T6510] netlink: 4 bytes leftover after parsing attributes in process `syz.0.210'.
[   85.379540][   T13] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[   85.386357][   T13] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[   85.389293][ T6510] Zero length message leads to an empty skb
[   85.481218][ T6514] loop0: detected capacity change from 0 to 256
[   85.486256][ T6514] exfat: Deprecated parameter 'utf8'
[   85.488528][ T6514] exfat: Deprecated parameter 'namecase'
[   85.490845][ T6514] exfat: Deprecated parameter 'namecase'
[   85.515235][ T6514] exfat: Deprecated parameter 'utf8'
[   85.521566][ T6514] exFAT-fs (loop0): failed to load upcase table (idx : 0x00012153, chksum : 0x5270ca8d, utbl_chksum : 0xe619d30d)
[   85.534115][ T5909] usb 3-1: unable to get BOS descriptor or descriptor too short
[   85.538490][ T5909] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   85.550607][ T5909] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 9
[   85.556351][ T5909] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x88 has invalid wMaxPacketSize 0
[   85.572550][ T5909] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 0
[   85.583545][ T5909] usb 3-1: New USB device found, idVendor=04e6, idProduct=5591, bcdDevice=94.39
[   85.587262][ T5909] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   85.590728][ T5909] usb 3-1: Product: syz
[   85.592547][ T5909] usb 3-1: Manufacturer: syz
[   85.594672][ T5909] usb 3-1: SerialNumber: syz
[   85.603137][ T5909] usb 3-1: config 0 descriptor??
[   85.610962][ T6508] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[   85.626838][    C1] usb 3-1: NFC: Urb failure (status -71)
[   85.629506][ T5909] usb 3-1: NFC: Unable to get FW version
[   85.659968][ T5909] pn533_usb 3-1:0.0: probe with driver pn533_usb failed with error -90
[   85.685815][ T6519] QAT: failed to copy from user.
[   85.695143][ T6519] overlayfs: missing 'lowerdir'
[   85.836372][ T5909] usb 3-1: USB disconnect, device number 5
[   86.304990][ T6519] loop3: detected capacity change from 0 to 32768
[   86.609748][ T6537] Illegal XDP return value 2125959645 on prog  (id 19) dev N/A, expect packet loss!
[   86.750564][ T6532] loop0: detected capacity change from 0 to 32768
[   86.764512][ T6532] XFS (loop0): Mounting V5 Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4
[   86.828028][ T6532] XFS (loop0): Ending clean mount
[   86.873547][ T5850] XFS (loop0): Unmounting Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4
[   87.447854][ T6550] loop3: detected capacity change from 0 to 32768
[   87.459468][ T6550] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   87.488457][ T6550] XFS (loop3): Ending clean mount
[   87.595903][ T5990] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   87.895944][ T6592] wireguard: wg2: Could not create IPv4 socket
[   87.980328][ T6598] loop2: detected capacity change from 0 to 256
[   87.995659][ T6598] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[   88.084825][ T6600] 
[   88.092866][ T5909] usb 4-1: new full-speed USB device number 6 using dummy_hcd
[   88.244547][ T5909] usb 4-1: config index 0 descriptor too short (expected 149, got 148)
[   88.247998][ T5909] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   88.251360][ T5909] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[   88.256049][ T5909] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00
[   88.259442][ T5909] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[   88.262412][ T5909] usb 4-1: SerialNumber: syz
[   88.269414][ T5909] usb 4-1: 0:2 : does not exist
[   88.293676][   T24] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[   88.422873][  T794] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[   88.454859][   T24] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[   88.459193][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[   88.463744][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[   88.467126][   T24] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   88.471907][   T24] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   88.477357][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   88.482043][   T24] usb 3-1: config 0 descriptor??
[   88.489245][   T95] usb 4-1: USB disconnect, device number 6
[   88.576986][  T794] usb 1-1: config 0 has an invalid interface number: 47 but max is 0
[   88.580641][  T794] usb 1-1: config 0 has no interface number 0
[   88.583270][  T794] usb 1-1: New USB device found, idVendor=0c45, idProduct=624e, bcdDevice=aa.6c
[   88.587142][  T794] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   88.595014][  T794] usb 1-1: config 0 descriptor??
[   88.603369][  T794] gspca_main: gspca_sn9c20x-2.14.0 probing 0c45:624e
[   88.804913][  T794] gspca_sn9c20x: Write register 1000 failed -71
[   88.809377][  T794] gspca_sn9c20x: Device initialization failed
[   88.813804][  T794] gspca_sn9c20x 1-1:0.47: probe with driver gspca_sn9c20x failed with error -71
[   88.823711][  T794] usb 1-1: USB disconnect, device number 5
[   88.901621][   T24] plantronics 0003:047F:FFFF.0001: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[   89.221679][ T6619] loop3: detected capacity change from 0 to 256
[   89.238362][   T33] audit: type=1800 audit(1756996414.282:6): pid=6619 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.252" name="file2" dev="loop3" ino=1048604 res=0 errno=0
[   89.568679][ T6636] loop3: detected capacity change from 0 to 1024
[   89.572454][ T6637] loop0: detected capacity change from 0 to 1024
[   89.577517][ T6637] EXT4-fs (loop0): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[   89.578412][ T6636] EXT4-fs: Ignoring removed orlov option
[   89.597716][ T6636] EXT4-fs (loop3): invalid inodes per group: 0
[   89.597716][ T6636] 
[   89.598508][ T6637] EXT4-fs error (device loop0): ext4_map_blocks:814: inode #3: block 1: comm syz.0.261: lblock 1 mapped to illegal pblock 1 (length 1)
[   89.607813][ T6637] Quota error (device loop0): write_blk: dquota write failed
[   89.610478][ T6637] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[   89.614656][ T6637] EXT4-fs error (device loop0): ext4_acquire_dquot:6937: comm syz.0.261: Failed to acquire dquot type 0
[   89.619040][ T6637] EXT4-fs error (device loop0): ext4_free_blocks:6696: comm syz.0.261: Freeing blocks not in datazone - block = 0, count = 4096
[   89.630794][ T6637] EXT4-fs error (device loop0): ext4_read_inode_bitmap:139: comm syz.0.261: Invalid inode bitmap blk 0 in block_group 0
[   89.640067][ T6261] EXT4-fs error (device loop0): ext4_map_blocks:778: inode #3: block 1: comm kworker/u9:4: lblock 1 mapped to illegal pblock 1 (length 1)
[   89.647647][ T6637] EXT4-fs error (device loop0) in ext4_free_inode:361: Corrupt filesystem
[   89.649511][ T6261] Quota error (device loop0): remove_tree: Can't read quota data block 1
[   89.658365][ T6637] EXT4-fs (loop0): 1 orphan inode deleted
[   89.659291][ T6261] EXT4-fs error (device loop0): ext4_release_dquot:6973: comm kworker/u9:4: Failed to release dquot type 0
[   89.680699][ T6637] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   89.705219][ T6637] EXT4-fs error (device loop0): ext4_search_dir:1474: inode #2: block 16: comm syz.0.261: bad entry in directory: inode out of bounds - offset=44, inode=40, rec_len=16, size=1024 fake=0
[   89.730341][ T5850] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.043187][ T6651] loop3: detected capacity change from 0 to 65
[   90.053708][ T6651] BFS-fs: bfs_fill_super(): Superblock is corrupted on loop3
[   91.013462][ T6674] loop3: detected capacity change from 0 to 512
[   91.054255][ T6674] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   91.060490][ T6674] ext4 filesystem being mounted at /70/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   91.220945][ T5909] usb 3-1: USB disconnect, device number 6
[   91.261277][ T6686] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[   91.283609][ T6684] random: crng reseeded on system resumption
[   91.720406][ T6696] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[   91.773190][    C1] IPv4: Oversized IP packet from 172.20.20.24
[   91.913607][ T6704] loop2: detected capacity change from 0 to 1024
[   91.929148][ T6704] EXT4-fs: Ignoring removed bh option
[   91.968620][ T6704] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled
[   91.976780][ T5990] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   91.993302][ T6704] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   92.031040][ T6704] EXT4-fs error (device loop2): ext4_check_all_de:659: inode #12: block 7: comm syz.2.283: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0
[   92.056167][ T6704] EXT4-fs (loop2): Remounting filesystem read-only
[   92.090330][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.239569][ T6725] loop0: detected capacity change from 0 to 256
[   92.260735][ T6726] loop2: detected capacity change from 0 to 512
[   92.297256][ T6726] EXT4-fs error (device loop2): ext4_iget_extra_inode:5104: inode #15: comm syz.2.293: corrupted in-inode xattr: invalid ea_ino
[   92.311230][ T6728] loop3: detected capacity change from 0 to 2048
[   92.315157][ T6728] EXT4-fs: Ignoring removed mblk_io_submit option
[   92.325121][ T6726] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.293: couldn't read orphan inode 15 (err -117)
[   92.328071][ T6728] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   92.347005][ T6726] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   92.399651][   T33] audit: type=1800 audit(1756996417.442:7): pid=6734 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.294" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[   92.441024][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.772904][   T24] usb 1-1: new full-speed USB device number 6 using dummy_hcd
[   92.915389][ T6741] loop2: detected capacity change from 0 to 4096
[   92.931939][   T24] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[   92.945958][   T24] usb 1-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[   92.959849][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   92.990899][   T24] usb 1-1: config 0 descriptor??
[   93.008197][ T6737] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[   93.329767][ T6743] loop2: detected capacity change from 0 to 32768
[   93.364266][ T6743] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.299 (6743)
[   93.399840][ T6743] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   93.410017][ T6743] BTRFS info (device loop2): using crc32c (crc32c-lib) checksum algorithm
[   93.531242][   T24] elan 0003:04F3:0755.0002: unknown main item tag 0x0
[   93.544471][   T24] elan 0003:04F3:0755.0002: item fetching failed at offset 3/5
[   93.553477][   T24] elan 0003:04F3:0755.0002: Hid Parse failed
[   93.567385][   T24] elan 0003:04F3:0755.0002: probe with driver elan failed with error -22
[   93.652788][ T6743] BTRFS info (device loop2): rebuilding free space tree
[   93.663661][ T6677] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 234: padding at end of block bitmap is not set
[   93.685423][ T6677] EXT4-fs (loop3): Remounting filesystem read-only
[   93.737938][ T6743] BTRFS info (device loop2): allowing degraded mounts
[   93.751051][ T6743] BTRFS info (device loop2): enabling ssd optimizations
[   93.758772][   T24] usb 1-1: USB disconnect, device number 6
[   93.759119][ T6743] BTRFS info (device loop2): enabling free space tree
[   93.773519][ T6743] BTRFS info (device loop2): force clearing of disk cache
[   93.781321][ T6743] BTRFS info (device loop2): use zstd compression, level 3
[   93.787296][ T6743] BTRFS info (device loop2): max_inline set to 0
[   93.864480][   T33] audit: type=1800 audit(1756996418.912:8): pid=6743 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.299" name="file1" dev="loop2" ino=260 res=0 errno=0
[   93.898315][ T5990] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   93.920825][ T5853] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   94.088154][ T6764] loop3: detected capacity change from 0 to 2048
[   94.126495][ T6764] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[   94.141755][ T6768] netlink: 28 bytes leftover after parsing attributes in process `syz.2.303'.
[   94.770819][ T6805] loop3: detected capacity change from 0 to 1024
[   94.780518][ T6805] EXT4-fs: Ignoring removed oldalloc option
[   94.802419][ T6805] EXT4-fs: Ignoring removed bh option
[   94.840095][ T6807] loop2: detected capacity change from 0 to 4096
[   94.840573][ T6805] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   94.848818][ T6807] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512).
