last executing test programs:

20.878773461s ago: executing program 0 (id=809):
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket$netlink(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000000900010073797a300000000078000000030a01030000000000000000050000000900010073797a300000000008000540000000001c0008800c00024000000000000000000c00014000000000000000000900030073797a3200000000280004800800024000000000140003007465616d5f736c6176655f30000000000800014000000001"], 0xd4}}, 0x8818)
write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0)

19.99983881s ago: executing program 0 (id=819):
add_key(&(0x7f0000000000)='dns_resolver\x00', 0x0, 0x0, 0x0, 0xffffffffffffffff)

19.999629801s ago: executing program 0 (id=820):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0)
ioctl$SNDCTL_DSP_GETODELAY(r0, 0x40045017, 0x0)

19.918605932s ago: executing program 0 (id=821):
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = socket$pptp(0x18, 0x1, 0x2)
bind$pptp(r0, &(0x7f0000000200)={0x18, 0x2, {0xfeff, @local}}, 0x1e)
connect$pptp(r0, &(0x7f0000000700)={0x18, 0x2, {0x0, @multicast1}}, 0x1e)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246)
write$ppp(r1, &(0x7f0000000340)="c0212e90f25795105d656e0e52274ce8ae3c441c3fd86c", 0x17)

19.778411208s ago: executing program 0 (id=822):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100), 0x2, 0x500, &(0x7f0000000500)="$eJzs3U9sI1cZAPBvJn/sTdMmhR4AFbqUwoJWayfeNqp6oZwqhCoheuSwDYkTRbHjKHZKE/aQPXJHohInOHHmgMQBqSfuSBzgxqUckAqsQA0SByOP7V3njzfWbmzvxr+fNJo38+L53tvRvGd91s4LYGJdj4ijiJiNiPcjYqFzPuls8XZ7a/3dZ/fvrh3fv7uWRLP53j+TrL51Lno+0/Jc55r5iPjBOxE/Sk4F/VNE/eBwe7VSKe91ThUb1d1i/eDw1lZ1dbO8Wd4plVaWV5bevP1G6dL6+kr1N59ei4jf/+7Ln/zx6Fs/aTVrvlPX24/L1O76zIM4LdMR8b1hBBuDqU5/Zh/nw4/1IS5TGhGfi4hXs+d/Iaayu3nSydv07RG2DgAYhmZzIZoLvccAwFWXZjmwJC10cgHzkaaFQjuH91LMpZVavXFzo7a/s97OlS3GTLqxVSkvdXKFizGTbGxNl5ezcve4Ui6dOr4dES9GxM9y17Ljwlqtsj7OLz4AMMGeOzX//yfXnv8BgCsu/7CYG2c7AIDRyY+7AQDAyJn/AWDymP8BYPKY/wFg8pj/AWDymP8BYKJ8/913W1vzuPP+6/UPDva3ax/cWi/XtwvV/bXCWm1vt7BZq21m7+ypXnS9Sq22u/x67H9YbJTrjWL94PBOtba/07iTvdf7TnlmJL0CAB7lxVc+/ksSEUdvXcu26Hnf/4Vz9cvDbh0wTOm4GwCMzdS4GwCMzdnVvoBJIR8P9CzRe6/ndP5M4bSPBrp8at1QePrc+OIT5P+BZ5r8P0yux8v/+y4PV4H8P0yuZjOx5j8ATBg5fiC5oL739/+lZs/BYL//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJU0n21JWuisBT4faVooRDwfEYsxk2xsVcpLEfFCRPw5N5NrHS9HhHWDAOBZlv496az/dWPhtfnTtbO5/+ayfUT8+Bfv/fzD1UZjbzliNvnXg/ONjzrnS+NoPwBwke483Z3Huz67f3etu42yPZ9+p724aCvucWdr10zHdLbPZ7mGuX8nneO21veVqUuIf3QvIr5wXv+TLDey2Fn59HT8VuznRxo/PRE/zera+9a/xecvoS0waT5ujT9vn/f8pXE925///OezEerJdce/4zPjX/pg/JvqM/5dHzTG63/47pmTzYV23b2IL01HHHcv3jP+dOMnfeK/NmD8v778lVf71TV/GXEjzut/ciJWsVHdLdYPDm9tVVc3y5vlnVJpZXll6c3bb5SKWY662M1Un/WPt26+0C9+q/9zfeLnL+j/1wfs/6/+9/4Pv/qI+N/82vn3/6VHxG/Nid8YMP7q3G/z/epa8df79P+i+39zwPif/O1wfcA/BQBGoH5wuL1aqZT3hl1Ihx8iKyQRRyPoTruQ+/VP3xlVrCEW4ulohsLTVBj3yAQM28OHftwtAQAAAAAAAAAAAAAA+hnFfycadx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//5iA1Hs=")
open(&(0x7f0000000180)='./bus\x00', 0x14937e, 0x111)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x141a42, 0x1c2)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000200), 0xfea7)
copy_file_range(r1, 0x0, r0, 0x0, 0xffffffffa003e45c, 0x700000000000000)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r3 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r3, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x1, 0x8005, 0x0, 0x0, 0x19, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f283e6d60200000000000000000000000100", [0x208]})
r4 = open(&(0x7f0000000180)='./file1\x00', 0xe0142, 0x102)
pwritev2(r4, &(0x7f0000001100)=[{&(0x7f0000001080)='\b', 0x1}], 0x1, 0x7000, 0x0, 0x3)

19.574396383s ago: executing program 0 (id=823):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb01001800000000000000180000001800000004000000020000000100000c02000000000000000000000d0000000000005f"], 0x0, 0x34}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000dc0)={0x11, 0x3, &(0x7f0000000100)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, 0x0, r0, 0x8, &(0x7f00000000c0)={0x0, 0x1}, 0x8}, 0x94)

12.078396373s ago: executing program 1 (id=891):
syz_mount_image$vfat(&(0x7f0000000440), &(0x7f0000000280)='./file1\x00', 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c004845160000000000", @ANYRES32], 0x1, 0x2b2, &(0x7f00000006c0)="$eJzs3NFLU28cx/Hvz6mbE91+EEFB9aVu6uag6w+oEQrRoDAn1UVwzLMaO21yzlgsIncT3fZ3SJfdBdU/4E100313EgTdeBGd8Jwd3XTa1M2t+X6BnO/xeT4+jzrlewSf9XtvnhZyrpEzyzIUUxkSqcmGSHKzqvuvfh3y61FpVJMr4z+/nrt7/8GtdCYzM6c6m56/mlLVyQsfnr14e/FTeXzh3eT7qKwlH67/SH1bO712Zv33/JO8q3lXi6WymrpYKpXNRdvSpbxbMFTv2JbpWpovupbTNJ6zS8vLVTWLSxPxZcdyXTWLVS1YVS2XtOxU1Xxs5otqGIZOxOVkG25jTnZ1bs5M7znsRTq6I3RetPl2rNUcx0nXWg9mV7u1LwAA0L/27/+DXn/v/j+zEFw73P+L0P93Sa3p7i/9PwaC46TNeP3ntxn9PwAAAAAAAAAAAAAAAAAAAAAA/4INz0t4npcIr+FbVERiIhLe93qf6I5Dfv+v9Wi76LCGf9yLidivK9lKNrgG4+mc5MUWS6YkIb/810NdUM/ezMxMqW+k/iE38yuVbMQ/m8DPh5Kt8uf/nw7yKh83c5V6fkTijeunJCGnWq+f2s6HxyGsVLKjcvlSQ96QhHx+JCWxZcl/XW/nX06r3rid2bH+mD8PAAAAAIBBYOiWZPPzb3D2o+FPiMnu8SB/gL8P7Hi+Hpaz7RxRCQAAAAAAjsytPi+Ytm05hyiiInKE+KAWEemLbeworotIH2zjuIqYiATv0cPEv2/F20p5bcwZFpGef1kOUPT6NxMAAACATttu+g8Q+vKqizsCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODkafc8sHD+rqFwYJ94w3KRY/8EAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD7yJwAA//+j7Rqj")
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='mountinfo\x00')
sendfile(r0, r0, &(0x7f0000000000)=0x2eb4, 0x2000007ff)

11.977681377s ago: executing program 1 (id=892):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f00000000c0)={0x0, 0x10, &(0x7f0000000080)=[@in={0x2, 0x0, @private=0xa010101}]}, &(0x7f0000000180)=0x10)
getsockopt$inet_sctp_SCTP_GET_ASSOC_ID_LIST(r1, 0x84, 0x1d, &(0x7f0000000000)={0x1, [<r2=>0x0]}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000100)={r2, @in6={{0xa, 0x4e24, 0x1, @empty, 0x7}}, 0x98a0, 0x7}, 0x90)

11.86683717s ago: executing program 1 (id=894):
r0 = syz_open_dev$video4linux(&(0x7f0000000000), 0x101, 0x0)
ioctl$VIDIOC_QUERY_EXT_CTRL(r0, 0xc0e85667, &(0x7f0000000200)={0x409a090a, 0x101, "eb38845cf6f2e168f59e5c708b4cddb9f54e0bd29a8afaea3096d9061a2df0c1", 0x10001, 0x1, 0x1000001, 0x200000000000080, 0x1000, 0xc, 0x400009, 0x8, [0x5, 0x2, 0x4, 0x11000e]})

11.864613523s ago: executing program 1 (id=896):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000080)='./file0\x00', 0x800, &(0x7f0000001980)={[{@allow_utime={'allow_utime', 0x3d, 0x1}}, {@errors_continue}, {}, {@fmask={'fmask', 0x3d, 0x533}}, {@utf8}, {@keep_last_dots}, {@sys_tz}, {@fmask={'fmask', 0x3d, 0x1ff}}, {@errors_remount}]}, 0x1, 0x1533, &(0x7f0000000380)="$eJzs3AucTtX6OPDnWWvtMSbpbZLLsNZ6Nm8SyyRJLklySZIkSXJLSJrkSEJiyC1pSJJch+QyhOQyMWnc7/dLQpI0SRKSW7L+H8Vfnep3zvmdfjmfM8/383k/1jNrP2s/+33ey94b83WnwdUb1qhSn4jg34I//5EMALEA0B8ArgKAAADKxJeJPz+fU2Lyv7cT9ud6MO1yV8AuJ+5/9sb9z964/9kb9z974/5nb9z/7I37n71x/xnLzjZOLXA1P7Lvg+////er+4cz/P3/XySr5OjPV5e8tjNAzD+bwv3P3rj//7WCf2Yj7n/2xv3PrmIvdwHsPwC//7ODHH84w/3P3rj/jGVnl/v+8+V+QCR7PweX+/XHGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYYyx7OOUvUQBwcXy562KMMcYYY4wxxtifx+e43BUwxhhjjDHGGGPs/x6CAAkKAoiBHBALOSEOBABcCbnhKojA1RAP10AeuBbyQj7IDwUgAQpCIdBgwAJBCIWhCEThOigK10MxuAGKQwlwUBIS4UYoBTdBabgZysAtUBZuhXJQHipARbgNKsHtUBnugCpwJ1SFalAdasBdUBPuhlpwD9SGe6EO3Ad14X6oBw9AfXgQGsBD0BAehkbwCDSGJtAUmkHz/1X+89ANXoDu0AOSoSf0ghehN/SBvtAP+sNLMABehoHwCqTAIBgMr8IQeA2GwuswDN6A4fAmjICRMApGwxgYC6kwDsbDWzAB3oaJMAkmwxRIg6kwDd6B6TADZsK7MAveg9kwB+bCPEiH92E+LIAM+AAWwoeQCYtgMSyBpbAMlsMKWAmrYDWsgbWwDtbDBtgIm2AzbIGtsA22w0ewAz6GnbALdsMnsAc+/RfzT/5dfmcEBBQoUKHCGIzBWIzFOIzDXJgLc2NujGAE4zEe82AezIt5MT/mxwRMwEJYCA0aJCQsjIUxilEsikWxGBbD4lgcHTpMxEQshTdhaSyNZbAMlsWyWA7LY3msiBWxElbCylgZq2AVrIpVsTpWx7vwLuyJtbAW1sbaWAfrXLw9hfWxPjbABtgQG2IjbISNsTE2xabYHJtjC2yBLbEltsbW2AbbYFtsi0mYhO2wHbbH9tgBO2BH7IidsBN2xi7YJev5HIAv4AvYA6uKntgLe2FvTMnRF/thP3wJB+DL+DK+gik4CAfjq/gqvoZD8QQOwzdwOA7HSmIkjsLRSGIspmIqjsfxOAEn4ESchJNwCqbhVJyG03A6zsAZ+C7OwvfwPZyDc3AepmM6zscFmIEZuBBPYiYuwsW4BJfiMlyKK3AlrsDVuAZX4zpchxtwA27CTbgFt+A23AYfoQLAj3EX7sIU3IN7cC/uxX24D/fjfszCLDyAB/AgHsRDeAgP42E8gkfxGB7F43gcT+BJPIWn8AyewbP4bMKXDT66YVUKiPOUUCJGxIhYESviRJzIJXKJ3CK3iIiIiBfxIo/II/KKvCK/yC8SRIIoJAoJI4wgEcYAgIiKqCgqiopiopgoLooLJ5xIFImilCglSovSooy4RZQVt4pyorxo5SqKiqKSaO0qiztEFVFFVBXVRHVRQ9QQNUVNUUvUErVFbVFH1BF1xf2inuiJffFBcb4zDcUgbCQGY2PRRMgLn2AtxFBsKVqJ1uJx8QYOw7aihUsST4l2YhS2F38To/EZ0VGMxU7iOdFZdBFdxfOim2jpuoseYiL2FL3EFOwt+oi+op+YjtXEuzgrZ3XxikgRg8Rg8aqYh6+JoeJ1MeynI31TjBAjxSgxWowRY0WqGCfGi7fEBPG2mCgmicliikgTU8U08Y6YLmaImeJdMUu8J2aLOWKumCfSxftivlggMsQHYqH4UGSKRWKxWCKWivOfuSvESrFKrBZrxFqxTqwXG8RGsUlsFlvEVrFNbBcfiR3iY7FT7BK7xSdij/hU7BWfiX3ic7FffCGyxJfigPhKHBRfi0PiG3FYfCuOiKPimPhOHBffixPipDglTosz4gdxVvwozgkvQKIUUkolAxkjc8hYmVPGyStkLhlceHavlvHyGplHXivzynwyvywgE2RBWUhqaaSVJENZWBaRUXmdLCqvl8XkDbK4LCGdLCkT5Y2ylLxJlpY3yzLyFllW3irLyfKygqwob5OV5O0SIj/vo6qsJqvLGvIumQx3y1ryHllb3ivryPtkXXm/rCcfkPXlg7KBfEg2lA/LRvIR2Vg2kU1lM9lcPipbyMdkS9lKtpaPyzbyCdlWPimT5FOynfQXXiLPyI7yWdlJPic7yy6yq/xRnpNedpc9JPQE2Uu+KHvLPrKv7Cf7y5fkAPmyHChfkSlykBwsX5VD5GtyqHxdDpNvyOHyTTlCjpSj5Gg5Ro6VqXKcHC/fkhPk23KinCQnyykyTU6VfS+sNFPKf5j/1u/kD/xp7xvkRrlJbpZb5Fa5TW6XH8kdcofcKXfK3XK33CP3yL1yr9wn98n9cr/MklnygDwgD8qD8pA8JA/Lw/KIPCpPy+/kcfm9PCFPypPytDwjz8izF54DUKiEkkqpQMWoHCpW5VRx6gqVS12pcqurVERdreLVNSqPulblVflUflVAJaiCqpDSyiirSIWqsCqiouo6vPCCUcVVCeVUSZWobvxX8lVRdb0qpm74Vf7F+pL/oL7mqrlqoVqolqqlaq1aqzaqjWqr2qoklaTaqXaqvWqvOqgOqqPqqDqpTqqz6qy6qq6qm+qmuqvuKlklq17qRdVb9VF9VT/VX72kBqgBaqAaqFJUihqsBqshaogaqoaqYWqYGq6GqxFqhBqlRqkxaoxKValqvBqvJqgJaqKaqCarySpNpalpapqarqarmWqmmqVmqdlqtpqr5qp0la7mq/kqQ2WohWqhylSL1CK1RC1Ry9QytUKtUKvUKrVGrVHr1DqVqTaqjWqz2qy2qq1qu9qudqgdaqfaqXar3WqP2qP2qr1qn9qn9qv9KktlqQPqgDqoDqpD6pA6rA6rI+qIOqaOqePquDqhTqhT6pQ6o86os+qsOqfOnT/tC0QgAhWoICaICWKD2CAuiAtyBbmC3EHuIBJEgvggPsgTXBvkDfIF+YMCQUJQMCgU6MAENhAXmh4NrguKBtcHxYIbguJBicAFJYPE4MagVHBTUDq4OSgT3BKUDW4NygXlgwpBxeC2oFJwe1A5uCOoEtwZVA2qBdWDGsFdQc3g7qBWcE9QO7g3qBPcF9QN7g/qBQ8E9YMHgwbBQ0HD4OGgUfBI0DhoEjQNmgXN/9T1vT+R7zHXXffQybqn7qVf1L11H91X99P99Ut6gH5ZD9Sv6BQ9SA/Wr+oh+jU9VL+uh+k39HD9ph6hR+pRerQeo8fqVD1Oj9dv6Qn6bT1RT9KT9RSdpqfqafodPV3P0DP1u3qWfk/P1nP0XD1Pp+v39Xy9QGfoD/RC/aHO1Iv0Yr1EL9XL9HK9Qq/Uq/RqvUav1ev0er1Bb9Sb9Ga9RW/V2/R2/ZHeoT/WO/UuvVt/ovfoT/Ve/Znepz/X+/UXOkt/qQ/or/RB/bU+pL/Rh/W3+og+qo/p7/Rx/b0+oU/qU/q0PqN/0Gf1j/qc9udP7s9/vRtllIkxMSbWxJo4E2dymVwmt8ltIiZi4k28yWPymLwmr8lv8psEk2AKmULmPDJkCpvCJmqipqgpaoqZYqa4KW6ccSbRJJpSppQpbUqbMqaMKWvKmnKmnKlgKpjbzG3mdnO7ucPcYe40d5pqppqpYWqYmqamqWVqmdqmtqlj6pi6pq6pZ+qZ+qa+aWAamIamoWlkGpnGprFpapqa5qa5aWFamJampWltWps2po1pa9qaJJNk2pl2pr1pbzqYDqaj6Wg6mU6ms+lsupquppvpZrqb7ibZJJteppfpbXqbvqav6W/6mwFmgBloBpoUk2IGm8FmiBlihpqhZph5www/f6JqRppRZrQZY8aaVJNqxpvxZoKZYCaaiWaymWzSTJqZZqaZ6Wa6mWlmmllmlpltZpu5Zq5JN+lmvplvMkyGWWgWmkyTaRabxWapWWqWm+VmpVlpVpvVZi2sNevNerPRbDSbzWaz1Ww12812s8PsMDvNTrPb7DZ7zB6z1+w1+8w+s9/sN1kmyxwwB8xBc9AcMofMYXPYHDFHzDFzzBw3x80Jc8KcMqfMGZPvwvelN7E2p42zV9hc9kqb215l/z7ObwvYBFvQFrLa5rX5fhUba20xe4MtbktYZ0vaRHvjb+JytrytYCva22wle7ut/Ju4pr3b1rL32Nr2XlvD3vWruI69z9a1D9t6iAC2iW1gm9mG9mHbyD5iG9smtqltZtvYJ2xb+6RNsk/Zdvbp38Tz7QK70q6yq+0au9PusqfsaXvQfm3P2B9sd9vD9rcv2QH2ZTvQvmJT7KDfxMPtm3aEHWlH2dF2jB37m3iynWLT7FQ7zb5jp9sZv4nT7ft2ls2ws+0cO9fO+yk+X1OG/cAutB/aTBvAYrvELrXL7HK74v/XusSus+vtBrvDfmw32y12q91mt188Eba77G77id1jP7UH7Fd2n/3c7reHbJb98qf4/PEdst/Yw/Zbe8Qetcfsd/a4/V79lDuyN4D9wX5nf7TnrLdASECSFAUUQzkolnJSHF1BuehKyk1XUYSupni6hvLQtZSX8lF+KkAJVJAKkSZDlohCKkxFKErX0cXyilMJclSSEulGKkU3UWm6mcrQLVSWbqVyVJ4qUEW6jSrR7VSZ7qAqdCdVpWpUnWrQXVST7qZadA/VpnupDt1Hdel+qkcPUH16kBrQQ9SQHqZG9Ag1pibUlJpRc3qUWtBj1JJaUWt6nNrQE9SWnqQkeora0dPUnv5GHWgodKRnqRM9R52pC3Wl56kbvUDdqQclU0/qRS9Sb+pDfakf9aeXaAC9TAPpFUqhQTSYXqUh9BoNpddpGL1Bw+lNGkEjaRSNpjE0llJpHI2nt2gCvU0TaRJNpimURlNpGr1D02kGzaR3aRa9R7NpDs2leZRO79N8WkAZ9AEtpA8pkxbRYlpCS2kZLacVtJJW0WpaQ2tpHa2nDbSRNtFm2kJbaRttp49oB31MO2kX7aZPaA99SnvpM9pHn9N++oKy6Es6QF/RQfqaDtE3vgd9S0foKB2j7+g4fU8n6CSdotN0hn6gs/QjnSNPEGIoQhmqMAhjwhxhbJgzjAuvCHOFV4a5w6vCSHh1GB9eE+YJrw3zhvnC/GGBMCEsGBYKdWhCG1IYhoXDImE0vC4sGl4fFgsxLB6WCF1YMkwMbwxLhTeFpcObwzLhLWHZ8NawXFg+fPjeiuFtYaXw9rByeEdYJbwzrBpWC6uHNcK7wprh3WGt8J6wdnhvWDq8L6wb3h/WCx8I64cPhg3Ch8KG4cNho/CRsHHYJGwaNgubh4+GLcLHwpZhq7B1+HjYJnwibBs+GSaFT4Xtwqd/mr9vwR/PJ4c9w17hi+GLoff3yLnRedH06PvR+dEF0YzoB9GF0Q+jmdFF0cXRJdGl0WXR5dEV0ZXRVdHV0TXRtdF10fXRDVHva+QAh0446ZQLXIzL4WJdThfnrnC53JUut7vKRdzVLt5d4/K4a11el8/ldwVcgivoCjntjLOOXOgKuyIu6q5zRd31rpi7wRV3JZxzJV2ia+aau+auhXvMtXStXGv3uHvcPeGecE+6J91Trp172rV3f3Md3DOuo3vWPeuec51dF9fVPe+6uXG5f35PJrterpfr7Xq7vq6v6+/6uwFugBvoBroUl+IGu8FuiBvihrqhbpgb5oa74W6EG+FGuVFujBvjUl2qG+/GuwlugpvoJrrJbrJLc2lumpvmprvprtKMn/cy2812c91cl+7S3Xx3/pwxwy10C12my3SL3WK31C11y91yt9KtdKvdarfWrXXr3Xq30W10m91mt9VtddvddrfD7XA7/VU/L+r2uL1ur9vn9rn97guX5b50B9xX7qD72h1y37jD7lt3xB11x9x37rj73p1wJ90pd9qdcT+4s+5Hd855lxoZFxkfeSsyIfJ2ZGJkUmRyZEokLTI1Mi3yTmR6ZEZkZuTdyKzIe5HZkTmRuZF5kfTI+5H5kQWRjMgHkYWRDyOZkUWRxZElkaWRZRHvC24OfWFfxEf9db6ov94X8zf44r6Ed76kT/Q3+lL+Jl/a3+zL+Ft8WX+rL+fL+wr+Ed/YN/FNfTPf3D/qW/jHfEvfyrf2j/s2/gnf1j/pk/xTvp1/2rf3f/Md/DO+o3/Wd/LP+c6+i+/qn/fd/Au+u+/hk31P38u/6Hv7Pr6v7+f7+5f8AP+yH+hf8Sl+kB/sX/VD/Gt+qH/dD/Nv+OExb/oRFy+RYaxP9eP8eP+Wn+Df9hP9JD/ZT/Fpfqqf5t/x0/0MP9O/62f59/xsP8fP9fN8un/fz/cLfIb/wC/0H/pMv+jiTWW/3K/wK/0qv9qv8Wv9Or/eb/Ab/Sa/2W/xW/02v91/5Hf4j/1Ov8vv9p/4Pf5Tv9d/5vflBL/ff+Gz/Jf+gP/KH/Rf+0P+G3/Yf+uP+KP+mP/OH/ff+xP+pD/lT/sz/gd/1v/oz/H/WWOMMcYY+6eMuzQUv575+XZ+z9/JEb/YuBcAXLmlQNYv58+fUa7N+/O4j0hoEwGAp3p0evDio2rV5OTkC9tmSgiKzAG4+DdB58XApXgRtIYnIAlaQanfrb+P6HKG/sH60VsA4n6REwuX4kvrfwaAyb+z/qOPD59fNjwV/z+sPwegWJFLOTnhUrwIWv90f6UVlP6D+vO1+GX9sb9dP+fnqQAtf5GTCy7Fl+pPhMfgaUj61ZaMMcYYY4wxxtjP+ogKHS5ef178F5+/d32eoC7l5IBL8T+6PmeMMcYYY4wxxtjl90yXrk8+mpTUqsO/Pqj8v8r6pweN4P9q5b9kcMd/Rhn/wsB7gIs/UQDwby4IcH4g/8qj2PSX7Cvlwlvn76eWnvYB/Ge08s8YXOYPJsYYY4wxxtif7tJJ/69/ri5XQYwxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGWDb0V/w6sV/ur8flO1TGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGPssvl/AQAA//8lsf60")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000080)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x99501e, 0x0)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc11, 0x0)
mount$bind(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000000)='./file0/file0\x00', 0x0, 0x887008, 0x0)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r0, &(0x7f0000006b40)={0x2020}, 0x2020)

