last executing test programs:

4.822559267s ago: executing program 2 (id=799):
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYRES32], 0x48)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
add_key(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
socket$packet(0x11, 0xa, 0x300)
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file0\x00', 0x1008a, &(0x7f00000002c0)={[{@nomblk_io_submit}, {@usrjquota, 0x22}, {@errors_continue}, {@noload}, {@nomblk_io_submit}, {@grpjquota, 0x22}, {@errors_continue}, {@errors_remount}, {@quota}]}, 0xfe, 0x465, &(0x7f0000001440)="$eJzs3MtvG8UfAPDv2nHS9PFLfqU8WloIFETFI2nSBz1wKQKJA0hIcCjiFNK0KnUb1ASJVhUUDuWIKnFHHJH4C7hQLgg4IXGFO0KqUC8UTkZr76Zuajtx4keoPx9pkxnPWDPf3R17PGtvAANrIv2TRGyPiF8jYqyWvbPCRO3frZuX5/6+eXkuiUrljT+Tar2/bl6ey6vmz9tWy1QqLdq9+nbEbLk8fyHLTy2de29q8eKl586cmz09f3r+/MyxY4cP7Rs+OnOkI3HuSPu658OFvbtfeevaa3Mnrr3z49dpf7dn5fVxdMpEbe829GSnG+uzHXXpZKiPHaEtxYjR9H+pOv7HoljLVo3Fy5/0s29Ad1UqhcpI8+IrFeAelk7UgUGUv9Gnn3/zrUdTj03hxvFYXse4lW21kqEoZHVK1Vx3TETEiSv/fJFu0aV1CACAetePR8SzjeZ/hXigrt7/smtD4xHx/4jYGRH3RcSuiLg/olr3wYh4qM32V14huXv+UxlbV2BrlM7/Xsiubd05/8tnfzFezHI7qvGXklNnyvMHs31yIEojaX66RRvfvfTLZ83K6ud/6Za2n88Fs378MbRige7k7NLsRmKud+PjiD1DjeJPlue86fx4d0TsWWcbZ57+am+zstXjb6EDk/LKlxFP1Y7/lVgRfy5pen1y+vmjM0emtkR5/uBUflbc7aefr77erP0Nxd8BN65XYmvD8385/vFkS8TixUtnq9drF9tv4+pvnzb9TLPe8384ebOaHs4e+2B2aenCdMRw8urdj8/cfm6ez+un5/+B/Y3H/864vScejoj0JN4XEY9ExKNZ3x+LiMcjYn+L+H948Yl324+/xap8B6Xxn1zt+Ef98W8/UTz7/Tftx59Lj//haupA9shaXv/W2sGN7DsAAAD4ryhUvwOfFCaX04XC5GTtO/y7YmuhvLC49MyphffPn6x9V348SoV8pWusbj10OlsbzvMzK/KHsnXjz4uj1fzk3EK5NyscQDPbmoz/1O/FfvcO6Dq/14LBZfzD4DL+YXDdanWnDuCe5v0fBlej8f9RH/oB9N4q7/+jveoH0Hvm/zC4jH8YXMY/DKSmv40vbOgn/5spkd/IYLP0p6uJb4c3dq+GtSeisElC7npiNCJ60VYpO0VHIqKuaGjNN7NIstt2tNn6SMOiPr8wAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMi/AQAA//9cTNqE")
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_udp_encap(r1, 0x11, 0x64, &(0x7f0000000040)=0x2, 0x4)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c)
syz_emit_ethernet(0x47, &(0x7f0000000300)={@link_local, @random="2059249b3790", @void, {@ipv6={0x86dd, @udp={0x0, 0x6, "108114", 0x11, 0x11, 0x0, @empty, @mcast2, {[], {0x0, 0xe22, 0x11, 0x0, @opaque="65ef83f7775bcf0ddb"}}}}}}, 0x0)

4.774956589s ago: executing program 2 (id=800):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
getsockopt$CAN_RAW_LOOPBACK(0xffffffffffffffff, 0x65, 0x20, 0x0, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r2, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r2, &(0x7f0000000340)={0xa, 0x3, 0x0, @ipv4={'\x00', '\xff\xff', @remote}, 0xfffffffe}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r2, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r2, 0x11a, 0x1, 0x0, 0x0)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00')
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff})
recvmmsg(r3, 0x0, 0x0, 0x2, 0x0)
open(0x0, 0x24042, 0x0)
r4 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x2, 0x0, 0xfffffffe, 0x1e6}, &(0x7f00000001c0)=<r5=>0x0, &(0x7f0000000280)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
r7 = openat$6lowpan_control(0xffffffffffffff9c, 0x0, 0x2, 0x0)
write$6lowpan_control(r7, &(0x7f0000000100)='connect aa:aa:aa:aa:aa:10 2', 0x1b)
syz_io_uring_submit(r5, r6, &(0x7f0000000300)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x80, 0x23456})
io_uring_enter(r4, 0x62c3, 0x2400, 0x0, 0x0, 0x0)