[   94.989636][ T6799] loop0: detected capacity change from 0 to 32768
[   95.007109][ T6799] bcachefs (/dev/loop0): error validating superblock: Invalid superblock section clean: entry type btree_keys overruns end of section
[   95.007109][ T6799] clean (size 2912):
[   95.007109][ T6799] flags:          0
[   95.007109][ T6799] journal_seq:    8
[   95.007109][ T6799] usage: type=inodes v=8
[   95.007109][ T6799] usage: type=key_version v=0
[   95.007109][ T6799] usage: type=reserved v=0
[   95.007109][ T6799] usage: type=reserved v=0
[   95.007109][ T6799] usage: type=reserved v=0
[   95.007109][ T6799] usage: type=(unknown fs_usage_type 3) v=0
[   95.007109][ T6799] data_usage: btree: 1/1 [0]=2816
[   95.007109][ T6799] data_usage: journal: 1/1 [0]=0
[   95.007109][ T6799] data_usage: user: 1/1 [0]=32
[   95.007109][ T6799] dev_usage: dev=0  
[   95.007109][ T6799]   free: buckets=83 sectors=0 fragmented=0
[   95.007109][ T6799]   sb: buckets=25 sectors=6152 fragmented=248
[   95.007109][ T6799]   journal: buckets=8 sectors=2048 fragmented=0
[   95.007109][ T6799]   btree: buckets=11 sectors=2816 fragmented=0
[   95.007109][ T6799]   user: buckets=1 sectors=32 fragmented=224
[   95.007109][ T6799]   cached: buckets=0 sectors=0 fragmented=0
[   95.007109][ T6799]   parity: buckets=0 sectors=0 fragmented=0
[   95.007109][ T6799]   stripe: buckets=0 sectors=0 fragmented=0
[   95.007109][ T6799]   need_gc_gens: buckets=0 sectors=0 fragmented=0
[   95.007109][ T6799]   need_discard: buckets=0 sectors=0 fragmented=0
[   95.007109][ T6799] clock: read=0
[   95.007109][ T6799] clock: write=1288
[   95.007109][ T6799] btree_root: btree=extents level=0 u64s 11 type btree_ptr_v2 720575940379
[   95.007260][ T6799] bcachefs: bch2_fs_get_tree() error: invalid_sb_clean
[   95.072474][ T5990] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   95.273643][ T6822] loop2: detected capacity change from 0 to 2048
[   95.302230][ T6822] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[   95.305771][ T6822] UDF-fs: Scanning with blocksize 512 failed
[   95.319222][ T6822] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   95.512717][ T5909] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[   95.528252][ T6838] netlink: 45 bytes leftover after parsing attributes in process `syz.2.335'.
[   95.553306][   T10] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[   95.570715][ T6840] loop2: detected capacity change from 0 to 512
[   95.584903][ T6840] EXT4-fs: Ignoring removed nobh option
[   95.587174][ T6840] EXT4-fs: inline encryption not supported
[   95.604399][ T6840] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[   95.608730][ T6840] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #13: comm syz.2.336: invalid indirect mapped block 2683928664 (level 1)
[   95.617548][ T6840] EXT4-fs (loop2): 1 truncate cleaned up
[   95.621157][ T6840] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   95.651579][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   95.684111][ T5909] usb 4-1: Using ep0 maxpacket: 16
[   95.691901][ T5909] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[   95.698036][ T5909] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[   95.701890][ T5909] usb 4-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[   95.703188][   T10] usb 1-1: Using ep0 maxpacket: 16
[   95.710012][ T5909] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[   95.710640][   T10] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   95.713976][ T5909] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   95.719475][   T10] usb 1-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[   95.721125][ T5909] usb 4-1: Product: syz
[   95.726650][   T10] usb 1-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[   95.730416][   T10] usb 1-1: Manufacturer: syz
[   95.734921][ T5909] usb 4-1: Manufacturer: syz
[   95.736775][ T5909] usb 4-1: SerialNumber: syz
[   95.745664][   T10] usb 1-1: config 0 descriptor??
[   95.965615][ T5909] usb 4-1: 2:1 : no or invalid class specific endpoint descriptor
[   95.972676][ T5909] usb 4-1: 2:1 : format type 0 is detected, processed as PCM
[   95.990264][   T24] usb 1-1: USB disconnect, device number 7
[   96.026186][ T5909] usb 4-1: USB disconnect, device number 7
[   96.070160][ T5968] udevd[5968]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[   96.152791][   T10] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[   96.309095][   T10] usb 3-1: unable to get BOS descriptor or descriptor too short
[   96.315519][   T10] usb 3-1: config 1 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 52, changing to 9
[   96.320203][   T10] usb 3-1: config 1 interface 0 has no altsetting 0
[   96.325487][   T10] usb 3-1: New USB device found, idVendor=16c0, idProduct=05e1, bcdDevice= 0.40
[   96.329497][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   96.333140][   T10] usb 3-1: Product: syz
[   96.334877][   T10] usb 3-1: Manufacturer: syz
[   96.336786][   T10] usb 3-1: SerialNumber: syz
[   96.537437][ T6855] loop0: detected capacity change from 0 to 128
[   96.574806][   T10] usbhid 3-1:1.0: can't add hid device: -71
[   96.577968][   T10] usbhid 3-1:1.0: probe with driver usbhid failed with error -71
[   96.592465][ T6855] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   96.593152][   T10] usb 3-1: USB disconnect, device number 7
[   96.616198][ T6855] ext4 filesystem being mounted at /115/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   96.693460][ T5850] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   96.697925][ T6861] loop8: detected capacity change from 0 to 8
[   96.717916][ T6085]  loop8: [POWERTEC] p1 p2 p3 p4 p5 p6 p7 p8 p9 p10 p11
[   96.720979][ T6085] loop8: p1 start 1768304430 is beyond EOD, truncated
[   96.726848][ T6085] loop8: p2 start 1373993750 is beyond EOD, truncated
[   96.729784][ T6085] loop8: p3 start 2864563691 is beyond EOD, truncated
[   96.736450][ T6085] loop8: p4 start 784593437 is beyond EOD, truncated
[   96.741451][ T6085] loop8: p5 start 411279150 is beyond EOD, truncated
[   96.741674][ T6863] netlink: 830 bytes leftover after parsing attributes in process `syz.0.345'.
[   96.744514][ T6085] loop8: p6 start 3987722592 is beyond EOD, truncated
[   96.751524][ T6085] loop8: p7 start 515916882 is beyond EOD, truncated
[   96.754930][ T6085] loop8: p8 start 3754139966 is beyond EOD, truncated
[   96.757875][ T6085] loop8: p9 start 105088498 is beyond EOD, truncated
[   96.760915][ T6085] loop8: p10 start 517032417 is beyond EOD, truncated
[   96.764253][ T6085] loop8: p11 start 2806601918 is beyond EOD, truncated
[   96.781235][ T6861]  loop8: [POWERTEC] p1 p2 p3 p4 p5 p6 p7 p8 p9 p10 p11
[   96.790657][ T6861] loop8: p1 start 1768304430 is beyond EOD, truncated
[   96.796262][ T6861] loop8: p2 start 1373993750 is beyond EOD, truncated
[   96.798789][ T6861] loop8: p3 start 2864563691 is beyond EOD, truncated
[   96.801396][ T6861] loop8: p4 start 784593437 is beyond EOD, truncated
[   96.803948][ T6861] loop8: p5 start 411279150 is beyond EOD, truncated
[   96.806845][ T6861] loop8: p6 start 3987722592 is beyond EOD, truncated
[   96.809339][ T6861] loop8: p7 start 515916882 is beyond EOD, truncated
[   96.811799][ T6861] loop8: p8 start 3754139966 is beyond EOD, truncated
[   96.817653][ T6861] loop8: p9 start 105088498 is beyond EOD, truncated
[   96.828343][ T6861] loop8: p10 start 517032417 is beyond EOD, truncated
[   96.831669][ T6861] loop8: p11 start 2806601918 is beyond EOD, truncated
[   97.053003][ T6869] loop3: detected capacity change from 0 to 32768
[   97.055982][ T6869] XFS: attr2 mount option is deprecated.
[   97.068136][ T6869] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   97.103439][ T6869] XFS (loop3): Ending clean mount
[   97.114488][ T6869] XFS (loop3): Quotacheck needed: Please wait.
[   97.151850][ T6869] XFS (loop3): Quotacheck: Done.
[   97.192126][ T5990] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   97.246913][ T6889] loop2: detected capacity change from 0 to 4096
[   97.283512][ T6889] ntfs3(loop2): Different NTFS sector size (1024) and media sector size (512).
[   97.287276][ T6889] ntfs3(loop2): ino=3, mi_enum_attr
[   97.436734][ T6882] loop0: detected capacity change from 0 to 40427
[   97.455993][ T6882] F2FS-fs (loop0): invalid crc value
[   97.546697][ T6882] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   97.565971][ T6882] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   97.595715][   T33] audit: type=1804 audit(1756996422.642:9): pid=6882 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.351" name="/newroot/121/file1/file1" dev="loop0" ino=10 res=1 errno=0
[   97.623977][ T5850] syz-executor: attempt to access beyond end of device
[   97.623977][ T5850] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   97.645956][ T5850] CPU: 0 UID: 0 PID: 5850 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[   97.645968][ T5850] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   97.645972][ T5850] Call Trace:
[   97.645976][ T5850]  <TASK>
[   97.645979][ T5850]  dump_stack_lvl+0x189/0x250
[   97.645993][ T5850]  ? __pfx_dump_stack_lvl+0x10/0x10
[   97.646002][ T5850]  ? __pfx_queue_work_on+0x10/0x10
[   97.646009][ T5850]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   97.646019][ T5850]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   97.646032][ T5850]  f2fs_handle_critical_error+0x37c/0x540
[   97.646046][ T5850]  f2fs_write_end_io+0x886/0xb60
[   97.646059][ T5850]  __submit_merged_bio+0x27a/0x6a0
[   97.646070][ T5850]  __submit_merged_write_cond+0x255/0x530
[   97.646082][ T5850]  f2fs_write_data_pages+0x261d/0x3000
[   97.646104][ T5850]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   97.646129][ T5850]  ? __mod_zone_page_state+0xd7/0x140
[   97.646142][ T5850]  ? folios_put_refs+0x560/0x640
[   97.646153][ T5850]  ? __pfx_folios_put_refs+0x10/0x10
[   97.646160][ T5850]  ? rcu_is_watching+0x15/0xb0
[   97.646170][ T5850]  ? __lock_acquire+0xab9/0xd20
[   97.646185][ T5850]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   97.646196][ T5850]  do_writepages+0x32e/0x550
[   97.646209][ T5850]  ? do_raw_spin_unlock+0x4d/0x240
[   97.646219][ T5850]  filemap_fdatawrite+0x199/0x240
[   97.646228][ T5850]  ? __pfx_filemap_fdatawrite+0x10/0x10
[   97.646253][ T5850]  ? do_raw_spin_unlock+0x4d/0x240
[   97.646268][ T5850]  f2fs_sync_dirty_inodes+0x31f/0x830
[   97.646281][ T5850]  f2fs_write_checkpoint+0x95a/0x1df0
[   97.646296][ T5850]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[   97.646347][ T5850]  ? kill_f2fs_super+0x298/0x6c0
[   97.646358][ T5850]  kill_f2fs_super+0x2c3/0x6c0
[   97.646367][ T5850]  ? __pfx_kill_f2fs_super+0x10/0x10
[   97.646372][ T5850]  ? radix_tree_delete_item+0x2b6/0x400
[   97.646385][ T5850]  ? shrinker_free+0x2ce/0x3e0
[   97.646393][ T5850]  deactivate_locked_super+0xbc/0x130
[   97.646402][ T5850]  cleanup_mnt+0x425/0x4c0
[   97.646410][ T5850]  ? lockdep_hardirqs_on+0x9c/0x150
[   97.646421][ T5850]  task_work_run+0x1d4/0x260
[   97.646430][ T5850]  ? __pfx_task_work_run+0x10/0x10
[   97.646438][ T5850]  ? __x64_sys_umount+0x122/0x160
[   97.646449][ T5850]  ? exit_to_user_mode_loop+0x40/0x110
[   97.646460][ T5850]  exit_to_user_mode_loop+0xec/0x110
[   97.646470][ T5850]  do_syscall_64+0x2bd/0x3b0
[   97.646475][ T5850]  ? lockdep_hardirqs_on+0x9c/0x150
[   97.646485][ T5850]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.646491][ T5850]  ? exc_page_fault+0x9f/0xf0
[   97.646501][ T5850]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   97.646509][ T5850] RIP: 0033:0x7fd488b8ff17
[   97.646516][ T5850] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[   97.646522][ T5850] RSP: 002b:00007ffee2e41e88 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   97.646531][ T5850] RAX: 0000000000000000 RBX: 00007fd488c11c05 RCX: 00007fd488b8ff17
[   97.646535][ T5850] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffee2e41f40
[   97.646539][ T5850] RBP: 00007ffee2e41f40 R08: 000000000000c088 R09: 0000000000000000
[   97.646543][ T5850] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffee2e42fd0
[   97.646547][ T5850] R13: 00007fd488c11c05 R14: 0000000000017cb4 R15: 00007ffee2e43010
[   97.646558][ T5850]  </TASK>
[   97.646561][ T5850] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[   97.662419][ T6893] loop2: detected capacity change from 0 to 32768
[   97.809235][ T6893] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[   97.822427][ T6893] XFS (loop2): Ending clean mount
[   97.848342][ T5853] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[   98.028437][ T6917] program syz.0.359 is using a deprecated SCSI ioctl, please convert it to SG_IO
[   98.140248][ T6927] loop0: detected capacity change from 0 to 4096
[   98.146467][ T6927] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512).