11.724303566s ago: executing program 1 (id=900):
bpf$TOKEN_CREATE(0x24, &(0x7f0000000000), 0x8)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x2, [@int={0x0, 0x0, 0x0, 0x1, 0x5, 0x10}, @union={0x0, 0x1, 0x0, 0x5, 0x1, 0x0, [{0x0, 0x1, 0x8000000}]}]}}, 0x0, 0x42}, 0x20)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

11.393248422s ago: executing program 1 (id=901):
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000180)='./bus\x00', 0x804, &(0x7f00000001c0)={[{@uni_xlate}, {@numtail}, {@rodir}, {@uni_xlateno}, {@shortname_mixed}, {@utf8no}, {@uni_xlateno}, {@iocharset={'iocharset', 0x3d, 'iso8859-4'}}, {@utf8}, {@shortname_mixed}, {@utf8}, {@utf8}, {@shortname_winnt}, {@iocharset={'iocharset', 0x3d, 'koi8-ru'}}, {@utf8no}, {@rodir}, {@iocharset={'iocharset', 0x3d, 'cp869'}}, {@shortname_winnt}]}, 0x9, 0x27b, &(0x7f0000000340)="$eJzs3cFqK1UYAOB/mqRJdJEsXInQAV24Kq1P0CIVxIKgZKEutNgUpAmFFgJVMXblE/gEPo8b8QV8AC93d7u43LmkM0nTyyQlvWlT7v2+TQ//+f85/5kZ2tWc/vBB//jw5Ozo4tf/otFIYm0nduIyiXasxdjvUerfJ+VxAOCRu8yyeJrl6nno/GZGbUZlde3emwMA7sX03/9V9wIAPIyvv/n2i939/b2v0rQR0f9j0Eki/5nP7x7FT9GLbmxFK55HZBP5+LPP9/eimo6046P+cNAZVfa//7u4/u7/EVf129GKdnn9dpqbqh8OOrV4p1h/pxfdL/+KVrxXXv9JSX101uPjD6f634xW/PNjnEQvDovexvW/bafpp9mfz375bhQd1SfDQac+ySuyKw/6YAAAAAAAAAAAAAAAAAAAAAAAeKNtphPtm+fvjA/+nzM/53yg4dT5PFtpmmZJnn9dX433q1Fd5d4BAAAAAAAAAAAAAAAAAADgsTg7//n4oNfrni51MP6sv2QqXtyM1CPi7mttLFoVlaK1XhKx2Fq1qF9V3p5cWXAXzVE/3dOkGst7BMkk0pye2oh8rVGkmQ+mIq+9eiOuBuO36/ggue3hNspekiUMspLXrzKzav3VSLPYQUlyc87q6+/eqeesNWMqiYja5GbOv05tuffw4X4HAQAAAAAAAAAAAAAAAAAAueuPfksmL1bQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACswPX//19gMCyKZ+VkldGgGkVkxVsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgLfAyAAD//0MUZ+o=")
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x61c28c7771d1cf6b)

11.254293034s ago: executing program 32 (id=901):
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000180)='./bus\x00', 0x804, &(0x7f00000001c0)={[{@uni_xlate}, {@numtail}, {@rodir}, {@uni_xlateno}, {@shortname_mixed}, {@utf8no}, {@uni_xlateno}, {@iocharset={'iocharset', 0x3d, 'iso8859-4'}}, {@utf8}, {@shortname_mixed}, {@utf8}, {@utf8}, {@shortname_winnt}, {@iocharset={'iocharset', 0x3d, 'koi8-ru'}}, {@utf8no}, {@rodir}, {@iocharset={'iocharset', 0x3d, 'cp869'}}, {@shortname_winnt}]}, 0x9, 0x27b, &(0x7f0000000340)="$eJzs3cFqK1UYAOB/mqRJdJEsXInQAV24Kq1P0CIVxIKgZKEutNgUpAmFFgJVMXblE/gEPo8b8QV8AC93d7u43LmkM0nTyyQlvWlT7v2+TQ//+f85/5kZ2tWc/vBB//jw5Ozo4tf/otFIYm0nduIyiXasxdjvUerfJ+VxAOCRu8yyeJrl6nno/GZGbUZlde3emwMA7sX03/9V9wIAPIyvv/n2i939/b2v0rQR0f9j0Eki/5nP7x7FT9GLbmxFK55HZBP5+LPP9/eimo6046P+cNAZVfa//7u4/u7/EVf129GKdnn9dpqbqh8OOrV4p1h/pxfdL/+KVrxXXv9JSX101uPjD6f634xW/PNjnEQvDovexvW/bafpp9mfz375bhQd1SfDQac+ySuyKw/6YAAAAAAAAAAAAAAAAAAAAAAAeKNtphPtm+fvjA/+nzM/53yg4dT5PFtpmmZJnn9dX433q1Fd5d4BAAAAAAAAAAAAAAAAAADgsTg7//n4oNfrni51MP6sv2QqXtyM1CPi7mttLFoVlaK1XhKx2Fq1qF9V3p5cWXAXzVE/3dOkGst7BMkk0pye2oh8rVGkmQ+mIq+9eiOuBuO36/ggue3hNspekiUMspLXrzKzav3VSLPYQUlyc87q6+/eqeesNWMqiYja5GbOv05tuffw4X4HAQAAAAAAAAAAAAAAAAAAueuPfksmL1bQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACswPX//19gMCyKZ+VkldGgGkVkxVsEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgLfAyAAD//0MUZ+o=")
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x61c28c7771d1cf6b)

4.445441669s ago: executing program 33 (id=823):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="9feb01001800000000000000180000001800000004000000020000000100000c02000000000000000000000d0000000000005f"], 0x0, 0x34}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000dc0)={0x11, 0x3, &(0x7f0000000100)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x42, '\x00', 0x0, 0x0, r0, 0x8, &(0x7f00000000c0)={0x0, 0x1}, 0x8}, 0x94)

1.873020476s ago: executing program 2 (id=965):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xa, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x73, 0x11, 0x3e}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x49}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)

1.731692217s ago: executing program 2 (id=967):
unshare(0x22020400)
r0 = socket(0x23, 0x80805, 0x2)
connect$llc(r0, 0x0, 0x0)

1.731350399s ago: executing program 2 (id=968):
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000002080)={@fallback, 0xffffffffffffffff, 0x5, 0x2010}, 0x20)

1.667924748s ago: executing program 2 (id=970):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x3, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x4000000, 0x0, 0x0, 0x0, 0x6}}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_exit\x00', r0}, 0x18)
fanotify_init(0x200, 0x0)

1.608523495s ago: executing program 2 (id=971):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
socket$inet6_sctp(0xa, 0x5, 0x84)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$inet_udp(0x2, 0x2, 0x0)
syz_usb_connect$uac1(0x2, 0xdc, &(0x7f0000000380)=ANY=[@ANYBLOB="12010000000000106b1d01014000010203010902ca0003010070000904000000010100000a24010800000201020d24060000030800000000000000240803960c03112d9cd2ce0c240208000103000000ff000924060506020100000924030003030005490c240206", @ANYRES8=r0, @ANYRES8=r1, @ANYRESDEC], 0x0)

1.427627082s ago: executing program 3 (id=975):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bond0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000040)=@newlink={0x44, 0x10, 0x403, 0x4, 0x0, {0x0, 0x0, 0x0, 0x0, 0x20101}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r2}, @IFLA_NUM_TX_QUEUES={0x8, 0x1f, 0x8}]}, 0x44}, 0x1, 0xba01}, 0x810)

1.337151682s ago: executing program 3 (id=976):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a20000000000a01040000000000000000010080030900010073797a30000000002c000000030a01010000000000000000010000000900010073797a30000000000900030073797a320000000094000000060a010400000000000000000100000008000b40000000006c000480340001800b000100657874686472000024000280080001400000000c080003400000000008000440000000220500020007000000340001800c0001"], 0x108}, 0x1, 0x0, 0x0, 0x80}, 0x0)
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="700200001300290a000000000000000007000000", @ANYRES32=r2, @ANYBLOB="000000000000000010010c8013000c800ca3488008000000000000000800038064001d80050006000000000014000500714abbd2547de97cbbf6efb226f19bf90d0002003a288e5e5b5b5a40000000006000078014000400293a02149f3b75a67093c28fd6f55a2314000400e48f01e49713f0c2d839f940d9f088d8050006000000003bd00002006272696467655f736c6176655f30000007000200293a00000500060000000000080001000000000018002580140004004d2906d0880fc8acc30fe2020f9849675000028004000500a1085e7df341b9dc3d8008a2fe5bdaad140004009c7e472c916020fe41bcc5aa8f56c9471400050080ab8be51421cfa3c9e5cbfe8217e0af0800010000000000080001000000000060001a803f0003"], 0x270}, 0x1, 0x0, 0x0, 0x20008014}, 0x4)

1.336955587s ago: executing program 3 (id=977):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000001540)={0x5c, 0x2, 0x6, 0x201, 0x0, 0x0, {0xc, 0x0, 0x9}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8, 0x12, 0x1, 0x0, 0x60000}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0x15, 0x3, 'hash:ip,port,net\x00'}]}, 0x5c}}, 0x0)

1.249994954s ago: executing program 3 (id=978):
sendmsg$inet6(0xffffffffffffffff, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, 0x0}, 0x4048043)
r0 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000600)={'team0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@newqdisc={0xa4, 0x24, 0xf0b, 0x80000, 0xfffffffd, {0x0, 0x0, 0x12, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_taprio={{0xb}, {0x74, 0x2, [@TCA_TAPRIO_ATTR_PRIOMAP={0x56, 0x1, {0x1, [], 0x0, [0x8, 0x4, 0xfff], [0x0, 0x8]}}, @TCA_TAPRIO_ATTR_SCHED_ENTRY_LIST={0x10}, @TCA_TAPRIO_ATTR_SCHED_CLOCKID={0x8, 0x5, 0xfffffff8}]}}]}, 0xa4}}, 0x0)

1.17786647s ago: executing program 3 (id=979):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
ioctl$sock_inet6_SIOCADDRT(r0, 0x890b, &(0x7f0000000800)={@private2, @empty, @empty, 0x1, 0x6, 0xfffc, 0x100, 0x7, 0x1})

1.177614109s ago: executing program 3 (id=980):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000c2bd0b20f8061b3039bb0102030109021b0001000000000904"], 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)

520.22733ms ago: executing program 4 (id=982):
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, 0x0)
ioctl$COMEDI_DEVCONFIG(r0, 0x40946400, &(0x7f00000005c0)={'pcl724\x00', [0x4f27, 0x80000000, 0x4, 0x4, 0x5, 0x5, 0x656b, 0x7, 0x54c6cff3, 0xfd, 0x2, 0x1, 0x1, 0x1, 0x6, 0x101, 0x0, 0x7f, 0x3, 0x40000003, 0x8a, 0xcaa3, 0x0, 0x20001e5b, 0x3, 0xe66, 0x3, 0x8, 0x4086, 0x0, 0xfffffff8]})

467.05454ms ago: executing program 4 (id=983):
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000002100)}], 0x1, 0x0, 0x30}, 0x40000)
ioctl$F2FS_IOC_RESERVE_COMPRESS_BLOCKS(0xffffffffffffffff, 0x8008f513, 0x0)
syz_mount_image$udf(&(0x7f0000000100), &(0x7f0000000f00)='./file7\x00', 0x14444, &(0x7f0000000200)=ANY=[@ANYRES16=0x0], 0xfe, 0xc22, &(0x7f00000002c0)="$eJzs3UFsHNd9B+D/Gy1FSm4rJk5Uu43bTVukMmO5sqSYilW4q5pmG0CWiVDMLQBX5EpdmCIJkmpkI22YXnroIUBR9JATgdYokKKB0RRBj2zrAsnFhyKnnogWNoKiB7YIkFPAYGbfikuKsmhTpCj7+2zqNzvz3sx7M+sZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxO+/fOnMc+lhtwIAOEhXxr985qznPwB8rFz1//8AAAAAAAAAAAAAAHDYpSji8Ugxf2U9TVafOwYut2dv3Z4YGd252rFU1TxSlS9/Bp47e+78F54fvtDN96//oD0Zr45fvVR/ae7m/EJrcbE1XZ+YbU/NTbd2vYe91t9uqDoB9Zuv3Zq+fn2xfvbZc1s23x58r/+xk4MXh58+/VS37MTI6Oh4T5la34c++l3uNcLjaBRxOlI8890fp2ZEFLH3c3Gf785+O1Z1YqjqxMTIaNWRmXZzdqncONY9EUVEvadSo3uODuBa7EkjYrlsftngobJ74/PNhea1mVZ9rLmw1F5qz82OpU5ry/7Uo4gLKWIlItb6795dXxRRixTfPrGerkXEke55+Hw1MPje7Sj2sY+7ULaz3hexUjwC1+wQ648iXokUP3m7iKnynOWf+FzEK2V+P+LNMl+MSOUX43zEuzt8j3g01aKIvyiv/8X1NB0RGyc660frl79S/9Ls9bmest37yiP/fDhIh/zeNBBFNKs7/nr68L/ZAQAAAAAAAAAAAAAAAOBBOxZFPBkpXv6PP67GFUc1Lv3ExeE/GPzF3jHjT9xnP2XZZyNiudjdmNyjeQjxWBpL6SGPJf44G4gi/iSP//vmw24MAAAAAAAAAAAAAAAAAADAx1oRP4oUL7xzKq1E75zi7dkb9avNazOdWWG7c/9250zf2NjYqKdONnJO5lzOuZJzNedazihy/ZyNnJM5l3Ou5FzNuZYzjuT6ORs5J3Mu51zJuZpzLWfUcv2cjZyTOZdzruRczbmWMw7J3L0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8lRRTxs0jxra+tp0gR0YiYjE6u9nfLAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPU38q4nuRov6HjTvrahGRqn87TpW/nI/G0TI/GY3hMl+MxqWczSprjW/e92hpX/rAh9eXivhhpOgfeOvO1cnXv6/zafOavfn1zU+/Uuvkke7Gwff6Hzt54uLw6K89ca/lHa/+0OX27K3b9YmR0dHxntW1fPRP9qwbzMctHkzXiYjF1994rTkz01qw8PFYqHUWanFI2nNQC/l+FYelPdsXGoejGZsLD/nGxIEon//vRorfeec/uw/87vP/Fzqf7jzh46d/uvn8f2H7jvbp+f94z7oX8u9G+moRA0s35/tORgwsvv7G6fbN5o3Wjdbs+TNnvjg8/MVzZ/qORgxcb8+0epb2fKoAAAAAAAAAAAAAAAAADlYq4vciRfOH66keEber8VqDF4efPv3UkThSjbfaMm7r1fGrl+ovzd2cX2gtLram6xOz7am56dZuDzdQDfeaGBndl87c17F9bv+xgZfm5l9faN/4o6Udtx8fuHRtcWmhObXz5jgWRUSjd81Q1eCJkdGq0TPt5mxVdewBvUqhLxXxX5Fi6nw9fTavy+P/to/w3zL+f3n7jvZp/N8netaVx0ypiJ9Git/+yyfis1U7j8dd5yyX+9tIMXThM7lcHC3LddvQea9AZ2RgWfb/IsU//mxr2e54yMc3yz636xP7iCiv/4lI8b0//078Rl639f0PO1//49t3tE/X/1M9645veV/BnrtOvv6nI8WLj78Vv5nXvd/7P4rY2Nj4RsSpXPjO+zn26fp/umfdYHSO+1sPrvsAAAAAAAAAAACPrL5UxN9FiqdGa+n5vG43f/9vevuO9unvf/1yz7rpA5qvaM8nFQAAAAAOib5UxI8ixY2lt+6Mod46/rtn/Ofvbs69PpK2ba3+nO+XqvcGPMg//+s1mI87ufduAwAAAAAAAAAAAAAAAAAAwKGSUhHP5/nUJ+8zn/pqpHj5f57J5dLJslx3HvjB6teBK3Ozpy/NzMxNNZea12Za9fH55lSrrPupSLH+N5/JdYtqfvXufPOdOd4HNrpzsS9EitG/75btzMXenZu8Mx94Zy72suwnIsV//8PWst15rD+9WfZsWfavI8VX/3nnsic3y54ry34nUvzgq/Vu2eNl2e77UTvvJB2oxUzr2am5mbtehQoAAAAAAAAAAAAAAAAAAAAfVF8q4s8ixf/eXInlPOw/z//fnYG/1i375td75vvf5nY1z/9gNf//vZY/zPz/gw+spwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8OhIUcQbkWL+ynpa7S8/dwxcbs/euj0xMrpztWOpqnmkKl/+DDx39tz5Lzw/fKGb71//QXsyXh2/eqn+0tzN+YXW4mJruj4x256am27teg97rb956jqGqhNQv/narenr1xfrZ589t2Xz7cH3+h87OXhx+OnTT3XLToyMjo73lKn1fYCjf6DGbToaRfxVpHjmuz9O/9IfUcTez8V9vjv77VjViaGqExMjo1VHZtrN2aVy41j3RBQR9Z5Kje45OoBrsSeNiOWy+WWDh8rujc83F5rXZlr1sebCUnupPTc7ljqtLftTjyIupIiViFjrv3t3fVHEa5Hi2yfW07/2RxzpnofPXxn/8pmz925HsY993IWynfW+iJXiEbhmh1h/FPFPkeInb5+Kf+uPqEXnJz4X8UqZ3494s8wXI1KK2PhGxLs7fI94NNWiiP8vr//F9fR2f3k/6N5XLn+l/qXZ63M9Zbv3lV09H3793sd86M+Hg3TI700DUcQPqjv+evp3/10DAAAAAAAAAAAAAAAAHCJF/GqkeOGdU6kaH3xnTHF79kb9avPaTGdYX3fsX3fM9MbGxkY9dbKRczLncs6VnKs513JGkevnbOSczLmccyXnas61nHEk18/ZyDmZcznnSs7VnGs5o5br52zknMy5nHMl52rOtZxxSMbuAQAAAAAAAAAAAAAAAAAAHy1F9U+Kb31tPW30d+aXnoxOrpoP9CPv5wEAAP//N4D+uw==")
writev(0xffffffffffffffff, &(0x7f00000002c0)=[{&(0x7f0000000080)="76e5eac907f9ccf7a251ceddcec7d6aa45cffe2c63a56077123a276d3ba4e9d17eb3eb5db12a3783a8e0620d357de1fe04fa9465b5bd1286e9624dec06a00c222f", 0x41}], 0x1)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
symlink(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='.\x00')

