last executing test programs:

15.670875657s ago: executing program 1 (id=1414):
membarrier(0x40, 0x0)
membarrier(0x20, 0x0)

15.601208038s ago: executing program 1 (id=1416):
r0 = syz_open_dev$ttys(0xc, 0x2, 0x1)
ioctl$TIOCMBIC(r0, 0x5417, 0x0)

15.550755346s ago: executing program 1 (id=1418):
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, &(0x7f00000000c0)={0x3, 0x100, {}, {0xffffffffffffffff}, 0x101, 0x7})
r0 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8b19, &(0x7f00000000c0)={'wlan0\x00'})

15.489792582s ago: executing program 1 (id=1419):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x8, 0x8}, 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r2}, 0x10)
request_key(0x0, 0x0, 0x0, 0x0)

15.489571513s ago: executing program 1 (id=1420):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b3c094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1008452, &(0x7f0000000000), 0x7, 0x4d2, &(0x7f0000000740)="$eJzs3EFsFFUYAOB/ti0tUKQiolTUIhobjS0UFA4mBqKJB02MeNBj0xaCFGpoTYQQWRKDR0Pi3Xj06sGrejOeTLzi0cSQEENiAE9jZne23W6n27LdstJ+X7LsezNv5s2bN2/2zXtMA9i0hrJ/koj+iLgRETsjotSYYKj6dff25Yl7ty9PRDlNT/6dZJvFnSyeS/Lv7XlkuBRR+iJZWFFn9uKls+PT01MX8vjo3LlPRmcvXnrlzLnx01Onp86PHTt25PCho6+NvXr/hSrILyvXncHPZ/btffuj6+9OdNeW9+Xf9eVol6EYKjqUihfanVmH7agLJ93NUr6x/gfDqmXXf1ZdPZX2vzO6omnlARtImqZp7/Kry2mjq0uWAA+tJDp9BEBn1H7os+ff2qeoI7BlfbofHXfrePUBKCv33fwT8WxlYW0cpKfh+badhiLiw/K/32SfWKdxCACAej8dr/UEG/p/AxF76tI9ks+hDETEoxGxKyIei4jdEfF4VNM+ERFPNuy/KyLSJvkPNcSX9n9KN9dWwuay/t/r+dzWQv8v6mfBBrry2I6IWod56mB+Toajp/fUmempQ03y+PnN379abl19/y/7ZPnX+oL5cdzsbhigmxyfG2+5wA1uXY0Y7G4sf9IdkczPBCQRsTciBhdteeKfZvsdqAufeem7ffORnsXpVi5/RVo4j9aGqYr024gXq/VfjkX1v5Bj0nx+crQvpqcOjmZXwcHCPH797dp7y+W/Yvl/+LNxk7eO/ngyb1lrl9X/trrrP2rztwvlH0gikvn52tkVdlhauujaH18u+0zT6vW/JfmgEq49l342Pjd34VDEluSdpcvHFratxbPvKFfLP3yguP3vyrfJzsRTEZFdxE9HxDNRfUIcivTK/oh4LiIONDklv5x4/uNVl78viq7/dZOVf7Lw/reo/hfm65cLJOVq6oJVXWf337g3WJz/6ur/SCU0nC8pvv8li24RTY50UWCt5w8AAAAeBqWI6K8bS+qPUmlkpDoGtDu2laZnZudePjXz6fnJ6jsCA9FTqo10VceDe5La+OdAXXysIX44Hzf+umtrJT4yMTM92dGSA9srbT4pjczfC6rtP/NXe4aYgf8zr/zA5rVS+99z/QEdCPDA+f2Hzauu/ZeXSVL2P2VgY1rN77+xQNiYitr/lRa2AR4uqbYMm9r9tH/3CthYuuP9+XDB+5vABuY3HTalVb0k33Ig7S1e1RdLE0df8x12RWuHsbUgr44Esp5VR3Lf2spWtb+msGyaKN3fDnujPXV6au2n5fSetl/8aT4/1u4a/L61dhqx5tyb3zfG+tfvngQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANBO/wUAAP//IGPbXQ==")

15.300704585s ago: executing program 1 (id=1421):
r0 = syz_open_dev$sndpcmc(&(0x7f0000000180), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_SYNC_PTR(r0, 0xc0884123, &(0x7f0000000340)={0x2, "d94871af71e7567265fcca5f6adb6efed6de23e6a800f42d42dd30afd0953e07dde092578b0e2c786067d9a2f89696b38204a19b81dd6815536670580872221e", {0x10001, 0x1}})