[   98.180619][ T6927] ntfs3(loop0): Failed to initialize $Extend/$Reparse.
[   98.237098][ T6931] netlink: 28 bytes leftover after parsing attributes in process `syz.2.367'.
[   98.240628][ T6931] netlink: 28 bytes leftover after parsing attributes in process `syz.2.367'.
[   98.248385][ T6931] ip6gretap0: entered promiscuous mode
[   98.251095][ T6931] syz_tun: entered promiscuous mode
[   98.297916][ T6933] binder: 6932:6933 ioctl c018620c 200000000040 returned -22
[   98.337094][ T6935] loop2: detected capacity change from 0 to 2048
[   98.364514][ T6935] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   98.416106][ T6935] Invalid ELF header magic: != ELF
[   98.433024][   T33] audit: type=1804 audit(1756996423.442:10): pid=6935 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.369" name="/newroot/141/file1/bus" dev="loop2" ino=18 res=1 errno=0
[   98.445852][   T33] audit: type=1800 audit(1756996423.442:11): pid=6935 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.369" name="bus" dev="loop2" ino=18 res=0 errno=0
[   98.461992][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.813087][   T10] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[   98.975035][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   98.987555][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   99.001526][   T10] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[   99.017771][   T10] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[   99.025801][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   99.137198][   T10] usb 3-1: config 0 descriptor??
[   99.568349][   T10] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[   99.633426][ T6965] loop3: detected capacity change from 0 to 32768
[   99.646095][ T6965] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   99.687189][ T6965] XFS (loop3): Ending clean mount
[   99.695106][ T6965] XFS (loop3): Quotacheck needed: Please wait.
[   99.727159][ T6965] XFS (loop3): Quotacheck: Done.
[   99.780151][ T5990] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  100.379076][ T6988] netlink: 4 bytes leftover after parsing attributes in process `syz.0.387'.
[  100.915513][ T6990] netlink: 8 bytes leftover after parsing attributes in process `syz.3.388'.
[  100.972493][ T6992] kernel profiling enabled (shift: 9)
[  101.154520][ T6994] loop3: detected capacity change from 0 to 32768
[  101.165257][ T6994] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.390 (6994)
[  101.193552][ T6994] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  101.198000][ T6994] BTRFS info (device loop3): using crc32c (crc32c-lib) checksum algorithm
[  101.245184][ T6994] BTRFS info (device loop3): rebuilding free space tree
[  101.255033][ T6994] BTRFS info (device loop3): allowing degraded mounts
[  101.257888][ T6994] BTRFS info (device loop3): enabling ssd optimizations
[  101.260795][ T6994] BTRFS info (device loop3): enabling free space tree
[  101.264010][ T6994] BTRFS info (device loop3): force clearing of disk cache
[  101.267132][ T6994] BTRFS info (device loop3): use zstd compression, level 3
[  101.270213][ T6994] BTRFS info (device loop3): max_inline set to 0
[  101.391182][ T5990] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  101.598389][ T7019] sctp: [Deprecated]: syz.3.391 (pid 7019) Use of int in maxseg socket option.
[  101.598389][ T7019] Use struct sctp_assoc_value instead
[  101.657252][ T5880] usb 3-1: USB disconnect, device number 8
[  101.772857][ T5909] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  101.798413][   T33] audit: type=1326 audit(1756996426.842:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7026 comm="syz.3.398" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa3aa58ebe9 code=0x7ffc0000
[  101.813088][   T33] audit: type=1326 audit(1756996426.842:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7026 comm="syz.3.398" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa3aa58ebe9 code=0x7ffc0000
[  101.835032][   T33] audit: type=1326 audit(1756996426.852:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7026 comm="syz.3.398" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa3aa58ebe9 code=0x7ffc0000
[  101.863007][   T33] audit: type=1326 audit(1756996426.852:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7026 comm="syz.3.398" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa3aa58ebe9 code=0x7ffc0000
[  101.880588][   T33] audit: type=1326 audit(1756996426.852:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7026 comm="syz.3.398" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa3aa58ebe9 code=0x7ffc0000
[  101.889339][   T33] audit: type=1326 audit(1756996426.852:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7026 comm="syz.3.398" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa3aa58ebe9 code=0x7ffc0000
[  101.912439][   T33] audit: type=1326 audit(1756996426.852:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7026 comm="syz.3.398" exe="/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fa3aa58ebe9 code=0x7ffc0000
[  101.944103][ T5909] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  101.947801][ T5909] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  101.953768][ T5909] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  101.958113][ T5909] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  101.961164][ T5909] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  101.981842][ T5909] usb 1-1: config 0 descriptor??
[  102.089096][ T7047] loop3: detected capacity change from 0 to 256
[  102.097110][ T7047] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d)
[  102.175756][ T7049] loop3: detected capacity change from 0 to 512
[  102.181489][ T7049] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  102.239183][ T7049] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c842e02c, mo2=0002]
[  102.242540][ T7049] EXT4-fs (loop3): orphan cleanup on readonly fs
[  102.252779][ T7049] EXT4-fs error (device loop3): ext4_orphan_get:1418: comm syz.3.408: bad orphan inode 267
[  102.260995][ T7049] EXT4-fs (loop3): Remounting filesystem read-only
[  102.267777][ T7049] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none.
[  102.277107][ T7049] EXT4-fs warning (device loop3): dx_probe:861: inode #2: comm syz.3.408: dx entry: limit 0 != root limit 125
[  102.281422][ T7049] EXT4-fs warning (device loop3): dx_probe:934: inode #2: comm syz.3.408: Corrupt directory, running e2fsck is recommended
[  102.596966][ T5990] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  102.616765][ T5909] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  102.961877][ T7059] loop3: detected capacity change from 0 to 4096
[  102.965106][ T7059] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512).
[  102.978799][ T7059] ntfs3(loop3): Failed to load $Extend (-22).
[  102.981014][ T7059] ntfs3(loop3): Failed to initialize $Extend.
[  103.276960][ T7069] loop3: detected capacity change from 0 to 2048
[  103.308039][ T7069] NILFS (loop3): invalid segment: Sequence number mismatch
[  103.319702][ T7069] NILFS (loop3): trying rollback from an earlier position
[  103.338335][ T7069] NILFS (loop3): recovery complete
[  103.350938][ T7074] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  103.419095][ T7076] input: syz1 as /devices/virtual/input/input5
[  103.475614][ T7078] loop3: detected capacity change from 0 to 4096
[  103.484403][ T7078] ntfs3(loop3): ino=3, Correct links count -> 2.
[  103.510331][ T7078] ntfs3(loop3): ino=1a, mi_enum_attr
[  103.512446][ T7078] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  103.516292][ T7078] ntfs3(loop3): Failed to load root (-22).
[  104.469036][ T7089] loop2: detected capacity change from 0 to 16
[  104.480531][ T7089] erofs (device loop2): mounted with root inode @ nid 36.
[  104.634826][ T7091] bridge0: port 2(bridge_slave_1) entered disabled state
[  104.637580][ T7091] bridge0: port 1(bridge_slave_0) entered disabled state
[  104.695423][ T7091] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  104.701723][ T7091] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  104.771561][   T13] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  104.776521][   T13] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  104.779753][   T13] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  104.783915][   T13] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  104.853291][ T5909] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  105.024433][ T5909] usb 4-1: Using ep0 maxpacket: 16
[  105.028016][ T5909] usb 4-1: config 1 has an invalid interface number: 105 but max is 0
[  105.031136][ T5909] usb 4-1: config 1 has no interface number 0
[  105.034362][ T5909] usb 4-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  105.038409][ T5909] usb 4-1: config 1 interface 105 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  105.042227][ T5909] usb 4-1: config 1 interface 105 has no altsetting 0
[  105.047471][ T5909] usb 4-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d
[  105.050834][ T5909] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  105.056048][ T5909] usb 4-1: Product: syz
[  105.057669][ T5909] usb 4-1: Manufacturer: syz
[  105.062830][ T5909] usb 4-1: SerialNumber: syz
[  105.082404][ T7093] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  105.087277][ T7093] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  105.173140][   T47] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  105.321872][ T5909] aqc111 4-1:1.105: probe with driver aqc111 failed with error -71
[  105.332856][   T47] usb 3-1: Using ep0 maxpacket: 32
[  105.341936][ T5909] usb 4-1: USB disconnect, device number 8
[  105.345622][   T95] usb 1-1: USB disconnect, device number 8
[  105.378083][   T47] usb 3-1: config 0 has an invalid interface number: 172 but max is 0
[  105.381465][   T47] usb 3-1: config 0 has no interface number 0
[  105.401537][   T47] usb 3-1: config 0 interface 172 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  105.412534][   T47] usb 3-1: New USB device found, idVendor=06f8, idProduct=301b, bcdDevice=bb.39
[  105.420321][   T47] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  105.714393][   T47] usb 3-1: Product: syz
[  105.716106][   T47] usb 3-1: Manufacturer: syz
[  105.717949][   T47] usb 3-1: SerialNumber: syz
[  105.722501][   T47] usb 3-1: config 0 descriptor??
[  105.731029][   T47] gspca_main: gspca_pac7302-2.14.0 probing 06f8:301b
[  106.240063][ T7124] netlink: 4 bytes leftover after parsing attributes in process `syz.3.439'.
[  106.535327][ T7132] loop0: detected capacity change from 0 to 512
[  106.546743][   T47] input: gspca_pac7302 as /devices/platform/dummy_hcd.2/usb3/3-1/input/input6
[  106.547448][ T7132] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2
[  106.567445][ T7132] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -2
[  106.602302][ T7132] EXT4-fs (loop0): 1 truncate cleaned up
[  106.611072][ T7132] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  106.665225][ T5850] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  106.699484][ T7142] loop0: detected capacity change from 0 to 8
[  106.781382][   T47] usb 3-1: USB disconnect, device number 9
[  106.817046][ T7147] loop0: detected capacity change from 0 to 128
[  106.820853][ T7147] EXT4-fs: Ignoring removed nobh option
[  106.842099][ T7147] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  106.852154][ T7147] ext4 filesystem being mounted at /145/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  107.029316][   T33] kauditd_printk_skb: 21 callbacks suppressed
[  107.029325][   T33] audit: type=1800 audit(1756996432.072:40): pid=7147 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.447" name="file1" dev="loop0" ino=12 res=0 errno=0
[  107.059122][ T5850] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  107.365025][ T7156] loop0: detected capacity change from 0 to 40427
[  107.376586][ T7156] F2FS-fs (loop0): invalid crc value
[  107.445953][ T7156] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  107.449678][ T7156] F2FS-fs (loop0): Start checkpoint disabled!