3.796896158s ago: executing program 2 (id=808):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f00000004c0)='./file0\x00', 0x20108c0, &(0x7f00000007c0)=ANY=[@ANYBLOB="75737271756f74612c696f636861727365743d69736f383835392d352c696f636861727365743d6575632d6a702c696e746567726974792c71756f74612c6e6f71756f74612c71756f7461006572726f72733d636f6e74696e75652c756d61736b3d3078303030303030303030303030303038312c75737271756f74612c06000000756f74612c756d61736b3d3078303030303030303030303030303030312c67727071756f74612c756d61736b3d3078303030303030303030303032303034352c726f6f74636f6e746578743d7379752c646566636f6e746578743d73797361646d5f752c66736e616d653d003f0000587d5b2d292b2c00a9c1a30bc3207997b7f4e9447ee50b7a7e32bbde0fc9243970c38a6cb5080b27024c8fa61254ca59336acbf090ea35b6e7e44f4af2c218e937a7689e5f17975998f3ff7c1c7b896131aaf5097320e70b9b3c7424cb12be8a69b44da8d201000000abf6813950c019ae80f2a89a067e768d0c305f77357aaccfbf7dc0503768aaa6b8940e1ccbc41e021e0cf63c2d1c991852b2b84c2d677f2898bde305ce8fa91a7c14e01f5f066af16ae8fa48cdee8bf24677ab469a4f18d640cc", @ANYRES64], 0xfe, 0x619d, &(0x7f00000012c0)="$eJzs3c9vHGf9B/DP/vSPfptaPVT9Rgi5aflRSpM4KSFQoO0BDlx6QLmiRK5bRaSAkoDSyiKufOHAib8AhMQRIY6IA39AD1y5ceJEJBsJ1BODxn6eeHay23VwvLP2vF6SM/OZZ9b7jN87+yMzs08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPHd73xvrRMR13+aFqxE/F/0IroRS2W9GhFLqyt5/X5EPB97zfFcRAwWIsrb7/3zTMRrEfHxmYid3c31cvGlQ/bj27//62++/9Tbf/nd4MK//3C39/qk9e7d+8W//nj/aNsMAAAAbVMURdFJH/PPps/33aY7BQDMRH79L5K8/NTXv/z723+ap/6o1Wq1Wj2DuqoY7361iIit6m3K9wwOxwPACbMVnzTdBRok/1brR8RTTXcCmGudpjvAsdjZ3VzvpHw71deD1f32fC7ISP5bnYfXd0yaTlM/x2RWj6/t6MWzE/qzNKM+zJOcf7ee//X99mFa77jzn5VJ+Q/3L31qnZx/r55/zenJvzs2/7bK+fcfK/+e/AEAAAAAYI7l//9fafj478LRN+VQPu347+qM+gAAAAAAAAAAT9pRx/97yPh/AAAAMLfKz+qlX505WDbpu9jK5dc6EU/X1gdaJl0ss9x0PwAAAAAAAAAAAACgTfr75/Be60QMIuLp5eWiKMqfqnr9uI56+5Ou7dsPbdb0kzwAAOz7+EztWv5OxGJEXEvf9TdYXl4uisWl5WK5WFrI72eHC4vFUuVzbZ6WyxaGh3hD3B8W5S9brNyuatrn5Wnt9d9X3tew6B2iY0/IIP01JzQ3FDYAJPuvRjtekU6Zonhm0psPGGH/P4VWYqXpxxXzr+mHKQAAAHD8iqIoOunrvM+mY/7dpjsFAMxEfv2vHxc4Ut2d0B7xZH7/3NaDmK/+qNVqtVo9WlcV492vFhGxVb1N+Z7BcPwAcMJsxSdNd4EGyb/V+hHxfNOdAOZap+kOcCx2djfXOynfTvX1II3vns8FGcl/q7N3u3z7cdNp6ueYzOrxtR29eHZCf56bUR/mSc6/W8//+n77MK133PnPyqT8h3uXzLVPzr9Xz7/m9OTfHZt/W+X8+4+Vf0/+AAAAAAAwx/L//684/ps3GQAAAAAAAABOnJ3dzfV83Ws+/v+ZMeu5/vN0yvl3Hjf/pTQv/xMt59+t5f/F2nq9yvyDtw72/3/ubq7/9u4//j9PD5v/Qp7ppEdWJz0iOumeOv00PcrWPWp70BuW9zTodHv9dM5PMXg3bsat2IiLI+t209/joH1tpL3s6WCk/dJIe/+R9ssj7YP0vQPFUm4/H+vxo7gV7+y1l20LU7Z/cUp7MaU959/z/N9KOf9+5afMfzm1d2rT0oOPuo/s99XpuPt58+Znf37x+Ddnqu3oPdy2qnL7zjXQn72/yVPD+Mmdjdvn7924e/f2WqTJyNJLkSZPWM5/sPezcPD8/+J+e37er+6vDz4aPnb+82I7+hPzf7EyX27vyzPuWxNy/sP0k/N/J7WP3/9Pcv6T9/9XGugPAAAAAAAAAAAAAAAAfJqiKPYuEX0zIq6k63+aujYTAJit/PpfJHm5Wq1Wq9Xq01dXFeO9US0i4s/V25TvGX427pcBAPPsPxHxt6Y7QWPk32L5+/7K6UtNdwaYqTsffPiDG7dubdy+03RPAAAAAAAAAID/VR7/c7Uy/vNLEbFSW29k/Ne3YvWo43/288zDAUaf8EDfE2x3h71uZbjxF2JvfO7zk8b/PhePjv+dx8TtVbdjgsGU9uGU9oUp7Ytjlx6kNfZCj4qc/wuV8c7L/M/Whl9vw/iv9THv2yDnf67yeC7z/0JtvWr+xa/nLv+tw664Hd2R/C/cff/HF+588OGrN9+/8d7Gexs/vLy2dvHylStXr1698O7NWxsX9/89nl7PgZx/HvvaeaDtkvPPmcu/XXL+n0u1/Nsl5//5VMu/XXL++f2e/Nsl558/+8i/XXL+L6da/u2S8/9SquXfLju7mwtl/q+kWv7tkvf/L6da/u2S83811fJvl5z/+VTLv11y/hdSfYj8fT38KZLzz0e47P/tkvNfS7X82yXnfynV8m+XnP/lVMu/XXL+r6Va/u2S8/9KquXfLjn/K6mWf7vk/L+aavm3S87/aqrl3y45/6+lWv7tkvP/eqrl3y45/9dTLf92yfl/I9Xyb5ec/zdTLf92yfl/K9Xyb5ec/xupln+7HHz/vxkzZszkmaafmQAAAAAAAAAAAACAulmcTtz0NgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAf9mBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFfbuLUauu74D+Jm9ee0QYiAEJzWwSYwxzpJdX+ILrYsJ1wYoBRIKvWC73rVZ8A2vXQJFsmmgRMKoqKJq+tAWEGojVRVWxQOtKM1D1ctTaR/oS0VVCalRFZBBRWormq1mzv//98zs7Myud7yePf/PR7J/uzNn5pw5c2Z2v2t/9wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAs3vfOPvZWlEU9T+NvzYXxQvqH2+c2Ny47HW3egsBAACA1fq/xt/X7kgXHF7GjZqW+btX/OPXFxYWFor3D//u6BcXFtIVE0UxuqEoGtdFV//9A7XmZYInivHaUNPnQz1WP9zj+pEe14/2uH6sx/Ubelw/3uP6RTtgkY3lz2Mad7at8eHmcpcWdxajjeu2dbjVE7UNQ0PxZzkNtcZtFkZPFHPFqWK2mG5Zvly21lj+m/fW1/W2Iq5rqGldW+tHyA8/eTxuQy3s420t67p+n9H331BM/OiHnzz+xxeeu7vT7LkbWu6v3M4d99W389PhknJba8WGtE/idg41befWDs/JcMt21hq3q3/cvp3Xlrmdw9c3c021P+fjxVDj42839tNI84/10n7aGi777/uLorh8fbPbl1m0rmKo2NRyydD152e8PCLr91E/lF5cjKzoOL13Gcdpfc5saz1O218T8fm/N9xuZIltaH6avv+psUXP+0qP06j+qJd6rbQfg/1+rQzKMRiPi283HvSTHY/BbeHxf3L70sdgx2OnwzGYHnfTMXhfr2NwaGy4sc3pSag1bnP9GNzVsvxwY021xnx2e/djcOrC6XNT8x//xGvnTh87OXty9syeXbum9+zbd+DAgakTc6dmp8u/b3BvD75NxVB6DdwX9l18Dby6bdnmQ3Xhy/17HY53eR1ublu236/DkfYHV1ubF+TiY7p8bTxa3+njV4aKJV5jjedn5+pfh+lxN70OR5pehx2/pnR4HY4s43VYX+bczuV9zzLS9KfTNtysrwWbm47B9u9H2o/Bfn8/MijH4Hg4Lv5159JfC7aG7X1ycqXfjwwvOgbTww3vPfVL0vf74wcao9NxeU/9itvGiovzs+cffPzYhQvndxVhrImXNB0r7cfrpqbHVCw6XodWfLwennvFk/d0uHxz2Ffjr63/Nb7kc1VfZu+D3Z+rxle3zvuz5dLdRRh9ttb7s9NX8/r+TFmyy/6sL/PpqdV/L55yadP77+gS778x9z9fri/d1RPDoyPl63c47Z3Rlvfj1qdqpPHeVWus+9rU8t6PR8OftX4/vrPL+/GWtmX7/X482v7g4vtxrddPO1an/fkcD8fJqenu78f1ZbbsXukxOdL1/fj+MGth/78mJIWUi5qOnaWO27SukZHR8LhG4hpaj9M9LcuPhmxWX9fTu2/sON1xf3lfw+nRXbdWx+lE27L9Pk7T+9VSx2mt10/fbkz78zkejos793Q/TuvLPLN39e+dG+OHTe+dY41j8NrS9zM6PFbf5tF0EJbv9wsb4zH4YHG8OFucKmYa1441jqdaY12TDy3vGBwLf9b6vXJLl2NwR9uy/T4G09expY692sjiB98H7c/neDgunnqo+zFYX+ZN+/v7veuOcElapul71/afry31M6972nbTzfyZV307/2Z/95/N1pc5dWClObP7fnogXHJbh/001vY1ZKnX1EyxNvtpS9jO5w4svZ/q21Nf5osHl3k8HS6K4tJHH278vDf8+8qfX/zO11v+3aXTv+lc+ujDP7j9xN+uZPsBWP+eL8em8mtd079MLeff/wEAAIB1Ieb+oTAT+R8AAAAqI+b++L/CE/kfAAAAKiPm/pEwk0zy/5Y3PTf3/KUiNfMXgnh92g2PlMvFjut0+Hxi4br65Q9/dfbHf3lpeeseKoriJ4/8RsfltzwSt6s0Ebbz6ptbL198w0vLWv/Rx64v19xf/1K4//h4lnsYdKrgThdF8c07Pt9Yz8QHrjTmM48cbcz3XH7yifoy1w6Wn8fbP/uScvk/COXfwyeOtdz+2bAfvhfm9Ns77494u69dec3W/e+7vr54u9p9L2w87Kc+WN5v/D05X3iiXD7u56W2/68+9/TX6ss//qrO239pqPP2Px3u96th/s/Ly+Wbn4P65/F2nwnbH9cXb/fgV77VcfuvfrZc/txbyuWOhhnXvyN8vu0tz80176/Ha8daHlfx1nK5uP7p7/x24/p4f/H+27d//MiVlv3Rfnw888/l/Uy1LR8vj+uJ/qJt/fX7aT4+4/qf/q2jLfu51/qvvufZl9fvt339D7QtN9x2+/bf2PSHn/l8x/XF7Tn8Z+daHs/hd4fXcVj/Ux8Mx2O4/n+vfr5lvdHRd7e+/8Tlv7T5Usvjid72o3L9V19/sjH/Y+LHv3/bC25/4eVX1vddUXz7veX99Vr/yT8627L9X75rZ+P5iNfHjn77+pcS13/+Y5Nnzs5fnJtp2quN353zjnJ7Noxv3FTf3jvCe2v750fOXvjQ7PmJ6Ynpopio7q/Qu2FfCfMH5bi80tvvfCw8n/f83jc3bf+nz8XL/+XR8vIrby+/br06LPeFcPnm8vlbqK1y/U/de1fj9V17pvy8pcfeB1u3/eeBZS0YHn/79wXxeD/30g819kP9usbXjfi6XuX2f3emvJ9vhP26EH4z8313XV9f8/LxdyNceW/5el/1/gtvc/F5/ZPwfL/ze+X9x+2Kj/e74fuYb21pfb+Lx8c3Lg2133/jt3hcDu8nxeXy+rhU3N9Xrt3VcfPi7yEpLt/d+Px30v3cvaKHuZT5j89PnZo7c/HxqQuz8xem5j/+iSOnz148c+FI43d5Hvlwr9tff3/a1Hh/mpndt7eY3lgUxdlieg3esG7O9tc/Wt72n3vs+Mz+6e0zsyeOXTxx4bFzs+dPHp+fPz47M7/92IkTsx/rdfu5mUO7dh/cs3/35Mm5mUMHDh7cc3By7szZ+maUG9XDvumPTJ45f6Rxk/lDew/ueuihvdOTp8/OzB7aPz09ebHX7Rtfmybrt/71yfOzp45dmDs9Ozk/94nZQ7sO7tu3u+dvAzx97sT8xNT5i2emLs7Pnp8qH8vEhcbF9a99vW5PNc3/W/n9bLta+Yv4inc9sC/9fta6r35qybsqF2n7BaLPhd9F8w8vOndgOZ/H3D8aZpJJ/gcAAIAcxNw/FmYi/wMAAEBlxNy/IcxE/gcAAIDKiLl/PMwkk/yv/6//v7z+f3m9/n9e/f9zHy17peu9/x/78/r/ebjF/f9Vr1//X/+/ev3/5ffn1/v26//r/7PYoPX/Y+7fWBRZ5n8AAADIQcz9m8JM5H8AAACojJj7bwszkf8BAACgMmLuf0GYSSb5X/9/Wf3/3b0KV9Xv/zv/v/5/sT77//HJ0f/Pxor79+97tOVT/f9A/1//X/9f/1//n1UbXfKaW9X/j7n/9jCTTPI/AAAA5CDm/heGmcj/AAAAUBkx998RZiL/AwAAQGXE3L85zCST/K//7/z/+v/6/937/2NN97QO+/+rPf9/08bo/68Pzv/fnf5/Dzfc/x/X/1+P/f/R/m7/YPf/e26+/j83xaCd/z/m/heFmWSS/wEAACAHMfe/OMxE/gcAAIDKiLn/JWEm8j8AAABURsz9d4aZZJL/9f/1//X/9f8rff7/1fb/u57/v/xI/3+w6P93p//fg/P/59X/7/P2D3b/v9/n/x99c/vt9f/pZND6/zH3vzTMJJP8DwAAADmIuf+uMBP5HwAAACoj5v6XhZnI/wAAAFAZMfdvCTPJJP/r/+v/6//r/+v/d15/7/5/Sf9/sOj/d6f/34P+v/6//v/y+v8dvvnV/6eTQev/x9x/d5hJJvkfAAAAchBz/z1hJvI/AAAAVEbM/T8VZiL/AwAAQGXE3L81zCST/K//r/+v/59X//+BMf1//f9q0//vTv+/B/1//X/9/2We/3+xlfT/N/S6Mypj0Pr/Mfe/PMwkk/wPAAAAOYi5/xVhJvI/AAAAVEbM/a8MM5H/AQAAoDJi7p8IM8kk/+v/V6v//6d//dQrC/1//f8e669o/z8eBvr/mdP/707/vwf9f/1//f816f+Tj0Hr/8fcf2+YSSb5HwAAAHIQc/99YSbyPwAAAFRGzP33h5nI/wAAAFAZMfdvCzOpfP4vmw/6/9Xq/0f6//r/3dZf0f5/ov+fN/3/DppepPr/Pej/Z9//j2kg3/5//O5X/5/+GLT+f8z9rwozqXz+BwAAgHzE3L89zET+BwAAgMqIuf/VYSbyPwAAAFRGzP07wkwyyf/6//r/+v/6//r/ndev/78+6f93t9L+/5j+v/5/Zv1/5/93/n/6a9D6/zH3vybMJJP8DwAAADmIuX9nmIn8DwAAAJUR//9m+f9e5X8AAACoopj7J8NMMsn/+v/6/zn1/2v6//r/+v+Vp//fnfP/96D/r/+v/6//T18NWv8/5v7Xhplkkv8BAAAgBzH3PxhmIv8DAABAZcTcPxVmIv8DAABAZcTcPx1mkkn+1//X/8+p/+/8//r/+v/Vp//fnf5/D/r/+v9V6/8Xhf4/t9Sg9f9j7t8VZpJJ/gcAAIAcxNy/O8xE/gcAAIDKiLl/T5iJ/A8AAACVEXP/3jCTTPK//r/+v/6//r/+f+f16/+vT/r/3en/96D/r/9ftf6/8/9ziw1a/z/m/ofCTDLJ/wAAAJCDmPv3hZnI/wAAAFAZMffvDzMJ+b/T/+sGAAAA1peY+w+EmWTy7//6/xXp///m37esW/9f/7/L+tPVq+v/b9T/D1P/f7BUtP/f/rK4Yfr/Pej/6//r/+v/01eD1v+Puf9gmEkm+R8AAAByEHP/68JM5H8AAACojJj7fzrMRP4HAACAyoi5/2fCTDLJ//r/Fen/t9H/1//vtn7n/9f/r7KK9v/7plL9/yH9f/3/wdp+/X/9fxa7+f3/+NHy+v8x9x8KM8kk/wMAAEAOYu7/2TAT+R8AAAAqI+b+14eZyP8AAABQGTH3Hw4zyST/6//r/+v/6//fnP7/64t2g9j/rx88+v/Vov/fXaX6/87/r/8/YNuv/6//z2KDdv7/mPvfEGaSSf4HAACAHMTc/3CYifwPAAAAlRFz/xvDTOR/AAAAqIyY+98UZpJJ/tf/1//X/9f/d/7/zuvX/1+f9P+70//vQf9f/z/X/v8z+v/cHIPW/4+5/81hJpnkfwAAAMhBzP1vCTOR/wEAAKAyYu5/a5iJ/A8AAACVEXP/28JMMsn/+v/6//r/+v/6/53Xr/+/Pun/d6f/34P+v/5/rv1/5//nJhm0/n/M/T8XZpJJ/gcAAIAcxNz/SJiJ/A8AAACVEXP/28NM5H8AAACojJj73xFmkkn+v7X9/9pIUej/6//r/+v/l/T/9f/7Qf+/O/3/HvT/9f/1//X/6atB6//H3P/OMJNM8j8AAADkIOb+nw8zkf8BAACgMmLuf1eYifwPAAAAlRFz/y+EmWSS/53/X/9/sPr/C5eab6f/r/9f9Kv/X7+R/n8W9P+70//voUP/f4P+v/6//r/+Pzds0Pr/Mfe/O8wkk/wPAAAAOYi5/z1hJvI/AAAAVEbM/e8NM5H/AQAAoDJi7n80zCST/K//n2X/Pz3kwev/O/+//r/z/+v/r47+f3f6/z04/7/+v/6//j99NWj9/5j7HwszyST/AwAAQA5i7n9fmIn8DwAAAJURc/8vhpnI/wAAAFAZMfe/P8wkk/yv/59l/3+Az/9ftf7/SMvxkVP/f7zp+UzHpf6//v8a0P/vbg36/y13o/+v/6//38f+fziaNy5xe/1/BtGg9f9j7v9AmEkm+R8AAAByEHP/L4WZyP8AAABQGTH3/3KYifwPAAAAlRFz/6+EmWSS//X/9f/1/53/3/n/O69f/3990v/vzvn/e9D/1/8f5P5/D/r/DKJB6//H3P+rYSZLBr8f/NcyHiYAAAAwQGLu/2CYSSb//g8AAAA5iLn/SJiJ/A8AAACVEXP/0TCTTPK//n97/z+eUVX/X/9f/1//X/9/Pepf//9ltxeF/r/+v/6//r/+v/4/qzFo/f+Y+4+FmWSS/wEAACAHMff/WpiJ/A8AAACVEXP/8TAT+R8AAAAqI+b+mTCTTPL/Lez/jw5m/9/5/2+0//8T/X/9/0D/vzP9/7Xh/P/d6f/3oP+v/6//r/9PXw1a/z/m/tkwk0zyPwAAAFRY+nFwzP0nwkzkfwAAAKiMmPtPhpnI/wAAAFAZMfd/KMwkk/zv/P/6/87/fyv6/yMty+v/l/T/9f/7Qf+/O/3/HvT/9f/1//X/6atB6//H3D8XZpJJ/gcAAIAcxNz/4TAT+R8AAAAqI+b+j4SZyP8AAABQGTH3nwozyST/6//r/+fe/68VxWXn/8+8/z/eef36/+uT/n93+v896P/r/+v/6//TV4PW/4+5/3SYSSb5HwAAAHIQc/+ZMBP5HwD+n737aLLrrPo+fB4/tqQewUdgzIghjOyPwJQBVVQxpkgmB1tkk03OweScczI5B5MzJudoonGVKHevtdStPtq7pd46Z+/7vq7Jeq2y3j6NGz/1R/WrGwCgGbn77xu32P8AAADQjNz994tbOtn/+n/9f+/9/2or7/8f/Pv1/3u8/6//n8Kh/v7y9X/f+aLw8/b/d7nr1ffS/+v/9f+D9P/6f/0/55pb/5+7//5xSyf7HwAAAHqQu/8BcYv9DwAAAM3I3f/AuMX+BwAAgGbk7r86bulk/+v/59D/n/0E+n/9/9b7/xv1//r/ZfP+/zD9/wj9v/5f/6//Z1Jz6/9z9z8obulk/wMAAEAPcvc/OG6x/wEAAKAZufsfErfY/wAAANCM3P0PjVs62f/6/zn0/97/1/8fpf8/4f3/c74f/b/+fx39/zD9/wj9v/5f/6//Z1Jz6/9z9z8sbulk/wMAAEAPcvc/PG6x/wEAAKAZufsfEbfY/wAAANCM3P2PjFs62f/6f/2//n8p/f+G3v/X/+v/F+6G1dl/J+j/D9P/jxjp/1cr/f+QI/fz67+95Xz+89D/6/85bG79f+7+R8UtV61WJy72mwQAAABmJXf/o+OWTv78HwAAAHqQu/+auMX+BwAAgGbk7r82bulk/+v/9f/6/yP1//kt6v/30f/v0f/Pi/f/hx2//7/zHe9z7377f+//D/P+/9T9/+0/Gfp/lm1u/X/u/tNxSyf7HwAAAHqQu/8xcYv9DwAAAM3I3f/YuMX+BwAAgGbk7n9c3NLJ/tf/t9b///+B37ev/9+tXfT/3v/X/+v/W6f/H+b9/xG7/5rbqb/U/+v/vf+v/+d45tb/5+5/fNzSyf4HAACAHuTuf0LcYv8DAABAM3L3PzFusf8BAACgGbn7nxS3dLL/9f+t9f8Hf5/3//X/676+/l//3zL9/zD9/4hW3v+/yJ+abffzx7Xtz6//1/9z2Nz6/9z918Utnex/AAAA6EHu/ifHLfY/AAAANCN3/1PiFvsfAAAAmpG7/6lxSyf7X/+v/19G/59fQf+v/7/0/X/S/y+T/n+Y/n9EK/3/Rdp2P7/0zz/Y/++Mf379Py2aW/+fu/9pcUsn+x8AAAB6kLv/6Xv3nvU/E9v/AAAA0IzY/atnxC32PwAAADQjd/8z45ZO9r/+X/+/jP7f+//6f+//6/+PRv8/TP8/Qv+v//f+v/6fSc2t/8/df33c0sn+BwAAgB7k7n9W3GL/AwAAQDNy9z87brH/AQAAoBm5+58Tt3Sy//X/+n/9v/5f/7/+6+v/l0n/P0z/P0L/r//X/+v/mdSM+v99v+vU6rlxSyf7HwAAAHqQu/95cYv9DwAAAM3I3f/8uMX+BwAAgGbk7n9B3NLJ/tf/z6b/38352ur/d1arlf5/1Wn/v7Pvn2f9XOr/9f8boP8fpv8fof/X/+v/9f9Makb9/+5f5+5/YdzSyf4HAACAHuTuf1HcYv8DAABAM3L3vzhusf8BAACgGbn7XxK3dLL/9f+z6f93tdX/e///3J+Pnvp/7/8fpv/fDP3/MP3/CP2//l//r/9nUnPr/3P3vzRuOnHFRX+LAAAAwMzk7n9Z3NLJn/8DAABAD3L3vzxusf8BAABgoa4/9Cu5+18Rt3Sy//X/0/b/J/b9mv5f/3/uz4f+X/+v/7/09P/D9P8j9P/6f/2//p9Jza3/z93/yrilk/0PAAAAPcjdf0PcYv8DAABAM3L3vypusf8BAACgGbn7Xx23dLL/9f/e/9f/6//1/+u/vv5/mfT/wy55/x//QtT/6//X9fO3TfzzvOnPP2aC/v/k2f+n/p82XED/f+bMmWsuef+fu/81cUsn+x8AAAB6kLv/tXGL/Q8AAADNyN3/urjF/gcAAIBm5O5/fdzSyf7X/3fa/+eP+rL6/2tXK/2//l//r/8fpv8f5v3/Efp/7/97/1//z6Tm9v5/7v43xC2d7H8AAADoQe7+N8Yt9j8AAAA0I3f/m+IW+x8AAACakbv/zXFLJ/tf/99p/+/9f/2//n/T/f+tK/3/Riyi/985/9efe/9/Wv+v/x/QXf9/97sd+Ev9v/6fw+bW/+fuf0vc0sn+BwAAgB7k7n9r3GL/AwAAQDNy978tbrH/AQAAoBm5+98eN13eyf7X/+v/9f/6f/3/+q+/4ff/T6xWK/3/BBbR/w+Ye/8/zfv/5/63/Cz9v/5/yZ9f/6//57C59f+5+98Rt3Sy/wEAAKAHufvfGbfY/wAAANCM3P3vilvsfwAAAGhG7v53xy2d7H/9v/5f/6//b77/P72I/t/7/xPZbP9/Wv/f4/v/V+n/z0f/r//X/3NU2+r/c/e/J27pZP8DAABAD3L3vzdusf8BAACgGbn73xe32P8AAADQjNz9749bOtn/+n/9/4X0//k59f9t9f8nZ9f/nzrw/18n7//r/yfi/f9h+v8R3v/X/+v/r9f/M6W5vf+fu/8DcUsn+x8AAAB6kLv/g3Hrf7q1/wEAAKAZufs/FLfY/wAAANCM3P0fjls62f/6f/2/9//1/82//6//74r+f5j+f4T+X/+v//f+P5OaW/+fu/8jcUsn+x8AAAB6kLv/o3GL/Q8AAADNyN3/sbjF/gcAAIBm5O6/MW7pZP/r//X/+n/9v/5/75+h/r8N+v9hm+n/d/T/+v/q5/8v/lug/9f/j/1+2jS3/j93/8fjlk72PwAAAPQgd/8n4hb7HwAAAJqRu/+TcYv9DwAAAIt0+Zpfy93/qbilk/2v/9f/6//1//r/9V9f/79MW+n/84dC/+/9/9BP/3+nA3+1tPf/z/2/X/p//T/Tm1v/n7v/03FLJ/sfAAAAepC7/zNxi/0PAAAAzcjd/9m4xf4HAACAZuTu/1zc0sn+1//r//X/+n/9//qvr/9fJu//D9P/j9D/b/X9/KV/fv2//p/D5tb/5+7/fNzSyf4HAACAHuTu/0LcYv8DAABAM3L3fzFusf8BAACgGbu7P+OyDve//l//r//X/+v/1399/f8y6f+H6f9H6P/1//p//T+Tmlv//6Xd33Vq9eW4pZP9DwAAAD3I3f+VuMX+BwAAgGbk7v9q3GL/AwAAQDNy938tbulk/+v/9f/L6P/PnDlzjf5f/3/w+znb/9+s/6fo/4fp/0fo//X/+n/9P5OaW/+fu/+muKWT/Q8AAAA9yN3/9bjF/gcAAIBm5O7/Rtxi/wMAAEAzcvd/M27pZP/r/2fQ/5/S/3v/X/+/8v6//n8i+v9h+v8RLfb/p47+7W+7nz+ubX9+/b/+n8Pm1v/n7v9W3NLJ/gcAAIAe5O7/dtxi/wMAAEAzcvd/J26x/wEAAKAZufu/G7d0sv/1/5vr/2//z66X9/93Vus/v/5f/6//1/9favr/Yfr/ES32/xdg2/380j+//l//z2Fz6/9z938vbjk4/K64sO8SAAAAmJPc/d+PWzr5838AAADoQe7+H8Qt9j8AAAA0I3f/D+OWTva//n8G7/832P97/3/9z4f+f9b9/2X6/zbo/4fp/0csu/+/6YK+1zW23c8v/fPr//f3//nTrP/v3dz6/9z9P4pbOtn/AAAA0IPc/T+OW+x/AAAAaEbu/p/ELfY/AAAANCN3/81xy779v67tboX+X/+v/9f/6//Xf339/zLp/4cdtf8/uTpe/5/0/97/1//32v97/589c+v/c/f/NG7x5/8AAACwOFec59dz9/8sbrH/AQAAoBm5+38et9j/AAAA0Izc/b+IW265bFsfaaP0//p//b/+X/+//uvr/5dJ/z/M+/8j9P9T9PNX6v/b6P9XK/0/xze3/j93/y/jFn/+DwAAAM3I3f+ruMX+BwAAgGbk7v913GL/AwAAQDNy9/8mbulk/+v/9f/H7P9300z9/x79/x79/3r6/83Q/w/T/4/Q/3v/X//v/X8mNbf+P3f/b+OWTvY/AAAA9CB3/+/iFvsfAAAAmpG7//dxi/0PAAAAzcjd/4e4pZP9v7X+P/6j1v8vvv/3/r/+X/+v/58V/f8w/f8I/b/+X/+v/2dSc+v/c/f/MW7pZP8DAABAD3L3/ylusf8BAACgGbn7/xy32P8AAADQjNz9f4lbOtn/3v/X/+v/9f/6//VfX/+/TPr/Yfr/9eoflP5f/6//1/8zqbn1/7n7/xq3dLL/AQAAoAe5+/8Wt9j/AAAA0Izc/bfELfY/AAAANCN3/9/jlk72v/5f/6//1//r/9d/ff3/Mun/h22z/7/HHca/rPf/t97/50fQ/+v/9f9MYm79f+7+f8Qtnex/AAAA6EHu/n/GLfY/AAAANCN3/7/iFvsfAAAAmpG7/99xSyf7f6T/P1l/o/5/kP7/4OfX/6//+dD/V/9/XfyS/l//Pzn9/zDv/4/Q/3v/X/+v/2dSc+v/c/f/J27pZP8DAABAD3L33xq32P8AAADQjNz9/41b7H8AAABoRu7+2+KWTva/9/+X1P9fqf/X/7fS/3v/X/9/yej/h+n/R+j/9f/6f/0/k5pb/5+7/38BAAD//w4+TuQ=")
r0 = open$dir(&(0x7f00000000c0)='./file0\x00', 0x0, 0xc0)
getdents64(r0, &(0x7f00000001c0)=""/238, 0xee)