429.521568ms ago: executing program 2 (id=984):
syz_mount_image$jfs(&(0x7f0000000100), &(0x7f0000000000)='./file1\x00', 0x2, &(0x7f0000000040)=ANY=[@ANYBLOB='quota,grpquota,iocharset=cp866,errors=continue\x00\x00ocharset=cp850,errors=continue,discard=0x0000000000000003,uid=', @ANYRESHEX=0x0, @ANYBLOB=',errors=remount-ro,\x00'], 0x21, 0x61b6, &(0x7f00000075c0)="$eJzs3cuOHFcZB/Cv+jYXE8fKIgoWQpPEXEKIr8EYAiRZwIINC+QtsjWZRBYOINsgJ7LwRLNhwUOAkFgixJIVD5AFW3Y8AJZsJFAWKIVq5pxxTaV7esb2dHW7fj9pXPX1qZo+5X9XX6aq+gQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAED/8wY/PFRFx5VfphhMRn4t+RC9iparXImJl7UR9nRdiuzmej4jhUkS1/vY/z0a8HhEfH4+4/+DOenXz+QP24/t//scffnLsR3//0/DMf/9yq//GpOVu3/7tf/5699G3FwAAALqoLMuySB/zT0bEIH22BwCefvn1v0zy7eq5qzfnrD9qtVqtXsC6rhzvbr2IiM36OtV7BofjAWDBbMYnbXeBFsm/0wYRcaztTgBzrWi7AxyJ+w/urBcp36L+erC2057PBdmT/2axe33HpOk0zXNMZvX42op+PDehPysz6sM8yfn3mvlf2WkfpeWOOv9ZmZT/aOfSp87J+feb+Tc8Pfn3xubfVTn/waHy78sfAAAAAADmWP77/4mWj/8uPf6mHMh+x3/XZtQHAAAAAAAAAHjSDjv+36Ax/t8u4/8BAADA3Ko+q1d+d/zhbZO+i626/XIR8UxjeaBj0sUyq233AwAAAAAAAAAAAAC6ZLBzDu/lImIYEc+srpZlWf3UNevDetz1F13Xtx+6rO0neQAA2PHx8ca1/EXEckRcTt/1N1xdXS3L5ZXVcrVcWcrvZ0dLy+VK7XNtnla3LY0O8IZ4MCqrX7ZcW69u2uflae3N31fd16jsH6Bjs9Fi4AAQETuvRvcnvSL9z+vVYirLZ6PlNzksiH32fxaU/Z+DaPtxCgAAABy9sizLIn2d98l0zL/XdqcAgJnIr//N4wJqtVqtVqufvrquHO9uvYiIzfo61XsGw/EDwILZjE/a7gItkn+nDSLihbY7Acy1ou0OcCTuP7izXqR8i/rrQRrfPZ8Lsif/zWJ7vbz+uOk0zXNMZvX42op+PDehP8/PqA/zJOffa+Z/Zad9lJZ7/PzLPX8mbOsco0n5V9t5ooX+tC3n32/m33DU+/+sbEVvbP5dlfMfHCr/vvwBAAAAAGCO5b//n5ir47+jR92cqfY7/rs2do2j6wsAAAAAAAAAPCn3H9xZz9e95uP/XxiznOs/n045/0L+nZTz7zXy/2pjuX5t/t7bD/P/94M763+89a/P5+lB81/KM0V6ZBXpEVGkeyoGafo4W/dZW8P+qLqnYdHrD9I5P+Xw3bgW12Mjzu5Ztpf+Px62n9vTXvV0uN1e9nfaz+9pH+y25/Uv7GkfprOLypXcfjrW4+dxPd7Zbq/alqZs//KU9nJKe86/b//vpJz/oPZT5b+a2ovGtHLvo95n9vv6dNz9vHXti785e/SbM9VW9He3ra7avpda6M/2/8mxUfzy5saN07ev3rp141ykyZ5bz0eaPGE5/2H62X3+f3mnPT/v1/fXex+NDp3/vNiKwcT8X67NV9v7yoz71oac/yj95PzfSe3j9/9Fzn/y/v9qC/0BAAAAAAAAAAAAAACA/ZRluX2J6FsRcTFd/9PWtZkAwGzl1/8yybfPqu7P+P7U6gWviznrz0zrT8v56o9avYh1XTnem/UiIv5WX6d6z/Drcb8MAJhnn0bEP9vuBK2Rf4fl7/urpqfa7gwwUzc/+PCnV69f37hxs+2eAAAAAAAAAACPKo//uVYb//lUWZZ3G8vtGf/17Vh73PE/B3lmd4DRCQNV9w+/TfvZ6o36vdpw4y/GpPG/h7tz+43/PZhyf8Mp7aMp7UtT2pentI+90KMm5/9ibbzzUxFxsjH8ehfGf22Oed8FOf+Xao/nKv+vNJar51/+fpHz7+3J/8yt939x5uYHH7527f2r7228t/GzC+fOnb1w8eKlS5fOvHvt+sbZnX9b7PHRyvnnsa+dB9otOf+cufy7Jef/pVTLv1ty/l9Otfy7Jeef3+/Jv1ty/vmzj/y7Jef/Sqrl3y05/6+lWv7dkvN/NdXy75ac/9dTLf9uyfm/lmr5d0vO/3Sq5d8tOf8zqT5g/itH3S9mI+efj3DZ/7sl55/PbJB/t+T8z6da/t2S87+Qavl3S87/9VTLv1ty/t9Itfy7Jed/MdXy75ac/zdTLf9uyflfSrX8uyXn/61Uy79bcv7fTrX8uyXn/0aq5d8tOf/vpFr+3ZLz/26q5d8tOf/vpVr+3ZLzfzPV8u+Wh9//b8aMGTN5pu1nJgAAAAAAAAAAAACgaRanE7e9jQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/9mBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFfbuLkaus74f+Jl989qBxEDI38nfwMYxISSb7NpO/EKbYsJrw1sJhEJfsF3v2iz4Da9dAo1k00CJhFFRRdtw0RYQanNTkQsuaAUoF6gVUiVoL+gNokLlIqoCCkiVaAXZas55nmdnZmdndu3x+sw5n4+U/LIzZ+acOXPm7H53850BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoNWtr5//dCPLsuY/+b+2ZtkLmv+9eWprftlrrvUWAgAAAFfqV/m/n7shXXBwDTdqWeafX/7dry0tLS1l7xv98/HPLy2lK6aybHxTluXXRU/96P2N1mWCx7LJxkjL1yN9Vj/a5/qxPteP97l+os/1m/pcP9nn+hU7YIXNxe9j8jvbmf/n1mKXZjdm4/l1O7vc6rHGppGR+LucXCO/zdL4sWwhO5HNZ7NtyxfLNvLlv3Frc11vyeK6RlrWtb15hPzs0aNxGxphH+9sW9fyfUY/eV029fOfPXr0b889e3O32Xc3tN1fsZ137Ghu5yfDJcW2NrJNaZ/E7Rxp2c7tXZ6T0bbtbOS3a/5353Y+t8btHF3ezA3V+ZxPZiP5f38v309jrb/WS/tpe7jsF7dlWXZxebM7l1mxrmwk29J2ycjy8zNZHJHN+2geSi/OxtZ1nN66huO0Oed2th+nna+J+PzfGm43tso2tD5NP/nERMvz/sulyzlOo+ajXu210nkMDvq1UpZjMB4X38sf9ONdj8Gd4fE/evvqx2DXY6fLMZged8sxuKPfMTgyMZpvc3oSGvltlo/BXW3Lj+ZrauTzmdt7H4Mz506emVn82MfvXjh55Pj88flTe3btmt2zd+/+/ftnji2cmJ8t/n2Ze7v8tmQj6TWwI+y7+Bp4VceyrYfq0pcmVpx/L/d1ONnjdbi1Y9lBvw7HOh9cY2NekCuP6eK18Z7mTp+8NJKt8hrLn587r/x1mB53y+twrOV12PV7SpfX4dgaXofNZc7cubafWcZa/um2Dat/L7iyY3BryzHY+fNI5zE46J9HynIMTobj4gd3rv69YHvY3sen1/vzyOiKYzA93HDuaV6Sft6f3J+PbsflLc0rrpvIzi/On73nkSPnzp3dlYWxIV7Scqx0Hq9bWh5TtuJ4HVn38Xpw4eWP39Ll8q1hX03e3fzX5KrPVXOZe+/p/Vzl392678+2S3dnYQzYRu/Pbt/Nm/tzIsu+8O1PPPTNR7/w+lX3ZzNvfnLmyn8WT7m05fw7vsr5N+b+54v1pbt6bHR8rHj9jqa9M952Pm5/qsbyc1cjX/dzM2s7H4+Hfzb6fHxjj/Pxto5lB30+Hu98cPF83Oj3244r0/l8Tobj5MRs7/Nxc5ltu9d7TI71PB/fFmYj7P9Xh6SQclHLsbPacZvWNTY2Hh7XWFxD+3G6p2358ZDNmut6cnf4oTBt5dqO0ztuK5YfbbldtFHH6VTHsoM+TtPvvlY7Thv9fvt2eTqfz8lwXNy4p/dx2lzm6Xuv/Ny5Of5ny7lzot8xOD460dzm8XQQ5uf7bGlzPAbvyY5mp7MT2Vx+7UR+PDXydU3ft7Zz5UT4Z6PPldt6HIN3dCw76GMwfR9b7dhrjK188APQ+XxOhuPiift6H4PNZd6wb7A/u94RLknLtPzs2vn7tdV+53VLx266WsfKWNjOb+/r/bvZ5jIn9q83Z/beT3eFS67rsp86X7+rvabmso3ZT9vCdj67f/X91Nye5jKfP7DG4+lglmUXPvJA/vve8PeVC+e//7W2v7t0+5vOhY888NMXHvun9Ww/AMPv+WJsKb7Xtfxlai1//wcAAACGQsz9I2Em8j8AAABURsz98f8KT+R/AAAAqIyY+8fCTKqQ//+4/yLb3vDswvMXstTMXwri9Wk3PFgsFzuus+HrqaVlzcsf+Mr8f//jhbVt3kiWZb988I+6Lr/twbhdhamwnU+9sf3yFb5295rWffjhC2m9rf31L4b7j49nrYdBtwrubJZl37jhs/l6pt5/KZ9PP3g4nw9dfPyx5jLPHSi+jrd/5iXF8n8Vyr8Hjx1pu/0zYT/8OMzZt3bfH/F2X7306u373ru8vni7xo7r84f9xAeK+43vk/O5x4rl435ebfu/+Zknv9pc/pFXdt/+CyPdt//JcL9fCfN/XlYs3/ocNL+Ot/tU2P64vni7e778ra7b/9Sni+XPvKlY7nCYcf13hK93vunZhdb99UjjSNvjyt5cLBfXP/v9P82vj/cX779z+ycPXWrbH53Hx9P/VtzPTMfy8fK4nugfOtbfvJ/W4zOu/8k/Ody2n/ut/6mHnnlZ8347139Xx3JnPnJnvv7l+2t/x6a//tRnu64vbs/Bvz/T9ngOviu8jsP6n/hAOB7D9f/7VHF/ne+ucPhd7eefuPwXt15oezzRW35erP+p1x7P56bJzVuue8ELr7/4iua+y7LvbSrur9/6j//N6bbt/9JNxf6I18eOfuf6VxPXf/aj06dOL55fmEt79dEb8vfOeVuxPXF7bwjn1s6vD50+98H5s1OzU7NZNlXdt9C7bF8O86fFuNh76aUVZ9A7Hw7P5y1/+Y0tt//rZ+Ll//6e4vJLby2+b70qLPe5cPnW8Pytb/0rPXHrTfnru/F02MKlle8XfCW27/yv/WtaMDz+zp8L4vF+5qUfzPdD87r8+0Z8XV/h9v9wrrifr4f9uhTemXnHTcvra10+vjfCpXcXr/cr3n/hNBef178Lz/fbf1zcf9yu+Hh/GH6O+da29vNdPD6+fmGk8/7zd/G4GM4n2cXi+rhU3N+Xnrup6+bF9yHJLt6cf/1n6X5uXtfDXM3ixxZnTiycOv/IzLn5xXMzix/7+KGTp8+fOncofy/PQx/qd/vl89OW/Pw0N7/33iw/W50uxlV2rbf/zMNH5/bN3j43f+zI+WPnHj4zf/b40cXFo/Nzi7cfOXZs/qP9br8wd/+u3Qf27Ns9fXxh7v79Bw7sOTC9cOp0czOKjepj7+yHp0+dPZTfZPH+ew/suu++e2enT56em79/3+zs9Pl+t8+/N003b/2H02fnTxw5t3Byfnpx4ePz9+86sHfv7r7vBnjyzLHFqZmz50/NnF+cPztTPJapc/nFze99/W5PNS3+R/HzbKdG8UZ82Tvv2pven7XpK59Y9a6KRTreQPTZ8F4033nRmf1r+Trm/vEwkyrkfwAAACAXc/9EmIn8DwAAAJURc/+mMBP5HwAAACoj5v7JMNP/ElCT/F+5/v+2C2tav/6//n/r/tL/r1n//91l6/8X5wv9/8G40v69/n+g/6//r/+v/6//zwCUrf8fc//mLPP3fwAAAKiomPu3hJnI/wAAAFAZMfdfF2Yi/wMAAEBlxNz/gjCTmuR//X/9f/1//X/9/+7r1/8fTvr/ven/96H/P5PVq/9/cZDbfw36/5tbv9D/p4zK1v+Puf+FYSY1yf8AAABQBzH3Xx9mIv8DAABAZcTcf0OYifwPAAAAlRFz/9Ywk5rkf/3/K+r/p86V/n/79uv/t9P/D8eD/r/+/wbQ/+9N/78P/X+f/z9c/f82+v+UUdn6/zH3vyjMpCb5HwAAAOog5v4Xh5nI/wAAAFA+Y5d3s5j7XxJmsiL/X+YKAAAAgGsu5v4bs44ieE3+/q//7/P/9f/1//X/u69/7f3/0Uz/vzz0/3vT/+9D/1//X/9f/5+BKlv/P8/92WT20jCTmuR/AAAAqIOY+28KM5H/AQAAoDJi7v9/YSbyPwAAAFRGzP3bwkxqkv/1/yvT//9F61On/6//32v9+v8+/7/K9P970//vQ/9f/1//X/+fgSpb/z/m/pvDTGqS/wEAAKAOYu6/JcxE/gcAAIDKiLn//4eZyP8AAABQGTH3bw8zqUn+1/8vef8/Nkd9/r/+v/5/Kfv/k/r/paP/35v+fx/6//r/+v/6/wxU2fr/Mfe/LMykJvkfAAAA6iDm/peHmcj/AAAAUBkx978izET+BwAAgMqIuX8qzKQm+X89/f/GRf3/1Vzlz/+fWMPn/7fR/9f/77V+/X+f/19l+v+96f/3of+v/6//r//PQJWt/x9z/61hJjXJ/wAAAFAHMffvCDOR/wEAAKAyYu6/LcxE/gcAAIDKiLl/Z5hJTfK/z/8fiv5/pv+v/6//r/+v/782+v+96f/3of+v/6//r//PQJWt/x9z/yvDTGqS/wEAAKAOYu6/PcxE/gcAAIDKiLn/VWEm8j8AAABURsz9d4SZ1CT/6//r/+v/6//r/3dfv/7/cNL/703/vw/9f/1//X/9fwaqbP3/mPtfHWZSk/wPAAAAdRBz/51hJvI/AAAAVEbM/XeFmcj/AAAAUBkx90+HmdQk/+v/6//r/+v/6/93X7/+/3DS/+9N/78P/X/9f/1//X8Gqmz9/5j77w4zqUn+BwAAgDqIuf+eMBP5HwAAACoj5v6ZMBP5HwAAACoj5v7ZMJOa5H/9f/1//X/9/3X1/1+xfL/6/wX9/3LR/+9N/78P/X/9/2ve/x/X/6dSytb/j7l/V5hJTfI/AAAA1EHM/bvDTOR/AAAAqIyY+/eEmcj/AAAAUBkx998bZlKT/K//r/+v/6//7/P/u69f/3846f/3Nvj+f3yI+v/6//r/Pv9f/5+Vytb/j7n/vjCTmuR/AAAAqIOY+/eGmcj/AAAAUBkx9+8LM5H/AQAAoDJi7t8fZlKT/K//r/+v/6//r//fff36/8NJ/783n//fh/6//v8Q9/+bx5b+P2VTtv5/zP0Hwkxqkv8BAACgDmLuf02YifwPAAAAlRFz/6+Fmcj/AAAAUBkx9/96mElN8r/+v/6//r/+f9n7/xP6//r/66D/35v+fx/6//r/Q9z/9/n/lFHZ+v8x998fZlKT/A8AAAB1EHP/b4SZyP8AAABQGTH3vzbMRP4HAACAyoi5/2CYSU3yv/7/BvX/44X6//r/+v8+/1///6rS/+9N/78P/X/9f/1//X8Gqmz9/5j7XxdmUpP8DwAAAHUQc/8DYSbyPwAAAFRGzP2vDzOR/wEAAKAyYu5/Q5hJTfK//r/P/7/2/f/xtm3X/1++nf5/Qf9f/3899P970//vQ/9f/1//X/+fgSpb/z/m/jeGmdQk/wMAAEAdxNz/pjAT+R8AAAAqI+b+N4eZyP8AAABQGTH3vyXMpCb5X/9f///a9/99/r/+f0H/X/9/EPT/e9P/70P/X/9f/1//n4EqW/8/5v7fDDOpSf4HAACAOoi5/8EwE/kfAAAAKiPm/reGmcj/AAAAUBkx978tzKQm+V//X/9f/1//X/+/+/r1/4eT/n9vQ9b//9X14XL9/4L+f7m3f739/7GOr69K//9Hq/X/lzZ13l7/n6uhbP3/mPvfHmZSk/wPAAAAdRBz/zvCTOR/AAAAqIyY+98ZZiL/AwAAQGXE3P9bYSY1yf/6/83tWG4v6//r/+cX6P/r/+v/Dy39/96GrP/v8/876P+Xe/t9/r/+PyuVrf8fc/+7wkxqkv8BAACgDmLufyjMRP4HAACAyoi5/91hJvI/AAAAVEbM/e8JM6lJ/tf/9/n/+v/6//r/3dev/z+c9P970//vQ/9f/79s/f//1P9nuJWt/x9z/8NhJjXJ/wAAAFAHMfe/N8xE/gcAAIDKiLn/t8NM5H8AAACojJj73xdmUpP8r/8/LP3/Kf3/dfb/J8Jl+v/6//r/9aL/35v+fx/6//r/Zev/+/x/hlzZ+v8x978/zGTt+X9yzUsCAAAA10TM/b8TZlKTv/8DAABAHcTc/7thJvI/AAAAVEbM/b8XZlKT/K//Pyz9f5//n/n8f/3/jsej/6//383G9f/jmUf/X/9f/z/S/9f/1/+nU9n6/zH3/36YSU3yPwAAANRBzP0fCDOR/wEAAGAodPt/sjvF3H8ozET+BwAAgMqIuf9wmElN8r/+v/6//n9J+/9/seNffvDddxzepf+v/6//vy4b+vn/zRe/z//X/9f/T/T/9f/1/+lUtv5/zP1HwkyWg9/bfMA/AAAADLeY+/8gzKQmf/8HAACAOoi5/2iYifwPAAAAlRFz/1yYSU3yv/6//r/+f0n7/0P8+f9xfwxT/3960xD1/+NJV/+/qw3t/793uSeu/7/e/v9E10s7+/8N/f82+v/r3v7vZFmm/6//zzVUtv5/zP3zYSY1yf8AAABQByH3jxwr5vIV8j8AAABURsz9x8NM5H8AAACojJj7PxhmUpP8r/+v/6//r//v8/+7r7+0/X+f/9+T/n9v5en/d+fz//X/h3n79f/1/1mpbP3/mPsXwkxqkv8BAACgDmLu/1CYifwPAAAAlRFz/4fDTOR/AAAAqIyY+0+EmdQk/+v/6//r/+v/6/93X7/+/3DS/+9N/78P/X/9f/1//X8Gqmz9/5j7T4aZ1CT/AwAAQB3E3H8qzOT/2LuPJsvq847jt3FTzBQb77zwwt77JbAwa/sFeMHGC7vK5YWxjXNicI4454BtJRRQAAmhhHICJSSUhSSUc0AZSTUqmOd5Znr69LndM7e7z/0/n89CDzSMzkU1BfrRfDn2PwAAAAwjd//NcYv9DwAAAMPI3f/LcUuT/a//1/8P2///pP7/oOfr//X/I9P/z9P/r6H/1//r//X/bNTS+v/c/b8StzTZ/wAAANBB7v5fjVvsfwAAABhG7v5b4hb7HwAAAIaRu//X4pYm+/+y/n9n1bP/z4xX/z9S/+/9/wc+X/+v/x/Zyfb/tz3xZz79v/5f/x/0//p//T+XW1r/n7v/1+OWJvsfAAAAOsjd/xtxi/0PAAAAw8jd/5txi/0PAAAAw8jd/1txS5P97/3/3v+v/9f/6/+nn6//307e/z+vU/9/y8PX/9Jj9/7ofUd5vv5f/6//1/+zWUvr/3P3/3bc0mT/AwAAQAe5+38nbrH/AQAAYBi5+383brH/AQAAYAudnfxq7v7fi1ua7H/9v/5f/x/9/xn9v/5f/z8C/f+8Tv3/lTxf/6//1//r/9mspfX/uft/P25psv8BAACgg9z9fxC32P8AAACwXFP/IPaM3P23xi32PwAAAAwjd/+5uKXJ/tf/H3///339/3b0/97/r//X/w9B/z9P/7+G/l//r//X/7NRS+v/c/ffFrc02f8AAADQQe7+P4xb7H8AAAAYRu7+P4pb7H8AAAAYRu7+P45bmux//b/3/+v/9f/6/+nn6/+3k/5/nv5/Df3/1fbz1+r/9f/6fy51xP7/8Zk/bW+k/8/d/ydxS5P9DwAAAB3k7v/TuMX+BwAAgGHk7v+zuMX+BwAAgGHk7v/zuKXJ/tf/6//1//r/K+7/9//Ue5L+f5r+/2To/+ctpv/f2Z38sv5/6/t/7//X/+v/2WNp7//P3f8XcUuT/Q8AAAAd5O7/y7hlZv8f+W/mAwAAAKcqd/9fxS2+/w8AAABbL6uz3P1/Hbc02f/6f/2//l//7/3/08+f6//vu+Tz6f+XRf8/bzH9/wH0//r/bf78+n/9P/strf/P3f83cUuT/Q8AAAAd5O6/PW6x/wEAAGAYufv/Nm6x/wEAAGAYufv/Lm5psv+n+/+Lv13/fzj6/72fX/8//fNjU/1//jfq/2f7/xu9/78n/f88/f8a+n/9v/7/oP7/7Lofr/9nytL6/9z9fx+3NNn/AAAA0EHu/n+IW+x/AAAAGEbu/n+MW+x/AAAAGEbu/n+KW5rsf+//1//r/7ev//f+/wtO8/3/qxPv/3f1/4ek/5+n/19D/6//1//Pv/9/5t8CoP9nytL6/9z9/xy3NNn/AAAA0EHu/n+JW+x/AAAA2A6X/rMDl/8DpSF3/7/GLfY/AAAADCN3/7/FLePs/9l3der/9f/6f/2//n/6+cvq/73//7D0//P0/2vo/4+jn98drP+/46Afv4T+/9bj7v9n6P+Zsqf/v//i10+r/8/d/+9xyzj7HwAAANrL3f8fcYv9DwAAAMPI3f+fcYv9DwAAAMPI3f9fcUuT/X/s/f/Mv31A/6//1//r//X/+v9N0//P0/+vof/3/n/v/9f/s1F7+v9LnFb/n7v/v+OWJvsfAAAAOsjd/z9xi/0PAAAAw8jdf0fcYv8DAADAMHL3/2/c0mT/e/+//l//r//X/08/X/+/na6qv79G/1/0//p//b/+X//PBiyt/8/d/39xS5P9DwAAAB3k7v//uMX+BwAAgGHk7n9K3GL/AwAAwDBy9z81bmmy//X/x9v/59f1//r/lf5f/6//PxFt3/+/M/VXov0O6P8f/IVzP733K/p//b/+X/+v/+eQfnjmty2i/z9/8f9d5u5/WtzSZP8DAABAB7n7nx632P8AAAAwjNz9z4hb7H8AAAAYRu7+O+OWI+7/ueZhyfT/3v+v/9f/6/+nn6//305t+/9D8v7/NfT/+n/9v/6fjVpE/3/Jr+fuf2bc4vv/AAAAMIzc/c+KW+x/AAAAGEbu/mfHLfY/AAAADCN3/3Pilib7X/+v/9f/6//1/9PP1/9vJ/3/PP3/GtvU/995Ff3/7vSXT7ufv1qn/fn1//p/9lta/5+7/664pcn+BwAAgA5y9z83brH/AQAAYBi5+58Xt9j/AAAAMIzc/c+PW5rsf/2//l//r//X/08/X/+/nfT/8/T/q9Xq7pkPMNX/n79umf2/9/8v7vPr//X/7Le0/j93/wvilib7HwAAADrI3X933GL/AwAAwDBy998Tt9j/AAAAMIzc/S+MW5rsf/2//l//r//X/08/X/+/nfT/8/T/a2zT+//1/4v7/Pp//T/7La3/z93/orilyf4HAACADnL33xu32P8AAAAwjNz9L45b7H8AAAAYRu7+++KWJvtf/6//1//r//X/08/X/2+n4+v/V/p//b/+fw39v/5f/8/lltb/5+5/SdzSZP8DAABAB7n7Xxq32P8AAAAwjNz9L4tb7H8AAAAYRu7+l8ctTfa//l//r//X/+v/p5+v/99O3v8/T/+/hv5f/6//1/+zUdP9/62n1v/n7n9F3NJk/wMAAEAHufvvj1vsfwAAABhG7v5Xxi32PwAAAAwjd/+r4pYm+1//r//f2/+vVvp//b/+/4IT6P/PrPT/G6f/n6f/X0P/P2b/f81qoP7/7IE/Xv/PEi3t/f+5+18dtzTZ/wAAANBB7v7XxC32PwAAAAwjd/9r4xb7HwAAAIaRu/91cUuT/a//1/97/7/+X/8//Xzv/99O+v95+v819P9j9v/e/6//59Qsrf/P3f/6uKXJ/gcAAIAOcve/IW6x/wEAAGAYufvfGLfY/wAAADCM3P1vilua7H/9v/5f/6//1/9PP1//v530//P0/2vo//X/+n/9Pxu1tP4/d/+b45Ym+x8AAAA6yN3/QNxi/wMAAMAwcvc/GLfY/wAAADCM3P1viVua7H/9v/5f/7+d/f8Z/b/+X/8/aSn9/w03/NRD+n/9v/5f/6//1/93t7T+P3f/W+OWJvsfAAAAOsjd/7a4xf4HAACAYeTuf3vcYv8DAADAMHL3vyNuabL/9/f/164uFKoXTPX/0ajp/y+h/9/7+fX/0z8/vP9f/6//P35L6f+9///KPr/+X/+/zZ//SP3/j+//8fp/RrS0/j93/0NxS5P9DwAAAB3k7n9n3GL/AwAAwDBy978rbrH/AQAAYBi5+x+OW5rsf+//1//r//X/+v/p5+v/t5P+f57+fw39v/7f+/9v/rkf0v+zOUvr/3P3vztuabL/AQAAoIPc/e+JW+x/AAAAGEbu/vfGLfY/AAAADCN3//vilib7X/+v/9f/6//1/9PP1/9vJ/3/PP1/ufwP7YI+/f+ZqS+edj9/tU778w/T/3v/Pxu0tP4/d//745Ym+x8AAAA6yN3/gbjF/gcAAIBh5O7/YNxi/wMAAMAwcvd/KG5psv/1//r/8fv/n9X/X/Z8/b/+f2T6//wr+jT9/xp9+v9Jp93Pb/vn1//r/9lvaf1/7v5H4pYm+x8AAAA6yN3/4bjF/gcAAIBh5O7/SNxi/wMAAMAwcvd/NG5psv/1/736/51Vx/7f+//1//r/TvT/8/T/a+j/9f/6f/0/G7W0/j93/6M7uy33PwAAAGyrn/mJX3zksL/vo0/+55nVx+KWG1fnD/ltbAAAAGDhntj9O7ur1cef/DXf/wcAAIAR5e7/RNzSZP/r/3v1/z3f/6//1//r/zvR/8/T/6+h/9f/6//1/2zU0vr/3P2fjFsuGX67R/6jBAAAAJYkd/+n4pYm3/8HAACADnL3fzpu2bf//esAAQAAYFvl7v9M3NLk+//6/4X3/6tj6v/j99P/X6D/1/9PPV//v530//Ousv8/v6P/1//P0P/r//X/XG5p/X/u/s/GLU32PwAAAAxqz99RyN3/ubjF/gcAAIBh5O7/fNxi/wMAAMAwcvd/IW5psv/1/yfe/2eqfozv/z9bv+T9/837/9vPTD5f/6//H5n+f573/6+h/x+l/79O/6//ZxmW1v/n7v9i3NJk/wMAAEAHufu/FLfY/wAAADCM3P1fjlvsfwAAABhG7v6vxC1N9r/+f+Hv/7+i/v8Q7//X//fo/w94/jj9/49cf+6Bm37+nrv0/1x0kv1//lzQ/+v/9f8XLKj/9/5//T8Lsfn+f3fPF4/a/+fu/2rc0mT/AwAAQAe5+x+LW+x/AAAAGEbu/q/FLfY/AAAADCN3/9fjlib7X/+v/19K/5//W59C/3/uivv/s6vV6lT6/2yKu/f/3v+v/9/P+//n6f/X0P/r//X/+n82avP9/94vHrX/z93/jbilyf4HAACADnL3fzNuyf2/c+S/dQ8AAAAsTO7+b8Utvv8PAAAAw8jd/+24pcn+1//r/5fS/yfv/7/448Z6//9NFaf27P9/rH5J/3+89P/z9P9r6P/1//p//T8btbT+P3f/d+KWJvsfAAAAOsjd/3jcYv8DAADAMHL3fzdusf8BAABgGLn7vxe3NNn/+v9R+/8s4vX/+v+l9P/e/+/9/ydD/z9P/7+G/l//r//X/7NRS+v/c/f/IAAA//9GqnSo")
syz_mount_image$fuse(0x0, &(0x7f0000002580)='./bus\x00', 0x805000, 0x0, 0x1, 0x0, 0x0)
rename(&(0x7f0000000180)='./file0\x00', &(0x7f0000000a00)='./bus/file0\x00')

352.509978ms ago: executing program 4 (id=985):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x2d8, 0x0, 0x18c, 0x203, 0x0, 0x19030000, 0x208, 0x2e0, 0x2e0, 0x208, 0x2e0, 0x7fffffe, 0x0, {[{{@ipv6={@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @mcast1, [0x0, 0x0, 0xff, 0xff], [0x7fffffff, 0xff000000, 0xff000000, 0xff000000], 'bond_slave_1\x00', 'bond0\x00', {}, {}, 0x84, 0x7, 0x2, 0x55}, 0x300, 0xf0, 0x118, 0x0, {0x1000000}, [@common=@dst={{0x48}, {0x7fff, 0x3, 0x7de91c6f22c9938, [0x9, 0x1ff, 0x87e, 0x2a, 0xafd4, 0x9, 0xa, 0x7, 0x6, 0x1000, 0x6, 0x200, 0x9, 0x0, 0x7, 0x3], 0xa}}]}, @common=@unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x0, 0x4}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x1, 0x5, 0x1, 0x1, 'syz0\x00', {0x7}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x338)