[  107.458391][ T7156] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  107.848505][ T7171] capability: warning: `syz.3.455' uses 32-bit capabilities (legacy support in use)
[  108.088114][   T27] kworker/u10:0: attempt to access beyond end of device
[  108.088114][   T27] loop0: rw=1, sector=45096, nr_sectors = 8 limit=40427
[  108.114629][   T27] kworker/u10:0: attempt to access beyond end of device
[  108.114629][   T27] loop0: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  108.141298][   T27] CPU: 1 UID: 0 PID: 27 Comm: kworker/u10:0 Not tainted syzkaller #0 PREEMPT(full) 
[  108.141315][   T27] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  108.141323][   T27] Workqueue: writeback wb_workfn (flush-7:0)
[  108.141342][   T27] Call Trace:
[  108.141348][   T27]  <TASK>
[  108.141353][   T27]  dump_stack_lvl+0x189/0x250
[  108.141373][   T27]  ? __pfx_dump_stack_lvl+0x10/0x10
[  108.141387][   T27]  ? __pfx_queue_work_on+0x10/0x10
[  108.141398][   T27]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  108.141413][   T27]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  108.141437][   T27]  f2fs_handle_critical_error+0x37c/0x540
[  108.141458][   T27]  f2fs_write_end_io+0x886/0xb60
[  108.141483][   T27]  __submit_merged_bio+0x27a/0x6a0
[  108.141504][   T27]  __submit_merged_write_cond+0x255/0x530
[  108.141525][   T27]  f2fs_write_data_pages+0x261d/0x3000
[  108.141566][   T27]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  108.141593][   T27]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  108.141631][   T27]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  108.141656][   T27]  ? trace_f2fs_writepages+0x7f/0x200
[  108.141672][   T27]  ? f2fs_write_node_pages+0x478/0x6e0
[  108.141692][   T27]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  108.141712][   T27]  ? __lock_acquire+0xab9/0xd20
[  108.141732][   T27]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  108.141749][   T27]  do_writepages+0x32e/0x550
[  108.141770][   T27]  ? reacquire_held_locks+0x127/0x1d0
[  108.141781][   T27]  ? writeback_sb_inodes+0x384/0x1010
[  108.141801][   T27]  __writeback_single_inode+0x145/0xff0
[  108.141816][   T27]  ? do_raw_spin_unlock+0x4d/0x240
[  108.141833][   T27]  writeback_sb_inodes+0x6c7/0x1010
[  108.141866][   T27]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  108.141910][   T27]  ? rcu_is_watching+0x15/0xb0
[  108.141929][   T27]  wb_writeback+0x43b/0xaf0
[  108.141949][   T27]  ? queue_io+0x331/0x590
[  108.141966][   T27]  ? __pfx_wb_writeback+0x10/0x10
[  108.141986][   T27]  ? _raw_spin_unlock_irq+0x23/0x50
[  108.142005][   T27]  wb_workfn+0x409/0xef0
[  108.142027][   T27]  ? __pfx_wb_workfn+0x10/0x10
[  108.142043][   T27]  ? __lock_acquire+0xab9/0xd20
[  108.142067][   T27]  ? process_scheduled_works+0x9ef/0x17b0
[  108.142083][   T27]  ? _raw_spin_unlock_irq+0x23/0x50
[  108.142097][   T27]  ? process_scheduled_works+0x9ef/0x17b0
[  108.142107][   T27]  ? process_scheduled_works+0x9ef/0x17b0
[  108.142119][   T27]  process_scheduled_works+0xae1/0x17b0
[  108.142152][   T27]  ? __pfx_process_scheduled_works+0x10/0x10
[  108.142176][   T27]  worker_thread+0x8a0/0xda0
[  108.142214][   T27]  kthread+0x711/0x8a0
[  108.142258][   T27]  ? __pfx_worker_thread+0x10/0x10
[  108.142269][   T27]  ? __pfx_kthread+0x10/0x10
[  108.142285][   T27]  ? _raw_spin_unlock_irq+0x23/0x50
[  108.142299][   T27]  ? lockdep_hardirqs_on+0x9c/0x150
[  108.142314][   T27]  ? __pfx_kthread+0x10/0x10
[  108.142329][   T27]  ret_from_fork+0x3fc/0x770
[  108.142344][   T27]  ? __pfx_ret_from_fork+0x10/0x10
[  108.142360][   T27]  ? __switch_to_asm+0x39/0x70
[  108.142374][   T27]  ? __switch_to_asm+0x33/0x70
[  108.142387][   T27]  ? __pfx_kthread+0x10/0x10
[  108.142401][   T27]  ret_from_fork_asm+0x1a/0x30
[  108.142427][   T27]  </TASK>
[  108.142433][   T27] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  108.238326][ T7173] loop2: detected capacity change from 0 to 40427
[  108.318183][ T7173] F2FS-fs (loop2): Invalid Fs Meta Ino: node(0) meta(2) root(0)
[  108.340979][ T7173] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  108.346925][ T7173] F2FS-fs (loop2): invalid crc value
[  108.435464][ T7173] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  108.446512][ T7173] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  108.449114][ T7173] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  108.656878][ T7185] ref_ctr going negative. vaddr: 0x200000ffc002, curr val: -29824, delta: 1
[  108.660017][ T7185] ref_ctr increment failed for inode: 0x2d3 offset: 0x5 ref_ctr_offset: 0x2 of mm: 0xffff88810ef55600
[  108.694858][   T33] audit: type=1804 audit(1756996433.692:41): pid=7185 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.460" name="/newroot/133/file0" dev="tmpfs" ino=723 res=1 errno=0
[  108.882349][ T7189] program syz.0.462 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  108.932126][ T7193] loop0: detected capacity change from 0 to 1024
[  108.976199][ T7193] hfsplus: b-tree write err: -5, ino 3
[  109.343468][ T7213] bridge0: entered allmulticast mode
[  109.423921][ T5880] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  109.487771][ T7209] loop2: detected capacity change from 0 to 32768
[  109.531198][ T7209] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  109.590755][ T5880] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  109.595950][ T5880] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  109.601674][ T5880] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  109.612869][ T5880] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  109.639406][ T5880] usb 1-1: config 0 descriptor??
[  109.667187][ T5853] ocfs2: Unmounting device (7,2) on (node local)
[  109.851440][ T7225] netlink: 16 bytes leftover after parsing attributes in process `syz.2.477'.
[  110.195777][ T7231] netlink: 12 bytes leftover after parsing attributes in process `syz.2.480'.
[  111.049158][ T7243] batadv_slave_1: entered promiscuous mode
[  111.056141][ T7242] batadv_slave_1: left promiscuous mode
[  111.080457][ T5880] uclogic 0003:256C:006D.0005: v1 frame probing failed: -71
[  111.088288][ T5880] uclogic 0003:256C:006D.0005: failed probing parameters: -71
[  111.091437][ T5880] uclogic 0003:256C:006D.0005: probe with driver uclogic failed with error -71
[  111.101006][ T7245] netlink: 204 bytes leftover after parsing attributes in process `syz.2.487'.
[  111.105768][ T7245] netlink: 72 bytes leftover after parsing attributes in process `syz.2.487'.
[  111.110390][ T7245] netlink: 24 bytes leftover after parsing attributes in process `syz.2.487'.
[  111.111302][ T5880] usb 1-1: USB disconnect, device number 9
[  111.220559][ T7251] loop2: detected capacity change from 0 to 512
[  111.226875][ T7251] EXT4-fs: Ignoring removed nobh option
[  111.253343][ T7251] fscrypt (loop2, inode 2): Error -61 getting encryption context
[  111.257504][ T7251] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -61
[  111.260538][ T7251] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #13: comm syz.2.490: casefold flag without casefold feature
[  111.266647][ T7251] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.490: couldn't read orphan inode 13 (err -117)
[  111.275388][ T7251] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  111.304939][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.358460][ T7256] netlink: 320 bytes leftover after parsing attributes in process `syz.2.491'.
[  111.394575][ T7258] netlink: 'syz.3.492': attribute type 1 has an invalid length.
[  111.435917][ T7262] loop3: detected capacity change from 0 to 1024
[  111.446240][ T7262] EXT4-fs: Ignoring removed nobh option
[  111.448457][ T7262] EXT4-fs: Ignoring removed bh option
[  111.467562][ T7262] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  111.540951][ T5990] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.787222][ T7272] loop2: detected capacity change from 0 to 32768
[  111.803836][ T7272] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.498 (7272)
[  111.836696][ T7272] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  111.841006][ T7272] BTRFS info (device loop2): using crc32c (crc32c-lib) checksum algorithm
[  111.882812][ T7272] workqueue: max_active 59106 requested for btrfs-worker is out of range, clamping between 1 and 2048
[  111.893998][ T7272] workqueue: max_active 59106 requested for btrfs-delalloc is out of range, clamping between 1 and 2048
[  111.917607][ T7272] workqueue: max_active 59106 requested for btrfs-endio is out of range, clamping between 1 and 2048
[  111.928835][ T7272] workqueue: max_active 59106 requested for btrfs-endio-meta is out of range, clamping between 1 and 2048
[  111.954343][ T7272] workqueue: max_active 59106 requested for btrfs-rmw is out of range, clamping between 1 and 2048
[  111.962787][ T7272] workqueue: max_active 59106 requested for btrfs-endio-write is out of range, clamping between 1 and 2048
[  111.984914][ T7272] workqueue: max_active 59106 requested for btrfs-compressed-write is out of range, clamping between 1 and 2048
[  111.987705][ T7299] loop3: detected capacity change from 0 to 8
[  112.038921][ T7272] BTRFS info (device loop2): setting nodatasum
[  112.041568][ T7272] BTRFS info (device loop2): turning on async discard
[  112.049676][ T7272] BTRFS info (device loop2): enabling free space tree
[  112.051989][ T7272] BTRFS info (device loop2): max_inline set to 4096
[  112.068634][ T7272] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  112.146068][ T7309] loop3: detected capacity change from 0 to 512
[  112.175854][   T95] usb 1-1: new full-speed USB device number 10 using dummy_hcd
[  112.195473][ T7309] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  112.205465][ T7309] ext4 filesystem being mounted at /148/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  112.289593][ T5990] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.355151][   T95] usb 1-1: unable to get BOS descriptor or descriptor too short
[  112.359084][   T95] usb 1-1: not running at top speed; connect to a high speed hub
[  112.382770][   T95] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  112.390828][   T95] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  112.398457][   T95] usb 1-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  112.401525][   T95] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  112.411780][   T95] usb 1-1: Product: syz
[  112.413886][   T95] usb 1-1: Manufacturer: syz
[  112.415491][   T95] usb 1-1: SerialNumber: syz
[  112.559260][ T7315] loop2: detected capacity change from 0 to 32768
[  112.583856][ T7315] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  112.607505][ T7315] XFS (loop2): Ending clean mount
[  112.614316][ T7315] XFS (loop2): Quotacheck needed: Please wait.
[  112.636206][   T95] usb 1-1: 0:2 : does not exist
[  112.641909][ T7315] XFS (loop2): Quotacheck: Done.