3.540665916s ago: executing program 2 (id=811):
syz_mount_image$ext4(&(0x7f0000000340)='ext4\x00', &(0x7f0000000980)='./file0\x00', 0x3000010, &(0x7f0000000100)={[{@resuid}, {@nobh}]}, 0x1, 0x519, &(0x7f00000009c0)="$eJzs3cFvI1cZAPBvJvE2u5tiFxAqlSgVLcpWsHbS0DZCCMoFTpWA5b6ExImi2HEUO2UTVZCK/wAhgcSJExck/gCkqgfEGVWqBBfEAQECIdjCAQnoII/HJevYSaBJnI1/P+mt35sZz/e9ifw8M56dCWBiPRURL0XEVEQ8GxHlYnpalDjole5yb99/daVbksiyO39JIimm9dfVbU9HxM3ibTMR8ZUvRnw9ORq3vbe/udxo1HeKdq3T3K619/ZvbzSX1+vr9a3FxYUXll5cen5pPiu8p35W+pUffeGzr3/yG7+9+6db3+ym9ZkPRSkG+nGWel0v5duir7uNds4j2BhMFf0pjTsRAABOpbuP//6I+Fi+/1+OqXxvbsDUODIDAAAAzkr2udn4VxKRAQAAAFdWGhGzkaTV4lqA2UjTa8W5gQ/GjbTRanc+sdba3VrtzouoRCld22jU54trhStRSrrtheIa2377uYH2YkQ8FhHfLV/P29WVVmN1zOc+AAAAYFLcHDj+/3s5zesnG/L/BAAAAIDLqzKyAQAAAFwVDvkBAADg6hs8/n99THkAAAAA5+JLL7/cLVn/+derr+ztbrZeub1ab29Wm7sr1ZXWznZ1vdVaz+/Z1zxpfY1Wa/tTsbV7r9aptzu19t7+3WZrd6tzd+OBR2ADAAAAF+ixj77xqyQiDj59PS9R3AcQ4AG/H3cCwFmaGncCwNi4izdMrlK/cm28eQDjk5ww38U7AADw8Jv78NHf//unAkpjzQw4b671AYDJ4/d/mFwlVwDCREsj4n296iOjlhn5+/8vThslyyLeLB+e4vwiAABcrNm8JGm1OA6YjTStViMejUgrUUrWNhr1+eL44Jfl0iPd9kL+zuTEa4YBAAAAAAAAAAAAAAAAAAAAAAAAgJ4sSyIDAAAArrSI9I9Jfjf/iLnyM7OD5weuJf8oxx+Kxg/ufO/ecqezs9Cd/tf8WV7XIqLz/TulfPpzIx8fBgAAAJy15GDkrN5xevG6cKFZAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAB3r7/6kq/XGTcP38+IirD4k/HTP46E6WIuPG3JKYPvS+JiKkziH/wWkQ8Pix+Eu9kWVYpshgW//o5x6/km2Z4/DQibp5BfJhkb3THn5eGff7SeCp/Hf75my7KezV6/EuLyI/n49yw8efRI2trDo3xxFs/qY2M/1rEE9PDx5/++JuMiP/0kbX9M8uyozG+9tX9/VHxsx9GzA39/kkeiFXrNLdr7b392xvN5fX6en1rcXHhhaUXl55fmq+tbTTqxb9DY3znIz9957j+3xgS/ze/7o2/x/X/mVErHfDvt+7d/0CvWhoW/9bTQ79/Z2JE/LT47vt4Ue/On+vXD3r1w5788ZtPHtf/1RHb/6S//61T9v/ZL3/7d6dcFAC4AO29/c3lRqO+c0xl5hTLPIyVn81cijT+x0r2rd5f7rLk8/9Wunur/53S79UlSOxQJbuwWFNxSbr8bmWswxIAAHAOfv7uTv+4MwEAAAAAAAAAAAAAAAAAAIDJdRG3ExuMeTCergIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHOs/AQAA//9GB9/T")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000000)='./file0/../file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x891018, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f00000002c0)='./file0/file0\x00', &(0x7f0000000240)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
umount2(&(0x7f00000001c0)='./file0/../file0\x00', 0x8)

2.948593484s ago: executing program 2 (id=813):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x100080, 0x0)
ioctl$TIOCSSOFTCAR(r0, 0x5453, 0x0)
readv(r0, &(0x7f0000000580)=[{&(0x7f0000000380)=""/207, 0xcf}], 0x1)

2.631115363s ago: executing program 2 (id=816):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYRES32=0x0], 0x4c}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000580)=0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f00000001c0)=0x1)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r4}, 0x18)
shutdown(0xffffffffffffffff, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0xfffffffffffffffd}, 0xc)
r5 = socket$inet6(0xa, 0x3, 0x1)
connect$inet6(r5, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, &(0x7f0000000200)={{{@in=@local, @in6=@private1, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, {}, 0x0, 0x0, 0x1}, {{@in=@dev={0xac, 0x14, 0x14, 0x33}, 0xfffffffd, 0x33}, 0x0, @in6=@dev={0xfe, 0x80, '\x00', 0x2}, 0x1000000, 0x0, 0x0, 0xfd}}, 0xe8)
sendmmsg(r5, &(0x7f0000000480), 0x21, 0x0)

2.508350526s ago: executing program 32 (id=816):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYRES32=0x0], 0x4c}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
sched_setaffinity(0x0, 0x8, &(0x7f0000000000)=0x5)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000580)=0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f00000001c0)=0x1)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r4}, 0x18)
shutdown(0xffffffffffffffff, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), 0xffffffffffffffff)
bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0xfffffffffffffffd}, 0xc)
r5 = socket$inet6(0xa, 0x3, 0x1)
connect$inet6(r5, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r5, 0x29, 0x23, &(0x7f0000000200)={{{@in=@local, @in6=@private1, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc}, {}, 0x0, 0x0, 0x1}, {{@in=@dev={0xac, 0x14, 0x14, 0x33}, 0xfffffffd, 0x33}, 0x0, @in6=@dev={0xfe, 0x80, '\x00', 0x2}, 0x1000000, 0x0, 0x0, 0xfd}}, 0xe8)
sendmmsg(r5, &(0x7f0000000480), 0x21, 0x0)

1.222918684s ago: executing program 1 (id=828):
openat(0xffffffffffffff9c, 0x0, 0x88980, 0x3c)
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='smaps\x00')
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
lseek(r0, 0x289e0cb5, 0x0)

1.222783756s ago: executing program 0 (id=829):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
listen(r0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000002040)='net/tcp\x00')
read$FUSE(r1, &(0x7f0000000000)={0x2020}, 0x96)
read$FUSE(r1, &(0x7f0000002080)={0x2020}, 0x2020)

1.081045249s ago: executing program 0 (id=830):
r0 = syz_open_dev$ndb(&(0x7f0000000dc0), 0x0, 0x121002)
ioctl$NBD_CLEAR_QUE(r0, 0xab05)

1.023287827s ago: executing program 0 (id=831):
write(0xffffffffffffffff, &(0x7f0000000300)="1c0000001a", 0x5)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0xb, 0x1f, 0x406, 0x3ff, 0x1}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300), &(0x7f0000000400), 0x401, r0}, 0x38)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f00000001c0)={r0, &(0x7f0000000340)="a9", 0x0}, 0x20)

963.831313ms ago: executing program 0 (id=832):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r0, 0x400448dd, &(0x7f0000000580))

743.100367ms ago: executing program 1 (id=833):
syz_mount_image$squashfs(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x600000, &(0x7f0000000000)=ANY=[@ANYBLOB="003bfa093f92d25f4b42889f58b36282edd6f82c49e007ed49b9ed030962f330bd57af2a"], 0x2, 0x1a4, &(0x7f0000000780)="$eJzs0L9rE2Ecx/H397knPypUORWHCDZg8bxQTe6qDk7BKUIOHFwEg4Y0NsVETS+DLS10kYJU+y/oVEcVdBJRcC4OgoOeSzdphuIgDhJJ8tR/os9ruM99H+6+3y9PK+7GGeDv3kqDMiMOh/mMoIEpGZ8pNc63pv5pcnMcXDH1hskXJnPx0vLdervdXMxfzoPpMj4AfuVx4f838StOKPpCGfm6t9Koy+2IQZmOmotwqxSe4NTo+k/J6UmO38Jh4G1wVdEVrwpHir3Og2K8tHxuoVOfb84374Xh7KXShVLpYli8s9Bult4g/mNRPGMVPyITMeGvkqrxaFsfYkYQv6USRwp90jU2t52zp2f6KH+XAcIHr0/mu27l1XXOkL05XL7CMeE5TsR0lQmFZjSoglxTryXQX/TvlCK75jjnG/fbc+s3lPxJb5VlNyvBDikvICwEzLqQ4ygfWU+YTqgkbCXs/GBK3g2n7N+rXhs+X5rqJKcgzcN6r7cYpOGT6IjQiwhdmBy1U6O9XHhv/jHBt/0Xy7Isy7Isy7Is6wD4FwAA///l0WH7")
llistxattr(&(0x7f0000000280)='./file1\x00', 0x0, 0x17)

742.867073ms ago: executing program 1 (id=834):
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff}, 0x13f}}, 0x20)
write$RDMA_USER_CM_CMD_SET_OPTION(r0, &(0x7f0000000180)={0xe, 0x18, 0xfa00, @ib_path={0x0, r1, 0x1, 0x2}}, 0x20)

649.831373ms ago: executing program 1 (id=835):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=ANY=[@ANYBLOB="400000001000030400000000fedbdf2500000300", @ANYRES32=0x0, @ANYBLOB="10d40000b1eb502a200012800b00010067656e65766500001000028004000e"], 0x40}, 0x1, 0x0, 0x0, 0x40881}, 0x10)

189.18892ms ago: executing program 1 (id=836):
pipe2(&(0x7f0000000080)={<r0=>0x0, <r1=>0x0}, 0x0)
read$FUSE(r0, &(0x7f0000002e80)={0x2020}, 0x2020)
pipe2(&(0x7f0000000000)={<r2=>0x0, <r3=>0x0}, 0x0)
tee(r2, r1, 0xff, 0x0)
r4 = fanotify_init(0x0, 0x0)
fanotify_mark(r4, 0x1, 0x4000102b, r3, 0x0)
vmsplice(r3, &(0x7f0000001700)=[{&(0x7f0000000a40)="8b", 0x1}], 0x1, 0x0)

52.532064ms ago: executing program 0 (id=837):
r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_REPLACE(r0, 0xc1105518, &(0x7f0000000240)={{0x1, 0x5, 0x1ff, 0x7f, '\x00', 0x3ff}, 0x1, 0x400, 0x40, 0x0, 0x0, 0x8, 'syz1\x00', 0x0})

147.527µs ago: executing program 1 (id=838):
r0 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r0, &(0x7f0000000080)={0x18, 0x0, {0xfffe, @local, 'geneve0\x00'}}, 0x1e)
connect$pppoe(r0, &(0x7f00000001c0)={0x18, 0x0, {0xfffe, @remote, 'ip6tnl0\x00'}}, 0x1e)