300.198153ms ago: executing program 4 (id=986):
r0 = socket(0x2d, 0x2, 0x0)
bind$xdp(r0, &(0x7f0000000080)={0x2d, 0x0, 0x0, 0xc}, 0x10)
r1 = socket(0x2d, 0x2, 0x0)
bind$xdp(r1, &(0x7f0000000080)={0x2d, 0x0, 0x0, 0xc}, 0x10)

300.004051ms ago: executing program 4 (id=987):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x1, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x8}, 0x94)
r0 = syz_io_uring_setup(0x10d2, &(0x7f0000000480)={0x0, 0x7736, 0x80, 0x0, 0x34f}, &(0x7f00000000c0)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000002c0)={0x1, &(0x7f0000000200)=[{0x32, 0x0, 0x0, 0x4}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_LINK_TIMEOUT={0xf, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x8})
io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0)

0s ago: executing program 4 (id=988):
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={0x0}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = syz_open_dev$usbfs(&(0x7f0000000100), 0x77, 0x101301)
ioctl$USBDEVFS_CONTROL(r0, 0xc0105500, &(0x7f0000000140)={0x80, 0x6, 0x303, 0xfffd, 0x13, 0x0, 0x0})

kernel console output (not intermixed with test programs):

_f2fs_write_data_pages+0x10/0x10
[   86.894771][ T1091]  do_writepages+0x32e/0x550
[   86.894784][ T1091]  ? reacquire_held_locks+0x127/0x1d0
[   86.894792][ T1091]  ? writeback_sb_inodes+0x384/0x1010
[   86.894806][ T1091]  __writeback_single_inode+0x145/0xff0
[   86.894816][ T1091]  ? do_raw_spin_unlock+0x4d/0x240
[   86.894829][ T1091]  writeback_sb_inodes+0x6c7/0x1010
[   86.894851][ T1091]  ? __pfx_writeback_sb_inodes+0x10/0x10
[   86.894888][ T1091]  ? rcu_is_watching+0x15/0xb0
[   86.894909][ T1091]  wb_writeback+0x43b/0xaf0
[   86.894932][ T1091]  ? queue_io+0x341/0x590
[   86.894950][ T1091]  ? __pfx_wb_writeback+0x10/0x10
[   86.894973][ T1091]  ? _raw_spin_unlock_irq+0x23/0x50
[   86.894992][ T1091]  wb_workfn+0x409/0xef0
[   86.895020][ T1091]  ? __pfx_wb_workfn+0x10/0x10
[   86.895036][ T1091]  ? __lock_acquire+0xab9/0xd20
[   86.895048][ T1091]  ? process_scheduled_works+0x9ef/0x17b0
[   86.895060][ T1091]  ? _raw_spin_unlock_irq+0x23/0x50
[   86.895068][ T1091]  ? process_scheduled_works+0x9ef/0x17b0
[   86.895075][ T1091]  ? process_scheduled_works+0x9ef/0x17b0
[   86.895084][ T1091]  process_scheduled_works+0xae1/0x17b0
[   86.895141][ T1091]  ? __pfx_process_scheduled_works+0x10/0x10
[   86.895170][ T1091]  worker_thread+0x8a0/0xda0
[   86.895202][ T1091]  kthread+0x711/0x8a0
[   86.895222][ T1091]  ? __pfx_worker_thread+0x10/0x10
[   86.895234][ T1091]  ? __pfx_kthread+0x10/0x10
[   86.895250][ T1091]  ? _raw_spin_unlock_irq+0x23/0x50
[   86.895263][ T1091]  ? lockdep_hardirqs_on+0x9c/0x150
[   86.895277][ T1091]  ? __pfx_kthread+0x10/0x10
[   86.895292][ T1091]  ret_from_fork+0x4bc/0x870
[   86.895329][ T1091]  ? __pfx_ret_from_fork+0x10/0x10
[   86.895349][ T1091]  ? __switch_to_asm+0x39/0x70
[   86.895359][ T1091]  ? __switch_to_asm+0x33/0x70
[   86.895367][ T1091]  ? __pfx_kthread+0x10/0x10
[   86.895382][ T1091]  ret_from_fork_asm+0x1a/0x30
[   86.895407][ T1091]  </TASK>
[   86.895414][ T1091] F2FS-fs (loop0): Remounting filesystem read-only
[   86.914382][   T33] usb 2-1: selecting invalid altsetting 0
[   86.916628][ T1091] CPU: 0 UID: 0 PID: 1091 Comm: kworker/u9:5 Not tainted syzkaller #0 PREEMPT(full) 
[   86.916647][ T1091] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   86.916656][ T1091] Workqueue: writeback wb_workfn (flush-7:0)
[   86.916679][ T1091] Call Trace:
[   86.916684][ T1091]  <TASK>
[   86.916692][ T1091]  dump_stack_lvl+0x189/0x250
[   86.916713][ T1091]  ? __pfx_dump_stack_lvl+0x10/0x10
[   86.916728][ T1091]  ? __pfx_queue_work_on+0x10/0x10
[   86.916739][ T1091]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   86.916764][ T1091]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   86.916791][ T1091]  f2fs_handle_critical_error+0x37c/0x540
[   86.916815][ T1091]  f2fs_write_end_io+0x886/0xb60
[   86.916841][ T1091]  __submit_merged_bio+0x27a/0x6a0
[   86.916864][ T1091]  __submit_merged_write_cond+0x44c/0x530
[   86.916888][ T1091]  f2fs_write_data_pages+0x261d/0x3000
[   86.916928][ T1091]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   86.916952][ T1091]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[   86.916994][ T1091]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[   86.917017][ T1091]  ? trace_f2fs_writepages+0x7f/0x200
[   86.917034][ T1091]  ? f2fs_write_node_pages+0x478/0x6e0
[   86.917055][ T1091]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[   86.917078][ T1091]  ? __lock_acquire+0xab9/0xd20
[   86.917095][ T1091]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   86.917132][ T1091]  do_writepages+0x32e/0x550
[   86.917151][ T1091]  ? reacquire_held_locks+0x127/0x1d0
[   86.917162][ T1091]  ? writeback_sb_inodes+0x384/0x1010
[   86.917185][ T1091]  __writeback_single_inode+0x145/0xff0
[   86.917202][ T1091]  ? do_raw_spin_unlock+0x4d/0x240
[   86.917222][ T1091]  writeback_sb_inodes+0x6c7/0x1010
[   86.917260][ T1091]  ? __pfx_writeback_sb_inodes+0x10/0x10
[   86.917310][ T1091]  ? rcu_is_watching+0x15/0xb0
[   86.917334][ T1091]  wb_writeback+0x43b/0xaf0
[   86.917357][ T1091]  ? queue_io+0x341/0x590
[   86.917375][ T1091]  ? __pfx_wb_writeback+0x10/0x10
[   86.917399][ T1091]  ? _raw_spin_unlock_irq+0x23/0x50
[   86.917419][ T1091]  wb_workfn+0x409/0xef0
[   86.917445][ T1091]  ? __pfx_wb_workfn+0x10/0x10
[   86.917464][ T1091]  ? __lock_acquire+0xab9/0xd20
[   86.917486][ T1091]  ? process_scheduled_works+0x9ef/0x17b0
[   86.917576][ T1091]  ? _raw_spin_unlock_irq+0x23/0x50
[   86.917609][ T1091]  ? process_scheduled_works+0x9ef/0x17b0
[   86.917623][ T1091]  ? process_scheduled_works+0x9ef/0x17b0
[   86.917636][ T1091]  process_scheduled_works+0xae1/0x17b0
[   86.917690][ T1091]  ? __pfx_process_scheduled_works+0x10/0x10
[   86.917717][ T1091]  worker_thread+0x8a0/0xda0
[   86.917752][ T1091]  kthread+0x711/0x8a0
[   86.917769][ T1091]  ? __pfx_worker_thread+0x10/0x10
[   86.917780][ T1091]  ? __pfx_kthread+0x10/0x10
[   86.917797][ T1091]  ? _raw_spin_unlock_irq+0x23/0x50
[   86.917812][ T1091]  ? lockdep_hardirqs_on+0x9c/0x150
[   86.917828][ T1091]  ? __pfx_kthread+0x10/0x10
[   86.917844][ T1091]  ret_from_fork+0x4bc/0x870
[   86.917862][ T1091]  ? __pfx_ret_from_fork+0x10/0x10
[   86.917879][ T1091]  ? __switch_to_asm+0x39/0x70
[   86.917887][ T1091]  ? __switch_to_asm+0x33/0x70
[   86.917895][ T1091]  ? __pfx_kthread+0x10/0x10
[   86.917909][ T1091]  ret_from_fork_asm+0x1a/0x30
[   86.917933][ T1091]  </TASK>
[   86.917942][ T1091] F2FS-fs (loop0): Remounting filesystem read-only
[   86.926585][   T33] usbtest 2-1:220.1: probe with driver usbtest failed with error -22
[   87.051417][   T10] cfg80211: failed to load regulatory.db
[   87.057664][   T33] usb 2-1: USB disconnect, device number 8
[   87.708698][ T6858] netlink: 'syz.1.383': attribute type 6 has an invalid length.
[   88.167141][ T6858] netlink: 112 bytes leftover after parsing attributes in process `syz.1.383'.
[   88.440779][ T6866] loop2: detected capacity change from 0 to 32768
[   88.461640][ T6874] loop0: detected capacity change from 0 to 512
[   88.466355][ T6874] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   88.474321][ T6866] (syz.2.387,6866,1):ocfs2_get_truncate_log_info:6193 ERROR: status = -117
[   88.476138][ T6874] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #15: comm syz.0.367: inode has both inline data and extents flags
[   88.481483][ T6866] (syz.2.387,6866,1):ocfs2_truncate_log_init:6363 ERROR: status = -117
[   88.482387][ T6874] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.367: couldn't read orphan inode 15 (err -117)
[   88.484951][ T6866] (syz.2.387,6866,1):ocfs2_mount_volume:1770 ERROR: status = -117
[   88.491377][ T6874] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   88.511774][ T6866] (syz.2.387,6866,1):ocfs2_fill_super:1177 ERROR: status = -117
[   88.559574][ T5816] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   88.715011][ T6894] netlink: 4 bytes leftover after parsing attributes in process `syz.0.398'.
[   88.718691][ T6894] netlink: 4 bytes leftover after parsing attributes in process `syz.0.398'.
[   88.968951][ T6898] loop0: detected capacity change from 0 to 32768
[   88.972668][ T6898] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.400 (6898)
[   88.980083][ T6898] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   88.984423][ T6898] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[   89.066957][ T6898] BTRFS info (device loop0): enabling ssd optimizations
[   89.069670][ T6898] BTRFS info (device loop0): turning on async discard
[   89.072344][ T6898] BTRFS info (device loop0): enabling free space tree
[   89.087936][ T6911] loop2: detected capacity change from 0 to 4096
[   89.091770][ T6911] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[   89.097069][ T6911] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 4096)
[   89.107283][ T6918] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   89.142374][ T6911] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=12)
[   89.150883][ T6911] Remounting filesystem read-only
[   89.427337][ T5816] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   89.532085][ T6922] loop2: detected capacity change from 0 to 128
[   89.535157][ T6922] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   89.548144][ T6922] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   89.612780][   T52] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   89.618239][ T6928] loop1: detected capacity change from 0 to 512
[   89.643328][ T6933] loop2: detected capacity change from 0 to 1024
[   89.651774][ T6928] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   89.666060][ T6928] ext4 filesystem being mounted at /147/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   89.688668][   T27] hfsplus: b-tree write err: -5, ino 4
[   89.718481][ T5807] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   90.006394][ T6949] random: crng reseeded on system resumption
[   90.271888][ T6949] loop2: detected capacity change from 0 to 32768
[   90.292776][ T6949] XFS (loop2): Mounting V5 filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791 in no-recovery mode. Filesystem will be inconsistent.
[   90.317302][   T56] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[   90.320425][   T56] Bluetooth: hci1: Injecting HCI hardware error event
[   90.325531][ T5815] Bluetooth: hci1: hardware error 0x00
[   90.358328][ T5809] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   90.557361][ T6969] loop0: detected capacity change from 0 to 128
[   90.560235][ T6969] EXT4-fs: Ignoring removed nobh option
[   90.566652][ T6969] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[   90.572673][ T6969] ext4 filesystem being mounted at /131/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[   90.658188][ T5816] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   90.769063][ T6981] netlink: 4 bytes leftover after parsing attributes in process `syz.0.424'.
[   90.810404][ T6986] loop0: detected capacity change from 0 to 8
[   90.816117][ T6986] SQUASHFS error: Unable to read inode 0x11f
[   90.825151][ T6984] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(10)
[   90.827473][ T6984] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   90.845313][ T6976] loop2: detected capacity change from 0 to 40427
[   90.846277][ T6984] vhci_hcd vhci_hcd.0: Device attached
[   90.849892][ T6976] F2FS-fs (loop2): invalid crc value
[   90.863993][ T6984] vhci_hcd vhci_hcd.0: pdev(1) rhport(1) sockfd(12)
[   90.866216][ T6984] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   90.886735][ T6984] vhci_hcd vhci_hcd.0: Device attached
[   90.891066][ T6984] vhci_hcd vhci_hcd.0: pdev(1) rhport(2) sockfd(14)
[   90.893060][ T6984] vhci_hcd vhci_hcd.0: devid(0) speed(2) speed_str(full-speed)
[   90.901664][ T6984] vhci_hcd vhci_hcd.0: Device attached
[   90.908665][ T6984] vhci_hcd vhci_hcd.0: pdev(1) rhport(3) sockfd(16)
[   90.910378][ T6976] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   90.910769][ T6984] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   90.916599][ T6984] vhci_hcd vhci_hcd.0: Device attached
[   90.922916][ T6976] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[   90.927563][ T6984] vhci_hcd vhci_hcd.0: pdev(1) rhport(4) sockfd(18)
[   90.929638][ T6984] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   90.935027][ T6984] vhci_hcd vhci_hcd.0: Device attached
[   90.939354][ T7006] loop0: detected capacity change from 0 to 128
[   90.942302][ T7006] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   90.949712][ T6984] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(20)
[   90.949934][ T7006] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   90.952159][ T6984] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed)
[   90.964320][ T6984] vhci_hcd vhci_hcd.0: Device attached
[   90.969661][ T6984] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   90.973637][ T6984] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   90.977740][ T6984] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[   90.981806][ T6984] vhci_hcd vhci_hcd.0: port 0 already used
[   90.988074][ T5809] syz-executor: attempt to access beyond end of device
[   90.988074][ T5809] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   90.995221][ T7007] vhci_hcd: connection closed
[   90.996300][   T12] vhci_hcd: stop threads
[   90.996948][ T7003] vhci_hcd: connection closed
[   90.997821][   T12] vhci_hcd: release socket
[   90.999891][ T7000] vhci_hcd: connection closed
[   91.000875][   T12] vhci_hcd: disconnect device
[   91.003905][ T5809] CPU: 0 UID: 0 PID: 5809 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[   91.003918][ T5809] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   91.003922][ T5809] Call Trace:
[   91.003926][ T5809]  <TASK>
[   91.003929][ T5809]  dump_stack_lvl+0x189/0x250
[   91.003944][ T5809]  ? __pfx_dump_stack_lvl+0x10/0x10
[   91.003954][ T5809]  ? __pfx_queue_work_on+0x10/0x10
[   91.003962][ T5809]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   91.003972][ T5809]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   91.003985][ T5809]  f2fs_handle_critical_error+0x37c/0x540
[   91.003999][ T5809]  f2fs_write_end_io+0x886/0xb60
[   91.004013][ T5809]  __submit_merged_bio+0x27a/0x6a0
[   91.004026][ T5809]  __submit_merged_write_cond+0x255/0x530
[   91.004039][ T5809]  f2fs_write_data_pages+0x261d/0x3000
[   91.004059][ T5809]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   91.004091][ T5809]  ? __lock_acquire+0xab9/0xd20
[   91.004132][ T5809]  ? do_raw_spin_lock+0x121/0x290
[   91.004145][ T5809]  ? do_raw_spin_unlock+0x4d/0x240
[   91.004154][ T5809]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   91.004162][ T5809]  do_writepages+0x32e/0x550
[   91.004175][ T5809]  ? do_raw_spin_unlock+0x4d/0x240
[   91.004185][ T5809]  filemap_fdatawrite+0x199/0x240
[   91.004195][ T5809]  ? __pfx_filemap_fdatawrite+0x10/0x10
[   91.004220][ T5809]  ? do_raw_spin_unlock+0x4d/0x240
[   91.004231][ T5809]  f2fs_sync_dirty_inodes+0x31f/0x830
[   91.004244][ T5809]  f2fs_write_checkpoint+0x93e/0x2440
[   91.004252][ T5809]  ? __lock_acquire+0xab9/0xd20
[   91.004269][ T5809]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[   91.004297][ T5809]  kill_f2fs_super+0x2cc/0x6d0
[   91.004307][ T5809]  ? __pfx_kill_f2fs_super+0x10/0x10
[   91.004321][ T5809]  ? shrinker_free+0x2ce/0x3e0
[   91.004330][ T5809]  deactivate_locked_super+0xbc/0x130
[   91.004340][ T5809]  cleanup_mnt+0x425/0x4c0
[   91.004348][ T5809]  ? lockdep_hardirqs_on+0x9c/0x150
[   91.004360][ T5809]  task_work_run+0x1d4/0x260
[   91.004370][ T5809]  ? __pfx_task_work_run+0x10/0x10
[   91.004379][ T5809]  ? __x64_sys_umount+0x122/0x160
[   91.004390][ T5809]  ? exit_to_user_mode_loop+0x40/0x130
[   91.004398][ T5809]  exit_to_user_mode_loop+0xe9/0x130
[   91.004405][ T5809]  do_syscall_64+0x2bd/0xfa0
[   91.004415][ T5809]  ? lockdep_hardirqs_on+0x9c/0x150
[   91.004424][ T5809]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.004431][ T5809]  ? exc_page_fault+0xab/0x100
[   91.004441][ T5809]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   91.004448][ T5809] RIP: 0033:0x7f1936790a77
[   91.004455][ T5809] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[   91.004461][ T5809] RSP: 002b:00007ffcb5759788 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   91.004470][ T5809] RAX: 0000000000000000 RBX: 00007f1936813d7d RCX: 00007f1936790a77
[   91.004475][ T5809] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcb5759840
[   91.004479][ T5809] RBP: 00007ffcb5759840 R08: 0000000000000000 R09: 0000000000000000
[   91.004483][ T5809] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffcb575a8d0
[   91.004487][ T5809] R13: 00007f1936813d7d R14: 00000000000162dd R15: 00007ffcb575a910
[   91.004499][ T5809]  </TASK>
[   91.004502][ T5809] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[   91.006408][   T12] vhci_hcd: stop threads
[   91.010059][ T6987] vhci_hcd: connection closed
[   91.013702][   T12] vhci_hcd: release socket
[   91.014619][ T6993] vhci_hcd: connection closed
[   91.014789][   T12] vhci_hcd: disconnect device
[   91.022699][ T6998] vhci_hcd: connection closed
[   91.030697][   T12] vhci_hcd: stop threads
[   91.106170][  T794] usb 35-1: new low-speed USB device number 3 using vhci_hcd
[   91.109135][   T12] vhci_hcd: release socket
[   91.117238][ T6988] vhci_hcd: sendmsg failed!, ret=-32 for 48
[   91.119509][   T27] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   91.139242][   T12] vhci_hcd: disconnect device
[   91.141243][   T12] vhci_hcd: stop threads
[   91.154404][   T12] vhci_hcd: release socket
[   91.156185][   T12] vhci_hcd: disconnect device
[   91.157886][   T12] vhci_hcd: stop threads
[   91.159396][   T12] vhci_hcd: release socket
[   91.160949][   T12] vhci_hcd: disconnect device
[   91.162810][   T12] vhci_hcd: stop threads
[   91.164188][   T12] vhci_hcd: release socket
[   91.166729][   T12] vhci_hcd: disconnect device
[   91.354057][ T7028] loop0: detected capacity change from 0 to 1024
[   91.357688][ T7028] EXT4-fs: Ignoring removed nobh option
[   91.359538][ T7028] EXT4-fs: Ignoring removed bh option
[   91.362566][ T7030] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3)
[   91.365053][ T7030] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[   91.370893][ T7030] vhci_hcd vhci_hcd.0: Device attached
[   91.375279][ T7031] vhci_hcd: connection closed
[   91.375562][   T12] vhci_hcd: stop threads
[   91.379801][   T12] vhci_hcd: release socket
[   91.381351][   T12] vhci_hcd: disconnect device
[   91.393205][ T7028] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   91.422080][ T7028] EXT4-fs error (device loop0): mb_free_blocks:2017: group 0, inode 15: block 209:freeing already freed block (bit 13); block bitmap corrupt.
[   91.450568][ T5816] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   91.491881][ T7036] loop0: detected capacity change from 0 to 1024
[   91.494742][ T7036] EXT4-fs: Ignoring removed orlov option
[   91.520028][ T7036] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   91.568335][ T5816] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.111013][ T7066] random: crng reseeded on system resumption
[   92.123856][ T7066] Unrecognized hibernate image header format!
[   92.128435][ T7066] PM: hibernation: Image mismatch: architecture specific data
[   92.287899][   T10] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[   92.398559][ T5815] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[   92.446163][   T10] usb 2-1: Using ep0 maxpacket: 8
[   92.452368][   T10] usb 2-1: config 9 has an invalid interface number: 104 but max is 0
[   92.456275][   T10] usb 2-1: config 9 has no interface number 0
[   92.459299][   T10] usb 2-1: config 9 interface 104 has no altsetting 0
[   92.465371][   T10] usb 2-1: New USB device found, idVendor=041e, idProduct=3f0a, bcdDevice=b4.04
[   92.469178][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   92.472621][   T10] usb 2-1: Product: syz
[   92.474398][   T10] usb 2-1: Manufacturer: syz
[   92.476427][   T10] usb 2-1: SerialNumber: syz
[   92.665895][ T5879] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[   92.701718][   T10] usb 2-1: unknown interface protocol 0xe1, assuming v1
[   92.704623][   T10] usb 2-1: cannot find UAC_HEADER
[   92.719090][   T10] snd-usb-audio 2-1:9.104: probe with driver snd-usb-audio failed with error -22
[   92.723346][   T10] usb 2-1: USB disconnect, device number 9
[   92.760389][ T7080] loop0: detected capacity change from 0 to 32768
[   92.768805][ T7080] 
[   92.768805][ T7080]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   92.768805][ T7080] 
[   92.779581][ T7080] ERROR: (device loop0): ea_get: invalid ea.flag
[   92.779581][ T7080] 
[   92.784084][ T7080] ERROR: (device loop0): remounting filesystem as read-only
[   92.825859][ T5879] usb 3-1: Using ep0 maxpacket: 32
[   92.840218][ T5879] usb 3-1: unable to get BOS descriptor or descriptor too short
[   92.846637][ T5879] usb 3-1: config 11 has an invalid interface number: 194 but max is 0
[   92.849932][ T5879] usb 3-1: config 11 has no interface number 0
[   92.852639][ T5879] usb 3-1: config 11 interface 194 altsetting 7 endpoint 0xC has an invalid bInterval 22, changing to 8
[   92.858506][ T5879] usb 3-1: config 11 interface 194 has no altsetting 0
[   92.863700][ T5879] usb 3-1: New USB device found, idVendor=10f0, idProduct=2002, bcdDevice=1d.31
[   92.868083][ T5879] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   92.871424][ T5879] usb 3-1: Product: syz
[   92.873024][ T5879] usb 3-1: Manufacturer: syz
[   92.875027][ T5879] usb 3-1: SerialNumber: syz
[   92.953326][ T7084] loop0: detected capacity change from 0 to 4096
[   92.958620][ T7084] EXT4-fs (loop0): Test dummy encryption mode enabled
[   92.961862][ T7084] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[   92.964379][ T7084] System zones: 0-5
[   92.968120][ T7084] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   93.011862][ T5816] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   93.097891][ T5879] usb 3-1: USB disconnect, device number 4
[   93.268938][ T7102] 9pnet_fd: Insufficient options for proto=fd
[   93.771874][ T7120] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   93.772967][ T7110] loop0: detected capacity change from 0 to 32768
[   93.801391][ T7110] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   93.820664][ T7110] XFS (loop0): Ending clean mount
[   93.825541][ T7110] XFS (loop0): Quotacheck needed: Please wait.
[   93.829405][ T7132] netlink: 12 bytes leftover after parsing attributes in process `syz.2.479'.
[   93.851962][ T7110] XFS (loop0): Quotacheck: Done.
[   93.885045][ T5816] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   94.067905][ T7142] loop0: detected capacity change from 0 to 4096
[   94.141338][ T7145] netlink: 4 bytes leftover after parsing attributes in process `syz.2.485'.
[   94.147217][ T7146] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   94.453920][ T7156] overlayfs: overlapping lowerdir path
[   94.514324][ T7157] overlayfs: failed to verify upper (164/file0, ino=878, err=-116)
[   94.517696][ T7157] overlayfs: failed to verify index dir 'upper' xattr
[   94.520634][ T7157] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index.
[   94.568246][ T7153] loop0: detected capacity change from 0 to 8192
[   94.808671][ T7161] loop2: detected capacity change from 0 to 32768
[   95.208636][ T2259] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[   95.218522][ T7176] loop0: detected capacity change from 0 to 40427
[   95.221636][ T7176] F2FS-fs (loop0): build fault injection rate: 174
[   95.224026][ T7176] F2FS-fs (loop0): build fault injection type: 0x3bfe8c
[   95.232471][ T7176] F2FS-fs (loop0): invalid crc value
[   95.283174][ T7176] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   95.289716][ T7182] loop1: detected capacity change from 0 to 256
[   95.292573][ T7176] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   95.308550][ T7182] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   95.315446][ T7182] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010364, chksum : 0x43fc1a1b, utbl_chksum : 0xe619d30d)
[   95.323358][ T7176] syz.0.498: attempt to access beyond end of device
[   95.323358][ T7176] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   95.330778][ T7176] CPU: 1 UID: 0 PID: 7176 Comm: syz.0.498 Not tainted syzkaller #0 PREEMPT(full) 
[   95.330794][ T7176] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   95.330800][ T7176] Call Trace:
[   95.330804][ T7176]  <TASK>
[   95.330809][ T7176]  dump_stack_lvl+0x189/0x250
[   95.330828][ T7176]  ? __pfx_dump_stack_lvl+0x10/0x10
[   95.330840][ T7176]  ? __pfx_queue_work_on+0x10/0x10
[   95.330849][ T7176]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   95.330863][ T7176]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   95.330879][ T7176]  f2fs_handle_critical_error+0x37c/0x540
[   95.330899][ T7176]  f2fs_write_end_io+0x886/0xb60
[   95.330924][ T7176]  __submit_merged_bio+0x27a/0x6a0
[   95.330948][ T7176]  __submit_merged_write_cond+0x255/0x530
[   95.330965][ T7176]  f2fs_write_data_pages+0x261d/0x3000
[   95.330989][ T7176]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   95.331030][ T7176]  ? check_path+0x21/0x40
[   95.331045][ T7176]  ? check_noncircular+0xe0/0x160
[   95.331076][ T7176]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   95.331085][ T7176]  do_writepages+0x32e/0x550
[   95.331145][ T7176]  ? do_raw_spin_unlock+0x4d/0x240
[   95.331159][ T7176]  filemap_fdatawrite+0x199/0x240
[   95.331171][ T7176]  ? __pfx_filemap_fdatawrite+0x10/0x10
[   95.331204][ T7176]  ? do_raw_spin_unlock+0x4d/0x240
[   95.331216][ T7176]  f2fs_sync_dirty_inodes+0x31f/0x830
[   95.331233][ T7176]  f2fs_write_checkpoint+0x93e/0x2440
[   95.331242][ T7176]  ? check_noncircular+0xe0/0x160
[   95.331265][ T7176]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[   95.331293][ T7176]  ? down_write+0x162/0x1f0
[   95.331301][ T7176]  ? __pfx_down_write+0x10/0x10
[   95.331316][ T7176]  f2fs_issue_checkpoint+0x3b8/0x610
[   95.331327][ T7176]  ? __pfx_f2fs_issue_checkpoint+0x10/0x10
[   95.331344][ T7176]  ? __lock_acquire+0xab9/0xd20
[   95.331368][ T7176]  ? f2fs_sync_fs+0x200/0x3d0
[   95.331381][ T7176]  f2fs_do_sync_file+0x869/0x1860
[   95.331395][ T7176]  ? __pfx_f2fs_do_sync_file+0x10/0x10
[   95.331421][ T7176]  ? f2fs_file_write_iter+0x4ac/0x24a0
[   95.331432][ T7176]  ? vfs_fsync_range+0x12c/0x1c0
[   95.331442][ T7176]  ? f2fs_sync_file+0xe9/0x160
[   95.331451][ T7176]  f2fs_file_write_iter+0x753/0x24a0
[   95.331471][ T7176]  ? __pfx_f2fs_file_write_iter+0x10/0x10
[   95.331480][ T7176]  ? rcu_read_lock_any_held+0xb3/0x120
[   95.331498][ T7176]  vfs_write+0x5c9/0xb30
[   95.331512][ T7176]  ? __pfx_f2fs_file_write_iter+0x10/0x10
[   95.331522][ T7176]  ? __pfx_vfs_write+0x10/0x10
[   95.331538][ T7176]  ? __fget_files+0x2a/0x420
[   95.331551][ T7176]  ksys_write+0x145/0x250
[   95.331563][ T7176]  ? __pfx_ksys_write+0x10/0x10
[   95.331583][ T7176]  ? do_syscall_64+0xbe/0xfa0
[   95.331597][ T7176]  do_syscall_64+0xfa/0xfa0
[   95.331608][ T7176]  ? lockdep_hardirqs_on+0x9c/0x150
[   95.331620][ T7176]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.331629][ T7176]  ? exc_page_fault+0xab/0x100
[   95.331642][ T7176]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   95.331650][ T7176] RIP: 0033:0x7f3600d8f749
[   95.331660][ T7176] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   95.331667][ T7176] RSP: 002b:00007f3601d0c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   95.331678][ T7176] RAX: ffffffffffffffda RBX: 00007f3600fe5fa0 RCX: 00007f3600d8f749
[   95.331689][ T7176] RDX: 0000000000000020 RSI: 0000200000000140 RDI: 0000000000000004
[   95.331697][ T7176] RBP: 00007f3600e13f91 R08: 0000000000000000 R09: 0000000000000000
[   95.331705][ T7176] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[   95.331711][ T7176] R13: 00007f3600fe6038 R14: 00007f3600fe5fa0 R15: 00007ffdd17c2fc8
[   95.331725][ T7176]  </TASK>
[   95.331729][ T7176] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[   95.367000][ T2259] usb 3-1: Using ep0 maxpacket: 32
[   95.490804][ T2259] usb 3-1: config 0 has an invalid interface number: 51 but max is 0
[   95.493988][ T2259] usb 3-1: config 0 has no interface number 0
[   95.524369][ T2259] usb 3-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[   95.528575][ T2259] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   95.531651][ T2259] usb 3-1: Product: syz
[   95.533001][ T2259] usb 3-1: Manufacturer: syz
[   95.534645][ T2259] usb 3-1: SerialNumber: syz
[   95.547709][ T2259] usb 3-1: config 0 descriptor??
[   95.551701][ T2259] quatech2 3-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[   95.760042][ T2259] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[   95.767418][ T2259] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[   96.198164][   T33] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[   96.260715][    C0] usb 3-1: qt2_read_bulk_callback - non-zero urb status: -71
[   96.268875][ T5879] usb 3-1: USB disconnect, device number 5
[   96.323801][ T5879] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[   96.346707][ T5879] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[   96.351662][ T5879] quatech2 3-1:0.51: device disconnected
[   96.366731][   T33] usb 2-1: too many configurations: 25, using maximum allowed: 8
[   96.377714][   T33] usb 2-1: New USB device found, idVendor=041e, idProduct=4011, bcdDevice=af.98
[   96.380870][   T33] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   96.384812][   T33] usb 2-1: config 0 descriptor??
[   96.388717][   T33] pwc: Creative Labs Webcam Pro Ex detected.
[   96.390660][   T33] pwc: Warning: more than 1 configuration available.
[   96.415907][  T794] vhci_hcd: vhci_device speed not set
[   97.118049][ T7214] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[   97.145206][ T7214] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[   97.152023][ T7206] loop1: detected capacity change from 0 to 32768
[   97.189867][ T7206] ocfs2: Slot 0 on device (7,1) was already allocated to this node!
[   97.211761][ T7212] loop2: detected capacity change from 0 to 32768
[   97.218745][ T7206] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[   97.261759][ T7212] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[   97.279347][ T7212] XFS (loop2): Ending clean mount