[  112.649450][   T95] usb 1-1: USB disconnect, device number 10
[  112.670062][ T5853] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  112.961566][ T7342] binder: 7338:7342 ioctl 4018620d 0 returned -22
[  112.977964][ T7342] binder: 7338:7342 ioctl c0306201 0 returned -14
[  113.469379][ T7346] loop2: detected capacity change from 0 to 32768
[  113.484828][ T7346] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.520 (7346)
[  113.539298][ T7346] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  113.556012][ T7346] BTRFS info (device loop2): using crc32c (crc32c-lib) checksum algorithm
[  113.739480][ T7346] BTRFS info (device loop2): setting nodatasum
[  113.741573][ T7346] BTRFS info (device loop2): setting nodatacow
[  113.749265][ T7346] BTRFS info (device loop2): enabling free space tree
[  113.751553][ T7346] BTRFS info (device loop2): max_inline set to 0
[  113.944675][ T5853] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  114.243800][ T7378] loop0: detected capacity change from 0 to 40427
[  114.248286][ T7378] F2FS-fs (loop0): Fix alignment : done, start(4096) end(16896) block(12288)
[  114.251397][ T7378] F2FS-fs (loop0): build fault injection rate: 771
[  114.258285][ T7378] F2FS-fs (loop0): invalid crc value
[  114.314532][ T7378] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  114.324321][ T7378] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  114.562508][ T7403] netlink: 4 bytes leftover after parsing attributes in process `syz.2.538'.
[  114.641675][ T7407] 9pnet: p9_errstr2errno: server reported unknown error 1844674407
[  114.656501][ T7409] loop0: detected capacity change from 0 to 256
[  114.675649][ T7411] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  114.739335][ T7415] loop0: detected capacity change from 0 to 128
[  115.844940][ T7427] loop2: detected capacity change from 0 to 32768
[  115.848271][ T7427] XFS: noikeep mount option is deprecated.
[  115.906279][ T7427] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  115.932131][ T7427] XFS (loop2): Ending clean mount
[  115.936668][ T7427] XFS (loop2): Quotacheck needed: Please wait.
[  115.963790][ T7427] XFS (loop2): Quotacheck: Done.
[  116.314112][ T5853] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  116.761835][ T7451] loop6: detected capacity change from 0 to 2576
[  116.782348][ T7451] buffer_io_error: 25 callbacks suppressed
[  116.782361][ T7451] Buffer I/O error on dev loop6, logical block 0, async page read
[  116.791224][ T7451] Buffer I/O error on dev loop6, logical block 0, async page read
[  116.794943][ T7451] Buffer I/O error on dev loop6, logical block 0, async page read
[  116.798254][ T7451] Buffer I/O error on dev loop6, logical block 0, async page read
[  116.801618][ T7451] Buffer I/O error on dev loop6, logical block 0, async page read
[  116.810372][ T7451] Buffer I/O error on dev loop6, logical block 0, async page read
[  116.842090][ T7451] Buffer I/O error on dev loop6, logical block 0, async page read
[  116.852107][ T7456] 9pnet: Limiting 'msize' to 1048576 as this is the maximum supported by transport fd
[  116.866294][ T7451] Buffer I/O error on dev loop6, logical block 0, async page read
[  116.887847][ T7451] ldm_validate_partition_table(): Disk read failed.
[  116.890684][ T7451] Buffer I/O error on dev loop6, logical block 0, async page read
[  116.896614][ T7451] Buffer I/O error on dev loop6, logical block 0, async page read
[  116.908242][ T7451] Dev loop6: unable to read RDB block 0
[  116.917441][ T7451]  loop6: unable to read partition table
[  116.954853][ T7451] loop_reread_partitions: partition scan of loop6 (3) failed (rc=-5)
[  116.971738][ T5295] ldm_validate_partition_table(): Disk read failed.
[  116.988653][ T5295] Dev loop6: unable to read RDB block 0
[  116.991362][ T5295]  loop6: unable to read partition table
[  117.078523][ T7466] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration
[  117.159451][ T7470] loop0: detected capacity change from 0 to 1024
[  117.276242][ T7472] netlink: 44 bytes leftover after parsing attributes in process `syz.3.562'.
[  117.280349][ T7472] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[  117.582862][  T794] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  117.767254][  T794] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  117.772304][  T794] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  117.778560][  T794] usb 4-1: New USB device found, idVendor=1223, idProduct=3f07, bcdDevice= 0.00
[  117.784524][  T794] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  117.790463][  T794] usb 4-1: config 0 descriptor??
[  117.966546][ T7478] loop2: detected capacity change from 0 to 2048
[  118.039024][ T7478] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  118.043168][ T7478] ext4 filesystem being mounted at /214/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  118.050110][   T26] hfsplus: b-tree write err: -5, ino 4
[  118.077611][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.208456][  T794] ortek 0003:1223:3F07.0006: unknown main item tag 0x6
[  118.211329][  T794] ortek 0003:1223:3F07.0006: report_id 29495 is invalid
[  118.225891][  T794] ortek 0003:1223:3F07.0006: item 0 2 1 8 parsing failed
[  118.229237][  T794] ortek 0003:1223:3F07.0006: probe with driver ortek failed with error -22
[  118.299674][ T7487] loop2: detected capacity change from 0 to 40427
[  118.313616][ T7487] F2FS-fs (loop2): invalid crc value
[  118.360927][ T7487] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  118.371617][ T7487] F2FS-fs (loop2): Start checkpoint disabled!
[  118.384576][ T7487] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  118.425708][   T95] usb 4-1: USB disconnect, device number 9
[  118.458513][ T7499] loop0: detected capacity change from 0 to 512
[  118.479911][ T7499] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a843e018, mo2=0002]
[  118.483035][ T7499] System zones: 1-12
[  118.485013][ T7499] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #11: comm syz.0.572: invalid indirect mapped block 8 (level 2)
[  118.494702][ T7499] EXT4-fs (loop0): 1 truncate cleaned up
[  118.497298][ T7499] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  118.518427][ T5850] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.832197][ T7515] trusted_key: encrypted_key: key user:syz not found
[  119.104115][   T54] Bluetooth: hci0: command tx timeout
[  120.524457][ T7533] loop0: detected capacity change from 0 to 512
[  120.538920][ T7533] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  120.549242][ T7533] EXT4-fs (loop0): 1 truncate cleaned up
[  120.562778][ T7533] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  120.587464][ T7533] EXT4-fs error (device loop0): ext4_get_verity_descriptor_location:298: inode #15: comm syz.0.588: verity file has no extents
[  120.603642][ T7533] fs-verity (loop0, inode 15): Error -117 getting verity descriptor size
[  120.670393][ T5850] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.191795][ T7571] syz.3.605 (7571) used greatest stack depth: 19352 bytes left
[  121.219686][ T7555] loop0: detected capacity change from 0 to 32768
[  121.223571][ T7555] XFS: ikeep mount option is deprecated.
[  121.305416][ T7555] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  121.328008][ T7555] XFS (loop0): Ending clean mount
[  121.699634][ T5850] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  122.154699][ T7607] netlink: 'syz.2.617': attribute type 2 has an invalid length.
[  122.561241][ T7631] netlink: 8 bytes leftover after parsing attributes in process `syz.2.623'.
[  122.817276][ T7643] loop2: detected capacity change from 0 to 32768
[  122.830501][ T7643] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.629 (7643)
[  122.845178][ T7643] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  122.853085][ T7643] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm
[  122.914768][ T7643] BTRFS info (device loop2): enabling ssd optimizations
[  122.917257][ T7643] BTRFS info (device loop2): enabling free space tree
[  123.033907][ T5853] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  123.421917][ T7678] loop3: detected capacity change from 0 to 32768
[  123.426225][ T7678] XFS (loop3): stripe width (9) must be a multiple of the stripe unit (38034)
[  123.473358][   T95] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  123.626390][   T95] usb 3-1: New USB device found, idVendor=0bda, idProduct=0177, bcdDevice=7d.0b
[  123.630565][   T95] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  123.643173][   T95] usb 3-1: config 0 descriptor??
[  123.660868][   T95] ums-realtek 3-1:0.0: USB Mass Storage device detected
[  123.847324][ T7685] loop3: detected capacity change from 0 to 32768
[  123.859595][ T7685] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  123.862235][   T95] usb 3-1: USB disconnect, device number 10
[  123.885636][ T7685] XFS (loop3): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x50.
[  123.895953][ T7685] XFS (loop3): Ending clean mount
[  123.928808][ T5990] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  124.099253][ T7709] loop0: detected capacity change from 0 to 1024
[  124.110102][   T33] audit: type=1326 audit(1756996449.152:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7710 comm="syz.3.646" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa3aa58ebe9 code=0x0
[  124.154887][   T32] hfsplus: b-tree write err: -5, ino 4
[  124.522863][  T794] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  124.610481][   T95] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  124.672743][  T794] usb 4-1: Using ep0 maxpacket: 16
[  124.676580][  T794] usb 4-1: config 0 has an invalid interface number: 251 but max is 0
[  124.679945][  T794] usb 4-1: config 0 has no interface number 0
[  124.682500][  T794] usb 4-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16
[  124.688851][  T794] usb 4-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64
[  124.695959][  T794] usb 4-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[  124.700098][  T794] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  124.706976][  T794] usb 4-1: Product: syz
[  124.708697][  T794] usb 4-1: Manufacturer: syz
[  124.710667][  T794] usb 4-1: SerialNumber: syz
[  124.716172][  T794] usb 4-1: config 0 descriptor??
[  124.718922][ T7721] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  124.722015][ T7721] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  124.904712][   T95] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  124.909117][   T95] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  124.917009][   T95] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  124.920953][   T95] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  124.924691][   T95] usb 1-1: Product: syz
[  124.926542][   T95] usb 1-1: Manufacturer: syz
[  124.928634][   T95] usb 1-1: SerialNumber: syz
[  124.935933][ T7721] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  124.937664][   T95] cdc_mbim 1-1:1.0: skipping garbage
[  124.945769][ T7721] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  125.238918][ T7727] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  125.374841][  T794] asix 4-1:0.251 (unnamed net_device) (uninitialized): Interface mode not supported by driver
[  125.388741][  T794] asix 4-1:0.251: probe with driver asix failed with error -524
[  125.577683][  T794] usb 4-1: USB disconnect, device number 10
[  125.850896][ T7727] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  125.862375][   T95] cdc_mbim 1-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048
[  125.865673][   T95] cdc_mbim 1-1:1.0: setting rx_max = 2048
[  126.054484][   T95] cdc_mbim 1-1:1.0: setting tx_max = 184
[  126.064706][   T95] cdc_mbim 1-1:1.0: cdc-wdm0: USB WDM device
[  126.075641][   T95] wwan wwan0: port wwan0mbim0 attached
[  126.089886][   T95] cdc_mbim 1-1:1.0 wwan0: register 'cdc_mbim' at usb-dummy_hcd.0-1, CDC MBIM, 52:a2:88:7c:96:76
[  126.100369][   T95] usb 1-1: USB disconnect, device number 11
[  126.113658][   T95] cdc_mbim 1-1:1.0 wwan0: unregister 'cdc_mbim' usb-dummy_hcd.0-1, CDC MBIM
[  126.228232][   T95] wwan wwan0: port wwan0mbim0 disconnected
[  126.445393][ T7759] Bluetooth: hci1: Opcode 0x080f failed: -4
[  126.542433][ T7763] sctp: [Deprecated]: syz.3.673 (pid 7763) Use of int in maxseg socket option.