0s ago: executing program 0 (id=839):
openat$nvram(0xffffffffffffff9c, &(0x7f00000000c0), 0x8882, 0x0)
r0 = syz_io_uring_setup(0x234, &(0x7f0000000580)={0x0, 0x0, 0x10100}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000100)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xffffffffffffff31})
io_uring_enter(r0, 0x207a98, 0x0, 0x0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '[localhost]:49552' (ED25519) to the list of known hosts.
syzkaller login: [   57.219734][ T5831] cgroup: Unknown subsys name 'net'
[   57.325941][ T5831] cgroup: Unknown subsys name 'cpuset'
[   57.329931][ T5831] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   58.944955][ T5831] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   65.935028][ T5915] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   69.588351][ T5952] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   69.591502][ T5952] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   69.597084][ T5952] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   69.600486][ T5952] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   69.603982][ T5952] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   69.607605][ T5952] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   69.611984][ T5952] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   69.615861][ T5952] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   69.618891][ T5952] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   69.655103][ T5957] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   69.732967][   T54] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   69.743908][   T54] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   69.747253][   T54] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   69.750190][   T54] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   69.752928][   T54] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   69.992297][ T5950] chnl_net:caif_netlink_parms(): no params data found
[   70.036571][ T5949] chnl_net:caif_netlink_parms(): no params data found
[   70.072120][ T5959] chnl_net:caif_netlink_parms(): no params data found
[   70.190600][ T5949] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.193250][ T5949] bridge0: port 1(bridge_slave_0) entered disabled state
[   70.196622][ T5949] bridge_slave_0: entered allmulticast mode
[   70.200362][ T5949] bridge_slave_0: entered promiscuous mode
[   70.235380][ T5949] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.237977][ T5949] bridge0: port 2(bridge_slave_1) entered disabled state
[   70.240287][ T5949] bridge_slave_1: entered allmulticast mode
[   70.244181][ T5949] bridge_slave_1: entered promiscuous mode
[   70.258049][ T5950] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.260911][ T5950] bridge0: port 1(bridge_slave_0) entered disabled state
[   70.265668][ T5950] bridge_slave_0: entered allmulticast mode
[   70.269562][ T5950] bridge_slave_0: entered promiscuous mode
[   70.279037][ T5950] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.281641][ T5950] bridge0: port 2(bridge_slave_1) entered disabled state
[   70.286104][ T5950] bridge_slave_1: entered allmulticast mode
[   70.289865][ T5950] bridge_slave_1: entered promiscuous mode
[   70.332228][ T5949] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   70.361593][ T5949] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   70.365263][ T5959] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.367917][ T5959] bridge0: port 1(bridge_slave_0) entered disabled state
[   70.370379][ T5959] bridge_slave_0: entered allmulticast mode
[   70.373235][ T5959] bridge_slave_0: entered promiscuous mode
[   70.378876][ T5950] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   70.382292][ T5959] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.385493][ T5959] bridge0: port 2(bridge_slave_1) entered disabled state
[   70.388070][ T5959] bridge_slave_1: entered allmulticast mode
[   70.391316][ T5959] bridge_slave_1: entered promiscuous mode
[   70.415717][ T5950] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   70.420925][ T5949] team0: Port device team_slave_0 added
[   70.446266][ T5949] team0: Port device team_slave_1 added
[   70.490748][ T5959] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   70.496571][ T5950] team0: Port device team_slave_0 added
[   70.499526][ T5949] batman_adv: batadv0: Adding interface: batadv_slave_0
[   70.502163][ T5949] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   70.512649][ T5949] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   70.519730][ T5959] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   70.535141][ T5950] team0: Port device team_slave_1 added
[   70.538169][ T5949] batman_adv: batadv0: Adding interface: batadv_slave_1
[   70.540485][ T5949] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   70.549877][ T5949] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   70.582221][ T5959] team0: Port device team_slave_0 added
[   70.596201][ T5959] team0: Port device team_slave_1 added
[   70.598364][ T5950] batman_adv: batadv0: Adding interface: batadv_slave_0
[   70.600574][ T5950] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   70.609608][ T5950] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   70.632727][ T5950] batman_adv: batadv0: Adding interface: batadv_slave_1
[   70.636133][ T5950] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   70.647001][ T5950] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   70.670265][ T5959] batman_adv: batadv0: Adding interface: batadv_slave_0
[   70.672938][ T5959] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   70.682041][ T5959] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   70.696863][ T5949] hsr_slave_0: entered promiscuous mode
[   70.700037][ T5949] hsr_slave_1: entered promiscuous mode
[   70.704953][ T5959] batman_adv: batadv0: Adding interface: batadv_slave_1
[   70.707706][ T5959] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   70.716938][ T5959] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   70.771960][ T5950] hsr_slave_0: entered promiscuous mode
[   70.775242][ T5950] hsr_slave_1: entered promiscuous mode
[   70.777349][ T5950] debugfs: 'hsr0' already exists in 'hsr'
[   70.779216][ T5950] Cannot create hsr debugfs directory
[   70.791197][ T5959] hsr_slave_0: entered promiscuous mode
[   70.793925][ T5959] hsr_slave_1: entered promiscuous mode
[   70.796110][ T5959] debugfs: 'hsr0' already exists in 'hsr'
[   70.798097][ T5959] Cannot create hsr debugfs directory
[   71.046391][ T1364] ieee802154 phy0 wpan0: encryption failed: -22
[   71.048700][ T1364] ieee802154 phy1 wpan1: encryption failed: -22
[   71.064061][ T5959] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   71.071624][ T5959] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   71.077794][ T5959] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   71.088676][ T5959] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   71.124104][ T5949] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   71.134730][ T5949] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   71.142322][ T5949] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   71.149099][ T5949] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   71.219734][ T5950] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   71.225955][ T5950] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   71.236494][ T5950] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   71.242320][ T5950] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   71.299130][ T5959] 8021q: adding VLAN 0 to HW filter on device bond0
[   71.323844][ T5959] 8021q: adding VLAN 0 to HW filter on device team0
[   71.340347][  T142] bridge0: port 1(bridge_slave_0) entered blocking state
[   71.342768][  T142] bridge0: port 1(bridge_slave_0) entered forwarding state
[   71.362215][  T142] bridge0: port 2(bridge_slave_1) entered blocking state
[   71.364821][  T142] bridge0: port 2(bridge_slave_1) entered forwarding state
[   71.413102][ T5949] 8021q: adding VLAN 0 to HW filter on device bond0
[   71.421040][ T5950] 8021q: adding VLAN 0 to HW filter on device bond0
[   71.427339][ T5959] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   71.448420][ T5950] 8021q: adding VLAN 0 to HW filter on device team0
[   71.455184][ T5949] 8021q: adding VLAN 0 to HW filter on device team0
[   71.461598][   T52] bridge0: port 1(bridge_slave_0) entered blocking state
[   71.463885][   T52] bridge0: port 1(bridge_slave_0) entered forwarding state
[   71.478030][   T52] bridge0: port 2(bridge_slave_1) entered blocking state
[   71.480501][   T52] bridge0: port 2(bridge_slave_1) entered forwarding state
[   71.486856][   T52] bridge0: port 1(bridge_slave_0) entered blocking state
[   71.489140][   T52] bridge0: port 1(bridge_slave_0) entered forwarding state
[   71.502049][   T52] bridge0: port 2(bridge_slave_1) entered blocking state
[   71.504316][   T52] bridge0: port 2(bridge_slave_1) entered forwarding state
[   71.576965][ T5949] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   71.608576][ T5959] 8021q: adding VLAN 0 to HW filter on device batadv0
[   71.688649][ T5950] 8021q: adding VLAN 0 to HW filter on device batadv0
[   71.689524][   T54] Bluetooth: hci0: command tx timeout
[   71.694572][ T5952] Bluetooth: hci1: command tx timeout
[   71.700511][ T5959] veth0_vlan: entered promiscuous mode
[   71.718579][ T5959] veth1_vlan: entered promiscuous mode
[   71.752637][ T5949] 8021q: adding VLAN 0 to HW filter on device batadv0
[   71.763843][   T54] Bluetooth: hci2: command tx timeout
[   71.787835][ T5950] veth0_vlan: entered promiscuous mode
[   71.795768][ T5959] veth0_macvtap: entered promiscuous mode
[   71.800724][ T5959] veth1_macvtap: entered promiscuous mode
[   71.809374][ T5950] veth1_vlan: entered promiscuous mode
[   71.841280][ T5959] batman_adv: batadv0: Interface activated: batadv_slave_0
[   71.850762][ T5949] veth0_vlan: entered promiscuous mode
[   71.860036][ T5959] batman_adv: batadv0: Interface activated: batadv_slave_1
[   71.866771][ T5950] veth0_macvtap: entered promiscuous mode
[   71.872013][ T5949] veth1_vlan: entered promiscuous mode
[   71.879906][ T5950] veth1_macvtap: entered promiscuous mode
[   71.886427][   T12] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   71.895535][   T12] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   71.902155][   T12] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   71.907157][   T12] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   71.939186][ T5950] batman_adv: batadv0: Interface activated: batadv_slave_0
[   71.949079][ T5949] veth0_macvtap: entered promiscuous mode
[   71.956697][ T5949] veth1_macvtap: entered promiscuous mode
[   71.973026][ T5950] batman_adv: batadv0: Interface activated: batadv_slave_1
[   71.993077][ T5949] batman_adv: batadv0: Interface activated: batadv_slave_0
[   72.001894][   T12] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   72.023206][   T12] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   72.028378][   T12] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   72.039564][  T142] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   72.041604][ T5949] batman_adv: batadv0: Interface activated: batadv_slave_1
[   72.042429][  T142] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   72.053110][   T12] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   72.059201][   T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   72.062689][   T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   72.077995][   T12] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   72.089077][   T12] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   72.107494][  T142] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   72.110259][  T142] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   72.201484][   T26] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   72.209651][   T26] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   72.266901][   T26] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   72.270092][   T26] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   72.302134][   T26] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   72.313891][   T26] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   72.334652][   T26] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   72.340308][   T26] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   72.482013][ T6026] netlink: 'syz.1.65': attribute type 5 has an invalid length.
[   72.494011][ T6026] netlink: 12 bytes leftover after parsing attributes in process `syz.1.65'.
[   72.645111][ T6037] fuse: Unknown parameter 'smackfsdef'
[   72.858673][ T6051] loop2: detected capacity change from 0 to 1024
[   72.862767][ T6052] netlink: 'syz.0.81': attribute type 3 has an invalid length.
[   72.864707][ T6051] =======================================================
[   72.864707][ T6051] WARNING: The mand mount option has been deprecated and
[   72.864707][ T6051]          and is ignored by this kernel. Remove the mand
[   72.864707][ T6051]          option from the mount to silence this warning.
[   72.864707][ T6051] =======================================================
[   72.964509][ T6014] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   73.143649][ T6014] usb 2-1: Using ep0 maxpacket: 8
[   73.150555][ T6014] usb 2-1: New USB device found, idVendor=0ccd, idProduct=10a3, bcdDevice=23.a2
[   73.159523][ T6014] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   73.173647][ T6014] usb 2-1: Product: syz
[   73.176083][ T6014] usb 2-1: Manufacturer: syz
[   73.177865][ T6014] usb 2-1: SerialNumber: syz
[   73.192547][ T6014] usb 2-1: config 0 descriptor??
[   73.430585][ T6080] netlink: 8 bytes leftover after parsing attributes in process `syz.0.95'.
[   73.435803][ T6080] (unnamed net_device) (uninitialized): option mode: invalid value (7)
[   73.570960][ T6088] loop0: detected capacity change from 0 to 512
[   73.584127][ T6088] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   73.592594][ T6088] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   73.611319][ T6041] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   73.616983][ T6041] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   73.617213][ T6088] EXT4-fs (loop0): 1 truncate cleaned up
[   73.625857][ T6014] usb read operation failed. (-71)
[   73.629651][ T6014] usb write operation failed. (-71)
[   73.630241][ T6088] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   73.638527][ T6014] usb write operation failed. (-71)
[   73.642938][ T6014] usb write operation failed. (-71)
[   73.651159][ T6014] usb 2-1: dvb_usb_v2: found a 'Terratec H7' in cold state
[   73.661594][ T6014] usb 2-1: Direct firmware load for dvb-usb-terratec-h7-az6007.fw failed with error -2
[   73.672293][ T6088] EXT4-fs error (device loop0): ext4_generic_delete_entry:2668: inode #2: block 13: comm syz.0.99: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[   73.673618][ T6014] usb 2-1: Falling back to sysfs fallback for: dvb-usb-terratec-h7-az6007.fw
[   73.697088][ T6088] EXT4-fs (loop0): Remounting filesystem read-only
[   73.699696][ T6088] EXT4-fs warning (device loop0): ext4_rename_delete:3731: inode #2: comm syz.0.99: Deleting old file: nlink 4, error=-117
[   73.747015][ T5949] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   73.765405][   T54] Bluetooth: hci0: command tx timeout
[   73.767561][   T54] Bluetooth: hci1: command tx timeout
[   73.783759][   T33] audit: type=1326 audit(1756742032.653:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6098 comm="syz.2.104" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbba2f8ebe9 code=0x0
[   73.844098][ T5952] Bluetooth: hci2: command tx timeout
[   73.906805][ T6104] loop2: detected capacity change from 0 to 4096
[   73.938284][ T6104] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   73.952347][ T6104] fs-verity (loop2, inode 16): Unsupported log_blocksize: 13
[   73.998207][ T5959] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   74.084482][ T6114] syz.0.110 uses obsolete (PF_INET,SOCK_PACKET)
[   74.089315][ T6114] ipvlan0: entered promiscuous mode
[   74.091587][ T6114] ipvlan0: entered allmulticast mode
[   74.095635][ T6114] veth0_vlan: entered allmulticast mode
[   74.378968][ T6129] loop1: detected capacity change from 0 to 256
[   74.407356][ T6129] FAT-fs (loop1): Directory bread(block 64) failed
[   74.410425][ T6129] FAT-fs (loop1): Directory bread(block 65) failed
[   74.413175][ T6129] FAT-fs (loop1): Directory bread(block 66) failed
[   74.430503][ T6129] FAT-fs (loop1): Directory bread(block 67) failed
[   74.433203][ T6129] FAT-fs (loop1): Directory bread(block 68) failed
[   74.443180][ T6129] FAT-fs (loop1): Directory bread(block 69) failed
[   74.447390][ T6129] FAT-fs (loop1): Directory bread(block 70) failed
[   74.450003][ T6129] FAT-fs (loop1): Directory bread(block 71) failed
[   74.460702][ T6129] FAT-fs (loop1): Directory bread(block 72) failed
[   74.465867][ T6129] FAT-fs (loop1): Directory bread(block 73) failed
[   74.743851][ T6145] loop2: detected capacity change from 0 to 1764
[   75.236554][ T6153] loop0: detected capacity change from 0 to 512
[   75.246514][ T6155] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   75.258706][ T6155] netlink: 'syz.2.128': attribute type 1 has an invalid length.
[   75.292276][ T6153] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   75.301286][ T6159] loop2: detected capacity change from 0 to 256
[   75.317520][ T6159] FAT-fs (loop2): Directory bread(block 64) failed
[   75.319816][ T6153] ext4 filesystem being mounted at /24/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   75.320487][ T6159] FAT-fs (loop2): Directory bread(block 65) failed
[   75.330310][ T6159] FAT-fs (loop2): Directory bread(block 66) failed
[   75.333755][ T6159] FAT-fs (loop2): Directory bread(block 67) failed
[   75.337975][ T6159] FAT-fs (loop2): Directory bread(block 68) failed
[   75.340631][ T6153] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #2: comm syz.0.127: corrupted inode contents
[   75.341027][ T6159] FAT-fs (loop2): Directory bread(block 69) failed
[   75.350220][ T6153] EXT4-fs error (device loop0): ext4_dirty_inode:6538: inode #2: comm syz.0.127: mark_inode_dirty error
[   75.350889][ T6159] FAT-fs (loop2): Directory bread(block 70) failed
[   75.356253][ T6153] EXT4-fs error (device loop0): ext4_do_update_inode:5653: inode #2: comm syz.0.127: corrupted inode contents
[   75.357730][ T6159] FAT-fs (loop2): Directory bread(block 71) failed
[   75.361992][ T6153] EXT4-fs error (device loop0): __ext4_ext_dirty:206: inode #2: comm syz.0.127: mark_inode_dirty error
[   75.365393][ T6159] FAT-fs (loop2): Directory bread(block 72) failed
[   75.370826][ T6159] FAT-fs (loop2): Directory bread(block 73) failed
[   75.375477][ T6153] EXT4-fs error (device loop0): ext4_lookup:1784: inode #18: comm syz.0.127: 'bus' linked to parent dir
[   75.391594][ T5949] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.457706][   T33] audit: type=1800 audit(1756742034.293:3): pid=6159 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.129" name="file2" dev="loop2" ino=1048628 res=0 errno=0
[   75.493656][ T6163] netlink: 'syz.1.132': attribute type 10 has an invalid length.
[   75.496657][ T6163] netlink: 40 bytes leftover after parsing attributes in process `syz.1.132'.
[   75.529480][ T6163] team0: Port device geneve0 added
[   75.586196][ T6169] Illegal XDP return value 4294967282 on prog  (id 4) dev N/A, expect packet loss!
[   75.590956][ T6168] loop1: detected capacity change from 0 to 512
[   75.605737][ T6168] EXT4-fs warning (device loop1): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   75.617059][ T6168] EXT4-fs warning (device loop1): dx_probe:849: Enable large directory feature to access it
[   75.621235][ T6168] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.134: Corrupt directory, running e2fsck is recommended
[   75.630730][ T6168] EXT4-fs (loop1): Cannot turn on journaled quota: type 1: error -117
[   75.636408][ T6168] EXT4-fs error (device loop1): ext4_iget_extra_inode:5104: inode #15: comm syz.1.134: corrupted in-inode xattr: invalid ea_ino
[   75.642704][ T6168] EXT4-fs (loop1): Remounting filesystem read-only
[   75.648625][ T6172] process 'syz.0.135' launched './file1' with NULL argv: empty string added
[   75.670321][ T6168] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   75.697418][ T6168] EXT4-fs warning (device loop1): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   75.712404][ T6168] EXT4-fs warning (device loop1): dx_probe:849: Enable large directory feature to access it
[   75.724450][ T6168] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.134: Corrupt directory, running e2fsck is recommended
[   75.756622][ T6177] EXT4-fs warning (device loop1): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   75.761454][ T6177] EXT4-fs warning (device loop1): dx_probe:849: Enable large directory feature to access it
[   75.785681][ T6177] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.134: Corrupt directory, running e2fsck is recommended
[   75.799137][ T6168] EXT4-fs warning (device loop1): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   75.803751][ T6168] EXT4-fs warning (device loop1): dx_probe:849: Enable large directory feature to access it
[   75.808935][ T6168] EXT4-fs warning (device loop1): dx_probe:934: inode #2: comm syz.1.134: Corrupt directory, running e2fsck is recommended
[   75.818278][ T6168] EXT4-fs warning (device loop1): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[   75.843796][ T5952] Bluetooth: hci1: command tx timeout
[   75.844997][   T54] Bluetooth: hci0: command tx timeout
[   75.874736][ T5950] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.922964][ T6186] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   75.929020][   T54] Bluetooth: hci2: command tx timeout
[   76.025022][    T9] IPVS: starting estimator thread 0...
[   76.114153][ T6194] IPVS: using max 46 ests per chain, 110400 per kthread
[   76.218888][ T6201] loop1: detected capacity change from 0 to 512
[   76.223624][ T6201] EXT4-fs: Ignoring removed nobh option
[   76.234606][ T6201] EXT4-fs (loop1): Test dummy encryption mode enabled
[   76.296624][ T6201] EXT4-fs error (device loop1): __ext4_iget:5464: inode #11: block 1: comm syz.1.144: invalid block
[   76.302706][ T6201] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.144: couldn't read orphan inode 11 (err -117)
[   76.318307][ T6201] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   76.502704][ T6211] netlink: 52 bytes leftover after parsing attributes in process `syz.0.151'.
[   76.563166][   T54] Bluetooth: hci0: connection err: -111
[   76.927608][ T5950] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.932051][ T5952] Bluetooth: hci1: command tx timeout
[   77.945764][   T54] Bluetooth: hci0: command tx timeout
[   78.005183][   T54] Bluetooth: hci2: command tx timeout
[   78.247252][ T6279] loop1: detected capacity change from 0 to 512
[   78.256247][ T6279] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[   78.259482][ T6279] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[   78.273730][ T6279] EXT4-fs (loop1): warning: mounting unchecked fs, running e2fsck is recommended
[   78.277536][ T6279] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[   78.280490][ T6279] System zones: 0-2, 18-18, 34-35
[   78.285887][ T6279] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   78.562533][ T5950] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   78.602490][ T6285] input: syz1 as /devices/virtual/input/input4
[   80.057427][ T6313] loop0: detected capacity change from 0 to 256
[   80.196399][ T6317] IPVS: Scheduler module ip_vs_sip not found
[   80.473078][ T6336] loop0: detected capacity change from 0 to 256
[   80.477125][ T6336] exfat: Deprecated parameter 'utf8'
[   80.479360][ T6336] exfat: Deprecated parameter 'namecase'
[   80.481608][ T6336] exfat: Deprecated parameter 'utf8'
[   80.490204][ T6336] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[   80.527285][ T6338] loop1: detected capacity change from 0 to 1024
[   80.562964][ T6340] loop0: detected capacity change from 0 to 1024
[   80.581347][ T6338] hfsplus: inconsistency in B*Tree (1,0,1,0,1)
[   80.590083][ T6338] hfsplus: inconsistency in B*Tree (1,0,1,0,1)
[   80.609391][ T6340] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[   80.615107][ T6340] ext4 filesystem being mounted at /54/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   80.619570][   T28] hfsplus: b-tree write err: -5, ino 4
[   80.633016][ T5949] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[   80.858012][ T6359] loop0: detected capacity change from 0 to 1024
[   80.893473][   T33] audit: type=1326 audit(1756742039.763:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6360 comm="syz.1.213" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f306d78ebe9 code=0x7ffc0000
[   80.933549][   T33] audit: type=1326 audit(1756742039.763:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6360 comm="syz.1.213" exe="/syz-executor" sig=0 arch=c000003e syscall=251 compat=0 ip=0x7f306d78ebe9 code=0x7ffc0000
[   80.933955][ T6363] loop1: detected capacity change from 0 to 512
[   80.940885][   T33] audit: type=1326 audit(1756742039.763:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6360 comm="syz.1.213" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f306d78ebe9 code=0x7ffc0000