[   97.290819][ T7212] XFS (loop2): Quotacheck needed: Please wait.
[   97.315520][ T7212] XFS (loop2): Quotacheck: Done.
[   97.406850][ T5809] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[   97.624574][ T7236] loop2: detected capacity change from 0 to 256
[   97.846156][ T7244] loop2: detected capacity change from 0 to 32768
[   97.849249][ T7244] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.521 (7244)
[   97.853214][ T7248] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[   97.860204][ T7244] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[   97.863443][ T7244] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm
[   97.911236][ T7244] BTRFS info (device loop2): enabling ssd optimizations
[   97.921230][ T7244] BTRFS info (device loop2): turning on async discard
[   97.928180][ T7244] BTRFS info (device loop2): enabling free space tree
[   97.934713][ T7244] BTRFS info (device loop2): force zlib compression, level 3
[   97.954272][   T34] audit: type=1800 audit(1764023219.424:17): pid=7244 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.521" name="file1" dev="loop2" ino=260 res=0 errno=0
[   97.981018][ T5809] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[   98.363447][ T7277] loop0: detected capacity change from 0 to 32768
[   98.380862][ T7277] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   98.404879][ T7277] XFS (loop0): Ending clean mount
[   98.437066][ T5816] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   98.924266][   T33] pwc: Failed to set LED on/off time (-71)
[   98.928399][   T33] pwc: send_video_command error -71
[   98.930742][   T33] pwc: Failed to set video mode VGA@30 fps; return code = -71
[   98.937375][   T33] Philips webcam 2-1:0.0: probe with driver Philips webcam failed with error -71
[   98.942766][   T33] usb 2-1: USB disconnect, device number 10
[   98.972590][ T5807] ocfs2: Unmounting device (7,1) on (node local)
[   99.004939][ T7291] loop0: detected capacity change from 0 to 40427
[   99.009564][ T7291] F2FS-fs (loop0): invalid crc value
[   99.054859][ T7291] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   99.067164][ T7291] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   99.117611][ T5816] syz-executor: attempt to access beyond end of device
[   99.117611][ T5816] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   99.125861][ T5816] CPU: 1 UID: 0 PID: 5816 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[   99.125875][ T5816] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   99.125896][ T5816] Call Trace:
[   99.125900][ T5816]  <TASK>
[   99.125904][ T5816]  dump_stack_lvl+0x189/0x250
[   99.125922][ T5816]  ? __pfx_dump_stack_lvl+0x10/0x10
[   99.125932][ T5816]  ? __pfx_queue_work_on+0x10/0x10
[   99.125939][ T5816]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   99.125950][ T5816]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   99.125965][ T5816]  f2fs_handle_critical_error+0x37c/0x540
[   99.125979][ T5816]  f2fs_write_end_io+0x886/0xb60
[   99.125995][ T5816]  __submit_merged_bio+0x27a/0x6a0
[   99.126009][ T5816]  __submit_merged_write_cond+0x255/0x530
[   99.126022][ T5816]  f2fs_write_data_pages+0x261d/0x3000
[   99.126029][ T5816]  ? __pfx_usage_match+0x10/0x10
[   99.126037][ T5816]  ? __bfs+0x154/0x2a0
[   99.126058][ T5816]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   99.126064][ T5816]  ? __switch_to+0xdc8/0x1690
[   99.126121][ T5816]  ? rcu_is_watching+0x15/0xb0
[   99.126132][ T5816]  ? trace_sched_exit_tp+0x36/0x110
[   99.126143][ T5816]  ? __schedule+0x17ae/0x4cc0
[   99.126154][ T5816]  ? folios_put_refs+0x584/0x670
[   99.126168][ T5816]  ? __lock_acquire+0xab9/0xd20
[   99.126179][ T5816]  ? do_raw_spin_lock+0x121/0x290
[   99.126194][ T5816]  ? do_raw_spin_unlock+0x4d/0x240
[   99.126203][ T5816]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   99.126211][ T5816]  do_writepages+0x32e/0x550
[   99.126225][ T5816]  ? do_raw_spin_unlock+0x4d/0x240
[   99.126237][ T5816]  filemap_fdatawrite+0x199/0x240
[   99.126246][ T5816]  ? __pfx_filemap_fdatawrite+0x10/0x10
[   99.126277][ T5816]  ? do_raw_spin_unlock+0x4d/0x240
[   99.126288][ T5816]  f2fs_sync_dirty_inodes+0x31f/0x830
[   99.126303][ T5816]  f2fs_write_checkpoint+0x93e/0x2440
[   99.126311][ T5816]  ? __lock_acquire+0xab9/0xd20
[   99.126330][ T5816]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[   99.126363][ T5816]  kill_f2fs_super+0x2cc/0x6d0
[   99.126374][ T5816]  ? __pfx_kill_f2fs_super+0x10/0x10
[   99.126390][ T5816]  ? shrinker_free+0x2ce/0x3e0
[   99.126400][ T5816]  deactivate_locked_super+0xbc/0x130
[   99.126410][ T5816]  cleanup_mnt+0x425/0x4c0
[   99.126419][ T5816]  ? lockdep_hardirqs_on+0x9c/0x150
[   99.126431][ T5816]  task_work_run+0x1d4/0x260
[   99.126442][ T5816]  ? __pfx_task_work_run+0x10/0x10
[   99.126450][ T5816]  ? __x64_sys_umount+0x122/0x160
[   99.126462][ T5816]  ? exit_to_user_mode_loop+0x40/0x130
[   99.126470][ T5816]  exit_to_user_mode_loop+0xe9/0x130
[   99.126477][ T5816]  do_syscall_64+0x2bd/0xfa0
[   99.126487][ T5816]  ? lockdep_hardirqs_on+0x9c/0x150
[   99.126497][ T5816]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.126503][ T5816]  ? exc_page_fault+0xab/0x100
[   99.126519][ T5816]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   99.126526][ T5816] RIP: 0033:0x7f3600d90a77
[   99.126534][ T5816] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[   99.126540][ T5816] RSP: 002b:00007ffdd17c2258 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   99.126549][ T5816] RAX: 0000000000000000 RBX: 00007f3600e13d7d RCX: 00007f3600d90a77
[   99.126554][ T5816] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdd17c2310
[   99.126558][ T5816] RBP: 00007ffdd17c2310 R08: 0000000000000000 R09: 0000000000000000
[   99.126562][ T5816] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffdd17c33a0
[   99.126567][ T5816] R13: 00007f3600e13d7d R14: 000000000001829c R15: 00007ffdd17c33e0
[   99.126580][ T5816]  </TASK>
[   99.127194][ T5816] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[   99.187078][ T7305] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   99.410526][ T7316] bridge0: port 2(bridge_slave_1) entered disabled state
[   99.413988][ T7316] bridge0: port 1(bridge_slave_0) entered disabled state
[   99.418374][ T7316] bridge0: entered allmulticast mode
[   99.427543][ T7316] bridge_slave_1: left allmulticast mode
[   99.429808][ T7316] bridge_slave_1: left promiscuous mode
[   99.434303][ T7316] bridge0: port 2(bridge_slave_1) entered disabled state
[   99.442113][ T7316] bridge_slave_0: left allmulticast mode
[   99.444543][ T7316] bridge_slave_0: left promiscuous mode
[   99.450861][ T7316] bridge0: port 1(bridge_slave_0) entered disabled state
[   99.546377][   T33] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[   99.715845][   T33] usb 2-1: Using ep0 maxpacket: 16
[   99.720009][   T33] usb 2-1: config 0 interface 0 altsetting 18 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[   99.725502][   T33] usb 2-1: config 0 interface 0 has no altsetting 0
[   99.730204][   T33] usb 2-1: New USB device found, idVendor=25c6, idProduct=9002, bcdDevice=62.ba
[   99.733423][   T33] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   99.737396][   T33] usb 2-1: Product: syz
[   99.739001][   T33] usb 2-1: Manufacturer: syz
[   99.740727][   T33] usb 2-1: SerialNumber: syz
[   99.743601][   T33] usb 2-1: config 0 descriptor??
[   99.747420][   T33] hub 2-1:0.0: bad descriptor, ignoring hub
[   99.749790][   T33] hub 2-1:0.0: probe with driver hub failed with error -5
[   99.753149][   T33] usb 2-1: selecting invalid altsetting 0
[   99.755326][   T33] usb 2-1: can't set first interface for hiFace device.
[   99.759292][   T33] snd-usb-hiface 2-1:0.0: probe with driver snd-usb-hiface failed with error -5
[   99.859324][  T794] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[   99.928554][ T7330] loop2: detected capacity change from 0 to 764
[  100.005866][  T794] usb 1-1: Using ep0 maxpacket: 8
[  100.012824][  T794] usb 1-1: config 0 has an invalid interface number: 52 but max is 0
[  100.016658][  T794] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  100.021435][  T794] usb 1-1: config 0 has no interface number 0
[  100.024529][  T794] usb 1-1: config 0 interface 52 altsetting 1 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  100.027607][ T7334] overlay: Unknown parameter '/
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.027607][ T7334] 0
[  100.029928][  T794] usb 1-1: config 0 interface 52 altsetting 1 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  100.105960][    C1] vkms_vblank_simulate: vblank timer overrun
[  100.113312][ T2259] usb 2-1: USB disconnect, device number 11
[  100.116563][  T794] usb 1-1: config 0 interface 52 altsetting 1 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  100.120971][  T794] usb 1-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  100.126216][  T794] usb 1-1: config 0 interface 52 has no altsetting 0
[  100.128488][  T794] usb 1-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 8.00
[  100.133694][  T794] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  100.142221][  T794] usb 1-1: config 0 descriptor??
[  100.354072][  T794] input: USB Synaptics Device 06cb:0007 (Stick) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.52/input/input6
[  100.566803][   T33] usb 1-1: USB disconnect, device number 6
[  100.568486][ T2259] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  100.727842][ T2259] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF4, changing to 0x84
[  100.732324][ T2259] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x84 has invalid maxpacket 1023
[  100.738203][ T2259] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBA, changing to 0x8A
[  100.744138][ T2259] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  100.748917][ T2259] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  100.765268][ T2259] usb 3-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[  100.769209][ T2259] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  100.772326][ T2259] usb 3-1: Product: syz
[  100.773987][ T2259] usb 3-1: Manufacturer: syz
[  100.775998][ T2259] usb 3-1: SerialNumber: syz
[  100.780592][ T2259] usb 3-1: config 0 descriptor??
[  100.784033][ T7343] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  100.792018][ T2259] usb 3-1: ucan: probing device on interface #0
[  100.794420][ T2259] usb 3-1: ucan: invalid endpoint configuration
[  100.805951][ T2259] usb 3-1: ucan: probe failed; try to update the device firmware
[  100.907416][ T7353] netlink: 'syz.1.558': attribute type 1 has an invalid length.
[  100.929409][ T7353] 8021q: adding VLAN 0 to HW filter on device bond1
[  100.948919][ T7353] bond1: (slave geneve3): making interface the new active one
[  100.952820][ T7353] bond1: (slave geneve3): Enslaving as an active interface with an up link
[  101.003797][ T2259] usb 3-1: USB disconnect, device number 6
[  101.396137][  T794] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  101.555980][  T794] usb 1-1: Using ep0 maxpacket: 8
[  101.562527][  T794] usb 1-1: config 0 has an invalid interface number: 55 but max is 0
[  101.570254][  T794] usb 1-1: config 0 has no interface number 0
[  101.572637][  T794] usb 1-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  101.577614][  T794] usb 1-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  101.582952][  T794] usb 1-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  101.588940][  T794] usb 1-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  101.595545][  T794] usb 1-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  101.604736][  T794] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  101.614457][  T794] usb 1-1: config 0 descriptor??
[  101.617617][ T7369] netlink: 8 bytes leftover after parsing attributes in process `syz.2.565'.
[  101.628868][  T794] ldusb 1-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  101.651919][   T34] audit: type=1326 audit(1764023223.124:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7371 comm="syz.2.566" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f193678f749 code=0x0
[  101.893135][  T793] usb 1-1: USB disconnect, device number 7
[  101.931908][  T793] ldusb 1-1:0.55: LD USB Device #0 now disconnected
[  102.771952][ T7386] xt_hashlimit: max too large, truncated to 1048576
[  102.777367][ T7388] netlink: 8 bytes leftover after parsing attributes in process `syz.2.572'.
[  102.780360][ T7388] netlink: 8 bytes leftover after parsing attributes in process `syz.2.572'.
[  102.927417][ T7390] xt_connbytes: Forcing CT accounting to be enabled
[  102.930468][ T7390] Cannot find set identified by id 0 to match
[  102.971391][ T7392] loop0: detected capacity change from 0 to 512
[  102.998302][ T7392] FAT-fs (loop0): Invalid FSINFO signature: 0x00000000, 0x00000000 (sector = 1)
[  103.003057][ T7392] FAT-fs (loop0): error, fat_get_cluster: invalid start cluster (i_pos 1, start 00000003)
[  103.008114][ T7392] FAT-fs (loop0): Filesystem has been set read-only
[  103.277163][   T33] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  103.442370][   T33] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  103.446508][   T33] usb 3-1: New USB device found, idVendor=1038, idProduct=12c2, bcdDevice= 0.00
[  103.451477][   T33] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  103.464416][   T33] usb 3-1: config 0 descriptor??
[  103.643205][ T7408] netlink: 104 bytes leftover after parsing attributes in process `syz.0.582'.
[  104.192259][   T33] usb 3-1: USB disconnect, device number 7
[  104.729933][ T7418] openvswitch: netlink: Missing key (keys=40, expected=100)
[  104.826640][   T10] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  104.910677][ T7427] loop2: detected capacity change from 0 to 4096
[  104.914782][ T7427] ntfs3(loop2): Different NTFS sector size (2048) and media sector size (512).
[  104.920860][ T7427] ntfs3(loop2): Failed to load $Bitmap (-22).
[  104.976436][   T10] usb 2-1: Using ep0 maxpacket: 8
[  104.981686][   T10] usb 2-1: unable to get BOS descriptor or descriptor too short
[  104.986621][   T10] usb 2-1: config 4 has an invalid interface number: 147 but max is 0
[  104.990062][   T10] usb 2-1: config 4 contains an unexpected descriptor of type 0x2, skipping
[  104.993058][   T10] usb 2-1: config 4 has no interface number 0
[  104.999725][   T10] usb 2-1: New USB device found, idVendor=04f2, idProduct=b746, bcdDevice=8e.6e
[  105.002752][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  105.005377][   T10] usb 2-1: Product: syz
[  105.007447][   T10] usb 2-1: Manufacturer: syz
[  105.009690][   T10] usb 2-1: SerialNumber: syz
[  105.060064][ T7434] loop2: detected capacity change from 0 to 256
[  105.073712][ T7434] exFAT-fs (loop2): failed to load upcase table (idx : 0x00002e7f, chksum : 0x03279930, utbl_chksum : 0xe619d30d)
[  105.173520][   T34] audit: type=1326 audit(1764023226.644:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7437 comm="syz.2.593" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f193678f749 code=0x7ffc0000
[  105.183439][   T34] audit: type=1326 audit(1764023226.654:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7437 comm="syz.2.593" exe="/syz-executor" sig=0 arch=c000003e syscall=443 compat=0 ip=0x7f193678f749 code=0x7ffc0000
[  105.192833][   T34] audit: type=1326 audit(1764023226.654:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7437 comm="syz.2.593" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f193678f749 code=0x7ffc0000
[  105.201700][   T34] audit: type=1326 audit(1764023226.654:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7437 comm="syz.2.593" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f193678f749 code=0x7ffc0000
[  105.223824][   T10] uvcvideo 2-1:4.147: Found UVC 0.02 device syz (04f2:b746)
[  105.226384][   T10] uvcvideo 2-1:4.147: No valid video chain found.
[  105.226712][ T7440] loop2: detected capacity change from 0 to 16
[  105.230069][   T10] usb 2-1: USB disconnect, device number 12
[  105.235365][ T7440] erofs (device loop2): mounted with root inode @ nid 36.
[  105.368938][ T7448] loop2: detected capacity change from 0 to 512
[  105.371588][ T7448] EXT4-fs: Ignoring removed bh option
[  105.376487][ T7448] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  105.391017][ T7448] EXT4-fs (loop2): 1 truncate cleaned up
[  105.393800][ T7448] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  105.409168][ T7448] EXT4-fs warning (device loop2): ext4_group_add:1736: No reserved GDT blocks, can't resize
[  105.438467][ T5809] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.600218][ T7458] loop2: detected capacity change from 0 to 1024
[  105.728840][ T7464] loop2: detected capacity change from 0 to 1024
[  105.742658][ T7464] hfsplus: bad catalog entry type
[  105.762112][   T70] hfsplus: b-tree write err: -5, ino 4
[  105.818363][ T7470] netlink: 16 bytes leftover after parsing attributes in process `syz.2.608'.
[  105.871261][ T7472] loop1: detected capacity change from 0 to 2048
[  105.897336][ T7475] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  105.916441][ T7472] NILFS (loop1): bad btree node (ino=16, blocknr=12): level = 0, flags = 0x0, nchildren = 0
[  105.936718][ T7472] NILFS error (device loop1): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  105.948739][ T7472] Remounting filesystem read-only
[  105.949498][ T7479] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  105.952383][ T7472] NILFS (loop1): bad btree node (ino=16, blocknr=12): level = 0, flags = 0x0, nchildren = 0
[  105.960634][ T7472] NILFS error (device loop1): nilfs_bmap_last_key: broken bmap (inode number=16)
[  105.964364][ T7472] NILFS (loop1): error -5 truncating bmap (ino=16)
[  105.990040][ T5807] NILFS (loop1): disposed unprocessed dirty file(s) when detaching log writer
[  106.546964][ T7490] loop2: detected capacity change from 0 to 40427
[  106.556275][ T7490] F2FS-fs (loop2): invalid crc value
[  106.596274][ T7490] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  106.603064][ T7490] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  106.618272][   T34] audit: type=1800 audit(1764023228.094:23): pid=7488 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.615" name="file1" dev="loop2" ino=10 res=0 errno=0
[  106.916633][ T5809] syz-executor: attempt to access beyond end of device
[  106.916633][ T5809] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  106.921305][ T5809] CPU: 1 UID: 0 PID: 5809 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  106.921323][ T5809] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  106.921329][ T5809] Call Trace:
[  106.921334][ T5809]  <TASK>
[  106.921340][ T5809]  dump_stack_lvl+0x189/0x250
[  106.921363][ T5809]  ? __pfx_dump_stack_lvl+0x10/0x10
[  106.921375][ T5809]  ? __pfx_queue_work_on+0x10/0x10
[  106.921382][ T5809]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  106.921394][ T5809]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  106.921409][ T5809]  f2fs_handle_critical_error+0x37c/0x540
[  106.921423][ T5809]  f2fs_write_end_io+0x886/0xb60
[  106.921439][ T5809]  __submit_merged_bio+0x27a/0x6a0
[  106.921453][ T5809]  __submit_merged_write_cond+0x255/0x530
[  106.921467][ T5809]  f2fs_write_data_pages+0x261d/0x3000
[  106.921490][ T5809]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  106.921524][ T5809]  ? __mod_zone_page_state+0xd7/0x140
[  106.921540][ T5809]  ? folios_put_refs+0x58b/0x670
[  106.921554][ T5809]  ? __lock_acquire+0xab9/0xd20
[  106.921566][ T5809]  ? do_raw_spin_lock+0x121/0x290
[  106.921580][ T5809]  ? do_raw_spin_unlock+0x4d/0x240
[  106.921589][ T5809]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  106.921597][ T5809]  do_writepages+0x32e/0x550
[  106.921611][ T5809]  ? do_raw_spin_unlock+0x4d/0x240
[  106.921622][ T5809]  filemap_fdatawrite+0x199/0x240
[  106.921632][ T5809]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  106.921662][ T5809]  ? do_raw_spin_unlock+0x4d/0x240
[  106.921673][ T5809]  f2fs_sync_dirty_inodes+0x31f/0x830
[  106.921689][ T5809]  f2fs_write_checkpoint+0x93e/0x2440
[  106.921697][ T5809]  ? __lock_acquire+0xab9/0xd20
[  106.921717][ T5809]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  106.921751][ T5809]  kill_f2fs_super+0x2cc/0x6d0
[  106.921763][ T5809]  ? __pfx_kill_f2fs_super+0x10/0x10
[  106.921805][ T5809]  ? shrinker_free+0x2ce/0x3e0
[  106.921816][ T5809]  deactivate_locked_super+0xbc/0x130
[  106.921828][ T5809]  cleanup_mnt+0x425/0x4c0
[  106.921837][ T5809]  ? lockdep_hardirqs_on+0x9c/0x150
[  106.921849][ T5809]  task_work_run+0x1d4/0x260
[  106.921861][ T5809]  ? __pfx_task_work_run+0x10/0x10
[  106.921869][ T5809]  ? __x64_sys_umount+0x122/0x160
[  106.921881][ T5809]  ? exit_to_user_mode_loop+0x40/0x130
[  106.921891][ T5809]  exit_to_user_mode_loop+0xe9/0x130
[  106.921902][ T5809]  do_syscall_64+0x2bd/0xfa0
[  106.921917][ T5809]  ? lockdep_hardirqs_on+0x9c/0x150
[  106.921932][ T5809]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.921939][ T5809]  ? exc_page_fault+0xab/0x100
[  106.921950][ T5809]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  106.921957][ T5809] RIP: 0033:0x7f1936790a77
[  106.921966][ T5809] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  106.921972][ T5809] RSP: 002b:00007ffcb5759788 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  106.921981][ T5809] RAX: 0000000000000000 RBX: 00007f1936813d7d RCX: 00007f1936790a77
[  106.921986][ T5809] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffcb5759840
[  106.921990][ T5809] RBP: 00007ffcb5759840 R08: 0000000000000000 R09: 0000000000000000
[  106.921994][ T5809] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffcb575a8d0
[  106.921999][ T5809] R13: 00007f1936813d7d R14: 000000000001a11c R15: 00007ffcb575a910
[  106.922013][ T5809]  </TASK>
[  106.925916][ T5809] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  107.462812][ T7519] loop2: detected capacity change from 0 to 2048
[  107.467659][ T7519] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[  107.478369][ T7520] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  107.499629][ T7519] NILFS (loop2): DAT doesn't have a block to manage vblocknr = 3044605952
[  107.503223][ T7519] NILFS error (device loop2): nilfs_bmap_truncate: broken bmap (inode number=15)
[  107.521506][ T7519] Remounting filesystem read-only
[  107.523798][ T7519] NILFS (loop2): error -5 truncating bmap (ino=15)
[  107.563853][ T5809] NILFS (loop2): disposed unprocessed dirty file(s) when detaching log writer
[  109.092877][ T7567] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  109.395858][   T33] usb 2-1: new full-speed USB device number 13 using dummy_hcd
[  109.399140][  T793] usb 3-1: new full-speed USB device number 8 using dummy_hcd
[  109.549135][  T793] usb 3-1: config 131 has an invalid interface number: 242 but max is 0
[  109.552746][   T33] usb 2-1: config 0 has an invalid interface number: 200 but max is 0
[  109.556750][  T793] usb 3-1: config 131 has no interface number 0
[  109.560161][  T793] usb 3-1: config 131 interface 242 altsetting 13 endpoint 0x2 has invalid maxpacket 7573, setting to 64
[  109.565299][  T793] usb 3-1: config 131 interface 242 altsetting 13 endpoint 0xC has invalid wMaxPacketSize 0
[  109.569920][   T33] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  109.574130][   T33] usb 2-1: config 0 has no interface number 0
[  109.576950][   T33] usb 2-1: config 0 interface 200 altsetting 2 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  109.584178][  T793] usb 3-1: config 131 interface 242 has no altsetting 0
[  109.588303][   T33] usb 2-1: config 0 interface 200 has no altsetting 0
[  109.593629][  T793] usb 3-1: New USB device found, idVendor=0bfd, idProduct=010b, bcdDevice=19.10
[  109.599341][   T33] usb 2-1: New USB device found, idVendor=0b57, idProduct=8520, bcdDevice=6d.39
[  109.603216][   T33] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  109.606562][  T793] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=5
[  109.610189][  T793] usb 3-1: Product: syz
[  109.612191][  T793] usb 3-1: Manufacturer: syz
[  109.614366][  T793] usb 3-1: SerialNumber: syz
[  109.616476][   T33] usb 2-1: Product: syz
[  109.618599][   T33] usb 2-1: Manufacturer: syz
[  109.620926][   T33] usb 2-1: SerialNumber: syz
[  109.629950][   T33] usb 2-1: config 0 descriptor??
[  109.630540][ T7574] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  109.844583][  T793] kvaser_usb 3-1:131.242: error -ENODEV: Cannot get usb endpoint(s)
[  109.849125][   T33] usbhid 2-1:0.200: couldn't find an input interrupt endpoint
[  109.854370][   T33] usb 2-1: USB disconnect, device number 13
[  109.857905][  T793] usb 3-1: USB disconnect, device number 8
[  110.477380][ T7585] netlink: 'syz.1.651': attribute type 7 has an invalid length.
[  110.480998][ T7585] netlink: 'syz.1.651': attribute type 8 has an invalid length.
[  110.618980][ T7592] bridge0: the hash_elasticity option has been deprecated and is always 16
[  110.635338][ T7592] bridge0: entered allmulticast mode
[  110.855353][ T7600] loop0: detected capacity change from 0 to 32768
[  110.858894][ T7600] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.659 (7600)
[  110.866535][ T7600] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  110.869766][ T7600] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  110.924001][ T7602] loop2: detected capacity change from 0 to 32768
[  110.931423][ T7600] BTRFS info (device loop0): enabling ssd optimizations
[  110.933714][ T7600] BTRFS info (device loop0): turning on async discard
[  110.936117][ T7600] BTRFS info (device loop0): enabling free space tree
[  110.940346][ T7602] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  110.959009][ T7633] netlink: 48 bytes leftover after parsing attributes in process `syz.1.664'.
[  110.971450][ T7602] XFS (loop2): Ending clean mount
[  110.974134][ T5816] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  111.022462][ T5809] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  111.373272][ T7656] netlink: 44 bytes leftover after parsing attributes in process `syz.2.675'.
[  111.379110][ T7656] netlink: 8 bytes leftover after parsing attributes in process `syz.2.675'.
[  111.706889][ T7665] netlink: 'syz.0.679': attribute type 1 has an invalid length.
[  111.804169][ T7665] 8021q: adding VLAN 0 to HW filter on device bond1
[  111.880295][ T7667] bond1: (slave veth3): Enslaving as an active interface with a down link
[  111.914537][ T7665] vlan2: entered allmulticast mode
[  111.917858][ T7665] bond1: entered allmulticast mode
[  111.926272][ T7665] bond1: (slave vlan2): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[  112.065928][   T33] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  112.223232][   T33] usb 3-1: config 0 has an invalid interface number: 75 but max is 0
[  112.226991][   T33] usb 3-1: config 0 has no interface number 0
[  112.229167][   T33] usb 3-1: config 0 interface 75 has no altsetting 0
[  112.235291][   T33] usb 3-1: New USB device found, idVendor=084f, idProduct=0001, bcdDevice=35.9a
[  112.241650][   T33] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  112.244633][   T33] usb 3-1: Product: syz
[  112.248622][   T33] usb 3-1: Manufacturer: syz
[  112.250835][   T33] usb 3-1: SerialNumber: syz
[  112.269662][   T33] usb 3-1: config 0 descriptor??
[  112.525475][   T33] empeg 3-1:0.75: empeg converter detected
[  112.528071][  T793] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  112.531313][   T33] usb 3-1: active config #0 != 1 ??
[  112.546618][   T33] usb 3-1: USB disconnect, device number 9
[  112.675936][  T793] usb 1-1: Using ep0 maxpacket: 32
[  112.683736][  T793] usb 1-1: config 0 has an invalid interface number: 196 but max is 0
[  112.687560][  T793] usb 1-1: config 0 has no interface number 0
[  112.690053][  T793] usb 1-1: config 0 interface 196 altsetting 1 bulk endpoint 0x2 has invalid maxpacket 528
[  112.693995][  T793] usb 1-1: config 0 interface 196 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  112.698668][  T793] usb 1-1: config 0 interface 196 has no altsetting 0
[  112.706506][  T793] usb 1-1: New USB device found, idVendor=05ac, idProduct=77c2, bcdDevice=eb.3a
[  112.710176][  T793] usb 1-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  112.713446][  T793] usb 1-1: Product: syz
[  112.715163][  T793] usb 1-1: Manufacturer: syz
[  112.717368][  T793] usb 1-1: SerialNumber: syz
[  112.731055][  T793] usb 1-1: config 0 descriptor??
[  112.734139][ T7673] raw-gadget.1 gadget.0: fail, usb_ep_enable returned -22
[  112.835681][ T7675] loop1: detected capacity change from 0 to 4096
[  112.850640][ T7675] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  112.858735][ T7675] ntfs3(loop1): ino=1a, mi_enum_attr
[  112.860575][ T7675] ntfs3(loop1): ino=1a, mi_enum_attr
[  112.862192][ T7675] ntfs3(loop1): Failed to initialize $Extend/$Reparse.
[  112.938420][ T2259] kernel write not supported for file /register (pid: 2259 comm: kworker/0:3)
[  112.945663][  T793] ipheth 1-1:0.196: Unable to find endpoints
[  112.953605][  T793] usb 1-1: USB disconnect, device number 8
[  113.213208][ T7679] loop1: detected capacity change from 0 to 32768
[  113.274454][ T7681] loop2: detected capacity change from 0 to 32768
[  113.278873][ T7681] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.686 (7681)
[  113.287712][ T7681] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  113.291432][ T7681] BTRFS info (device loop2): using crc32c (crc32c-lib) checksum algorithm
[  113.318313][ T7681] BTRFS info (device loop2): enabling ssd optimizations
[  113.320700][ T7681] BTRFS info (device loop2): turning on async discard
[  113.322775][ T7681] BTRFS info (device loop2): enabling free space tree
[  113.375877][ T5809] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  113.987756][ T7719] loop0: detected capacity change from 0 to 64
[  114.143811][ T7724] loop0: detected capacity change from 0 to 256
[  114.146353][ T7724] exfat: Deprecated parameter 'utf8'
[  114.148011][ T7724] exfat: Deprecated parameter 'utf8'
[  114.149656][ T7724] exfat: Deprecated parameter 'utf8'
[  114.164367][ T7724] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011f3f, chksum : 0x96b62a4c, utbl_chksum : 0xe619d30d)
[  114.182773][ T7724] exfat: Deprecated parameter 'utf8'
[  114.184875][ T7724] exfat: Unexpected value for 'utf8'
[  114.193838][ T7715] loop1: detected capacity change from 0 to 32768
[  114.207666][ T7715] BTRFS: device fsid e0cb6322-611b-4325-acdf-015f79de3787 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.687 (7715)