[  126.542433][ T7763] Use struct sctp_assoc_value instead
[  127.212833][  T794] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  127.424722][  T794] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  127.428694][  T794] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  127.431872][  T794] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  127.435894][  T794] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  127.441214][ T7767] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  127.450005][  T794] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[  127.670240][  T794] usb 1-1: USB disconnect, device number 12
[  128.042861][ T5909] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  128.192805][ T5909] usb 4-1: Using ep0 maxpacket: 16
[  128.197024][ T5909] usb 4-1: config 0 has an invalid interface number: 41 but max is 0
[  128.200395][ T5909] usb 4-1: config 0 has no interface number 0
[  128.203088][ T5909] usb 4-1: config 0 interface 41 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  128.207238][ T5909] usb 4-1: config 0 interface 41 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  128.211217][ T5909] usb 4-1: config 0 interface 41 has no altsetting 0
[  128.216762][ T5909] usb 4-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[  128.221011][ T5909] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  128.224724][ T5909] usb 4-1: Product: syz
[  128.226528][ T5909] usb 4-1: Manufacturer: syz
[  128.228504][ T5909] usb 4-1: SerialNumber: syz
[  128.235382][ T5909] usb 4-1: config 0 descriptor??
[  128.241795][ T7787] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  128.245019][   T24] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  128.248969][ T7787] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  128.419703][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  128.424329][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  128.428128][   T24] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  128.434278][   T24] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  128.437855][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  128.447110][   T24] usb 3-1: config 0 descriptor??
[  128.457188][ T5909] CoreChips 4-1:0.41: probe with driver CoreChips failed with error -71
[  128.469663][ T5909] usb 4-1: USB disconnect, device number 11
[  128.472773][   T54] Bluetooth: hci1: command 0x080f tx timeout
[  128.652770][  T794] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  128.802744][  T794] usb 1-1: Using ep0 maxpacket: 32
[  128.807217][  T794] usb 1-1: config 4 has an invalid interface number: 228 but max is 0
[  128.810760][  T794] usb 1-1: config 4 has no interface number 0
[  128.814299][  T794] usb 1-1: config 4 interface 228 altsetting 68 endpoint 0x7 has invalid wMaxPacketSize 0
[  128.818462][  T794] usb 1-1: config 4 interface 228 has no altsetting 0
[  128.823610][  T794] usb 1-1: New USB device found, idVendor=0499, idProduct=a9a2, bcdDevice=c4.e8
[  128.827364][  T794] usb 1-1: New USB device strings: Mfr=1, Product=25, SerialNumber=3
[  128.830702][  T794] usb 1-1: Product: syz
[  128.833031][  T794] usb 1-1: Manufacturer: syz
[  128.835067][  T794] usb 1-1: SerialNumber: syz
[  128.858576][   T24] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  128.869188][   T24] plantronics 0003:047F:FFFF.0007: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  129.074957][ T7797] bond1: entered promiscuous mode
[  129.077146][ T7797] bond1: entered allmulticast mode
[  129.079838][ T7797] 8021q: adding VLAN 0 to HW filter on device bond1
[  129.088562][  T794] usb 1-1: USB disconnect, device number 13
[  129.105126][ T6085] udevd[6085]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:4.228/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  129.218268][ T7804] netlink: 'syz.3.691': attribute type 1 has an invalid length.
[  129.221287][ T7804] netlink: 232 bytes leftover after parsing attributes in process `syz.3.691'.
[  129.224911][ T7804] netlink: 8 bytes leftover after parsing attributes in process `syz.3.691'.
[  129.309425][ T7808] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  130.204212][   T10] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  130.367455][   T10] usb 1-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  130.371764][   T10] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  130.375124][   T10] usb 1-1: Product: syz
[  130.376966][   T10] usb 1-1: Manufacturer: syz
[  130.379016][   T10] usb 1-1: SerialNumber: syz
[  130.384184][   T10] usb 1-1: config 0 descriptor??
[  130.394401][   T10] ch341 1-1:0.0: ch341-uart converter detected
[  131.174670][ T5909] usb 3-1: USB disconnect, device number 11
[  131.280271][ T7847] loop2: detected capacity change from 0 to 32768
[  131.326535][ T7847] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  131.370596][ T7847] XFS (loop2): Ending clean mount
[  131.427572][   T10] ch341-uart ttyUSB0: failed to read break control: -71
[  131.439823][ T5853] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  131.443669][   T10] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71
[  131.457070][   T10] usb 1-1: USB disconnect, device number 14
[  131.461301][   T10] ch341 1-1:0.0: device disconnected
[  131.567566][ T7863] netlink: zone id is out of range
[  131.569367][ T7863] netlink: zone id is out of range
[  131.571054][ T7863] netlink: zone id is out of range
[  131.572861][ T7863] netlink: zone id is out of range
[  131.574697][ T7863] netlink: zone id is out of range
[  131.576645][ T7863] netlink: zone id is out of range
[  131.578456][ T7863] netlink: zone id is out of range
[  131.580173][ T7863] netlink: zone id is out of range
[  131.581773][ T7863] netlink: zone id is out of range
[  131.583694][ T7863] netlink: zone id is out of range
[  132.062700][   T24] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  132.108331][ T7892] loop2: detected capacity change from 0 to 32768
[  132.116253][ T7892] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  132.126611][ T7892] XFS (loop2): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  132.135717][ T7892] XFS (loop2): Starting recovery (logdev: internal)
[  132.144627][ T7892] XFS (loop2): Ending recovery (logdev: internal)
[  132.167722][ T5853] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  132.213488][   T24] usb 4-1: Using ep0 maxpacket: 32
[  132.216921][   T24] usb 4-1: config 0 has an invalid interface number: 196 but max is 0
[  132.220548][   T24] usb 4-1: config 0 has no interface number 0
[  132.228464][   T24] usb 4-1: config 0 interface 196 has no altsetting 0
[  132.239172][   T24] usb 4-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a
[  132.246498][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  132.249752][   T24] usb 4-1: Product: syz
[  132.251549][   T24] usb 4-1: Manufacturer: syz
[  132.262903][   T24] usb 4-1: SerialNumber: syz
[  132.267608][   T24] usb 4-1: config 0 descriptor??
[  132.334791][ T7914] loop2: detected capacity change from 0 to 128
[  132.424335][ T5909] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  132.489701][   T24] ipheth 4-1:0.196: Unable to find endpoints
[  132.503393][   T24] usb 4-1: USB disconnect, device number 12
[  132.574808][ T5909] usb 1-1: config 0 interface 0 has no altsetting 0
[  132.577497][ T5909] usb 1-1: New USB device found, idVendor=046d, idProduct=0a0e, bcdDevice=94.75
[  132.581226][ T5909] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  132.589106][ T5909] usb 1-1: config 0 descriptor??
[  132.776526][ T7928] loop2: detected capacity change from 0 to 1024
[  132.780080][ T7928] EXT4-fs: Ignoring removed nobh option
[  132.782441][ T7928] EXT4-fs: Ignoring removed bh option
[  132.796997][ T1364] ieee802154 phy0 wpan0: encryption failed: -22
[  132.800109][ T1364] ieee802154 phy1 wpan1: encryption failed: -22
[  132.808026][ T5909]  (null): keene_cmd_main failed (-71)
[  132.808942][ T7928] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  132.820693][ T5909] video4linux radio48: keene_cmd_main failed (-71)
[  132.824783][ T5909] radio-keene 1-1:0.0: V4L2 device registered as radio48
[  132.830754][ T5909] usb 1-1: USB disconnect, device number 15
[  132.857408][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  132.941370][ T7934] loop2: detected capacity change from 0 to 256
[  132.967545][ T7934] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d)
[  133.093677][ T7937] loop2: detected capacity change from 0 to 4096
[  133.098398][ T7937] ntfs3(loop2): It is recommened to use chkdsk.
[  133.101723][ T7937] ntfs3(loop2): try to read out of volume at offset 0x3fffffc0c00
[  133.106540][ T7937] ntfs3(loop2): try to read out of volume at offset 0x3fffffc0c00
[  133.109893][ T7937] ntfs3(loop2): try to read out of volume at offset 0x3fffffc0c00
[  133.120051][ T7937] ntfs3(loop2): try to read out of volume at offset 0x3fffffc0c00
[  133.129506][ T7937] ntfs3(loop2): try to read out of volume at offset 0x3fffffc1c00
[  133.132876][ T7937] ntfs3(loop2): try to read out of volume at offset 0x3fffffc2c00
[  133.143653][ T7937] ntfs3(loop2): try to read out of volume at offset 0x3fffffc4c00
[  133.146623][ T7937] ntfs3(loop2): try to read out of volume at offset 0x3fffffc8c00
[  133.149295][ T7937] ntfs3(loop2): try to read out of volume at offset 0x3fffffd0c00
[  133.263702][ T7940] netlink: 8 bytes leftover after parsing attributes in process `syz.2.743'.
[  133.275316][ T7938] loop3: detected capacity change from 0 to 40427
[  133.277882][ T7938] F2FS-fs: heap/no_heap options were deprecated
[  133.286973][ T7938] F2FS-fs (loop3): invalid crc value
[  133.288820][ T7938] F2FS-fs (loop3): Ignore s_resuid=60929, s_resgid=0 w/o reserve_root
[  133.359206][ T7938] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  133.369909][ T7938] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  133.627603][ T7959] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  133.632725][ T7959] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  134.080547][ T7958] loop0: detected capacity change from 0 to 32768
[  134.088445][ T7958] XFS: attr2 mount option is deprecated.
[  134.094183][ T7958] XFS: attr2 mount option is deprecated.
[  134.113939][ T7958] XFS (loop0): Mounting V5 filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 in no-recovery mode. Filesystem will be inconsistent.
[  134.170240][ T5850] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  134.766485][ T8000] CIFS: iocharset name too long
[  134.813007][ T8002] trusted_key: encrypted_key: keylen for the ecryptfs format must be equal to 64 bytes
[  135.864137][ T8012] netlink: 172 bytes leftover after parsing attributes in process `syz.3.772'.
[  135.868004][ T8012] netlink: 8 bytes leftover after parsing attributes in process `syz.3.772'.
[  135.872560][ T8012] netlink: 172 bytes leftover after parsing attributes in process `syz.3.772'.
[  135.877641][ T8012] netlink: 100 bytes leftover after parsing attributes in process `syz.3.772'.
[  135.881351][ T8012] netlink: 32 bytes leftover after parsing attributes in process `syz.3.772'.
[  136.070839][ T8028] loop0: detected capacity change from 0 to 4096
[  136.331770][ T8032] loop3: detected capacity change from 0 to 32768
[  136.348345][ T8032] JBD2: Ignoring recovery information on journal
[  136.468787][ T8032] ocfs2: Mounting device (7,3) on (node local, slot 0) with writeback data mode.
[  136.595262][ T5990] (syz-executor,5990,0):ocfs2_inode_is_valid_to_delete:948 ERROR: Skipping delete of system file 22
[  136.608965][ T5990] ocfs2: Unmounting device (7,3) on (node local)
[  136.888101][ T8048] loop2: detected capacity change from 0 to 512
[  136.891585][ T8048] EXT4-fs: Ignoring removed bh option
[  136.905290][ T8048] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  136.908874][ T8048] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  136.924856][ T8048] EXT4-fs (loop2): warning: mounting unchecked fs, running e2fsck is recommended
[  136.930739][ T8048] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=c002e01c, mo2=0006]
[  136.946455][ T8048] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  137.095695][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.473089][   T10] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  137.595761][ T8072] loop3: detected capacity change from 0 to 512
[  137.616242][ T8072] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  137.627111][ T8072] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  137.632162][ T8072] ext4 filesystem being mounted at /258/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  137.636270][   T10] usb 3-1: Using ep0 maxpacket: 32
[  137.644517][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  137.656220][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  137.660760][   T10] usb 3-1: New USB device found, idVendor=0b05, idProduct=1837, bcdDevice= 0.00
[  137.666749][ T5990] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.671479][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  137.681077][   T10] usb 3-1: config 0 descriptor??
[  137.717560][ T8080] bridge0: entered promiscuous mode
[  137.720887][ T8080] macsec1: entered promiscuous mode
[  138.014645][ T8097] netlink: 8 bytes leftover after parsing attributes in process `syz.0.800'.