[   80.940905][   T33] audit: type=1326 audit(1756742039.763:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6360 comm="syz.1.213" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f306d78ebe9 code=0x7ffc0000
[   80.988796][ T6363] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.214: casefold flag without casefold feature
[   80.993904][ T6363] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.214: couldn't read orphan inode 15 (err -117)
[   81.004184][ T6363] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   81.028489][   T33] audit: type=1800 audit(1756742039.893:8): pid=6363 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.214" name="file0" dev="loop1" ino=19 res=0 errno=0
[   81.041095][ T6368] trusted_key: syz.0.216 sent an empty control message without MSG_MORE.
[   81.074468][ T5950] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.284829][   T24] cfg80211: failed to load regulatory.db
[   81.403426][ T6013] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   81.563449][ T6013] usb 1-1: Using ep0 maxpacket: 8
[   81.569054][ T6013] usb 1-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=3a.b2
[   81.572547][ T6013] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   81.575501][ T6013] usb 1-1: Product: syz
[   81.576870][ T6013] usb 1-1: Manufacturer: syz
[   81.578396][ T6013] usb 1-1: SerialNumber: syz
[   81.581716][ T6013] usb 1-1: config 0 descriptor??
[   81.794355][ T6013] gspca_main: sunplus-2.14.0 probing 04a5:3003
[   82.265433][ T6381] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -2
[   82.269491][ T6381] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[   82.798646][ T6013] gspca_sunplus: reg_w_riv err -71
[   82.800915][ T6013] sunplus 1-1:0.0: probe with driver sunplus failed with error -71
[   82.816112][ T6013] usb 1-1: USB disconnect, device number 2
[   83.557192][ T6387] loop0: detected capacity change from 0 to 1024
[   83.560568][ T6387] EXT4-fs: Ignoring removed orlov option
[   83.570323][ T6389] netlink: 8 bytes leftover after parsing attributes in process `syz.2.226'.
[   83.585582][ T6387] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   83.644351][ T5949] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   83.785361][ T6403] bridge0: port 2(bridge_slave_1) entered disabled state
[   83.790578][ T6403] bridge_slave_1: left allmulticast mode
[   83.806850][ T6403] bridge_slave_1: left promiscuous mode
[   83.808770][ T6403] bridge0: port 2(bridge_slave_1) entered disabled state
[   83.840618][ T6403] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check.
[   83.901372][ T6407] netlink: 4 bytes leftover after parsing attributes in process `syz.2.234'.
[   84.150663][ T6422] loop1: detected capacity change from 0 to 256
[   84.245250][ T6424] loop0: detected capacity change from 0 to 2048
[   84.251726][ T6424] UDF-fs: warning (device loop0): udf_fill_super: No partition found (2)
[   84.635301][ T6448] netlink: 'syz.1.252': attribute type 83 has an invalid length.
[   85.043386][ T6458] hub 9-0:1.0: USB hub found
[   85.047734][ T6458] hub 9-0:1.0: 1 port detected
[   85.467556][ T6464] bond0: option mode: unable to set because the bond device has slaves
[   85.936365][ T6477] openvswitch: netlink: Missing key (keys=40, expected=200000)
[   86.085447][ T6481] netlink: 212408 bytes leftover after parsing attributes in process `syz.1.264'.
[   86.363691][   T60] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   86.523536][   T60] usb 3-1: Using ep0 maxpacket: 16
[   86.535003][   T60] usb 3-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[   86.538311][   T60] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   86.541217][   T60] usb 3-1: Product: syz
[   86.543023][   T60] usb 3-1: Manufacturer: syz
[   86.545670][   T60] usb 3-1: SerialNumber: syz
[   86.559940][   T60] r8152-cfgselector 3-1: Unknown version 0x0000
[   86.566764][   T60] r8152-cfgselector 3-1: config 0 descriptor??
[   86.968566][ T6491] geneve2: entered promiscuous mode
[   86.996266][ T6013] r8152-cfgselector 3-1: USB disconnect, device number 2
[   87.267733][ T6503] binder: 6502:6503 ioctl c0306201 2000000003c0 returned -14
[   87.494539][ T6509] loop0: detected capacity change from 0 to 256
[   87.516283][ T6509] FAT-fs (loop0): Directory bread(block 64) failed
[   87.519886][ T6509] FAT-fs (loop0): Directory bread(block 65) failed
[   87.522380][ T6509] FAT-fs (loop0): Directory bread(block 66) failed
[   87.531270][ T6509] FAT-fs (loop0): Directory bread(block 67) failed
[   87.551205][ T6509] FAT-fs (loop0): Directory bread(block 68) failed
[   87.562705][ T6509] FAT-fs (loop0): Directory bread(block 69) failed
[   87.566845][ T6509] FAT-fs (loop0): Directory bread(block 70) failed
[   87.569611][ T6509] FAT-fs (loop0): Directory bread(block 71) failed
[   87.572385][ T6509] FAT-fs (loop0): Directory bread(block 72) failed
[   87.576093][ T6509] FAT-fs (loop0): Directory bread(block 73) failed
[   87.638013][ T6513] loop2: detected capacity change from 0 to 4096
[   87.645179][ T6513] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512).
[   87.671457][ T6513] ntfs3(loop2): ino=19, mi_enum_attr
[   87.703599][ T6513] ntfs3(loop2): failed to convert "c46c" to cp1250
[   87.712139][ T6513] ntfs3(loop2): ino=20, mi_enum_attr
[   87.721266][ T6515] capability: warning: `syz.0.280' uses deprecated v2 capabilities in a way that may be insecure
[   88.705261][ T6557] netlink: 8 bytes leftover after parsing attributes in process `syz.0.298'.
[   88.778247][ T6561] loop0: detected capacity change from 0 to 256
[   88.908684][ T6565] netlink: 8 bytes leftover after parsing attributes in process `syz.0.303'.
[   88.912154][ T6565] netlink: 4 bytes leftover after parsing attributes in process `syz.0.303'.
[   88.924471][ T6567] Dead loop on virtual device ip6_vti0, fix it urgently!
[   89.332091][ T6570] loop2: detected capacity change from 0 to 32768
[   89.376585][ T6570] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   89.438714][ T6570] XFS (loop2): Ending clean mount
[   89.450393][ T6570] XFS (loop2): Quotacheck needed: Please wait.
[   89.479651][ T6570] XFS (loop2): Quotacheck: Done.
[   89.621911][ T6604] block nbd2: Send control failed (result -32)
[   89.625649][ T6604] block nbd2: Request send failed, requeueing
[   89.630873][   T11] block nbd2: Dead connection, failed to find a fallback
[   89.634284][   T11] block nbd2: shutting down sockets
[   89.636851][   T11] I/O error, dev nbd2, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   89.643746][ T1273] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   89.643816][ T6604] I/O error, dev nbd2, sector 256 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   89.651978][ T6604] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256
[   89.658854][ T6604] I/O error, dev nbd2, sector 512 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   89.662807][ T6604] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512
[   89.670743][ T6604] I/O error, dev nbd2, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   89.675670][ T6604] I/O error, dev nbd2, sector 512 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   89.679784][ T6604] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256
[   89.686301][ T6604] I/O error, dev nbd2, sector 1024 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   89.690245][ T6604] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512
[   89.695719][ T6604] I/O error, dev nbd2, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   89.700230][ T6604] I/O error, dev nbd2, sector 1024 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   89.704397][ T6604] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256
[   89.708752][ T6604] I/O error, dev nbd2, sector 2048 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   89.714071][ T6604] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512
[   89.718796][ T6604] I/O error, dev nbd2, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[   89.722982][ T6604] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=256, location=256
[   89.727678][ T6604] UDF-fs: error (device nbd2): udf_read_tagged: read failed, block=512, location=512
[   89.731547][ T6604] UDF-fs: warning (device nbd2): udf_fill_super: No partition found (1)
[   89.793416][ T1273] usb 1-1: Using ep0 maxpacket: 8
[   89.800417][ T1273] usb 1-1: config 179 has an invalid interface number: 65 but max is 0
[   89.811776][ T1273] usb 1-1: config 179 has no interface number 0
[   89.815297][ T1273] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[   89.819926][ T1273] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[   89.835635][ T1273] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[   89.841049][ T1273] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[   89.845444][ T1273] usb 1-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[   89.850596][ T1273] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[   89.856141][ T1273] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   89.863879][ T5959] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   89.869605][ T6603] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[   90.137528][ T1273] input: Generic X-Box pad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:179.65/input/input5
[   90.308422][ T6603] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[   90.317935][   T33] audit: type=1400 audit(1756742049.193:9): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=3A273A02 pid=6607 comm="syz.2.318"
[   90.344510][ T6603] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[   90.440183][ T6612] loop2: detected capacity change from 0 to 256
[   90.444037][ T6612] exfat: Deprecated parameter 'namecase'
[   90.445992][ T6612] exfat: Deprecated parameter 'utf8'
[   90.457613][ T6612] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d)
[   90.532803][ T6614] loop2: detected capacity change from 0 to 256
[   90.537576][ T6614] exfat: Deprecated parameter 'namecase'
[   90.539541][ T6614] exfat: Deprecated parameter 'utf8'
[   90.552166][ T6614] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[   91.151539][   T60] usb 1-1: USB disconnect, device number 3
[   91.151748][    C0] xpad 1-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[   91.157686][    C0] xpad 1-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[   91.464790][ T6634] loop2: detected capacity change from 0 to 1764
[   91.499708][ T6634] ISOFS: unable to read i-node block
[   91.901541][ T6648] Zero length message leads to an empty skb
[   92.144782][ T6672] loop2: detected capacity change from 0 to 2048
[   92.193045][ T6675] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   92.228880][   T33] audit: type=1800 audit(1756742051.103:10): pid=6672 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.344" name="file1" dev="loop2" ino=15 res=0 errno=0
[   92.309150][   T33] audit: type=1326 audit(1756742051.183:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6681 comm="syz.0.349" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fcd4ef8ebe9 code=0x0
[   94.199471][ T6714] loop0: detected capacity change from 0 to 256
[   94.843547][ T1273] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[   95.007725][ T1273] usb 1-1: unable to get BOS descriptor or descriptor too short
[   95.014104][ T1273] usb 1-1: config 84 has an invalid interface number: 111 but max is 0
[   95.017761][ T1273] usb 1-1: config 84 has no interface number 0
[   95.020595][ T1273] usb 1-1: config 84 interface 111 has no altsetting 0
[   95.053705][ T1273] usb 1-1: language id specifier not provided by device, defaulting to English
[   95.067013][ T1273] usb 1-1: New USB device found, idVendor=0421, idProduct=046e, bcdDevice=33.f0
[   95.070905][ T1273] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   95.074763][ T1273] usb 1-1: Product: Ъ
[   95.076563][ T1273] usb 1-1: SerialNumber: 麡珏גּ줺귮癲ꋧ⌗컹야髰蹏铏܎䖎鯫湼샘婜ꁤ齯Ἑᢱ벗/￭蠾쬯ꃯ▋뵻薱⾡䴢㒟瀪慠欗삅탯睌࢔קּ狴
[   95.210766][ T6725] netlink: 20 bytes leftover after parsing attributes in process `syz.2.366'.
[   95.249889][ T6727] loop2: detected capacity change from 0 to 512
[   95.259225][ T6727] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[   95.262477][ T6727] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2
[   95.271876][ T6727] EXT4-fs (loop2): 1 truncate cleaned up
[   95.275522][ T6727] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   95.300832][ T5959] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   95.304991][ T1273] usb 1-1: bad CDC descriptors
[   95.320324][ T1273] usb 1-1: USB disconnect, device number 4
[   95.360788][ T6731] loop2: detected capacity change from 0 to 256
[   95.390090][ T6731] FAT-fs (loop2): Directory bread(block 64) failed
[   95.392933][ T6731] FAT-fs (loop2): Directory bread(block 65) failed
[   95.396098][ T6731] FAT-fs (loop2): Directory bread(block 66) failed
[   95.398301][ T6731] FAT-fs (loop2): Directory bread(block 67) failed
[   95.400689][ T6731] FAT-fs (loop2): Directory bread(block 68) failed
[   95.403072][ T6731] FAT-fs (loop2): Directory bread(block 69) failed
[   95.406279][ T6731] FAT-fs (loop2): Directory bread(block 70) failed
[   95.408436][ T6731] FAT-fs (loop2): Directory bread(block 71) failed
[   95.411264][ T6731] FAT-fs (loop2): Directory bread(block 72) failed
[   95.415062][ T6731] FAT-fs (loop2): Directory bread(block 73) failed
[   95.475040][ T6733] loop2: detected capacity change from 0 to 2048
[   95.485163][ T6733] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[   95.494734][ T6734] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   95.587520][ T6738] loop2: detected capacity change from 0 to 128
[   95.591673][ T6738] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[   95.601273][ T6738] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   95.671891][ T6740] loop2: detected capacity change from 0 to 2048
[   95.686897][ T6741] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   95.905237][ T6749] loop0: detected capacity change from 0 to 128
[   95.910856][ T6749] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[   95.919903][ T6749] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   96.009451][ T6753] loop0: detected capacity change from 0 to 2048
[   96.033971][ T6753] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   96.045549][ T6753] EXT4-fs error (device loop0): ext4_find_extent:939: inode #2: comm syz.0.378: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[   96.080078][ T5949] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   96.189097][ T6759] loop0: detected capacity change from 0 to 4096
[   96.204410][ T6759] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[   96.218083][ T6759] ntfs3(loop0): Failed to load $Extend (-22).
[   96.220898][ T6759] ntfs3(loop0): Failed to initialize $Extend.
[   96.904283][ T6767] loop0: detected capacity change from 0 to 256
[   96.920253][ T6767] FAT-fs (loop0): Directory bread(block 64) failed
[   96.923044][ T6767] FAT-fs (loop0): Directory bread(block 65) failed
[   96.925919][ T6767] FAT-fs (loop0): Directory bread(block 66) failed
[   96.928960][ T6767] FAT-fs (loop0): Directory bread(block 67) failed
[   96.931904][ T6767] FAT-fs (loop0): Directory bread(block 68) failed
[   96.937575][ T6767] FAT-fs (loop0): Directory bread(block 69) failed
[   96.940357][ T6767] FAT-fs (loop0): Directory bread(block 70) failed
[   96.943191][ T6767] FAT-fs (loop0): Directory bread(block 71) failed
[   96.947025][ T6767] FAT-fs (loop0): Directory bread(block 72) failed
[   96.949783][ T6767] FAT-fs (loop0): Directory bread(block 73) failed
[   97.031040][ T6770] netlink: 28 bytes leftover after parsing attributes in process `syz.1.385'.
[   98.114413][ T6787] smc: net device bond0 applied user defined pnetid SYZ0
[   98.413562][ T6795] loop1: detected capacity change from 0 to 256
[   98.508097][ T6799] loop0: detected capacity change from 0 to 128
[   98.537976][ T6799] Invalid ELF header len 10
[   98.591928][ T6805] netdevsim netdevsim1: Direct firmware load for @ failed with error -2
[   98.601737][ T6805] netdevsim netdevsim1: Falling back to sysfs fallback for: @
[   98.849676][ T6824] loop2: detected capacity change from 0 to 256
[   98.871023][ T6824] FAT-fs (loop2): Directory bread(block 64) failed
[   98.874517][ T6824] FAT-fs (loop2): Directory bread(block 65) failed
[   98.877491][ T6824] FAT-fs (loop2): Directory bread(block 66) failed
[   98.882708][ T6824] FAT-fs (loop2): Directory bread(block 67) failed
[   98.888184][ T6824] FAT-fs (loop2): Directory bread(block 68) failed
[   98.893407][ T6824] FAT-fs (loop2): Directory bread(block 69) failed
[   98.900946][ T6824] FAT-fs (loop2): Directory bread(block 70) failed
[   98.905963][ T6824] FAT-fs (loop2): Directory bread(block 71) failed
[   98.909031][ T6824] FAT-fs (loop2): Directory bread(block 72) failed
[   98.911949][ T6824] FAT-fs (loop2): Directory bread(block 73) failed
[   99.541668][ T6840] loop1: detected capacity change from 0 to 512
[   99.570829][ T6840] EXT4-fs (loop1): orphan cleanup on readonly fs
[   99.573629][ T6840] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -13
[   99.577778][ T6840] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[   99.590962][ T6840] EXT4-fs error (device loop1): ext4_clear_blocks:876: inode #13: comm syz.1.416: attempt to clear invalid blocks 2 len 1
[   99.605152][ T6840] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.416: invalid indirect mapped block 1819239214 (level 0)
[   99.618696][ T6840] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #13: comm syz.1.416: invalid indirect mapped block 1819239214 (level 1)
[   99.629887][ T6840] EXT4-fs (loop1): 1 truncate cleaned up
[   99.636569][ T6840] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[   99.656155][ T6840] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[   99.664473][ T6840] EXT4-fs error (device loop1): __ext4_remount:6740: comm syz.1.416: Abort forced by user
[   99.674520][ T6840] EXT4-fs (loop1): Remounting filesystem read-only
[   99.677710][ T6840] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[   99.750730][ T5950] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.880054][ T6848] netlink: 36 bytes leftover after parsing attributes in process `syz.1.419'.
[   99.884644][ T6848] netlink: 16 bytes leftover after parsing attributes in process `syz.1.419'.
[   99.888331][ T6848] netlink: 36 bytes leftover after parsing attributes in process `syz.1.419'.
[   99.892064][ T6848] netlink: 36 bytes leftover after parsing attributes in process `syz.1.419'.
[  101.652825][ T6874] delete_channel: no stack
[  103.447487][ T6892] loop0: detected capacity change from 0 to 32768
[  103.451448][ T6892] XFS: ikeep mount option is deprecated.
[  103.461582][ T6892] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  103.506602][ T6892] XFS (loop0): Ending clean mount
[  103.525773][ T6892] XFS (loop0): Quotacheck needed: Please wait.
[  103.549758][ T6892] XFS (loop0): Quotacheck: Done.
[  103.570729][ T6902] v: renamed from ip6_vti0 (while UP)
[  103.581418][ T5949] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  103.814680][ T6912] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  103.963466][ T1273] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  103.991036][ T6926] loop0: detected capacity change from 0 to 256
[  104.000785][ T6926] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[  104.125771][ T1273] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  104.130393][ T1273] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  104.145415][ T1273] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  104.152978][ T1273] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  104.158938][ T1273] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  104.165031][ T1273] usb 3-1: config 0 descriptor??
[  104.378692][ T1273] usbhid 3-1:0.0: can't add hid device: -71
[  104.381041][ T1273] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  104.390984][ T1273] usb 3-1: USB disconnect, device number 3
[  104.653584][ T6959] loop0: detected capacity change from 0 to 512
[  104.669412][ T6959] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  104.674901][ T6959] ext4 filesystem being mounted at /165/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  104.699621][ T5949] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  104.962833][ T6969] loop2: detected capacity change from 0 to 2048
[  104.970445][ T1273] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  104.977287][ T6969] NILFS (loop2): broken superblock, retrying with spare superblock (blocksize = 1024)
[  104.987529][ T5948] udevd[5948]: incorrect nilfs2 checksum on /dev/loop2
[  104.994919][ T6970] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  105.057210][ T6972] netlink: 8 bytes leftover after parsing attributes in process `syz.2.459'.
[  105.133585][ T1273] usb 1-1: Using ep0 maxpacket: 32
[  105.137398][ T1273] usb 1-1: config 0 has an invalid interface number: 136 but max is 0
[  105.140763][ T1273] usb 1-1: config 0 has no interface number 0
[  105.148620][ T1273] usb 1-1: New USB device found, idVendor=1a0a, idProduct=0101, bcdDevice=ee.df
[  105.152231][ T1273] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  105.158216][ T1273] usb 1-1: Product: syz
[  105.159923][ T1273] usb 1-1: Manufacturer: syz
[  105.161789][ T1273] usb 1-1: SerialNumber: syz
[  105.167899][ T1273] usb 1-1: config 0 descriptor??
[  105.178620][ T1273] usb_ehset_test 1-1:0.136: probe with driver usb_ehset_test failed with error -32
[  105.381286][ T1273] usb 1-1: USB disconnect, device number 5
[  105.468802][ T6986] netdevsim netdevsim2 netdevsim0: entered promiscuous mode
[  106.002124][ T7010] netlink: 8 bytes leftover after parsing attributes in process `syz.0.475'.
[  107.486964][ T7031] loop1: detected capacity change from 0 to 16
[  107.497630][ T7031] erofs (device loop1): mounted with root inode @ nid 36.
[  107.520816][ T7031] syz.1.482: attempt to access beyond end of device
[  107.520816][ T7031] loop1: rw=0, sector=34359739344, nr_sectors = 8 limit=16
[  107.671848][ T7035] syz.1.482: attempt to access beyond end of device
[  107.671848][ T7035] loop1: rw=0, sector=34359739344, nr_sectors = 8 limit=16
[  107.700934][ T7035] syz.1.482: attempt to access beyond end of device
[  107.700934][ T7035] loop1: rw=0, sector=34359739344, nr_sectors = 8 limit=16
[  107.732479][ T7035] syz.1.482: attempt to access beyond end of device
[  107.732479][ T7035] loop1: rw=0, sector=34359739344, nr_sectors = 8 limit=16
[  107.787998][ T7035] syz.1.482: attempt to access beyond end of device
[  107.787998][ T7035] loop1: rw=0, sector=34359739344, nr_sectors = 8 limit=16
[  108.677132][ T7045] loop0: detected capacity change from 0 to 256
[  108.693933][ T7045] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011a39, chksum : 0xd7c18d7b, utbl_chksum : 0xe619d30d)
[  109.347997][ T7065] veth0_to_bond: entered allmulticast mode
[  109.473641][   T60] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  109.615589][   T24] kernel write not supported for file /224/oom_adj (pid: 24 comm: kworker/1:0)
[  109.663530][   T60] usb 3-1: Using ep0 maxpacket: 32
[  109.675858][   T60] usb 3-1: config 0 has an invalid interface number: 85 but max is 0
[  109.679059][   T60] usb 3-1: config 0 has no interface number 0
[  109.681540][   T60] usb 3-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  109.689081][   T60] usb 3-1: config 0 interface 85 has no altsetting 0
[  109.699809][   T60] usb 3-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  109.719519][   T60] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  109.723040][   T60] usb 3-1: Product: syz
[  109.734758][   T60] usb 3-1: Manufacturer: syz
[  109.743211][   T60] usb 3-1: SerialNumber: syz
[  110.037361][   T60] usb 3-1: config 0 descriptor??
[  110.576784][ T7100] sp0: Synchronizing with TNC
[  110.672648][   T60] appletouch 3-1:0.85: Geyser mode initialized.
[  110.689658][   T60] input: appletouch as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.85/input/input6
[  111.109059][   T60] usb 3-1: USB disconnect, device number 4
[  111.141977][   T60] appletouch 3-1:0.85: input: appletouch disconnected
[  111.252689][   T33] audit: type=1326 audit(1756742070.123:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7107 comm="syz.0.516" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd4ef8ebe9 code=0x7ffc0000
[  111.262274][   T33] audit: type=1326 audit(1756742070.123:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7107 comm="syz.0.516" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd4ef8ebe9 code=0x7ffc0000
[  111.275779][   T33] audit: type=1326 audit(1756742070.133:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7107 comm="syz.0.516" exe="/syz-executor" sig=0 arch=c000003e syscall=322 compat=0 ip=0x7fcd4ef8ebe9 code=0x7ffc0000
[  111.289631][   T33] audit: type=1326 audit(1756742070.133:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7107 comm="syz.0.516" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd4ef8ebe9 code=0x7ffc0000
[  111.298770][   T33] audit: type=1326 audit(1756742070.133:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7107 comm="syz.0.516" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcd4ef8ebe9 code=0x7ffc0000
[  111.508510][ T7116] loop0: detected capacity change from 0 to 2048
[  111.511664][ T7116] EXT4-fs: Ignoring removed nobh option
[  111.538784][ T7116] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  111.556239][ T7118] netlink: 'syz.2.521': attribute type 4 has an invalid length.