[  114.208748][ T7717] loop2: detected capacity change from 0 to 32768
[  114.214797][ T7717] btrfs: Deprecated parameter 'usebackuproot'
[  114.216987][ T7717] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  114.221495][ T7717] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.696 (7717)
[  114.235993][ T7717] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  114.237624][ T7715] BTRFS info (device loop1): first mount of filesystem e0cb6322-611b-4325-acdf-015f79de3787
[  114.242365][ T7717] BTRFS info (device loop2): using crc32c (crc32c-lib) checksum algorithm
[  114.248886][ T7717] BTRFS warning (device loop2): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  114.258324][ T7715] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm
[  114.368315][   T52] BTRFS warning (device loop2): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0
[  114.376478][ T7717] BTRFS error (device loop2): failed to load root extent
[  114.379926][ T7717] BTRFS warning (device loop2): try to load backup roots slot 1
[  114.384027][ T1091] BTRFS warning (device loop2): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0
[  114.398068][ T7717] BTRFS warning (device loop2): couldn't read tree root
[  114.404350][ T7717] BTRFS warning (device loop2): try to load backup roots slot 2
[  114.412940][   T52] BTRFS error (device loop2): level verify failed on logical 5255168 mirror 1 wanted 0 found 1
[  114.419685][ T7717] BTRFS warning (device loop2): couldn't read tree root
[  114.421375][ T7715] BTRFS info (device loop1): turning off barriers
[  114.422524][ T7717] BTRFS warning (device loop2): try to load backup roots slot 3
[  114.429900][ T7715] BTRFS info (device loop1): turning on flush-on-commit
[  114.432992][ T7715] BTRFS info (device loop1): turning on sync discard
[  114.433713][ T7717] BTRFS info (device loop2): rebuilding free space tree
[  114.439199][ T7715] BTRFS info (device loop1): enabling free space tree
[  114.577237][ T7717] BTRFS info (device loop2): disabling free space tree
[  114.580616][ T7717] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  114.585669][ T7717] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  114.644542][ T7717] BTRFS info (device loop2): setting nodatasum
[  114.651824][ T7717] BTRFS info (device loop2): setting nodatacow
[  114.653975][ T7717] BTRFS info (device loop2): enabling ssd optimizations
[  114.658778][ T7717] BTRFS info (device loop2): turning off barriers
[  114.670525][ T7717] BTRFS info (device loop2): turning on sync discard
[  114.677737][ T7717] BTRFS info (device loop2): enabling disk space caching
[  114.680257][ T7717] BTRFS info (device loop2): force clearing of disk cache
[  114.683800][ T7717] BTRFS info (device loop2): enabling auto defrag
[  114.688765][ T7717] BTRFS info (device loop2): trying to use backup root at mount time
[  114.691701][ T7717] BTRFS info (device loop2): max_inline set to 0
[  114.718223][ T5807] BTRFS info (device loop1): last unmount of filesystem e0cb6322-611b-4325-acdf-015f79de3787
[  114.844304][ T5809] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  114.951171][   T34] audit: type=1326 audit(1764023236.424:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7761 comm="syz.2.702" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f193678f749 code=0x7ffc0000
[  114.960381][   T34] audit: type=1326 audit(1764023236.424:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7761 comm="syz.2.702" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f193678f749 code=0x7ffc0000
[  114.969837][   T34] audit: type=1326 audit(1764023236.424:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7761 comm="syz.2.702" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f193678f749 code=0x7ffc0000
[  114.978105][   T34] audit: type=1326 audit(1764023236.424:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7761 comm="syz.2.702" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f193678f749 code=0x7ffc0000
[  114.988380][   T34] audit: type=1326 audit(1764023236.424:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7761 comm="syz.2.702" exe="/syz-executor" sig=0 arch=c000003e syscall=213 compat=0 ip=0x7f193678f749 code=0x7ffc0000
[  114.997063][   T34] audit: type=1326 audit(1764023236.424:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7761 comm="syz.2.702" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f193678f749 code=0x7ffc0000
[  115.007875][   T34] audit: type=1326 audit(1764023236.424:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7761 comm="syz.2.702" exe="/syz-executor" sig=0 arch=c000003e syscall=281 compat=0 ip=0x7f193678f749 code=0x7ffc0000
[  115.031752][   T34] audit: type=1326 audit(1764023236.504:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7761 comm="syz.2.702" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f193678f749 code=0x7ffc0000
[  115.047616][   T34] audit: type=1326 audit(1764023236.504:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7761 comm="syz.2.702" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f193678f749 code=0x7ffc0000
[  115.118988][ T7767] xt_NFQUEUE: number of queues (1024) out of range (got 66558)
[  115.145491][ T7770] netlink: 'syz.2.704': attribute type 1 has an invalid length.
[  115.149222][ T7770] netlink: 'syz.2.704': attribute type 1 has an invalid length.
[  115.152011][ T7770] netlink: 'syz.2.704': attribute type 1 has an invalid length.
[  115.154899][ T7770] netlink: 'syz.2.704': attribute type 1 has an invalid length.
[  115.157869][ T7770] netlink: 'syz.2.704': attribute type 1 has an invalid length.
[  115.161068][ T7770] netlink: 'syz.2.704': attribute type 1 has an invalid length.
[  115.164167][ T7770] netlink: 'syz.2.704': attribute type 1 has an invalid length.
[  115.295847][   T33] usb 2-1: new low-speed USB device number 14 using dummy_hcd
[  115.344573][ T7777] loop0: detected capacity change from 0 to 4096
[  115.347699][ T7777] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512).
[  115.357764][ T7777] ntfs3(loop0): Failed to load $UpCase (-22).
[  115.418217][ T7786] loop0: detected capacity change from 0 to 512
[  115.447715][   T33] usb 2-1: config 9 has an invalid interface number: 1 but max is 0
[  115.451040][   T33] usb 2-1: config 9 has no interface number 0
[  115.453038][   T33] usb 2-1: config 9 interface 1 has no altsetting 0
[  115.458968][   T33] usb 2-1: string descriptor 0 read error: -22
[  115.468319][   T33] usb 2-1: New USB device found, idVendor=2040, idProduct=b140, bcdDevice=75.36
[  115.471190][   T33] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  115.484661][   T33] cx231xx 2-1:9.1: New device   @ 1.5 Mbps (2040:b140) with 1 interfaces
[  115.488192][   T33] cx231xx 2-1:9.1: Not found matching IAD interface
[  115.693440][ T2259] usb 2-1: USB disconnect, device number 14
[  115.806016][   T33] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  115.850222][ T7814] loop2: detected capacity change from 0 to 128
[  115.854271][ T7814] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  115.870644][ T2899] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  115.955931][   T33] usb 1-1: Using ep0 maxpacket: 32
[  115.959896][   T33] usb 1-1: config 0 has no interfaces?
[  115.964918][   T33] usb 1-1: New USB device found, idVendor=0c72, idProduct=000d, bcdDevice=96.8f
[  115.969234][   T33] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  115.971752][   T33] usb 1-1: Product: syz
[  115.973369][   T33] usb 1-1: Manufacturer: syz
[  115.975189][   T33] usb 1-1: SerialNumber: syz
[  115.979696][   T33] usb 1-1: config 0 descriptor??
[  116.156021][  T793] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  116.216391][ T7796] syzkaller1: entered promiscuous mode
[  116.218750][ T7796] syzkaller1: entered allmulticast mode
[  116.254257][ T7818] loop1: detected capacity change from 0 to 1024
[  116.259806][ T7818] hfsplus: Bad value for 'umask'
[  116.281988][ T2259] usb 1-1: USB disconnect, device number 9
[  116.309991][  T793] usb 3-1: config index 0 descriptor too short (expected 38445, got 45)
[  116.313549][  T793] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  116.319335][  T793] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  116.326118][  T793] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  116.332818][  T793] usb 3-1: config 0 interface 0 has no altsetting 0
[  116.335601][  T793] usb 3-1: New USB device found, idVendor=1044, idProduct=7a4d, bcdDevice= 0.00
[  116.340580][  T793] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  116.351813][  T793] usb 3-1: config 0 descriptor??
[  116.792684][  T793] waterforce 0003:1044:7A4D.0005: hidraw0: USB HID v0.01 Device [HID 1044:7a4d] on usb-dummy_hcd.2-1/input0
[  116.859404][  T793] waterforce 0003:1044:7A4D.0005: fw version request failed with -38
[  116.983110][   T10] usb 3-1: USB disconnect, device number 10
[  117.753429][ T7832] loop0: detected capacity change from 0 to 256
[  117.761888][ T7832] vfat: Unknown parameter 'ioet'
[  117.842149][ T7836] syzkaller1: entered promiscuous mode
[  117.844032][ T7836] syzkaller1: entered allmulticast mode
[  118.934369][ T7861] usb usb8: usbfs: process 7861 (syz.2.740) did not claim interface 0 before use
[  119.436012][   T10] usb 1-1: new full-speed USB device number 10 using dummy_hcd
[  119.588783][   T10] usb 1-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  119.593400][   T10] usb 1-1: config 0 interface 0 has no altsetting 0
[  119.596306][   T10] usb 1-1: New USB device found, idVendor=0458, idProduct=0138, bcdDevice= 0.00
[  119.601715][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  119.609176][   T10] usb 1-1: config 0 descriptor??
[  119.612574][ T7882] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  120.023359][   T10] kye 0003:0458:0138.0006: unknown main item tag 0x0
[  120.029397][   T10] kye 0003:0458:0138.0006: item fetching failed at offset 3/5
[  120.033785][   T10] kye 0003:0458:0138.0006: parse failed
[  120.036746][   T10] kye 0003:0458:0138.0006: probe with driver kye failed with error -22
[  120.174866][   T34] audit: type=1326 audit(1764023241.644:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7906 comm="syz.1.761" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f61ceb8f749 code=0x0
[  120.223871][   T33] usb 1-1: USB disconnect, device number 10
[  120.558731][ T7918] loop2: detected capacity change from 0 to 32768
[  120.565313][ T7918] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  120.593165][ T7918] XFS (loop2): Ending clean mount
[  120.618409][ T5809] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  120.765069][ T7938] loop0: detected capacity change from 0 to 2048
[  120.770215][ T7938] NILFS (loop0): broken superblock, retrying with spare superblock (blocksize = 1024)
[  120.783040][ T7939] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  120.826567][   T10] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  120.906503][ T7936] loop2: detected capacity change from 0 to 32768
[  120.910549][ T7936] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.771 (7936)
[  120.919002][ T7936] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  120.923699][ T7936] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm
[  120.992525][ T7936] BTRFS info (device loop2): enabling ssd optimizations
[  120.994672][ T7936] BTRFS info (device loop2): turning on async discard
[  120.997050][   T10] usb 2-1: Using ep0 maxpacket: 8
[  120.997987][ T7936] BTRFS info (device loop2): enabling free space tree
[  121.005141][   T10] usb 2-1: unable to get BOS descriptor or descriptor too short
[  121.009422][   T10] usb 2-1: config 4 has an invalid interface number: 147 but max is 0
[  121.012719][   T10] usb 2-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  121.017964][ T7936] BTRFS info (device loop2): Snapshot src from another FS
[  121.023307][   T10] usb 2-1: config 4 has no interface number 0
[  121.041955][ T5809] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  121.057604][   T10] usb 2-1: string descriptor 0 read error: -22
[  121.059708][   T10] usb 2-1: New USB device found, idVendor=04f2, idProduct=b746, bcdDevice=8e.6e
[  121.062621][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  121.074810][   T10] uvcvideo 2-1:4.147: Found multiple Units with ID 6
[  121.080858][ T7960] netlink: 20 bytes leftover after parsing attributes in process `syz.0.775'.
[  121.087404][   T10] uvcvideo 2-1:4.147: Found UVC 0.02 device <unnamed> (04f2:b746)
[  121.095894][   T10] uvcvideo 2-1:4.147: No valid video chain found.
[  121.283848][ T5879] usb 2-1: USB disconnect, device number 15
[  121.440899][ T7962] loop0: detected capacity change from 0 to 32768
[  121.467993][ T7962] XFS (loop0): cannot change alignment: superblock does not support data alignment
[  121.714057][ T7979] loop0: detected capacity change from 0 to 512
[  122.144315][ T7987] loop1: detected capacity change from 0 to 32768
[  122.152161][ T7987] *** Log Is Dirty ! ***
[  122.153946][ T7987] lmLogInit: exit(-22)
[  122.155375][ T7987] lmLogOpen: exit(-22)
[  122.157634][ T7987] jfs_mount_rw failed, return code = -22
[  122.300539][ T7989] loop1: detected capacity change from 0 to 4096
[  122.304811][ T7989] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512).
[  122.372452][ T7989] ntfs3(loop1): ino=19, mi_enum_attr
[  122.374343][ T7989] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  122.377867][ T7970] loop2: detected capacity change from 0 to 262144
[  122.384906][ T7970] BTRFS: device fsid 7e32c2af-f87a-45a1-bcba-64dea7c56a53 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.780 (7970)
[  122.391987][ T7989] ntfs3(loop1): failed to convert "c46c" to koi8-r
[  122.402746][ T7989] ntfs3(loop1): ino=20, mi_enum_attr
[  122.403103][ T7970] BTRFS info (device loop2): first mount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  122.408544][ T7970] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm
[  122.437673][ T7970] BTRFS info (device loop2): enabling ssd optimizations
[  122.440945][ T7970] BTRFS info (device loop2): enabling free space tree
[  122.473591][ T7970] BTRFS info (device loop2): balance: start -d -m -s
[  122.486575][ T7970] BTRFS info (device loop2): relocating block group 30408704 flags metadata|dup
[  122.533638][ T8012] loop1: detected capacity change from 0 to 2048
[  122.534244][ T7970] BTRFS info (device loop2): found 3 extents, stage: move data extents
[  122.545048][ T8013] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  122.554286][ T7970] BTRFS info (device loop2): relocating block group 22020096 flags system|dup
[  122.572946][ T7970] BTRFS info (device loop2): found 1 extents, stage: move data extents
[  122.587842][ T7970] BTRFS info (device loop2): relocating block group 13631488 flags data
[  122.594055][ T8015] loop1: detected capacity change from 0 to 256
[  122.621445][ T5879] Process accounting resumed
[  122.627943][ T5879] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  122.632969][ T5879] FAT-fs (loop1): Filesystem has been set read-only
[  122.640176][ T5879] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  122.644853][ T7970] BTRFS info (device loop2): balance: canceled
[  122.662479][ T5809] BTRFS info (device loop2): last unmount of filesystem 7e32c2af-f87a-45a1-bcba-64dea7c56a53
[  122.935982][ T5879] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  123.085943][ T5879] usb 2-1: Using ep0 maxpacket: 8
[  123.091828][ T5879] usb 2-1: config 0 has an invalid interface number: 185 but max is 0
[  123.096526][ T5879] usb 2-1: config 0 has no interface number 0
[  123.099525][ T5879] usb 2-1: config 0 interface 185 has no altsetting 0
[  123.106801][ T5879] usb 2-1: New USB device found, idVendor=1435, idProduct=0828, bcdDevice=e1.b0
[  123.110516][ T5879] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  123.113721][ T5879] usb 2-1: Product: syz
[  123.117922][ T5879] usb 2-1: Manufacturer: syz
[  123.120139][ T5879] usb 2-1: SerialNumber: syz
[  123.124284][ T5879] usb 2-1: config 0 descriptor??
[  123.334967][ T5879] usb 2-1: Could not find all expected endpoints
[  123.339871][ T5879] usb 2-1: USB disconnect, device number 16
[  123.606140][  T794] usb 3-1: new full-speed USB device number 11 using dummy_hcd
[  123.755974][ T5815] Bluetooth: hci3: Opcode 0x1003 failed: -110
[  123.757299][   T56] Bluetooth: hci3: command 0x1003 tx timeout
[  123.766044][  T794] usb 3-1: config 0 has an invalid interface number: 49 but max is 0
[  123.768761][  T794] usb 3-1: config 0 has no interface number 0
[  123.770869][  T794] usb 3-1: config 0 interface 49 has no altsetting 0
[  123.773260][  T794] usb 3-1: New USB device found, idVendor=0ccd, idProduct=10b2, bcdDevice=c7.1b
[  123.776228][  T794] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  123.779946][  T794] usb 3-1: config 0 descriptor??
[  124.167923][  T794] usb 3-1: string descriptor 0 read error: -71
[  124.173139][  T794] usb 3-1: USB disconnect, device number 11
[  124.185931][   T10] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  124.359878][   T10] usb 2-1: Using ep0 maxpacket: 16
[  124.364816][   T10] usb 2-1: config 0 has an invalid interface descriptor of length 8, skipping
[  124.369232][   T10] usb 2-1: config 0 descriptor has 1 excess byte, ignoring
[  124.372355][   T10] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  124.381254][   T10] usb 2-1: New USB device found, idVendor=10b9, idProduct=8000, bcdDevice=c0.fa
[  124.385714][   T10] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  124.391787][   T10] usb 2-1: Product: syz
[  124.393589][   T10] usb 2-1: Manufacturer: syz
[  124.395524][   T10] usb 2-1: SerialNumber: syz
[  124.403166][   T10] usb 2-1: config 0 descriptor??
[  124.610712][  T793] usb 2-1: USB disconnect, device number 17
[  124.866012][ T5879] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  125.025852][ T5879] usb 3-1: Using ep0 maxpacket: 16
[  125.030202][ T5879] usb 3-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  125.034698][ T5879] usb 3-1: config 0 interface 0 altsetting 9 endpoint 0x81 has invalid wMaxPacketSize 0
[  125.038949][ T5879] usb 3-1: config 0 interface 0 has no altsetting 0
[  125.042424][ T5879] usb 3-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  125.047121][ T5879] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  125.052660][ T5879] usb 3-1: config 0 descriptor??
[  125.465483][ T5879] nzxt-smart2 0003:1E71:2009.0007: unbalanced collection at end of report description
[  125.470045][ T5879] nzxt-smart2 0003:1E71:2009.0007: probe with driver nzxt-smart2 failed with error -22
[  125.648971][   T34] audit: type=1326 audit(1764023247.124:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8075 comm="syz.0.821" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3600d8f749 code=0x7ffc0000
[  125.658025][   T34] audit: type=1326 audit(1764023247.124:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8075 comm="syz.0.821" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3600d8f749 code=0x7ffc0000
[  125.665253][ T2259] usb 3-1: USB disconnect, device number 12
[  125.668289][   T34] audit: type=1326 audit(1764023247.134:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8075 comm="syz.0.821" exe="/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f3600d8f749 code=0x7ffc0000
[  125.680576][   T34] audit: type=1326 audit(1764023247.134:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8075 comm="syz.0.821" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3600d8f749 code=0x7ffc0000
[  125.690239][   T34] audit: type=1326 audit(1764023247.134:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8075 comm="syz.0.821" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3600d8f749 code=0x7ffc0000
[  125.699214][  T794] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  125.704119][   T34] audit: type=1326 audit(1764023247.144:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8075 comm="syz.0.821" exe="/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f3600d8f749 code=0x7ffc0000
[  125.713936][   T34] audit: type=1326 audit(1764023247.144:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8075 comm="syz.0.821" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3600d8f749 code=0x7ffc0000
[  125.721715][   T34] audit: type=1326 audit(1764023247.144:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8075 comm="syz.0.821" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3600d8f749 code=0x7ffc0000
[  125.730717][   T34] audit: type=1326 audit(1764023247.154:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8075 comm="syz.0.821" exe="/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7f3600d8f749 code=0x7ffc0000
[  125.741020][   T34] audit: type=1326 audit(1764023247.154:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8075 comm="syz.0.821" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3600d8f749 code=0x7ffc0000
[  125.771907][ T8078] loop0: detected capacity change from 0 to 512
[  125.791701][ T8078] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  125.797443][ T8078] ext4 filesystem being mounted at /251/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  125.876065][  T794] usb 2-1: Using ep0 maxpacket: 32
[  125.886688][  T794] usb 2-1: config 0 has an invalid interface number: 2 but max is 0
[  125.892808][  T794] usb 2-1: config 0 has no interface number 0
[  125.899760][  T794] usb 2-1: New USB device found, idVendor=108c, idProduct=0168, bcdDevice=84.b2
[  125.910878][  T794] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  125.914063][  T794] usb 2-1: Product: syz
[  125.918034][  T794] usb 2-1: Manufacturer: syz
[  125.919920][  T794] usb 2-1: SerialNumber: syz
[  125.926523][  T794] usb 2-1: config 0 descriptor??
[  125.930491][  T794] etas_es58x 2-1:0.2: Starting syz syz (Serial Number syz)
[  125.957224][ T8078] loop0: detected capacity change from 512 to 64
[  126.014609][ T5816] EXT4-fs error (device loop0): ext4_readdir:264: inode #2: block 3: comm syz-executor: path /251/file0: bad entry in directory: inode out of bounds - offset=0, inode=201326592, rec_len=256, size=2048 fake=0
[  126.028469][ T5816] EXT4-fs error (device loop0) in ext4_reserve_inode_write:6313: Out of memory
[  126.035473][ T5816] EXT4-fs error (device loop0): ext4_dirty_inode:6517: inode #2: comm syz-executor: mark_inode_dirty error
[  126.139996][  T794] etas_es58x 2-1:0.2: could not retrieve the product info string
[  126.160321][  T794] usb 2-1: USB disconnect, device number 18
[  126.162971][  T794] etas_es58x 2-1:0.2: Disconnecting syz syz
[  126.332622][ T8089] loop2: detected capacity change from 0 to 1024
[  126.336787][ T8089] EXT4-fs (loop2): first meta block group too large: 33024 (group descriptor block count 1)
[  126.707663][ T8093] loop2: detected capacity change from 0 to 40427
[  126.717022][ T8093] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  126.720611][ T8093] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  126.732872][ T8093] F2FS-fs (loop2): invalid crc value
[  126.754654][ T8096] loop1: detected capacity change from 0 to 512
[  126.796737][ T8096] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  126.802848][ T8093] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  126.807357][ T8096] ext4 filesystem being mounted at /266/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  126.823621][ T8093] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  126.832693][ T8093] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  126.844871][ T8096] EXT4-fs error (device loop1): ext4_get_first_dir_block:3540: inode #12: comm syz.1.829: directory missing '.'
[  126.866243][ T8096] EXT4-fs (loop1): Remounting filesystem read-only
[  126.918246][ T5807] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  127.780238][ T8109] loop2: detected capacity change from 0 to 256
[  127.868381][ T8113] tunl0: Caught tx_queue_len zero misconfig
[  128.129189][ T8119] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.249103][ T8119] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.348600][ T8119] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.410815][ T8130] loop1: detected capacity change from 0 to 136
[  128.460247][ T8119] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  128.603099][ T5858] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  128.643102][ T5858] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  128.661743][ T5858] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  128.688679][ T5858] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  128.715100][ T8130] loop1: detected capacity change from 0 to 32768
[  128.723343][ T8130] XFS (loop1): DAX unsupported by block device. Turning off DAX.
[  128.729406][ T8130] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  128.748110][ T8130] XFS (loop1): Ending clean mount
[  128.757241][ T8130] XFS (loop1): Quotacheck needed: Please wait.
[  128.788029][ T8130] XFS (loop1): Quotacheck: Done.
[  128.808700][ T5807] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  129.285190][ T8153] loop1: detected capacity change from 0 to 1024
[  129.338539][ T8153] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  129.356764][ T8153] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  129.362001][ T8153] EXT4-fs (loop1): orphan cleanup on readonly fs
[  129.376499][ T8153] EXT4-fs error (device loop1): ext4_free_blocks:6706: comm syz.1.849: Freeing blocks not in datazone - block = 0, count = 4096
[  129.387915][ T8153] EXT4-fs (loop1): 1 orphan inode deleted
[  129.390884][ T8153] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  129.407135][ T8153] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  129.434999][ T5807] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.544727][ T8155] loop2: detected capacity change from 0 to 32768
[  129.563826][ T8155] (syz.2.850,8155,0):ocfs2_load_local_alloc:320 ERROR: Local alloc size is invalid (la_size = 33328)
[  129.570590][ T8155] (syz.2.850,8155,0):ocfs2_load_local_alloc:356 ERROR: status = -22
[  129.573833][ T8155] (syz.2.850,8155,0):ocfs2_check_volume:2404 ERROR: status = -22
[  129.577603][ T8155] (syz.2.850,8155,0):ocfs2_check_volume:2432 ERROR: status = -22
[  129.580921][ T8155] (syz.2.850,8155,0):ocfs2_mount_volume:1764 ERROR: status = -22
[  129.599501][ T8155] (syz.2.850,8155,0):ocfs2_fill_super:1177 ERROR: status = -22
[  129.848653][ T8168] xt_l2tp: invalid flags combination: 0
[  130.165905][  T793] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  130.260840][ T8188] loop1: detected capacity change from 0 to 4096
[  130.316013][  T793] usb 3-1: Using ep0 maxpacket: 32
[  130.319969][  T793] usb 3-1: config 0 has an invalid interface number: 12 but max is 0
[  130.327175][  T793] usb 3-1: config 0 has no interface number 0
[  130.335881][  T793] usb 3-1: config 0 interface 12 has no altsetting 0
[  130.337236][ T8191] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  130.343277][  T793] usb 3-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  130.350743][ T8191] CIFS mount error: No usable UNC path provided in device string!
[  130.350743][ T8191] 
[  130.360161][ T8191] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  130.365817][  T793] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  130.369170][  T793] usb 3-1: Product: syz
[  130.370880][  T793] usb 3-1: Manufacturer: syz
[  130.372755][  T793] usb 3-1: SerialNumber: syz
[  130.388804][  T793] usb 3-1: config 0 descriptor??
[  130.847299][ T8207] loop1: detected capacity change from 0 to 256
[  130.850633][ T8207] exfat: Deprecated parameter 'namecase'
[  130.863838][ T8207] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d)
[  131.417390][  T793] f81534 3-1:0.12: f81534_get_register: reg: 1003 failed: -71
[  131.421408][  T793] f81534 3-1:0.12: f81534_find_config_idx: read failed: -71
[  131.425280][  T793] f81534 3-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  131.428808][  T793] f81534 3-1:0.12: probe with driver f81534 failed with error -71
[  131.434354][  T793] usb 3-1: USB disconnect, device number 13
[  131.901671][ T8217] netlink: 124 bytes leftover after parsing attributes in process `syz.1.879'.
[  132.010196][ T5879] IPVS: starting estimator thread 0...
[  132.106037][ T8226] IPVS: using max 74 ests per chain, 177600 per kthread
[  132.235866][ T2259] usb 2-1: new full-speed USB device number 19 using dummy_hcd
[  132.275841][   T10] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  132.387212][ T2259] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x31, changing to 0x1
[  132.391234][ T2259] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid maxpacket 13364, setting to 64
[  132.395217][ T2259] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[  132.399094][ T2259] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  132.403220][ T2259] usb 2-1: config 0 descriptor??
[  132.425807][   T10] usb 3-1: Using ep0 maxpacket: 32
[  132.429873][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  132.434274][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  132.437741][   T10] usb 3-1: New USB device found, idVendor=056e, idProduct=019b, bcdDevice= 0.00
[  132.440832][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  132.445020][   T10] usb 3-1: config 0 descriptor??
[  132.610970][ T2259] ath6kl: Failed to submit usb control message: -71
[  132.613943][ T2259] ath6kl: unable to send the bmi data to the device: -71
[  132.617152][ T2259] ath6kl: Unable to send get target info: -71
[  132.631490][ T2259] ath6kl: Failed to init ath6kl core: -71
[  132.635896][ T2259] ath6kl_usb 2-1:0.0: probe with driver ath6kl_usb failed with error -71
[  132.658513][ T2259] usb 2-1: USB disconnect, device number 19
[  132.864391][   T10] elecom 0003:056E:019B.0008: unknown main item tag 0x7
[  132.869938][   T10] elecom 0003:056E:019B.0008: hidraw0: USB HID v0.00 Device [HID 056e:019b] on usb-dummy_hcd.2-1/input0
[  133.063841][  T793] usb 3-1: USB disconnect, device number 14
[  133.129009][ T1361] ieee802154 phy0 wpan0: encryption failed: -22
[  133.131536][ T1361] ieee802154 phy1 wpan1: encryption failed: -22
[  133.488183][ T8243] loop1: detected capacity change from 0 to 128
[  133.507527][ T8243] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  133.530685][ T8243] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  133.632313][ T8247] netlink: 64 bytes leftover after parsing attributes in process `syz.2.893'.
[  133.762838][ T8253] loop1: detected capacity change from 0 to 256
[  133.768702][ T8253] exfat: Deprecated parameter 'utf8'
[  133.790298][ T8253] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x75e7409e, utbl_chksum : 0xe619d30d)
[  134.019348][ T8259] loop2: detected capacity change from 0 to 32768