[  138.078867][ T8101] loop0: detected capacity change from 0 to 8
[  138.085168][ T8101] unable to read xattr id index table
[  138.106884][   T10] asus 0003:0B05:1837.0008: unknown main item tag 0x7
[  138.118164][   T10] asus 0003:0B05:1837.0008: hidraw0: USB HID v0.00 Device [HID 0b05:1837] on usb-dummy_hcd.2-1/input0
[  138.125209][   T10] asus 0003:0B05:1837.0008: Asus input not registered
[  138.134609][   T10] asus 0003:0B05:1837.0008: probe with driver asus failed with error -12
[  138.306870][ T5909] usb 3-1: USB disconnect, device number 12
[  138.488631][ T8109] loop0: detected capacity change from 0 to 32768
[  138.513773][ T8109] XFS (loop0): Mounting V5 Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  138.530688][ T8109] XFS (loop0): Ending clean mount
[  138.539238][ T8109] XFS (loop0): Quotacheck needed: Please wait.
[  138.556116][ T6261] XFS (loop0): Metadata corruption detected at xfs_dinode_verify+0x1a6/0x1570, inode 0x1807 dinode
[  138.561428][ T6261] XFS (loop0): Unmount and run xfs_repair
[  138.564207][ T6261] XFS (loop0): First 128 bytes of corrupted metadata buffer:
[  138.567487][ T6261] 00000000: 49 4e 81 ed 03 02 00 00 00 00 00 00 00 00 00 00  IN..............
[  138.571396][ T6261] 00000010: 00 00 00 02 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  138.575615][ T6261] 00000020: 34 f7 58 68 a5 a5 b6 11 34 f7 58 68 a5 a5 b6 11  4.Xh....4.Xh....
[  138.579384][ T6261] 00000030: 34 f7 58 68 a5 a5 b6 11 7c 0b 00 00 00 00 00 00  4.Xh....|.......
[  138.583301][ T6261] 00000040: 00 00 00 00 00 00 00 05 00 00 00 00 00 00 00 01  ................
[  138.587094][ T6261] 00000050: 00 00 18 02 00 00 00 00 00 00 00 00 bb 36 00 a5  .............6..
[  138.590855][ T6261] 00000060: ff ff ff ff 8c da 54 79 00 00 00 00 00 00 00 06  ......Ty........
[  138.595181][ T6261] 00000070: 00 00 00 01 00 00 00 10 00 00 00 00 00 00 00 08  ................
[  138.616568][ T8109] XFS (loop0): Quotacheck: Unsuccessful (Error -117): Disabling quotas.
[  138.654688][ T5850] XFS (loop0): Unmounting Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  138.658789][ T5850] XFS (loop0): Uncorrected metadata errors detected; please run xfs_repair.
[  138.802037][ T8119] netlink: 16 bytes leftover after parsing attributes in process `syz.0.807'.
[  138.805517][ T8119] netlink: 48 bytes leftover after parsing attributes in process `syz.0.807'.
[  138.871322][ T8123] tmpfs: Bad value for 'mpol'
[  139.030889][ T8133] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  139.183545][   T10] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  139.335847][   T10] usb 4-1: config 0 has an invalid interface number: 194 but max is 0
[  139.339424][   T10] usb 4-1: config 0 has no interface number 0
[  139.342349][   T10] usb 4-1: too many endpoints for config 0 interface 194 altsetting 233: 59, using maximum allowed: 30
[  139.348345][   T10] usb 4-1: config 0 interface 194 altsetting 233 has 0 endpoint descriptors, different from the interface descriptor's value: 59
[  139.354300][   T10] usb 4-1: config 0 interface 194 has no altsetting 0
[  139.359807][   T10] usb 4-1: New USB device found, idVendor=0c72, idProduct=0012, bcdDevice=22.96
[  139.366457][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  139.369848][   T10] usb 4-1: Product: syz
[  139.371602][   T10] usb 4-1: Manufacturer: syz
[  139.373653][   T10] usb 4-1: SerialNumber: syz
[  139.377897][   T10] usb 4-1: config 0 descriptor??
[  139.430268][ T8142] loop2: detected capacity change from 0 to 32768
[  139.449144][ T8142] JBD2: Ignoring recovery information on journal
[  139.501721][ T8142] ocfs2: Mounting device (7,2) on (node local, slot 0) with writeback data mode.
[  139.558230][ T5853] ocfs2: Unmounting device (7,2) on (node local)
[  139.601232][   T10] peak_usb 4-1:0.194: probe with driver peak_usb failed with error 194
[  139.627621][   T10] usb 4-1: USB disconnect, device number 13
[  139.836278][ T8155] loop2: detected capacity change from 0 to 32768
[  139.895220][ T8159] netlink: 20 bytes leftover after parsing attributes in process `syz.2.824'.
[  139.898597][ T8159] netlink: 20 bytes leftover after parsing attributes in process `syz.2.824'.
[  140.194678][   T24] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  140.373663][   T24] usb 3-1: Using ep0 maxpacket: 16
[  140.386568][   T24] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  140.407606][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  140.418607][   T24] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  140.422450][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  140.425808][   T24] usb 3-1: Product: syz
[  140.427505][   T24] usb 3-1: Manufacturer: syz
[  140.429669][   T24] usb 3-1: SerialNumber: syz
[  140.440109][   T24] usb 3-1: config 0 descriptor??
[  140.446659][   T24] em28xx 3-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  140.450132][   T24] em28xx 3-1:0.0: Audio interface 0 found (Vendor Class)
[  141.078790][   T24] em28xx 3-1:0.0: unknown em28xx chip ID (0)
[  141.084864][   T24] em28xx 3-1:0.0: Config register raw data: 0xfffffffb
[  141.292119][   T24] em28xx 3-1:0.0: AC97 chip type couldn't be determined
[  141.300211][   T24] em28xx 3-1:0.0: No AC97 audio processor
[  141.333465][   T24] usb 3-1: USB disconnect, device number 13
[  141.368438][   T24] em28xx 3-1:0.0: Disconnecting em28xx
[  141.385734][   T24] em28xx 3-1:0.0: Freeing device
[  141.962766][   T10] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  141.989619][ T8210] netlink: 'syz.2.848': attribute type 21 has an invalid length.
[  141.995783][ T8210] netlink: 156 bytes leftover after parsing attributes in process `syz.2.848'.
[  142.069654][ T8214] loop2: detected capacity change from 0 to 2048
[  142.088485][ T8214] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  142.112768][   T10] usb 4-1: Using ep0 maxpacket: 8
[  142.115521][   T36] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm kworker/u10:1: bg 0: block 234: padding at end of block bitmap is not set
[  142.116578][   T10] usb 4-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  142.123032][   T36] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  142.124635][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  142.128756][   T36] EXT4-fs (loop2): This should not happen!! Data will be lost
[  142.128756][   T36] 
[  142.134689][   T36] EXT4-fs (loop2): Total free blocks count 0
[  142.137069][   T36] EXT4-fs (loop2): Free/Dirty block details
[  142.138842][   T10] pvrusb2: Hardware description: Terratec Grabster AV400
[  142.139417][   T36] EXT4-fs (loop2): free_blocks=0
[  142.141563][   T10] pvrusb2: **********
[  142.143228][   T36] EXT4-fs (loop2): dirty_blocks=32
[  142.143236][   T36] EXT4-fs (loop2): Block reservation details
[  142.143241][   T36] EXT4-fs (loop2): i_reserved_data_blocks=2
[  142.155072][ T6262] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 159 with max blocks 1 with error 28
[  142.165917][   T10] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  142.179768][   T10] pvrusb2: Important functionality might not be entirely working.
[  142.183908][   T10] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  142.188838][   T10] pvrusb2: **********
[  142.350945][ T2397] pvrusb2: Invalid write control endpoint
[  142.410957][ T2397] pvrusb2: Invalid write control endpoint
[  142.415640][ T2397] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[  142.419656][ T2397] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[  142.426590][ T2397] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[  142.430620][ T2397] pvrusb2: Device being rendered inoperable
[  142.434750][ T2397] cx25840 2-0044: Unable to detect h/w, assuming cx23887
[  142.438622][ T2397] cx25840 2-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_a)
[  142.446871][ T2397] pvrusb2: Attached sub-driver cx25840
[  142.449505][ T2397] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  142.456187][ T2397] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  142.519580][ T8231] bond1: entered promiscuous mode
[  142.521810][ T8231] bond1: entered allmulticast mode
[  142.528458][ T8231] 8021q: adding VLAN 0 to HW filter on device bond1
[  142.558973][   T10] usb 4-1: USB disconnect, device number 14
[  142.583148][ T8234] loop2: detected capacity change from 0 to 256
[  142.594911][ T8234] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x4ec6003b, utbl_chksum : 0xe619d30d)
[  143.407387][ T8251] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  143.417116][ T8251] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  143.493827][ T8251] bridge0: left allmulticast mode
[  143.499605][ T8251] bond1: left promiscuous mode
[  143.501747][ T8251] bond1: left allmulticast mode
[  143.505630][ T5861] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  143.513111][ T5873] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  143.516800][ T5873] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  143.520535][ T5873] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  144.506597][ T8290] vlan2: entered promiscuous mode
[  144.509107][ T8290] gretap0: entered promiscuous mode
[  145.310028][ T8310] loop2: detected capacity change from 0 to 32768
[  145.312861][   T24] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  145.324886][ T8310] bcachefs (/dev/loop2): error validating superblock: Invalid superblock section replicas: bad nr_required in entry (unknown data_type 155): 239/36 [0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 8 26 41 44 51 70 73 87 93 102 106 112 120 128 144 184 203 237 245]
[  145.324886][ T8310] replicas (size 64):
[  145.324886][ T8310] (unknown data_type 155): 239/36 [237 106 112 73 203 144 87 44 70 41 26 120 93 128 0 0 0 0 0 0 0 0 0 0 1 8 0 0 0 184 245 51 102 0 0 0]
[  145.324886][ T8310] 
[  145.366984][ T8310] bcachefs: bch2_fs_get_tree() error: invalid_replicas_entry
[  145.525043][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  145.529222][   T24] usb 4-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[  145.543889][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  145.555216][   T24] usb 4-1: config 0 descriptor??
[  146.170999][ T8326] loop0: detected capacity change from 0 to 32768
[  146.188312][   T24] lg-g15 0003:046D:C222.0009: hidraw0: USB HID v10.00 Device [HID 046d:c222] on usb-dummy_hcd.3-1/input0
[  146.194082][ T8326] find_entry called with index >= next_index
[  146.196121][ T8326] find_entry called with index >= next_index
[  146.198073][ T8326] find_entry called with index >= next_index
[  146.200147][ T8326] find_entry called with index >= next_index
[  146.202131][ T8326] find_entry called with index >= next_index
[  146.215110][   T24] usb 4-1: USB disconnect, device number 15
[  146.455111][ T8335] sp0: Synchronizing with TNC
[  146.895614][ T8349] kernel read not supported for file /   (pid: 8349 comm: syz.3.904)
[  146.901091][   T33] audit: type=1800 audit(1756996471.942:43): pid=8349 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.904" name=200120 dev="mqueue" ino=14579 res=0 errno=0
[  148.380352][ T8382] binder: 8379:8382 ioctl c0306201 2000000001c0 returned -22
[  148.557123][ T8389] netlink: 'syz.0.920': attribute type 1 has an invalid length.
[  148.769497][ T8401] syz.3.923 uses obsolete (PF_INET,SOCK_PACKET)
[  148.782076][ T8399] loop0: detected capacity change from 0 to 1024
[  148.794609][ T8400] netlink: 'syz.2.925': attribute type 178 has an invalid length.