[  111.560354][ T7116] ext4 filesystem being mounted at /191/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  111.594197][   T33] audit: type=1800 audit(1756742070.463:17): pid=7116 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.520" name="file0" dev="loop0" ino=13 res=0 errno=0
[  111.682796][ T5949] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.730270][ T7129] netlink: 4 bytes leftover after parsing attributes in process `syz.1.527'.
[  111.915023][ T7143] loop0: detected capacity change from 0 to 256
[  111.917933][ T7141] loop2: detected capacity change from 0 to 2048
[  111.942701][ T7145] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  112.055242][ T7145] NILFS (loop2): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[  112.059659][ T7145] NILFS error (device loop2): nilfs_bmap_propagate: broken bmap (inode number=4)
[  112.086779][ T7145] Remounting filesystem read-only
[  112.090176][ T7151] netlink: 132 bytes leftover after parsing attributes in process `syz.0.536'.
[  112.095289][ T5959] NILFS (loop2): disposed unprocessed dirty file(s) when stopping log writer
[  112.276395][ T7157] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  112.705696][ T7157] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  112.782088][ T7157] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  112.868744][ T7157] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  112.982664][ T5963] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  113.406486][ T5963] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  113.440356][ T5917] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  113.455236][ T5917] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  115.079333][ T7217] loop2: detected capacity change from 0 to 1024
[  115.085276][ T7217] EXT4-fs: inline encryption not supported
[  115.087977][ T7217] EXT4-fs: Ignoring removed bh option
[  115.136782][ T7217] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  115.229431][ T5959] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.870141][ T7248] loop1: detected capacity change from 0 to 4096
[  115.887409][ T7248] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512).
[  115.916731][ T7248] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  115.919405][ T7246] loop0: detected capacity change from 0 to 32768
[  115.920144][ T7248] ntfs3(loop1): Failed to load $Extend (-22).
[  115.935279][ T7248] ntfs3(loop1): Failed to initialize $Extend.
[  115.944765][ T7246] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  116.000033][ T5949] ocfs2: Unmounting device (7,0) on (node local)
[  116.149728][ T7262] loop2: detected capacity change from 0 to 2048
[  116.168802][ T7262] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  116.179991][   T33] audit: type=1800 audit(1756742075.053:18): pid=7262 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.580" name="file1" dev="loop2" ino=15 res=0 errno=0
[  116.193970][   T33] audit: type=1800 audit(1756742075.063:19): pid=7262 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.580" name="file1" dev="loop2" ino=15 res=0 errno=0
[  116.194248][ T7261] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  116.215803][ T7262] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  116.221721][ T7262] EXT4-fs (loop2): This should not happen!! Data will be lost
[  116.221721][ T7262] 
[  116.227255][ T7262] EXT4-fs (loop2): Total free blocks count 0
[  116.229858][ T7262] EXT4-fs (loop2): Free/Dirty block details
[  116.232377][ T7262] EXT4-fs (loop2): free_blocks=4096
[  116.234774][ T7262] EXT4-fs (loop2): dirty_blocks=16
[  116.237036][ T7262] EXT4-fs (loop2): Block reservation details
[  116.239708][ T7262] EXT4-fs (loop2): i_reserved_data_blocks=1
[  116.246730][ T7262] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  116.365716][ T7269] loop2: detected capacity change from 0 to 4096
[  116.369230][ T7269] ntfs3(loop2): Different NTFS sector size (1024) and media sector size (512).
[  116.373226][ T7269] ntfs3(loop2): ino=1, mi_enum_attr
[  116.375837][ T7269] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  116.380053][ T7269] ntfs3(loop2): Failed to load $MFTMirr (-22).
[  116.428805][ T7271] vivid-000: disconnect
[  116.431426][ T7271] vivid-000: reconnect
[  116.484867][ T7275] loop2: detected capacity change from 0 to 128
[  116.493084][ T7275] FAT-fs (loop2): Directory bread(block 32) failed
[  116.496442][ T7275] FAT-fs (loop2): Directory bread(block 33) failed
[  116.498924][ T7275] FAT-fs (loop2): Directory bread(block 34) failed
[  116.501412][ T7275] FAT-fs (loop2): Directory bread(block 35) failed
[  116.504624][ T7275] FAT-fs (loop2): Directory bread(block 36) failed
[  116.507036][ T7275] FAT-fs (loop2): Directory bread(block 37) failed
[  116.509364][ T7275] FAT-fs (loop2): Directory bread(block 38) failed
[  116.512699][ T7275] FAT-fs (loop2): Directory bread(block 39) failed
[  116.517550][ T7275] FAT-fs (loop2): Directory bread(block 40) failed
[  116.519851][ T7275] FAT-fs (loop2): Directory bread(block 41) failed
[  116.544921][ T7275] syz.2.585: attempt to access beyond end of device
[  116.544921][ T7275] loop2: rw=0, sector=4112, nr_sectors = 4 limit=128
[  116.550918][ T7275] Buffer I/O error on dev loop2, logical block 1028, async page read
[  116.555150][ T7275] syz.2.585: attempt to access beyond end of device
[  116.555150][ T7275] loop2: rw=0, sector=167964, nr_sectors = 4 limit=128
[  116.559419][ T7275] Buffer I/O error on dev loop2, logical block 41991, async page read
[  116.562188][ T7275] FAT-fs (loop2): Filesystem has been set read-only
[  116.565118][ T7275] syz.2.585: attempt to access beyond end of device
[  116.565118][ T7275] loop2: rw=0, sector=4112, nr_sectors = 4 limit=128
[  116.569433][ T7275] Buffer I/O error on dev loop2, logical block 1028, async page read
[  116.572153][ T7275] syz.2.585: attempt to access beyond end of device
[  116.572153][ T7275] loop2: rw=0, sector=167964, nr_sectors = 4 limit=128
[  116.577021][ T7275] Buffer I/O error on dev loop2, logical block 41991, async page read
[  116.581197][ T7275] FAT-fs (loop2): error, corrupted directory (invalid entries)
[  116.873435][ T5951] usb 3-1: new full-speed USB device number 5 using dummy_hcd
[  116.939816][   T33] audit: type=1326 audit(1756742075.813:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7280 comm="syz.1.589" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f306d78ebe9 code=0x7ffc0000
[  116.971087][   T33] audit: type=1326 audit(1756742075.813:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7280 comm="syz.1.589" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f306d78ebe9 code=0x7ffc0000
[  116.981949][   T33] audit: type=1326 audit(1756742075.823:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7280 comm="syz.1.589" exe="/syz-executor" sig=0 arch=c000003e syscall=68 compat=0 ip=0x7f306d78ebe9 code=0x7ffc0000
[  116.982331][ T7283] netlink: 68 bytes leftover after parsing attributes in process `syz.0.588'.
[  117.011653][   T33] audit: type=1326 audit(1756742075.833:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7280 comm="syz.1.589" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f306d78ebe9 code=0x7ffc0000
[  117.031091][   T33] audit: type=1326 audit(1756742075.833:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7280 comm="syz.1.589" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f306d78ebe9 code=0x7ffc0000
[  117.039810][   T33] audit: type=1326 audit(1756742075.833:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7280 comm="syz.1.589" exe="/syz-executor" sig=0 arch=c000003e syscall=71 compat=0 ip=0x7f306d78ebe9 code=0x7ffc0000
[  117.057550][ T5951] usb 3-1: unable to get BOS descriptor or descriptor too short
[  117.061323][ T5951] usb 3-1: not running at top speed; connect to a high speed hub
[  117.067025][   T33] audit: type=1326 audit(1756742075.833:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7280 comm="syz.1.589" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f306d78ebe9 code=0x7ffc0000
[  117.076219][   T33] audit: type=1326 audit(1756742075.833:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7280 comm="syz.1.589" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f306d78ebe9 code=0x7ffc0000
[  117.086666][ T5951] usb 3-1: config 4 has an invalid interface number: 156 but max is 0
[  117.090109][ T5951] usb 3-1: config 4 has no interface number 0
[  117.092649][ T5951] usb 3-1: config 4 interface 156 has no altsetting 0
[  117.098572][ T5951] usb 3-1: New USB device found, idVendor=0545, idProduct=800c, bcdDevice= 3.0a
[  117.102327][ T5951] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  117.106431][ T5951] usb 3-1: Product: syz
[  117.108208][ T5951] usb 3-1: Manufacturer: syz
[  117.110057][ T5951] usb 3-1: SerialNumber: syz
[  117.327356][ T5951] usb 3-1: USB disconnect, device number 5
[  118.107766][ T7293] loop1: detected capacity change from 0 to 32768
[  118.114726][ T7293] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.594 (7293)
[  118.132033][ T7293] BTRFS info (device loop1): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  118.136421][ T7293] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm
[  118.140365][ T7293] BTRFS warning (device loop1): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  118.225855][ T7293] BTRFS info (device loop1): rebuilding free space tree
[  118.244014][ T7293] BTRFS info (device loop1): disabling free space tree
[  118.246353][ T7293] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  118.249901][ T7293] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  118.256572][ T7293] BTRFS info (device loop1): enabling ssd optimizations
[  118.258938][ T7293] BTRFS info (device loop1): enabling disk space caching
[  118.261444][ T7293] BTRFS info (device loop1): force clearing of disk cache
[  118.264122][ T7293] BTRFS info (device loop1): use zlib compression, level 3
[  118.893040][ T5950] BTRFS info (device loop1): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  118.944635][ T7330] loop2: detected capacity change from 0 to 512
[  119.029420][ T7330] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  119.039059][ T7330] ext4 filesystem being mounted at /190/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  119.110142][ T5959] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  119.490780][ T7346] loop2: detected capacity change from 0 to 2048
[  119.541249][ T6093] Alternate GPT is invalid, using primary GPT.
[  119.544890][ T6093]  loop2: p2 p3 p7
[  119.626804][ T7346] Alternate GPT is invalid, using primary GPT.
[  119.631188][ T7346]  loop2: p2 p3 p7
[  119.798751][ T6093] udevd[6093]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  119.799743][ T5948] udevd[5948]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[  119.814135][ T5956] udevd[5956]: inotify_add_watch(7, /dev/loop2p7, 10) failed: No such file or directory
[  119.861773][ T7357] evm: overlay not supported
[  120.022210][ T7359] netlink: 'syz.1.615': attribute type 1 has an invalid length.
[  120.170117][ T7355] loop2: detected capacity change from 0 to 32768
[  120.177281][ T7355] XFS (loop2): DAX unsupported by block device. Turning off DAX.
[  120.188525][ T7355] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  120.255944][ T7355] XFS (loop2): Ending clean mount
[  120.358839][ T5959] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  120.724723][ T7385] netlink: 12 bytes leftover after parsing attributes in process `syz.1.624'.
[  120.855607][ T7390] loop2: detected capacity change from 0 to 64
[  120.986750][ T7395] loop2: detected capacity change from 0 to 2048
[  121.009396][ T7395] FAT-fs (loop2): Directory bread(block 131102) failed
[  121.022664][ T7395] FAT-fs (loop2): Directory bread(block 131103) failed
[  121.034861][ T7395] FAT-fs (loop2): Directory bread(block 131104) failed
[  121.046578][ T7395] FAT-fs (loop2): Directory bread(block 131105) failed
[  121.049363][ T7395] FAT-fs (loop2): Directory bread(block 131106) failed
[  121.067074][ T7395] FAT-fs (loop2): Directory bread(block 131107) failed
[  121.075739][ T7395] FAT-fs (loop2): Directory bread(block 131108) failed
[  121.083504][ T7395] FAT-fs (loop2): Directory bread(block 131109) failed
[  121.086307][ T7395] FAT-fs (loop2): Directory bread(block 131110) failed
[  121.089193][ T7395] FAT-fs (loop2): Directory bread(block 131111) failed
[  121.236504][ T7407] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  121.636757][ T7408] loop1: detected capacity change from 0 to 32768
[  121.695992][ T7408] XFS (loop1): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  121.747739][ T7408] XFS (loop1): Ending clean mount
[  121.748071][ T7435] loop2: detected capacity change from 0 to 1024
[  121.803264][ T5950] XFS (loop1): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  121.839410][ T7439] loop2: detected capacity change from 0 to 1024
[  121.932695][ T7441] hsr0: entered promiscuous mode
[  121.936217][ T7441] netlink: 4 bytes leftover after parsing attributes in process `syz.2.645'.
[  121.945249][ T7441] hsr_slave_0: left promiscuous mode
[  121.955320][ T7441] hsr_slave_1: left promiscuous mode
[  121.978930][ T7441] hsr0 (unregistering): left promiscuous mode
[  122.004961][ T7445] netlink: 24 bytes leftover after parsing attributes in process `syz.1.646'.
[  122.274601][ T7460] netlink: 4 bytes leftover after parsing attributes in process `syz.1.651'.
[  122.523595][    T9] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  122.693502][    T9] usb 3-1: Using ep0 maxpacket: 16
[  122.705168][    T9] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  122.717425][    T9] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 22
[  122.736450][    T9] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  122.740605][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  122.745509][    T9] usb 3-1: SerialNumber: syz
[  122.961130][    T9] usb 3-1: USB disconnect, device number 6
[  123.765649][ T7488] loop2: detected capacity change from 0 to 40427
[  123.781298][ T7488] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  123.790948][ T7488] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  123.796659][ T7488] F2FS-fs (loop2): invalid crc value
[  123.862455][ T7488] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  123.870433][ T7488] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  123.871230][ T7490] loop0: detected capacity change from 0 to 40427
[  123.873224][ T7488] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  123.885554][ T7490] F2FS-fs (loop0): Insane cp_payload (553648128 >= 504)
[  123.895075][ T7490] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  123.899617][   T33] audit: type=1800 audit(1756742082.773:28): pid=7488 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.665" name="file1" dev="loop2" ino=10 res=0 errno=0
[  123.913233][ T7490] F2FS-fs (loop0): invalid crc value
[  123.962994][ T7501] netlink: 24 bytes leftover after parsing attributes in process `syz.1.667'.
[  123.972553][ T7490] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  123.977308][ T7490] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  124.017182][ T7490] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  124.047201][ T5949] syz-executor: attempt to access beyond end of device
[  124.047201][ T5949] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  124.058127][ T5949] CPU: 0 UID: 0 PID: 5949 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  124.058137][ T5949] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  124.058141][ T5949] Call Trace:
[  124.058145][ T5949]  <TASK>
[  124.058148][ T5949]  dump_stack_lvl+0x189/0x250
[  124.058161][ T5949]  ? __pfx_dump_stack_lvl+0x10/0x10
[  124.058169][ T5949]  ? __pfx_queue_work_on+0x10/0x10
[  124.058177][ T5949]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  124.058186][ T5949]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  124.058199][ T5949]  f2fs_handle_critical_error+0x37c/0x540
[  124.058212][ T5949]  f2fs_write_end_io+0x886/0xb60
[  124.058225][ T5949]  __submit_merged_bio+0x27a/0x6a0
[  124.058237][ T5949]  __submit_merged_write_cond+0x255/0x530
[  124.058248][ T5949]  f2fs_write_data_pages+0x261d/0x3000
[  124.058271][ T5949]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  124.058301][ T5949]  ? folios_put_refs+0x559/0x640
[  124.058314][ T5949]  ? __lock_acquire+0xab9/0xd20
[  124.058326][ T5949]  ? do_raw_spin_lock+0x121/0x290
[  124.058339][ T5949]  ? do_raw_spin_unlock+0x4d/0x240
[  124.058347][ T5949]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  124.058357][ T5949]  do_writepages+0x32e/0x550
[  124.058378][ T5949]  ? do_raw_spin_unlock+0x4d/0x240
[  124.058388][ T5949]  filemap_fdatawrite+0x199/0x240
[  124.058397][ T5949]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  124.058423][ T5949]  ? do_raw_spin_unlock+0x4d/0x240
[  124.058433][ T5949]  f2fs_sync_dirty_inodes+0x31f/0x830
[  124.058445][ T5949]  f2fs_write_checkpoint+0x95a/0x1df0
[  124.058460][ T5949]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  124.058484][ T5949]  ? kill_f2fs_super+0x298/0x6c0
[  124.058493][ T5949]  kill_f2fs_super+0x2c3/0x6c0
[  124.058502][ T5949]  ? __pfx_kill_f2fs_super+0x10/0x10
[  124.058507][ T5949]  ? radix_tree_delete_item+0x2b6/0x400
[  124.058519][ T5949]  ? shrinker_free+0x2ce/0x3e0
[  124.058528][ T5949]  deactivate_locked_super+0xbc/0x130
[  124.058537][ T5949]  cleanup_mnt+0x425/0x4c0
[  124.058545][ T5949]  ? lockdep_hardirqs_on+0x9c/0x150
[  124.058555][ T5949]  task_work_run+0x1d4/0x260
[  124.058565][ T5949]  ? __pfx_task_work_run+0x10/0x10
[  124.058573][ T5949]  ? __x64_sys_umount+0x122/0x160
[  124.058583][ T5949]  ? exit_to_user_mode_loop+0x40/0x110
[  124.058595][ T5949]  exit_to_user_mode_loop+0xec/0x110
[  124.058604][ T5949]  do_syscall_64+0x2bd/0x3b0
[  124.058613][ T5949]  ? lockdep_hardirqs_on+0x9c/0x150
[  124.058625][ T5949]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.058635][ T5949]  ? exc_page_fault+0x9f/0xf0
[  124.058648][ T5949]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  124.058658][ T5949] RIP: 0033:0x7fcd4ef8ff17
[  124.058668][ T5949] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  124.058676][ T5949] RSP: 002b:00007fff1e102068 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  124.058688][ T5949] RAX: 0000000000000000 RBX: 00007fcd4f011c05 RCX: 00007fcd4ef8ff17
[  124.058695][ T5949] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff1e102120
[  124.058701][ T5949] RBP: 00007fff1e102120 R08: 0000000000000000 R09: 0000000000000000
[  124.058706][ T5949] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff1e1031b0
[  124.058710][ T5949] R13: 00007fcd4f011c05 R14: 000000000001e26b R15: 00007fff1e1031f0
[  124.058726][ T5949]  </TASK>
[  124.058730][ T5949] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  124.433441][   T33] audit: type=1326 audit(1756742083.303:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7508 comm="syz.2.668" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fbba2f8ebe9 code=0x0
[  126.409072][ T7548] loop2: detected capacity change from 0 to 256
[  126.420508][ T7548] exfat: Deprecated parameter 'namecase'
[  126.422474][ T7548] exfat: Deprecated parameter 'utf8'
[  126.446421][ T7548] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  126.484811][ T7552] loop1: detected capacity change from 0 to 2048
[  126.517553][ T7552] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  126.879888][ T7578] loop1: detected capacity change from 0 to 764
[  126.890560][ T7578] rock: directory entry would overflow storage
[  126.894260][ T7566] loop0: detected capacity change from 0 to 32768
[  126.901625][ T7578] rock: sig=0x4654, size=5, remaining=4
[  127.019286][ T7566] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names
[  127.019305][ T7566]   allowing incompatible features above 0.0: (unknown version)
[  127.019312][ T7566]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  127.035959][ T1273] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  127.040085][ T7566] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[  127.043067][ T7566] bcachefs (loop0): initializing new filesystem
[  127.056471][ T7566] bcachefs (loop0): going read-write
[  127.069650][ T7566] bcachefs (loop0): marking superblocks
[  127.106225][ T7566] bcachefs (loop0): initializing freespace
[  127.116941][ T7566] bcachefs (loop0): done initializing freespace
[  127.122873][ T7566] bcachefs (loop0): reading snapshots table
[  127.126756][ T7566] bcachefs (loop0): reading snapshots done
[  127.165126][ T7566] bcachefs (loop0): done starting filesystem
[  127.193879][ T1273] usb 3-1: config 0 has an invalid interface number: 194 but max is 0
[  127.196677][ T1273] usb 3-1: config 0 has no interface number 0
[  127.202739][ T1273] usb 3-1: New USB device found, idVendor=19d2, idProduct=5755, bcdDevice=df.b8
[  127.211046][ T1273] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  127.218026][ T1273] usb 3-1: Product: syz
[  127.228180][ T1273] usb 3-1: Manufacturer: syz
[  127.229747][ T1273] usb 3-1: SerialNumber: syz
[  127.236540][ T1273] usb 3-1: config 0 descriptor??
[  127.249132][ T1273] usb 3-1: bad CDC descriptors
[  127.451104][ T1273] usb 3-1: USB disconnect, device number 7
[  127.477341][ T7607] loop1: detected capacity change from 0 to 32768
[  127.565655][ T7566] syz.0.690 (7566) used greatest stack depth: 15864 bytes left
[  127.661625][ T5949] bcachefs (loop0): shutting down
[  127.664966][ T5949] bcachefs (loop0): going read-only
[  127.667529][ T5949] bcachefs (loop0): finished waiting for writes to stop
[  127.674724][ T5949] bcachefs (loop0): flushing journal and stopping allocators, journal seq 3
[  127.704234][ T5949] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 4
[  127.709968][ T5949] bcachefs (loop0): clean shutdown complete, journal seq 5
[  127.713772][ T5949] bcachefs (loop0): marking filesystem clean
[  127.744966][ T5949] bcachefs (loop0): shutdown complete
[  127.989156][ T7614] loop2: detected capacity change from 0 to 16
[  127.994528][ T7614] erofs (device loop2): mounted with root inode @ nid 36.
[  128.198632][ T7621] loop2: detected capacity change from 0 to 4096
[  128.208469][ T7621] ntfs3(loop2): Different NTFS sector size (1024) and media sector size (512).
[  128.246269][ T7621] ntfs3(loop2): ino=1e, "file1" ntfs_sync_inode failed, -22.
[  128.249925][ T7621] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  128.910892][ T7635] netlink: 16 bytes leftover after parsing attributes in process `syz.1.714'.
[  129.427340][ T5951] kernel write not supported for file /sequencer (pid: 5951 comm: kworker/0:3)
[  129.431221][   T33] audit: type=1326 audit(1756742088.303:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7656 comm="syz.1.724" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f306d78ebe9 code=0x7ffc0000
[  129.456259][   T33] audit: type=1326 audit(1756742088.303:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7656 comm="syz.1.724" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f306d78ebe9 code=0x7ffc0000
[  129.479870][   T33] audit: type=1326 audit(1756742088.313:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7656 comm="syz.1.724" exe="/syz-executor" sig=0 arch=c000003e syscall=220 compat=0 ip=0x7f306d78ebe9 code=0x7ffc0000
[  129.485913][ T7659] netlink: 4 bytes leftover after parsing attributes in process `syz.2.725'.
[  129.492658][   T33] audit: type=1326 audit(1756742088.313:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7656 comm="syz.1.724" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f306d78ebe9 code=0x7ffc0000
[  129.511991][   T33] audit: type=1326 audit(1756742088.313:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7656 comm="syz.1.724" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f306d78ebe9 code=0x7ffc0000
[  129.524516][ T7659] team1: entered promiscuous mode
[  129.526309][ T7659] team1: entered allmulticast mode
[  129.567311][ T7665] loop0: detected capacity change from 0 to 512
[  129.570076][ T7665] EXT4-fs: Ignoring removed nomblk_io_submit option
[  129.586868][ T7665] EXT4-fs (loop0): filesystem is read-only
[  129.589842][ T7665] EXT4-fs (loop0): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  129.622568][ T7665] EXT4-fs (loop0): filesystem is read-only
[  129.631064][ T7665] EXT4-fs (loop0): orphan cleanup on readonly fs
[  129.637654][ T7665] EXT4-fs error (device loop0): ext4_orphan_get:1392: inode #16: comm syz.0.729: iget: bad i_size value: 648518346341360424
[  129.647946][ T7665] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.729: couldn't read orphan inode 16 (err -117)
[  129.662591][ T7665] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  129.703784][ T7674] loop2: detected capacity change from 0 to 4096
[  129.712227][ T7674] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512).
[  129.720899][ T5949] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.737982][ T7674] ntfs3(loop2): ino=19, mi_enum_attr
[  129.740186][ T7674] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  129.848954][ T7669] loop1: detected capacity change from 0 to 32768
[  129.888286][ T7669] overlayfs: upper fs needs to support d_type.
[  129.894539][ T7669] overlayfs: upper fs does not support tmpfile.
[  129.909293][ T7669] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  129.919589][ T7669] ERROR: (device loop1): dbAlloc: the hint is outside the map