[  134.022921][ T8259] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.899 (8259)
[  134.030788][ T8259] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  134.033812][ T8259] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm
[  134.050016][ T8259] BTRFS info (device loop2): enabling ssd optimizations
[  134.052826][ T8259] BTRFS info (device loop2): turning on async discard
[  134.056011][ T8259] BTRFS info (device loop2): enabling free space tree
[  134.071596][   T34] kauditd_printk_skb: 10 callbacks suppressed
[  134.071610][   T34] audit: type=1800 audit(1764023255.544:54): pid=8259 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.899" name="file1" dev="loop2" ino=260 res=0 errno=0
[  134.217693][ T5838] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  134.348145][ T5838] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  134.431236][ T5838] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  134.449224][ T5815] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  134.454474][ T5815] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  134.462531][ T5815] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  134.466713][ T5815] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  134.471131][ T5815] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  134.513979][ T5838] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  134.810210][ T5809] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  134.988731][ T5838] bond1 (unregistering): (slave geneve3): Releasing active interface
[  135.268296][ T5838] bond0 (unregistering): Released all slaves
[  135.422265][ T5838] bond1 (unregistering): Released all slaves
[  135.441023][ T5838] bond2 (unregistering): Released all slaves
[  135.636848][ T8277] chnl_net:caif_netlink_parms(): no params data found
[  135.773685][ T8277] bridge0: port 1(bridge_slave_0) entered blocking state
[  135.776996][ T8277] bridge0: port 1(bridge_slave_0) entered disabled state
[  135.779410][ T8277] bridge_slave_0: entered allmulticast mode
[  135.782017][ T8277] bridge_slave_0: entered promiscuous mode
[  135.785292][ T8277] bridge0: port 2(bridge_slave_1) entered blocking state
[  135.788160][ T8277] bridge0: port 2(bridge_slave_1) entered disabled state
[  135.790585][ T8277] bridge_slave_1: entered allmulticast mode
[  135.793812][ T8277] bridge_slave_1: entered promiscuous mode
[  135.830225][ T5838] hsr_slave_0: left promiscuous mode
[  135.832470][ T5838] hsr_slave_1: left promiscuous mode
[  135.844648][ T5838] veth1_macvtap: left promiscuous mode
[  135.848137][ T5838] veth0_macvtap: left promiscuous mode
[  135.850307][ T5838] veth1_vlan: left promiscuous mode
[  135.854057][ T5838] veth0_vlan: left promiscuous mode
[  136.188772][ T8290] loop2: detected capacity change from 0 to 40427
[  136.200805][ T8290] F2FS-fs (loop2): invalid crc value
[  136.233146][ T8290] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  136.236891][ T8290] F2FS-fs (loop2): Start checkpoint disabled!
[  136.242024][ T8290] F2FS-fs (loop2): f2fs_disable_checkpoint() finish, err:0
[  136.253137][ T8290] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  136.316958][ T8289] syz.2.904: attempt to access beyond end of device
[  136.316958][ T8289] loop2: rw=2049, sector=45096, nr_sectors = 128 limit=40427
[  136.331091][ T8289] syz.2.904: attempt to access beyond end of device
[  136.331091][ T8289] loop2: rw=2049, sector=45224, nr_sectors = 128 limit=40427
[  136.339766][ T8289] syz.2.904: attempt to access beyond end of device
[  136.339766][ T8289] loop2: rw=2049, sector=45352, nr_sectors = 128 limit=40427
[  136.349921][ T8289] syz.2.904: attempt to access beyond end of device
[  136.349921][ T8289] loop2: rw=2049, sector=45480, nr_sectors = 128 limit=40427
[  136.356542][ T8289] syz.2.904: attempt to access beyond end of device
[  136.356542][ T8289] loop2: rw=2049, sector=45608, nr_sectors = 128 limit=40427
[  136.363612][ T8289] syz.2.904: attempt to access beyond end of device
[  136.363612][ T8289] loop2: rw=2049, sector=45736, nr_sectors = 128 limit=40427
[  136.369949][ T8289] syz.2.904: attempt to access beyond end of device
[  136.369949][ T8289] loop2: rw=2049, sector=45864, nr_sectors = 128 limit=40427
[  136.375146][ T8289] syz.2.904: attempt to access beyond end of device
[  136.375146][ T8289] loop2: rw=2049, sector=45992, nr_sectors = 128 limit=40427
[  136.381428][ T8289] syz.2.904: attempt to access beyond end of device
[  136.381428][ T8289] loop2: rw=2049, sector=46120, nr_sectors = 128 limit=40427
[  136.387593][ T8289] syz.2.904: attempt to access beyond end of device
[  136.387593][ T8289] loop2: rw=2049, sector=46248, nr_sectors = 128 limit=40427
[  136.573330][ T5815] Bluetooth: hci0: command tx timeout
[  136.674480][   T27] CPU: 1 UID: 0 PID: 27 Comm: kworker/u10:0 Not tainted syzkaller #0 PREEMPT(full) 
[  136.674497][   T27] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  136.674502][   T27] Workqueue: writeback wb_workfn (flush-7:2)
[  136.674518][   T27] Call Trace:
[  136.674523][   T27]  <TASK>
[  136.674528][   T27]  dump_stack_lvl+0x189/0x250
[  136.674551][   T27]  ? __pfx_dump_stack_lvl+0x10/0x10
[  136.674559][   T27]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[  136.674570][   T27]  ? __pfx_queue_work_on+0x10/0x10
[  136.674580][   T27]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  136.674589][   T27]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  136.674599][   T27]  ? f2fs_hw_is_readonly+0x39b/0x470
[  136.674613][   T27]  f2fs_handle_critical_error+0x37c/0x540
[  136.674627][   T27]  f2fs_write_end_io+0x886/0xb60
[  136.674643][   T27]  __submit_merged_bio+0x27a/0x6a0
[  136.674658][   T27]  f2fs_submit_page_write+0x2088/0x21b0
[  136.674678][   T27]  ? __f2fs_is_valid_blkaddr+0xd2a/0x14f0
[  136.674689][   T27]  do_write_page+0x40f/0xac0
[  136.674699][   T27]  ? f2fs_encrypt_one_page+0xaf/0x940
[  136.674707][   T27]  f2fs_outplace_write_data+0x11a/0x220
[  136.674718][   T27]  f2fs_do_write_data_page+0x113e/0x1650
[  136.674731][   T27]  ? __pfx_f2fs_do_write_data_page+0x10/0x10
[  136.674740][   T27]  ? __lock_acquire+0xab9/0xd20
[  136.674754][   T27]  f2fs_write_single_data_page+0xb25/0x1760
[  136.674769][   T27]  ? __pfx_f2fs_write_single_data_page+0x10/0x10
[  136.674784][   T27]  ? folio_clear_dirty_for_io+0x573/0x710
[  136.674795][   T27]  ? folio_clear_dirty_for_io+0x1d4/0x710
[  136.674805][   T27]  f2fs_write_data_pages+0x195b/0x3000
[  136.674828][   T27]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  136.674870][   T27]  ? f2fs_write_meta_pages+0x357/0x450
[  136.674882][   T27]  ? __lock_acquire+0xab9/0xd20
[  136.674894][   T27]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  136.674902][   T27]  do_writepages+0x32e/0x550
[  136.674913][   T27]  ? reacquire_held_locks+0x127/0x1d0
[  136.674921][   T27]  ? writeback_sb_inodes+0x384/0x1010
[  136.674935][   T27]  __writeback_single_inode+0x145/0xff0
[  136.674945][   T27]  ? do_raw_spin_unlock+0x4d/0x240
[  136.674956][   T27]  writeback_sb_inodes+0x6c7/0x1010
[  136.674978][   T27]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  136.675007][   T27]  ? rcu_is_watching+0x15/0xb0
[  136.675019][   T27]  wb_writeback+0x43b/0xaf0
[  136.675033][   T27]  ? queue_io+0x341/0x590
[  136.675044][   T27]  ? __pfx_wb_writeback+0x10/0x10
[  136.675058][   T27]  ? _raw_spin_unlock_irq+0x23/0x50
[  136.675097][   T27]  wb_workfn+0x409/0xef0
[  136.675112][   T27]  ? __pfx_wb_workfn+0x10/0x10
[  136.675123][   T27]  ? __lock_acquire+0xab9/0xd20
[  136.675135][   T27]  ? process_scheduled_works+0x9ef/0x17b0
[  136.675146][   T27]  ? _raw_spin_unlock_irq+0x23/0x50
[  136.675155][   T27]  ? process_scheduled_works+0x9ef/0x17b0
[  136.675161][   T27]  ? process_scheduled_works+0x9ef/0x17b0
[  136.675170][   T27]  process_scheduled_works+0xae1/0x17b0
[  136.675191][   T27]  ? __pfx_process_scheduled_works+0x10/0x10
[  136.675207][   T27]  worker_thread+0x8a0/0xda0
[  136.675226][   T27]  kthread+0x711/0x8a0
[  136.675238][   T27]  ? __pfx_worker_thread+0x10/0x10
[  136.675245][   T27]  ? __pfx_kthread+0x10/0x10
[  136.675255][   T27]  ? _raw_spin_unlock_irq+0x23/0x50
[  136.675264][   T27]  ? lockdep_hardirqs_on+0x9c/0x150
[  136.675272][   T27]  ? __pfx_kthread+0x10/0x10
[  136.675282][   T27]  ret_from_fork+0x4bc/0x870
[  136.675291][   T27]  ? __pfx_ret_from_fork+0x10/0x10
[  136.675302][   T27]  ? __switch_to_asm+0x39/0x70
[  136.675308][   T27]  ? __switch_to_asm+0x33/0x70
[  136.675313][   T27]  ? __pfx_kthread+0x10/0x10
[  136.675322][   T27]  ret_from_fork_asm+0x1a/0x30
[  136.675337][   T27]  </TASK>
[  136.675340][   T27] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  137.171297][ T2259] hid-generic 0000:0000:0000.0009: unknown main item tag 0x0
[  137.219164][ T2259] hid-generic 0000:0000:0000.0009: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  137.306819][ T8296] loop2: detected capacity change from 0 to 512
[  137.309620][ T8296] EXT4-fs: Ignoring removed oldalloc option
[  137.311894][ T8296] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  137.317321][ T8296] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.905: inode has both inline data and extents flags
[  137.322604][ T8296] EXT4-fs (loop2): Remounting filesystem read-only
[  137.326230][ T8296] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  137.610989][ T5809] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  137.682961][ T8277] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  137.699764][ T8277] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  137.742237][ T8301] atomic_op ffff88811874c998 conn xmit_atomic 0000000000000000
[  137.791355][ T8277] team0: Port device team_slave_0 added
[  137.794691][ T8277] team0: Port device team_slave_1 added
[  137.835600][ T8303] loop2: detected capacity change from 0 to 512
[  137.850390][ T8277] batman_adv: batadv0: Adding interface: batadv_slave_0
[  137.852615][ T8277] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  137.873405][ T8277] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  137.878264][ T8303] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  137.884887][ T8277] batman_adv: batadv0: Adding interface: batadv_slave_1
[  137.889273][ T8277] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  137.900339][ T8303] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a856e11d, mo2=0002]
[  137.903960][ T8303] System zones: 1-12
[  137.905556][ T8303] EXT4-fs (loop2): orphan cleanup on readonly fs
[  137.909144][ T8277] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  137.932115][ T8303] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.908: bg 0: block 361: padding at end of block bitmap is not set
[  137.957444][ T8303] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  137.971258][ T8303] EXT4-fs error (device loop2): ext4_clear_blocks:876: inode #11: comm syz.2.908: attempt to clear invalid blocks 33619980 len 1
[  138.003107][ T8277] hsr_slave_0: entered promiscuous mode
[  138.017165][ T8303] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.908: invalid indirect mapped block 1811939328 (level 0)
[  138.029447][ T8277] hsr_slave_1: entered promiscuous mode
[  138.033110][ T8277] debugfs: 'hsr0' already exists in 'hsr'
[  138.035195][ T8277] Cannot create hsr debugfs directory
[  138.058860][ T8303] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.908: invalid indirect mapped block 2 (level 2)
[  138.076872][ T8303] EXT4-fs (loop2): 1 truncate cleaned up
[  138.080686][ T8303] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: writeback.
[  138.112449][ T8303] EXT4-fs (loop2): ext4_remount: Checksum for group 0 failed (17031!=33349)
[  138.135364][ T5809] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  138.260825][ T8277] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  138.267605][ T8277] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  138.272185][ T8277] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  138.280903][ T8277] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  138.338508][ T8277] 8021q: adding VLAN 0 to HW filter on device bond0
[  138.358912][ T8277] 8021q: adding VLAN 0 to HW filter on device team0
[  138.370557][ T2899] bridge0: port 1(bridge_slave_0) entered blocking state
[  138.373658][ T2899] bridge0: port 1(bridge_slave_0) entered forwarding state
[  138.390761][ T2899] bridge0: port 2(bridge_slave_1) entered blocking state
[  138.393304][ T2899] bridge0: port 2(bridge_slave_1) entered forwarding state
[  138.527957][ T8277] 8021q: adding VLAN 0 to HW filter on device batadv0
[  138.557326][ T8277] veth0_vlan: entered promiscuous mode
[  138.563540][ T8277] veth1_vlan: entered promiscuous mode
[  138.582020][ T8277] veth0_macvtap: entered promiscuous mode
[  138.587991][ T8277] veth1_macvtap: entered promiscuous mode
[  138.598814][ T8277] batman_adv: batadv0: Interface activated: batadv_slave_0
[  138.606700][ T8277] batman_adv: batadv0: Interface activated: batadv_slave_1
[  138.612652][ T5858] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  138.615622][ T5858] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  138.621850][ T5858] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  138.624446][ T5858] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  138.646457][ T5815] Bluetooth: hci0: command tx timeout
[  138.677868][ T1090] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  138.683046][ T1090] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  138.703711][ T1091] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  138.707357][ T1091] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  139.233800][ T8332] netlink: 2 bytes leftover after parsing attributes in process `syz.2.915'.
[  139.533140][ T8350] netlink: 40 bytes leftover after parsing attributes in process `syz.2.924'.
[  139.536002][ T8350] netlink: 56 bytes leftover after parsing attributes in process `syz.2.924'.
[  139.615520][ T8356] validate_nla: 47 callbacks suppressed
[  139.615545][ T8356] netlink: 'syz.2.927': attribute type 3 has an invalid length.
[  139.622982][ T8356] netlink: 224 bytes leftover after parsing attributes in process `syz.2.927'.
[  139.646559][ T8358] netlink: 12 bytes leftover after parsing attributes in process `syz.3.928'.
[  140.396046][   T33] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  140.546116][   T33] usb 4-1: Using ep0 maxpacket: 16
[  140.549794][   T33] usb 4-1: config 0 has an invalid interface number: 214 but max is 0
[  140.552516][   T33] usb 4-1: config 0 has no interface number 0
[  140.554456][   T33] usb 4-1: config 0 interface 214 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  140.571622][   T33] usb 4-1: New USB device found, idVendor=0596, idProduct=0001, bcdDevice= 5.f5
[  140.574724][   T33] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  140.577862][   T33] usb 4-1: Product: syz
[  140.579705][   T33] usb 4-1: Manufacturer: syz
[  140.581453][   T33] usb 4-1: SerialNumber: syz
[  140.596401][   T33] usb 4-1: config 0 descriptor??
[  140.716341][ T5815] Bluetooth: hci0: command tx timeout
[  140.801990][   T33] usbtouchscreen 4-1:0.214: Failed to read FW rev: -32
[  140.815378][   T33] usbtouchscreen 4-1:0.214: probe with driver usbtouchscreen failed with error -32
[  140.823000][   T33] usb 4-1: USB disconnect, device number 2
[  140.883730][ T8377] loop2: detected capacity change from 0 to 128
[  140.894562][ T8377] FAT-fs (loop2): Directory bread(block 32) failed
[  140.898194][ T8377] FAT-fs (loop2): Directory bread(block 33) failed
[  140.901442][ T8377] FAT-fs (loop2): Directory bread(block 34) failed
[  140.904000][ T8377] FAT-fs (loop2): Directory bread(block 35) failed
[  140.909007][ T8377] FAT-fs (loop2): Directory bread(block 36) failed
[  140.911796][ T8377] FAT-fs (loop2): Directory bread(block 37) failed
[  140.914535][ T8377] FAT-fs (loop2): Directory bread(block 38) failed
[  140.918344][ T8377] FAT-fs (loop2): Directory bread(block 39) failed
[  140.921179][ T8377] FAT-fs (loop2): Directory bread(block 40) failed
[  140.924221][ T8377] FAT-fs (loop2): Directory bread(block 41) failed
[  141.221172][   T56] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  141.227970][   T56] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  141.232510][   T56] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  141.239559][   T56] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  141.242786][   T56] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  141.353869][ T8391] netlink: 'syz.3.942': attribute type 21 has an invalid length.
[  141.372889][ T8391] netlink: 'syz.3.942': attribute type 6 has an invalid length.
[  141.376324][ T8391] netlink: 64 bytes leftover after parsing attributes in process `syz.3.942'.
[  141.393470][ T8391] netlink: 'syz.3.942': attribute type 21 has an invalid length.
[  141.401446][ T8391] netlink: 'syz.3.942': attribute type 6 has an invalid length.
[  141.411421][ T8391] netlink: 64 bytes leftover after parsing attributes in process `syz.3.942'.
[  141.420763][ T8381] chnl_net:caif_netlink_parms(): no params data found
[  141.507388][ T8381] bridge0: port 1(bridge_slave_0) entered blocking state
[  141.513352][ T8381] bridge0: port 1(bridge_slave_0) entered disabled state
[  141.519523][ T8381] bridge_slave_0: entered allmulticast mode
[  141.526120][ T8381] bridge_slave_0: entered promiscuous mode
[  141.533465][ T8381] bridge0: port 2(bridge_slave_1) entered blocking state
[  141.539898][ T8381] bridge0: port 2(bridge_slave_1) entered disabled state
[  141.548217][ T8381] bridge_slave_1: entered allmulticast mode
[  141.551284][ T8381] bridge_slave_1: entered promiscuous mode
[  141.586320][ T8381] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  141.598283][ T8381] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  141.635878][ T8381] team0: Port device team_slave_0 added
[  141.642368][ T8381] team0: Port device team_slave_1 added
[  141.680017][ T8381] batman_adv: batadv0: Adding interface: batadv_slave_0
[  141.682915][ T8381] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  141.703194][ T8381] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  141.718830][ T8381] batman_adv: batadv0: Adding interface: batadv_slave_1
[  141.724881][ T8381] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  141.751977][ T8381] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  141.833565][ T8381] hsr_slave_0: entered promiscuous mode
[  141.837662][ T8381] hsr_slave_1: entered promiscuous mode
[  141.840682][ T8381] debugfs: 'hsr0' already exists in 'hsr'
[  141.842952][ T8381] Cannot create hsr debugfs directory
[  141.899180][ T8400] loop3: detected capacity change from 0 to 32768
[  141.934726][ T8400] JBD2: Ignoring recovery information on journal
[  141.968885][ T8400] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  142.020625][ T8277] ocfs2: Unmounting device (7,3) on (node local)
[  142.107327][ T8381] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  142.118456][ T8381] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  142.142784][ T8381] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  142.151466][ T8381] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  142.193561][ T8381] bridge0: port 2(bridge_slave_1) entered blocking state
[  142.196358][ T8381] bridge0: port 2(bridge_slave_1) entered forwarding state
[  142.199215][ T8381] bridge0: port 1(bridge_slave_0) entered blocking state
[  142.201955][ T8381] bridge0: port 1(bridge_slave_0) entered forwarding state
[  142.278120][ T8381] 8021q: adding VLAN 0 to HW filter on device bond0
[  142.317149][   T70] bridge0: port 1(bridge_slave_0) entered disabled state
[  142.337286][   T70] bridge0: port 2(bridge_slave_1) entered disabled state
[  142.358230][ T8381] 8021q: adding VLAN 0 to HW filter on device team0
[  142.378012][ T2899] bridge0: port 1(bridge_slave_0) entered blocking state
[  142.380854][ T2899] bridge0: port 1(bridge_slave_0) entered forwarding state
[  142.401893][ T2899] bridge0: port 2(bridge_slave_1) entered blocking state
[  142.405515][ T2899] bridge0: port 2(bridge_slave_1) entered forwarding state
[  142.447117][ T8381] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  142.518916][ T8425] netlink: 'syz.3.952': attribute type 29 has an invalid length.
[  142.527222][ T8425] netlink: 'syz.3.952': attribute type 29 has an invalid length.
[  142.546542][ T8425] netlink: 508 bytes leftover after parsing attributes in process `syz.3.952'.
[  142.550902][ T8425] unsupported nla_type 66
[  142.571517][ T8414] loop2: detected capacity change from 0 to 32768
[  142.609946][ T8414] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  142.610822][ T8381] 8021q: adding VLAN 0 to HW filter on device batadv0
[  142.643700][ T8414] XFS (loop2): Ending clean mount
[  142.672580][ T5809] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  142.808198][   T56] Bluetooth: hci0: command tx timeout
[  142.834342][ T8381] veth0_vlan: entered promiscuous mode
[  142.851217][ T8381] veth1_vlan: entered promiscuous mode
[  142.865952][  T794] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  142.873547][ T8381] veth0_macvtap: entered promiscuous mode
[  142.889626][ T8381] veth1_macvtap: entered promiscuous mode
[  142.917927][ T8381] batman_adv: batadv0: Interface activated: batadv_slave_0
[  142.932483][ T8381] batman_adv: batadv0: Interface activated: batadv_slave_1
[  142.945005][ T5858] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  142.951015][ T5858] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  142.957638][ T5858] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  142.962112][ T5858] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  143.039223][  T794] usb 4-1: New USB device found, idVendor=0eb1, idProduct=7007, bcdDevice= 2.00
[  143.043325][  T794] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  143.056934][  T794] usb 4-1: config 0 descriptor??
[  143.067964][  T794] go7007 4-1:0.0: probe with driver go7007 failed with error -12
[  143.081307][ T1090] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  143.096908][ T1090] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  143.119861][   T26] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  143.123572][   T26] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  143.267279][ T8461] netlink: 8 bytes leftover after parsing attributes in process `syz.2.960'.
[  143.271047][ T8461] netlink: 24 bytes leftover after parsing attributes in process `syz.2.960'.
[  143.275894][   T56] Bluetooth: hci3: command tx timeout
[  143.284948][  T794] usb 4-1: USB disconnect, device number 3
[  143.579726][ T8477] loop2: detected capacity change from 0 to 128
[  143.583179][ T8477] EXT4-fs: Ignoring removed nomblk_io_submit option
[  143.606144][ T8477] EXT4-fs (loop2): Test dummy encryption mode enabled
[  143.618546][ T8477] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  143.634667][ T8477] ext4 filesystem being mounted at /366/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  143.724675][ T5809] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  143.803658][  T794] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  143.909647][ T8490] loop3: detected capacity change from 0 to 2048
[  143.912926][ T8490] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=2362, location=2362
[  143.926666][ T8490] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  143.930127][ T8490] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4
[  143.945600][ T8490] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  143.975932][  T794] usb 5-1: Using ep0 maxpacket: 16
[  143.981975][  T794] usb 5-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  143.984924][  T794] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  143.988722][  T794] usb 5-1: Product: syz
[  143.989510][ T8494] tap0: tun_chr_ioctl cmd 1074025684
[  143.990083][  T794] usb 5-1: Manufacturer: syz
[  143.990092][  T794] usb 5-1: SerialNumber: syz
[  143.997968][  T794] r8152-cfgselector 5-1: Unknown version 0x0000
[  144.001546][  T794] r8152-cfgselector 5-1: config 0 descriptor??
[  144.149212][ T8500] ipvlan2: entered promiscuous mode
[  144.152540][ T8500] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  144.206337][   T33] usb 3-1: new full-speed USB device number 15 using dummy_hcd
[  144.228268][ T8502] netlink: 'syz.3.976': attribute type 12 has an invalid length.
[  144.230881][ T8502] netlink: 'syz.3.976': attribute type 29 has an invalid length.
[  144.233300][ T8502] netlink: 'syz.3.976': attribute type 1 has an invalid length.
[  144.305324][ T8506] __nla_validate_parse: 3 callbacks suppressed
[  144.305341][ T8506] netlink: 8 bytes leftover after parsing attributes in process `syz.3.978'.
[  144.367771][   T33] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  144.370939][   T33] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  144.377471][   T33] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  144.380435][   T33] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  144.386040][   T33] usb 3-1: Product: syz
[  144.387742][   T33] usb 3-1: Manufacturer: syz
[  144.389204][   T33] usb 3-1: SerialNumber: syz
[  144.433767][ T5859] r8152-cfgselector 5-1: USB disconnect, device number 2
[  144.600967][   T33] usb 3-1: 0:2 : does not exist
[  144.606433][   T33] usb 3-1: 5:0: failed to get current value for ch 0 (-22)
[  144.622523][   T33] usb 3-1: USB disconnect, device number 15
[  144.625961][  T794] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  144.786409][  T794] usb 4-1: Using ep0 maxpacket: 32
[  144.790871][  T794] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  144.799399][  T794] usb 4-1: New USB device found, idVendor=06f8, idProduct=301b, bcdDevice=bb.39
[  144.802891][  T794] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  144.811353][  T794] usb 4-1: Product: syz
[  144.813181][  T794] usb 4-1: Manufacturer: syz
[  144.815122][  T794] usb 4-1: SerialNumber: syz
[  144.820323][  T794] usb 4-1: config 0 descriptor??
[  144.828490][  T794] gspca_main: gspca_pac7302-2.14.0 probing 06f8:301b
[  145.108384][ T8516] loop4: detected capacity change from 0 to 2048
[  145.124040][ T8516] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  145.129425][ T8516] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  145.355853][   T56] Bluetooth: hci3: command tx timeout
[  145.502974][ T8518] loop2: detected capacity change from 0 to 32768
[  145.557414][ T8518] read_mapping_page failed!
[  145.559604][ T8518] ERROR: (device loop2): txCommit: 
[  145.559604][ T8518] 
[  145.632133][  T117] BUG at fs/jfs/jfs_txnmgr.c:932 assert(mp->nohomeok > 0)
[  145.634439][  T117] ------------[ cut here ]------------
[  145.634820][  T794] gspca_pac7302: reg_w() failed i: 78 v: 40 error -71
[  145.636450][  T117] kernel BUG at fs/jfs/jfs_txnmgr.c:932!
[  145.640858][  T117] Oops: invalid opcode: 0000 [#1] SMP KASAN PTI
[  145.644782][  T117] CPU: 1 UID: 0 PID: 117 Comm: jfsCommit Not tainted syzkaller #0 PREEMPT(full) 
[  145.648933][  T117] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  145.651805][  T794] gspca_pac7302 4-1:0.0: probe with driver gspca_pac7302 failed with error -71
[  145.652407][  T117] RIP: 0010:txUnlock+0xdaf/0xdf0
[  145.656481][  T794] usb 4-1: USB disconnect, device number 4
[  145.656897][  T117] Code: de fd 90 0f 0b e8 b1 35 77 fe 48 c7 c7 60 b6 a4 8b 48 c7 c6 59 b2 a4 8b ba a4 03 00 00 48 c7 c1 60 c3 a4 8b e8 72 ae de fd 90 <0f> 0b e8 8a 35 77 fe 48 c7 c7 60 b6 a4 8b 48 c7 c6 59 b2 a4 8b ba
[  145.664821][  T117] RSP: 0018:ffffc900030c7ba8 EFLAGS: 00010246
[  145.666879][  T117] RAX: 0000000000000037 RBX: 0000000000001000 RCX: 47edc7f5b8868400
[  145.669402][  T117] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[  145.671797][  T117] RBP: ffffc90002c2a360 R08: ffffc900030c78c7 R09: 1ffff92000618f18
[  145.674208][  T117] R10: dffffc0000000000 R11: fffff52000618f19 R12: dffffc0000000000
[  145.676598][  T117] R13: 1ffff1102cbef76a R14: ffff888165f7bb50 R15: 0000000000000000
[  145.678880][  T117] FS:  0000000000000000(0000) GS:ffff8882a9f34000(0000) knlGS:0000000000000000
[  145.681558][  T117] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  145.683783][  T117] CR2: 00007fc0e53fcfc8 CR3: 00000001bc62c000 CR4: 00000000000006f0
[  145.686643][  T117] Call Trace:
[  145.687681][  T117]  <TASK>
[  145.688615][  T117]  ? lockdep_hardirqs_on+0x9c/0x150
[  145.690241][  T117]  jfs_lazycommit+0x584/0xa90
[  145.691777][  T117]  ? __pfx_jfs_lazycommit+0x10/0x10
[  145.693497][  T117]  ? __pfx_default_wake_function+0x10/0x10
[  145.695414][  T117]  ? __kthread_parkme+0x7b/0x200
[  145.697045][  T117]  ? __kthread_parkme+0x1a1/0x200
[  145.698886][  T117]  kthread+0x711/0x8a0
[  145.700453][  T117]  ? __pfx_jfs_lazycommit+0x10/0x10
[  145.702492][  T117]  ? __pfx_kthread+0x10/0x10
[  145.704235][  T117]  ? _raw_spin_unlock_irq+0x23/0x50
[  145.706083][  T117]  ? lockdep_hardirqs_on+0x9c/0x150
[  145.707875][  T117]  ? __pfx_kthread+0x10/0x10
[  145.709349][  T117]  ret_from_fork+0x4bc/0x870
[  145.710796][  T117]  ? __pfx_ret_from_fork+0x10/0x10
[  145.712403][  T117]  ? __switch_to_asm+0x39/0x70
[  145.713909][  T117]  ? __switch_to_asm+0x33/0x70
[  145.715412][  T117]  ? __pfx_kthread+0x10/0x10
[  145.716829][  T117]  ret_from_fork_asm+0x1a/0x30
[  145.718386][  T117]  </TASK>
[  145.719816][  T117] Modules linked in:
[  145.721934][  T117] ---[ end trace 0000000000000000 ]---
[  145.729452][  T117] RIP: 0010:txUnlock+0xdaf/0xdf0
[  145.731162][  T117] Code: de fd 90 0f 0b e8 b1 35 77 fe 48 c7 c7 60 b6 a4 8b 48 c7 c6 59 b2 a4 8b ba a4 03 00 00 48 c7 c1 60 c3 a4 8b e8 72 ae de fd 90 <0f> 0b e8 8a 35 77 fe 48 c7 c7 60 b6 a4 8b 48 c7 c6 59 b2 a4 8b ba
[  145.738859][  T117] RSP: 0018:ffffc900030c7ba8 EFLAGS: 00010246
[  145.740971][  T117] RAX: 0000000000000037 RBX: 0000000000001000 RCX: 47edc7f5b8868400
[  145.743773][  T117] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[  145.792132][  T117] RBP: ffffc90002c2a360 R08: ffffc900030c78c7 R09: 1ffff92000618f18
[  145.794631][  T117] R10: dffffc0000000000 R11: fffff52000618f19 R12: dffffc0000000000
[  145.797410][  T117] R13: 1ffff1102cbef76a R14: ffff888165f7bb50 R15: 0000000000000000
[  145.799989][  T117] FS:  0000000000000000(0000) GS:ffff88818eb34000(0000) knlGS:0000000000000000
[  145.802797][  T117] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  145.805141][  T117] CR2: 0000001b30c22ff8 CR3: 00000001bbe36000 CR4: 00000000000006f0
[  145.808745][  T117] Kernel panic - not syncing: Fatal exception
[  145.811256][  T117] Kernel Offset: disabled
[  145.812701][  T117] Rebooting in 86400 seconds..