[  148.806678][ T8399] EXT4-fs (loop0): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  148.845281][ T8399] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  148.886780][ T8399] EXT4-fs error (device loop0): ext4_xattr_inode_iget:437: inode #11: comm syz.0.926: missing EA_INODE flag
[  148.903036][   T33] audit: type=1804 audit(1756996473.922:44): pid=8399 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.926" name="/newroot/281/file1/file1" dev="loop0" ino=15 res=1 errno=0
[  148.924580][ T8399] EXT4-fs (loop0): Remounting filesystem read-only
[  148.972115][ T5850] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  149.130939][ T8415] loop2: detected capacity change from 0 to 512
[  149.135205][ T8415] EXT4-fs: Ignoring removed bh option
[  149.140243][ T8415] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  149.159505][ T8415] EXT4-fs (loop2): 1 truncate cleaned up
[  149.168094][ T8415] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  149.271938][   T54] Bluetooth: hci0: command 0x0406 tx timeout
[  149.799339][ T8424] loop3: detected capacity change from 0 to 32768
[  149.843952][ T8424] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  149.854272][ T8424] XFS (loop3): Ending clean mount
[  149.857468][ T8424] XFS (loop3): Quotacheck needed: Please wait.
[  149.882280][ T8424] XFS (loop3): Quotacheck: Done.
[  149.914053][ T5990] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  150.131760][ T5853] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.235283][ T8435] loop0: detected capacity change from 0 to 32768
[  150.255663][ T8435] (syz.0.938,8435,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  150.272983][ T8435] (syz.0.938,8435,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  150.305965][ T8435] JBD2: Ignoring recovery information on journal
[  150.344300][ T8435] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  150.401163][ T5850] ocfs2: Unmounting device (7,0) on (node local)
[  150.561155][ T8449] loop2: detected capacity change from 0 to 32768
[  150.574685][ T8449] XFS: noikeep mount option is deprecated.
[  150.589886][ T8461] loop0: detected capacity change from 0 to 128
[  150.605339][ T8449] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  150.637699][ T8449] XFS (loop2): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  150.677625][ T8449] XFS (loop2): Starting recovery (logdev: internal)
[  150.701118][ T8449] XFS (loop2): Ending recovery (logdev: internal)
[  150.751113][ T8472] loop3: detected capacity change from 0 to 4096
[  150.759836][ T8472] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512).
[  150.799428][ T5853] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  151.050294][ T8482] loop3: detected capacity change from 0 to 8
[  151.076159][ T8482] SQUASHFS error: zstd decompression error: 10
[  151.102966][ T8482] SQUASHFS error: zstd decompression failed, data probably corrupt
[  151.106435][ T8482] SQUASHFS error: Failed to read block 0x60: -5
[  151.109811][ T8482] SQUASHFS error: zstd decompression error: 10
[  151.119890][ T8482] SQUASHFS error: zstd decompression failed, data probably corrupt
[  151.124561][ T8482] SQUASHFS error: Failed to read block 0x60: -5
[  151.375143][ T8504] loop0: detected capacity change from 0 to 256
[  151.400895][ T8504] exFAT-fs (loop0): bogus allocation bitmap size(need : 2, cur : 1)
[  151.405667][ T8504] exFAT-fs (loop0): failed to load alloc-bitmap
[  151.408338][ T8504] exFAT-fs (loop0): failed to recognize exfat type
[  151.437691][ T8510] netlink: 'syz.2.963': attribute type 5 has an invalid length.
[  151.834280][ T5848] Bluetooth: hci1: Unknown advertising packet type: 0x52
[  152.005005][ T8542] genirq: Flags mismatch irq 4. 00200000 (pcl818) vs. 00200080 (ttyS0)
[  152.021479][ T8544] loop3: detected capacity change from 0 to 64
[  152.221760][ T8554] netlink: 'syz.0.984': attribute type 25 has an invalid length.
[  152.226529][ T8554] netlink: 'syz.0.984': attribute type 7 has an invalid length.
[  152.502895][ T8570] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000005: 0000 [#1] SMP KASAN PTI
[  152.507667][ T8570] KASAN: null-ptr-deref in range [0x0000000000000028-0x000000000000002f]
[  152.512017][ T8570] CPU: 1 UID: 0 PID: 8570 Comm: syz.2.992 Not tainted syzkaller #0 PREEMPT(full) 
[  152.515681][ T8570] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  152.519728][ T8570] RIP: 0010:pcl818_ai_cancel+0x69/0x3f0
[  152.522041][ T8570] Code: 8b 1b 48 89 d8 48 c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 f9 13 36 f9 48 8b 03 48 89 04 24 49 83 c4 28 4c 89 e0 48 c1 e8 03 <42> 80 3c 28 00 74 08 4c 89 e7 e8 d8 13 36 f9 4d 8b 24 24 48 83 c3
[  152.529668][ T8570] RSP: 0018:ffffc90007717a60 EFLAGS: 00010206
[  152.532158][ T8570] RAX: 0000000000000005 RBX: ffff888029fc2c00 RCX: 0000000000080000
[  152.535480][ T8570] RDX: ffffc900086f9000 RSI: 00000000000003bc RDI: 00000000000003bd
[  152.538861][ T8570] RBP: 0000000000000001 R08: ffff88810f1d212f R09: 1ffff11021e3a425
[  152.542204][ T8570] R10: dffffc0000000000 R11: ffffffff88ece2a0 R12: 0000000000000028
[  152.545434][ T8570] R13: dffffc0000000000 R14: ffff88810f1d2000 R15: dffffc0000000000
[  152.548804][ T8570] FS:  00007f52aa2166c0(0000) GS:ffff8881a3c18000(0000) knlGS:0000000000000000
[  152.552520][ T8570] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  152.555210][ T8570] CR2: 0000001b32623ffc CR3: 0000000108930000 CR4: 00000000000006f0
[  152.558485][ T8570] Call Trace:
[  152.559701][ T8570]  <TASK>
[  152.560743][ T8570]  pcl818_detach+0x66/0xd0
[  152.562225][ T8570]  comedi_device_detach_locked+0x178/0x750
[  152.564487][ T8570]  comedi_unlocked_ioctl+0xcde/0x1020
[  152.566798][ T8570]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  152.569018][ T8570]  ? __lock_acquire+0xab9/0xd20
[  152.571101][ T8570]  ? __fget_files+0x2a/0x420
[  152.573141][ T8570]  ? __fget_files+0x2a/0x420
[  152.574864][ T8570]  ? __fget_files+0x3a0/0x420
[  152.576625][ T8570]  ? __fget_files+0x2a/0x420
[  152.578351][ T8570]  ? bpf_lsm_file_ioctl+0x9/0x20
[  152.580123][ T8570]  ? __pfx_comedi_unlocked_ioctl+0x10/0x10
[  152.582228][ T8570]  __se_sys_ioctl+0xfc/0x170
[  152.583979][ T8570]  do_syscall_64+0xfa/0x3b0
[  152.585559][ T8570]  ? lockdep_hardirqs_on+0x9c/0x150
[  152.587363][ T8570]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.589667][ T8570]  ? exc_page_fault+0x9f/0xf0
[  152.591394][ T8570]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  152.593655][ T8570] RIP: 0033:0x7f52a938ebe9
[  152.595508][ T8570] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  152.602057][ T8570] RSP: 002b:00007f52aa216038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  152.604980][ T8570] RAX: ffffffffffffffda RBX: 00007f52a95c5fa0 RCX: 00007f52a938ebe9
[  152.607644][ T8570] RDX: 0000000000000000 RSI: 0000000040946400 RDI: 0000000000000003
[  152.610544][ T8570] RBP: 00007f52a9411e19 R08: 0000000000000000 R09: 0000000000000000
[  152.613466][ T8570] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  152.616175][ T8570] R13: 00007f52a95c6038 R14: 00007f52a95c5fa0 R15: 00007ffedc0be1c8
[  152.618885][ T8570]  </TASK>
[  152.619963][ T8570] Modules linked in:
[  152.621787][ T8570] ---[ end trace 0000000000000000 ]---
[  152.652734][ T8570] RIP: 0010:pcl818_ai_cancel+0x69/0x3f0
[  152.654662][ T8570] Code: 8b 1b 48 89 d8 48 c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 f9 13 36 f9 48 8b 03 48 89 04 24 49 83 c4 28 4c 89 e0 48 c1 e8 03 <42> 80 3c 28 00 74 08 4c 89 e7 e8 d8 13 36 f9 4d 8b 24 24 48 83 c3
[  152.661638][ T8570] RSP: 0018:ffffc90007717a60 EFLAGS: 00010206
[  152.664989][ T8570] RAX: 0000000000000005 RBX: ffff888029fc2c00 RCX: 0000000000080000
[  152.668371][ T8570] RDX: ffffc900086f9000 RSI: 00000000000003bc RDI: 00000000000003bd
[  152.671941][ T8570] RBP: 0000000000000001 R08: ffff88810f1d212f R09: 1ffff11021e3a425
[  152.675488][ T8570] R10: dffffc0000000000 R11: ffffffff88ece2a0 R12: 0000000000000028
[  152.679072][ T8570] R13: dffffc0000000000 R14: ffff88810f1d2000 R15: dffffc0000000000
[  152.679301][ T8566] loop3: detected capacity change from 0 to 32768
[  152.683241][ T8570] FS:  00007f52aa2166c0(0000) GS:ffff8881a3c18000(0000) knlGS:0000000000000000
[  152.688101][ T8570] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  152.691119][ T8570] CR2: 00007f52aa1f4fc8 CR3: 0000000108930000 CR4: 00000000000006f0
[  152.694794][ T8566] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.990 (8566)
[  152.701489][ T8570] Kernel panic - not syncing: Fatal exception
[  152.704620][ T8570] Kernel Offset: disabled
[  152.706177][ T8570] Rebooting in 86400 seconds..

VM DIAGNOSIS:
14:34:37  Registers:
info registers vcpu 0

CPU#0
RAX=ffff88810722d640 RBX=ffff888113b1d130 RCX=1ffff11020e45ac8 RDX=0000000000000000
RSI=00000000000001fd RDI=00000000000000e8 RBP=ffffc90007987650 RSP=ffffc900079873a0
R8 =ffffea0000493933 R9 =1ffffd4000092726 R10=dffffc0000000000 R11=fffff94000092727
R12=00007fd488c9a000 R13=00007fd488c26000 R14=00000000124e4000 R15=ffffc90007987860
RIP=ffffffff820944ae RFL=00000a02 [-O-----] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fd489aaa6c0 ffffffff 00c00000
GS =0000 ffff8880b8618000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fa3a1063000 CR3=000000002ac18000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=ffffffffffffffff ffff00ff00000000 XMM05=00002f3000000000 00005600333a3762
XMM06=ffff000000000000 ffff00ff00000000 XMM07=0000ff0000000000 0000000000000000
XMM08=ffff0000ffffffff ffff00ff00000000 XMM09=00007fd9a58daa2a 00007f00333a3762
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=1ffffffff33be460 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd
RSI=0000000000000fff RDI=0000000000001000 RBP=ffffffff99df26b0 RSP=ffffc90007717230
R8 =ffff888107668237 R9 =1ffff11020ecd046 R10=dffffc0000000000 R11=ffffffff854f3a30
R12=dffffc0000000000 R13=0000000000000000 R14=ffffffff99df2420 R15=0000000000000000
RIP=ffffffff854f3aa7 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f52aa2166c0 ffffffff 00c00000
GS =0000 ffff8881a3c18000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000001b32623ffc CR3=0000000108930000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=00007f52a9597498 00007f52a9597470 XMM03=00007f52a95974a8 00007f52a95974a0
XMM04=00007f52aa0fd100 00007f52a9597460 XMM05=00007f52a9597478 00007f52a95974c0
XMM06=00007f52a95974b8 00007f52a95974b0 XMM07=00007f52a95974a8 00007f52a95974a0
XMM08=0000000000000000 00007f52a9412ee7 XMM09=0000000000000000 00007f52a9412fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