[  129.919589][ T7669] 
[  129.933491][ T7669] overlayfs: failed to set uuid (/file0, err=-5); falling back to uuid=null.
[  129.937084][ T7669] ERROR: (device loop1): dbAlloc: the hint is outside the map
[  129.937084][ T7669] 
[  129.963416][ T7669] overlayfs: failed to verify upper root origin
[  129.981459][ T7687] loop0: detected capacity change from 0 to 1024
[  130.020058][   T28] read_mapping_page failed!
[  130.028402][   T28] ERROR: (device loop1): txCommit: 
[  130.028402][   T28] 
[  130.031347][   T28] jfs_write_inode: jfs_commit_inode failed!
[  130.047723][   T26] hfsplus: b-tree write err: -5, ino 4
[  130.083570][   T24] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  130.172241][ T7698] comedi comedi0: adq12b: I/O port conflict (0xee,16)
[  130.233731][   T24] usb 3-1: Using ep0 maxpacket: 8
[  130.250594][   T24] usb 3-1: New USB device found, idVendor=16d0, idProduct=10a9, bcdDevice=30.52
[  130.256397][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  130.266767][   T24] usb 3-1: Product: syz
[  130.268512][   T24] usb 3-1: Manufacturer: syz
[  130.270409][   T24] usb 3-1: SerialNumber: syz
[  130.282915][   T24] usb 3-1: config 0 descriptor??
[  130.432509][ T7710] netlink: 60 bytes leftover after parsing attributes in process `syz.1.739'.
[  130.436474][ T7709] netlink: 60 bytes leftover after parsing attributes in process `syz.1.739'.
[  130.493109][   T24] usb 3-1: USB disconnect, device number 8
[  131.241254][ T7724] openvswitch: netlink: Unexpected mask (mask=c0, allowed=10048)
[  131.695647][ T7741] netlink: 40 bytes leftover after parsing attributes in process `syz.2.759'.
[  131.699008][ T7741] tipc: Invalid UDP bearer configuration
[  131.699050][ T7741] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  132.014808][ T7753] loop2: detected capacity change from 0 to 1024
[  132.019398][ T7753] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  132.022732][ T7753] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[  132.027032][ T7753] EXT4-fs (loop2): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  132.032147][ T7753] EXT4-fs error (device loop2): ext4_get_journal_inode:5800: inode #5: comm syz.2.765: unexpected bad inode w/o EXT4_IGET_BAD
[  132.039361][ T7753] EXT4-fs (loop2): no journal found
[  132.041597][ T7753] EXT4-fs (loop2): can't get journal size
[  132.045754][ T7753] EXT4-fs (loop2): failed to initialize system zone (-117)
[  132.050065][ T7753] EXT4-fs (loop2): mount failed
[  132.363555][   T60] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  132.487968][ T1364] ieee802154 phy0 wpan0: encryption failed: -22
[  132.490126][ T1364] ieee802154 phy1 wpan1: encryption failed: -22
[  132.523494][   T60] usb 3-1: Using ep0 maxpacket: 16
[  132.530086][   T60] usb 3-1: unable to get BOS descriptor or descriptor too short
[  132.532944][   T60] usb 3-1: too many configurations: 233, using maximum allowed: 8
[  132.537088][   T60] usb 3-1: unable to read config index 0 descriptor/start: -71
[  132.539913][   T60] usb 3-1: can't read configurations, error -71
[  133.691051][ T7772] loop0: detected capacity change from 0 to 32768
[  133.718213][ T7772] XFS (loop0): DAX unsupported by block device. Turning off DAX.
[  133.722374][ T7772] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  133.744650][ T7772] XFS (loop0): Ending clean mount
[  133.749991][ T7772] XFS (loop0): Quotacheck needed: Please wait.
[  133.776175][ T7772] XFS (loop0): Quotacheck: Done.
[  133.784588][ T7772] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  133.962556][ T7788] loop0: detected capacity change from 0 to 512
[  133.972621][ T7788] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  134.000334][ T7788] EXT4-fs (loop0): 1 truncate cleaned up
[  134.004319][ T7788] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  134.014908][ T7788] EXT4-fs error (device loop0): swap_inode_boot_loader:384: inode #5: comm syz.0.778: iget: bad extra_isize 46 (inode size 256)
[  134.022342][ T7788] EXT4-fs (loop0): Remounting filesystem read-only
[  134.049937][ T5949] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  134.112902][ T7794] binder: 7793:7794 ioctl c0306201 200000000080 returned -14
[  134.223369][ T7790] loop1: detected capacity change from 0 to 32768
[  134.242375][ T7796] loop2: detected capacity change from 0 to 8192
[  134.426427][ T7800] loop2: detected capacity change from 0 to 1024
[  134.457519][ T7800] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  134.462582][ T7800] ext4 filesystem being mounted at /265/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  134.498263][ T5959] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  134.976065][ T7815] loop2: detected capacity change from 0 to 2048
[  135.455233][ T7822] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  135.638634][ T7823] loop1: detected capacity change from 0 to 128
[  135.689540][ T7823] FAT-fs (loop1): Directory bread(block 414) failed
[  135.696224][ T7823] FAT-fs (loop1): Directory bread(block 415) failed
[  135.702323][ T7823] FAT-fs (loop1): Directory bread(block 416) failed
[  135.730517][ T7823] FAT-fs (loop1): Directory bread(block 417) failed
[  135.735796][ T7823] FAT-fs (loop1): Directory bread(block 418) failed
[  135.741070][ T7823] FAT-fs (loop1): Directory bread(block 419) failed
[  135.743260][ T7823] FAT-fs (loop1): Directory bread(block 420) failed
[  135.746935][ T7823] FAT-fs (loop1): Directory bread(block 421) failed
[  136.158504][ T7842] loop2: detected capacity change from 0 to 512
[  136.161782][ T7842] EXT4-fs: Ignoring removed nomblk_io_submit option
[  136.180900][ T7842] EXT4-fs: Ignoring removed nomblk_io_submit option
[  136.186855][ T7842] EXT4-fs: journaled quota format not specified
[  136.393100][ T7840] loop1: detected capacity change from 0 to 32768
[  136.413062][ T7840] read_mapping_page failed!
[  136.415683][ T7840] ialloc: diAlloc returned -5!
[  136.855461][ T7855] loop1: detected capacity change from 0 to 32768
[  136.873548][ T7855] ERROR: (device loop1): dbDiscardAG: -EIO
[  136.873548][ T7855] 
[  136.879261][ T7855] ERROR: (device loop1): remounting filesystem as read-only
[  137.359112][ T7864] loop2: detected capacity change from 0 to 32768
[  137.524648][ T7872] loop2: detected capacity change from 0 to 512
[  137.627697][ T7872] EXT4-fs: Ignoring removed nobh option
[  137.820782][ T6014] usb 2-1: dvb_usb_v2: Did not find the firmware file 'dvb-usb-terratec-h7-az6007.fw' (status -110). You can use <kernel_dir>/scripts/get_dvb_firmware to get the firmware
[  137.827833][ T6014] dvb_usb_az6007 2-1:0.0: probe with driver dvb_usb_az6007 failed with error -110
[  137.834177][ T7872] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #3: comm syz.2.811: corrupted inode contents
[  137.834616][ T6014] usb 2-1: USB disconnect, device number 2
[  137.851570][ T7872] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #3: comm syz.2.811: mark_inode_dirty error
[  137.868755][ T7872] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #3: comm syz.2.811: corrupted inode contents
[  137.874838][ T7872] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #3: comm syz.2.811: mark_inode_dirty error
[  137.881475][ T7872] Quota error (device loop2): write_blk: dquota write failed
[  137.886275][ T7872] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  137.890235][ T7872] EXT4-fs error (device loop2): ext4_acquire_dquot:6937: comm syz.2.811: Failed to acquire dquot type 0
[  137.900191][ T7872] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.811: corrupted inode contents
[  137.905451][ T7872] EXT4-fs error (device loop2): ext4_dirty_inode:6538: inode #16: comm syz.2.811: mark_inode_dirty error
[  137.910415][ T7872] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.811: corrupted inode contents
[  137.916993][ T7872] EXT4-fs error (device loop2): __ext4_ext_dirty:206: inode #16: comm syz.2.811: mark_inode_dirty error
[  137.922074][ T7872] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.811: corrupted inode contents
[  137.931050][ T7872] EXT4-fs error (device loop2) in ext4_orphan_del:305: Corrupt filesystem
[  137.935119][ T7872] EXT4-fs error (device loop2): ext4_do_update_inode:5653: inode #16: comm syz.2.811: corrupted inode contents
[  137.940147][ T7872] EXT4-fs error (device loop2): ext4_truncate:4666: inode #16: comm syz.2.811: mark_inode_dirty error
[  137.946753][ T7872] EXT4-fs error (device loop2) in ext4_process_orphan:347: Corrupt filesystem
[  137.953676][ T7872] EXT4-fs (loop2): 1 truncate cleaned up
[  137.958186][ T7872] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  137.965060][ T7872] ext4 filesystem being mounted at /276/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  138.025797][ T7877] loop1: detected capacity change from 0 to 128
[  138.040371][ T7877] FAT-fs (loop1): Directory bread(block 11554) failed
[  138.053948][ T7877] FAT-fs (loop1): Directory bread(block 11555) failed
[  138.058145][ T7877] FAT-fs (loop1): Directory bread(block 11556) failed
[  138.061667][ T7877] FAT-fs (loop1): Directory bread(block 11557) failed
[  138.067166][ T7877] FAT-fs (loop1): Directory bread(block 11558) failed
[  138.070850][ T7877] FAT-fs (loop1): Directory bread(block 11559) failed
[  138.075154][ T7877] FAT-fs (loop1): Directory bread(block 11560) failed
[  138.078774][ T7877] FAT-fs (loop1): Directory bread(block 11561) failed
[  138.083128][ T7877] FAT-fs (loop1): Directory bread(block 11562) failed
[  138.088050][ T7877] FAT-fs (loop1): Directory bread(block 11563) failed
[  138.291826][ T5959] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.352226][ T5917] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.461086][ T5917] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.528589][ T7888] netlink: 101 bytes leftover after parsing attributes in process `syz.1.820'.
[  138.536098][ T5917] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.627841][ T5917] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  138.819777][ T5917] bridge_slave_1: left allmulticast mode
[  138.821883][ T5917] bridge_slave_1: left promiscuous mode
[  138.840624][   T54] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  138.850428][ T5917] bridge0: port 2(bridge_slave_1) entered disabled state
[  138.854792][   T54] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  138.863611][   T54] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  138.869100][   T54] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  138.872036][   T54] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  138.889820][ T5917] bridge_slave_0: left allmulticast mode
[  138.891862][ T5917] bridge_slave_0: left promiscuous mode
[  138.898997][ T5917] bridge0: port 1(bridge_slave_0) entered disabled state
[  139.000171][ T7892] loop1: detected capacity change from 0 to 32768
[  139.031790][ T7892] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  139.056974][ T7892] XFS (loop1): Ending clean mount
[  139.060485][ T7892] XFS (loop1): Quotacheck needed: Please wait.
[  139.142331][ T7892] XFS (loop1): Quotacheck: Done.
[  139.172947][ T5950] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  139.398378][ T5917] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  139.406100][ T5917] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  139.414891][ T5917] bond0 (unregistering): Released all slaves
[  139.517442][ T7917] netlink: 20 bytes leftover after parsing attributes in process `syz.0.824'.
[  139.961165][ T5917] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  139.982366][ T5917] batman_adv: batadv0: Removing interface: batadv_slave_0
[  139.988161][ T5917] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  139.996063][ T5917] batman_adv: batadv0: Removing interface: batadv_slave_1
[  140.018904][ T5917] veth1_macvtap: left promiscuous mode
[  140.031411][ T5917] veth0_macvtap: left promiscuous mode
[  140.034937][ T5917] veth1_vlan: left promiscuous mode
[  140.036844][ T5917] veth0_vlan: left promiscuous mode
[  140.222884][ T7949] loop1: detected capacity change from 0 to 8
[  140.232456][ T7949] SQUASHFS error: Failed to read block 0x1ec: -5
[  140.235381][ T7949] SQUASHFS error: Unable to read metadata cache entry [1ea]
[  140.297618][ T7953] netlink: 8 bytes leftover after parsing attributes in process `syz.1.835'.
[  140.450268][ T5917] team0 (unregistering): Port device team_slave_1 removed
[  140.479236][ T5917] team0 (unregistering): Port device team_slave_0 removed
[  140.765413][ T7897] chnl_net:caif_netlink_parms(): no params data found
[  140.830053][ T7944] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  140.883485][ T5952] Bluetooth: hci2: command tx timeout
[  140.910366][ T7897] bridge0: port 1(bridge_slave_0) entered blocking state
[  140.916414][ T7897] bridge0: port 1(bridge_slave_0) entered disabled state
[  140.919870][ T7897] bridge_slave_0: entered allmulticast mode
[  140.923950][ T7897] bridge_slave_0: entered promiscuous mode
[  140.929441][ T7897] bridge0: port 2(bridge_slave_1) entered blocking state
[  140.933071][ T7897] bridge0: port 2(bridge_slave_1) entered disabled state
[  140.944349][ T7897] bridge_slave_1: entered allmulticast mode
[  140.954930][ T7897] bridge_slave_1: entered promiscuous mode
[  141.076363][ T7897] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  141.088999][ T7897] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  141.090509][ T7974] ==================================================================
[  141.095150][ T7974] BUG: KASAN: use-after-free in xfrm_alloc_spi+0x570/0xf30
[  141.097817][ T7974] Read of size 4 at addr ffff88803b0300c4 by task syz.0.841/7974
[  141.101518][ T7974] 
[  141.102361][ T7974] CPU: 0 UID: 0 PID: 7974 Comm: syz.0.841 Not tainted syzkaller #0 PREEMPT(full) 
[  141.102371][ T7974] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  141.102375][ T7974] Call Trace:
[  141.102379][ T7974]  <TASK>
[  141.102382][ T7974]  dump_stack_lvl+0x189/0x250
[  141.102393][ T7974]  ? __kasan_check_byte+0x12/0x40
[  141.102403][ T7974]  ? __pfx_dump_stack_lvl+0x10/0x10
[  141.102411][ T7974]  ? lock_release+0x4b/0x3e0
[  141.102424][ T7974]  ? __virt_addr_valid+0x4a5/0x5c0
[  141.102434][ T7974]  print_report+0xca/0x240
[  141.102442][ T7974]  ? xfrm_alloc_spi+0x570/0xf30
[  141.102450][ T7974]  kasan_report+0x118/0x150
[  141.102459][ T7974]  ? xfrm_alloc_spi+0x570/0xf30
[  141.102467][ T7974]  xfrm_alloc_spi+0x570/0xf30
[  141.102474][ T7974]  ? xfrm_alloc_spi+0x2a0/0xf30
[  141.102484][ T7974]  ? __pfx_xfrm_alloc_spi+0x10/0x10
[  141.102491][ T7974]  ? xfrm_find_acq+0x87/0xa0
[  141.102499][ T7974]  xfrm_alloc_userspi+0x70b/0xc90
[  141.102510][ T7974]  ? apparmor_capable+0x137/0x1b0
[  141.102518][ T7974]  ? __pfx_xfrm_alloc_userspi+0x10/0x10
[  141.102526][ T7974]  ? __nla_parse+0x40/0x60
[  141.102536][ T7974]  xfrm_user_rcv_msg+0x7a3/0xab0
[  141.102545][ T7974]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  141.102557][ T7974]  ? __pfx___mutex_trylock_common+0x10/0x10
[  141.102565][ T7974]  ? rcu_is_watching+0x15/0xb0
[  141.102572][ T7974]  ? trace_contention_end+0x39/0x120
[  141.102579][ T7974]  ? __mutex_lock+0x335/0x1350
[  141.102593][ T7974]  netlink_rcv_skb+0x208/0x470
[  141.102607][ T7974]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  141.102618][ T7974]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  141.102635][ T7974]  ? netlink_deliver_tap+0x2e/0x1b0
[  141.102644][ T7974]  ? netlink_deliver_tap+0x2e/0x1b0
[  141.102653][ T7974]  xfrm_netlink_rcv+0x79/0x90
[  141.102660][ T7974]  netlink_unicast+0x82f/0x9e0
[  141.102697][ T7974]  ? __pfx_netlink_unicast+0x10/0x10
[  141.102711][ T7974]  ? netlink_sendmsg+0x642/0xb30
[  141.102725][ T7974]  ? skb_put+0x11b/0x210
[  141.102735][ T7974]  netlink_sendmsg+0x805/0xb30
[  141.102746][ T7974]  ? __pfx_netlink_sendmsg+0x10/0x10
[  141.102756][ T7974]  ? aa_sock_msg_perm+0xf1/0x1d0
[  141.102762][ T7974]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  141.102769][ T7974]  ? __pfx_netlink_sendmsg+0x10/0x10
[  141.102782][ T7974]  __sock_sendmsg+0x21c/0x270
[  141.102796][ T7974]  ____sys_sendmsg+0x505/0x830
[  141.102808][ T7974]  ? __pfx_____sys_sendmsg+0x10/0x10
[  141.102821][ T7974]  ? import_iovec+0x74/0xa0
[  141.102832][ T7974]  ___sys_sendmsg+0x21f/0x2a0
[  141.102839][ T7974]  ? __pfx____sys_sendmsg+0x10/0x10
[  141.102850][ T7974]  ? __fget_files+0x2a/0x420
[  141.102860][ T7974]  ? __fget_files+0x3a0/0x420
[  141.102870][ T7974]  __x64_sys_sendmsg+0x19b/0x260
[  141.102877][ T7974]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  141.102885][ T7974]  ? rcu_is_watching+0x15/0xb0
[  141.102892][ T7974]  ? do_syscall_64+0xbe/0x3b0
[  141.102902][ T7974]  do_syscall_64+0xfa/0x3b0
[  141.102911][ T7974]  ? lockdep_hardirqs_on+0x9c/0x150
[  141.102919][ T7974]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.102926][ T7974]  ? exc_page_fault+0x9f/0xf0
[  141.102934][ T7974]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.102940][ T7974] RIP: 0033:0x7fcd4ef8ebe9
[  141.102947][ T7974] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  141.102954][ T7974] RSP: 002b:00007fcd4fecf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  141.102964][ T7974] RAX: ffffffffffffffda RBX: 00007fcd4f1c5fa0 RCX: 00007fcd4ef8ebe9
[  141.102968][ T7974] RDX: 0000000000000000 RSI: 0000200000000a80 RDI: 0000000000000003
[  141.102973][ T7974] RBP: 00007fcd4f011e19 R08: 0000000000000000 R09: 0000000000000000
[  141.102977][ T7974] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  141.102981][ T7974] R13: 00007fcd4f1c6038 R14: 00007fcd4f1c5fa0 R15: 00007fff1e102dd8
[  141.102988][ T7974]  </TASK>
[  141.102990][ T7974] 
[  141.259180][ T7974] The buggy address belongs to the physical page:
[  141.261946][ T7974] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88803b033180 pfn:0x3b030
[  141.266216][ T7974] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  141.269153][ T7974] raw: 00fff00000000000 ffffea0000e75708 ffffea00008da608 0000000000000000
[  141.272817][ T7974] raw: ffff88803b033180 0000000000000000 00000000ffffffff 0000000000000000
[  141.276337][ T7974] page dumped because: kasan: bad access detected
[  141.279068][ T7974] page_owner tracks the page as freed
[  141.281392][ T7974] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x92800(GFP_NOWAIT|__GFP_NORETRY|__GFP_NOMEMALLOC), pid 7949, tgid 7948 (syz.1.833), ts 140229414204, free_ts 140229435351
[  141.289153][ T7974]  post_alloc_hook+0x240/0x2a0
[  141.291173][ T7974]  get_page_from_freelist+0x21e4/0x22c0
[  141.293488][ T7974]  __alloc_frozen_pages_noprof+0x181/0x370
[  141.296015][ T7974]  alloc_pages_mpol+0x232/0x4a0
[  141.298075][ T7974]  alloc_pages_noprof+0xa9/0x190
[  141.300234][ T7974]  stack_depot_save_flags+0x777/0x860
[  141.302590][ T7974]  kasan_save_track+0x4f/0x80
[  141.304588][ T7974]  __kasan_slab_alloc+0x6c/0x80
[  141.306554][ T7974]  kmem_cache_alloc_noprof+0x1c1/0x3c0
[  141.308915][ T7974]  mempool_alloc_noprof+0x1a7/0x510
[  141.311150][ T7974]  bio_alloc_bioset+0x241/0x1110
[  141.313312][ T7974]  bio_alloc_clone+0x53/0x110
[  141.315326][ T7974]  squashfs_bio_read+0x92e/0x1150
[  141.317459][ T7974]  squashfs_read_data+0x1f7/0x8b0
[  141.319640][ T7974]  squashfs_read_table+0x341/0x3a0
[  141.321870][ T7974]  squashfs_read_xattr_id_table+0x61/0x370
[  141.324257][ T7974] page last free pid 7949 tgid 7948 stack trace:
[  141.326837][ T7974]  __free_frozen_pages+0xbc4/0xd30
[  141.329030][ T7974]  stack_depot_save_flags+0x436/0x860
[  141.331351][ T7974]  kasan_save_track+0x4f/0x80
[  141.333337][ T7974]  __kasan_slab_alloc+0x6c/0x80
[  141.335476][ T7974]  kmem_cache_alloc_noprof+0x1c1/0x3c0
[  141.337758][ T7974]  mempool_alloc_noprof+0x1a7/0x510
[  141.339836][ T7974]  bio_alloc_bioset+0x241/0x1110
[  141.341913][ T7974]  bio_alloc_clone+0x53/0x110
[  141.343954][ T7974]  squashfs_bio_read+0x92e/0x1150
[  141.346135][ T7974]  squashfs_read_data+0x1f7/0x8b0
[  141.348247][ T7974]  squashfs_read_table+0x341/0x3a0
[  141.350373][ T7974]  squashfs_read_xattr_id_table+0x61/0x370
[  141.352807][ T7974]  squashfs_fill_super+0x1169/0x2030
[  141.355166][ T7974]  get_tree_bdev_flags+0x40e/0x4d0
[  141.357399][ T7974]  vfs_get_tree+0x92/0x2b0
[  141.359357][ T7974]  do_new_mount+0x2a2/0x9e0
[  141.361351][ T7974] 
[  141.362419][ T7974] Memory state around the buggy address:
[  141.364709][ T7974]  ffff88803b02ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  141.367927][ T7974]  ffff88803b030000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  141.371306][ T7974] >ffff88803b030080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  141.374592][ T7974]                                            ^
[  141.377320][ T7974]  ffff88803b030100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  141.380615][ T7974]  ffff88803b030180: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff
[  141.384076][ T7974] ==================================================================
[  141.387757][ T7974] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  141.390750][ T7974] CPU: 0 UID: 0 PID: 7974 Comm: syz.0.841 Not tainted syzkaller #0 PREEMPT(full) 
[  141.394043][ T7974] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  141.397715][ T7974] Call Trace:
[  141.398840][ T7974]  <TASK>
[  141.399855][ T7974]  dump_stack_lvl+0x99/0x250
[  141.401634][ T7974]  ? __asan_memcpy+0x40/0x70
[  141.403261][ T7974]  ? __pfx_dump_stack_lvl+0x10/0x10
[  141.405177][ T7974]  ? __pfx__printk+0x10/0x10
[  141.407198][ T7974]  vpanic+0x281/0x750
[  141.408785][ T7974]  ? __pfx_vpanic+0x10/0x10
[  141.410442][ T7974]  ? irqentry_exit+0x74/0x90
[  141.412117][ T7974]  panic+0xb9/0xc0
[  141.413578][ T7974]  ? __pfx_panic+0x10/0x10
[  141.415399][ T7974]  ? _raw_spin_unlock_irqrestore+0xa8/0x110
[  141.417807][ T7974]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  141.419981][ T7974]  ? xfrm_alloc_spi+0x570/0xf30
[  141.421652][ T7974]  check_panic_on_warn+0x89/0xb0
[  141.423418][ T7974]  ? xfrm_alloc_spi+0x570/0xf30
[  141.425301][ T7974]  end_report+0x78/0x160
[  141.426778][ T7974]  kasan_report+0x129/0x150
[  141.428393][ T7974]  ? xfrm_alloc_spi+0x570/0xf30
[  141.430179][ T7974]  xfrm_alloc_spi+0x570/0xf30
[  141.431758][ T7974]  ? xfrm_alloc_spi+0x2a0/0xf30
[  141.433389][ T7974]  ? __pfx_xfrm_alloc_spi+0x10/0x10
[  141.435311][ T7974]  ? xfrm_find_acq+0x87/0xa0
[  141.436934][ T7974]  xfrm_alloc_userspi+0x70b/0xc90
[  141.438979][ T7974]  ? apparmor_capable+0x137/0x1b0
[  141.441054][ T7974]  ? __pfx_xfrm_alloc_userspi+0x10/0x10
[  141.443229][ T7974]  ? __nla_parse+0x40/0x60
[  141.444807][ T7974]  xfrm_user_rcv_msg+0x7a3/0xab0
[  141.446306][ T7974]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  141.448147][ T7974]  ? __pfx___mutex_trylock_common+0x10/0x10
[  141.450562][ T7974]  ? rcu_is_watching+0x15/0xb0
[  141.452532][ T7974]  ? trace_contention_end+0x39/0x120
[  141.454705][ T7974]  ? __mutex_lock+0x335/0x1350
[  141.456695][ T7974]  netlink_rcv_skb+0x208/0x470
[  141.458255][ T7974]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  141.460131][ T7974]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  141.461884][ T7974]  ? netlink_deliver_tap+0x2e/0x1b0
[  141.463595][ T7974]  ? netlink_deliver_tap+0x2e/0x1b0
[  141.465330][ T7974]  xfrm_netlink_rcv+0x79/0x90
[  141.466887][ T7974]  netlink_unicast+0x82f/0x9e0
[  141.468472][ T7974]  ? __pfx_netlink_unicast+0x10/0x10
[  141.470214][ T7974]  ? netlink_sendmsg+0x642/0xb30
[  141.471869][ T7974]  ? skb_put+0x11b/0x210
[  141.473298][ T7974]  netlink_sendmsg+0x805/0xb30
[  141.474861][ T7974]  ? __pfx_netlink_sendmsg+0x10/0x10
[  141.476601][ T7974]  ? aa_sock_msg_perm+0xf1/0x1d0
[  141.478257][ T7974]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  141.480007][ T7974]  ? __pfx_netlink_sendmsg+0x10/0x10
[  141.481740][ T7974]  __sock_sendmsg+0x21c/0x270
[  141.483595][ T7974]  ____sys_sendmsg+0x505/0x830
[  141.485447][ T7974]  ? __pfx_____sys_sendmsg+0x10/0x10
[  141.487263][ T7974]  ? import_iovec+0x74/0xa0
[  141.489125][ T7974]  ___sys_sendmsg+0x21f/0x2a0
[  141.491020][ T7974]  ? __pfx____sys_sendmsg+0x10/0x10
[  141.493041][ T7974]  ? __fget_files+0x2a/0x420
[  141.494728][ T7974]  ? __fget_files+0x3a0/0x420
[  141.496554][ T7974]  __x64_sys_sendmsg+0x19b/0x260
[  141.498493][ T7974]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  141.500588][ T7974]  ? rcu_is_watching+0x15/0xb0
[  141.502447][ T7974]  ? do_syscall_64+0xbe/0x3b0
[  141.504019][ T7974]  do_syscall_64+0xfa/0x3b0
[  141.505522][ T7974]  ? lockdep_hardirqs_on+0x9c/0x150
[  141.507278][ T7974]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.509395][ T7974]  ? exc_page_fault+0x9f/0xf0
[  141.511237][ T7974]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  141.513557][ T7974] RIP: 0033:0x7fcd4ef8ebe9
[  141.515227][ T7974] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  141.522629][ T7974] RSP: 002b:00007fcd4fecf038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  141.525975][ T7974] RAX: ffffffffffffffda RBX: 00007fcd4f1c5fa0 RCX: 00007fcd4ef8ebe9
[  141.529021][ T7974] RDX: 0000000000000000 RSI: 0000200000000a80 RDI: 0000000000000003
[  141.532270][ T7974] RBP: 00007fcd4f011e19 R08: 0000000000000000 R09: 0000000000000000
[  141.535244][ T7974] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  141.538489][ T7974] R13: 00007fcd4f1c6038 R14: 00007fcd4f1c5fa0 R15: 00007fff1e102dd8
[  141.541475][ T7974]  </TASK>
[  141.543449][ T7974] Kernel Offset: disabled
[  141.545113][ T7974] Rebooting in 86400 seconds..