VM DIAGNOSIS:
22:27:47  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000001 RBX=0000000000000000 RCX=ffffffff81c7d5a8 RDX=0000000000000000
RSI=0000000000000008 RDI=ffffffff8f7cf770 RBP=ffffffff9270ea40 RSP=ffffc90003537688
R8 =ffffffff8f7cf777 R9 =1ffffffff1ef9eee R10=dffffc0000000000 R11=fffffbfff1ef9eef
R12=0000000000000282 R13=0000000000000000 R14=0000000000000000 R15=ffff88810635bb00
RIP=ffffffff81c7d5b0 RFL=00000057 [---ZAPC] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f25f5a3d380 ffffffff 00c00000
GS =0000 ffff88818eb34000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fc0e47e7dac CR3=0000000117272000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 00000000000000ff XMM01=2525252525252525 2525252525252525
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00000000000000ff XMM05=0000000000000000 0000000000000000
XMM06=0000000000000000 0000000000000000 XMM07=0000000000000000 0000000000000000
XMM08=0000000000000000 0000000000000000 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000050 RBX=0000000000000050 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc900030c72b0
R8 =ffff88816a1d8237 R9 =1ffff1102d43b046 R10=dffffc0000000000 R11=ffffffff8515d3f0
R12=dffffc0000000000 R13=ffffffff997e0919 R14=ffffffff99af3ee0 R15=0000000000000000
RIP=ffffffff8515d46c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8882a9f34000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fc0e53fcfc8 CR3=00000001bc62c000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=ffffffffffffff00 ffffffffffffffff
XMM02=ffffffffffffffff ffffffffffffff00 XMM03=ffffffffffffff00 ffffffffffffff00
XMM04=0000000000000000 00000000000000ff XMM05=0000000000000000 0000000000000000
XMM06=0000000000000000 000000524f525245 XMM07=0000000000000000 0000000000000000
XMM08=0000000000000000 00524f5252450040 XMM09=0000000000000000 00007fc0e46151cf
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