VM DIAGNOSIS:
15:55:00  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000064 RBX=0000000000000064 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000014e7b RDI=0000000000014e7c RBP=00000000000003f8 RSP=ffffc90003a8e9f0
R8 =ffff888107a50237 R9 =1ffff11020f4a046 R10=dffffc0000000000 R11=ffffffff854f3380
R12=dffffc0000000000 R13=ffffffff99afa8eb R14=ffffffff99def420 R15=0000000000000000
RIP=ffffffff854f33fc RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007fcd4fecf6c0 ffffffff 00c00000
GS =0000 ffff8880b861b000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000000110c2ea085 CR3=00000001112ae000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=00007fcd4f197498 00007fcd4f197470 XMM03=00007fcd4f1974a8 00007fcd4f1974a0
XMM04=00007fcd4fcfd100 00007fcd4f197460 XMM05=00007fcd4f197478 00007fcd4f1974c0
XMM06=00007fcd4f1974b8 00007fcd4f1974b0 XMM07=00007fcd4f1974a8 00007fcd4f1974a0
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007fcd4f012fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000000 RBX=1ffff11009608341 RCX=ffff888107a25640 RDX=0000000000000000
RSI=0000000000000001 RDI=0000000000000000 RBP=ffffc90006997700 RSP=ffffc90006997580
R8 =ffffffff8fa38a37 R9 =1ffffffff1f47146 R10=dffffc0000000000 R11=fffffbfff1f47147
R12=ffff88804b041a08 R13=dffffc0000000000 R14=ffff88813663b1c0 R15=0000000000000000
RIP=ffffffff81b44ce8 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8881a3c1b000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fe482aa1440 CR3=000000000df36000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f XMM01=2f6463706368642f 6e75722f7261762f
XMM02=65746174732d6b6f 6f682f6463706368 XMM03=6874652e666e6f63 2e766c6f7365722f
XMM04=0000000000000000 00000000000000ff XMM05=6769652e66635f63 2e006b6e69652e2f
XMM06=0000000000000000 0000000000000000 XMM07=0000000000000000 0000000000000000
XMM08=0000000000000000 00ff000000000000 XMM09=6874652e666e6f63 2e766c6f7365722f
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