3.700115959s ago: executing program 2 (id=1541):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x800, 0x0)
readv(r0, &(0x7f00000000c0)=[{&(0x7f0000000040)=""/16, 0x10}], 0x1)

3.699785061s ago: executing program 2 (id=1542):
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
userfaultfd(0x80001)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='contention_begin\x00', r1, 0x0, 0xd}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8d}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000540)=0x4)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x100000, 0x1fffffffffe, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x9}, 0x0, &(0x7f00000002c0)={0x3fb, 0x8000, 0x400000000001, 0x9, 0x40000000000000, 0xf, 0x80000002, 0x2}, 0x0, 0x0)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r3, 0x8933, &(0x7f0000000100)={'wpan3\x00'})
close_range(r0, 0xffffffffffffffff, 0x0)

2.808557828s ago: executing program 2 (id=1550):
open(&(0x7f0000000140)='./file0\x00', 0x2a4c0, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_io_uring_setup(0x497, &(0x7f00000000c0)={0x0, 0x7079, 0x400, 0x3, 0x288}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0x0)

2.110226464s ago: executing program 0 (id=1558):
syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000000180)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000010, &(0x7f0000000000)=ANY=[], 0x1, 0x6eb, &(0x7f0000001240)="$eJzs3c1vHGcdB/DvrNeON1Sp0yY0QkGYRCpIEYkTK4VwwSCEcqhQVQ49W4nTWNkkVeKitELgAoITEof+AQXJNw4IiXtQuHApt159rITEJeIQ9bJoZmft3fX6LfFLAp9PNJ5n5nnmmd/+5pkZ7zqrCfB/6+q5NB+myNVzbz4ol1dXZturK7NH6up2krLcSJrdWYo7SfEomSvri74pffMNPl688vZnj1c/7y4166lqP7bVdiOMaLtcT5mu+5seueX4TnexXIeXl5Jcq+eDJnba10DDMmln6zkcus6gRjrLu9l8N+ct8Jzp3Z2K7n1zg6nkaJLJ+veA1FeHxsFFuKe+3ivs6ioHAAAAL6hP7x52BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDiqZ7/31pbbHRXJdMpes//n+itq8vPobkdt3y4r3EAAAAAAAAAwMH42pM8yYMcK8vjSTpF9Tf/M1XliXzRSb6U93M/C7mX83mQ+SxlKfdyMclUX0cTD+aXlu5dXNuyNHrLSyO3vHSQrxoAAAAAAAAA/uf8Mq3u3/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOB5USRj3Vk1najnmUqjmfW6LCf/TDJx2PHuQjFq5cODjwMAAACeyeRTbPPykzzJgxzrLXeK6j3/l6v3y5N5P3eylMUspZ2FXK/fQ5fv+hurK7Pt1ZXZ2+VULg/2+/1/7yqMibqHsWpp1J5PVS1auZHFas35XKuCuZ5Gd99nk1O9ePri6vNRGVPxvdoOI2vWaS139vvNPkXYE4MfRTS2aNlaDy5Zy8hMHVu55fFuBorqg5pkOBPDR2fDzpoDS1NVk/G1PV1MY+2TnxP7kPOj9bx8Pb/Z15zvRH8u1jLRSJWJS73RV54zW2ci+cZf//TOzfadWzdv3D93uC9pF8Y2WT88Jmb7MvHaC52J5i7bz1SZOLm2fDU/yk9yLtN5K/eymJ9mPktZSKeun6/Hc/lzautMzQ0svbVdJBP1cekes53ENJ0fVqX5nKm2PZbFFLmb61nIG9W/S7mYb+dyLudK3xE+uWnc1WurzvrG8FnfO9J/Gxn82W/WhfLq9tv1q9zcVq94s9G5V7rX/jKvx/vy2h31j9daHe87D2b6svRKLzvjIzt/mmtj8yt1odzHr7a5TxysqToT5QnUu0v0onu1m4lmdS/aOM7/0Cm3S/tOp3Nz/r1N+l8eWn69npfDauWr27XuGX0o9lY5Xl7JZH0lGRwdZd2ra1eZvrrO+lju1g3eccvtTlZ1RdE7U3+cu9UA2HimTtS/w23s6VJV99pQ3en6Gl7WneqrG/h9K3fTzvUDyB8AT+Mf76wVp3J0ovWv1qetT1q/bt1svTn5gyPfOXJ6IuN/H/9uc2bs9cbp4i/5JD9ff/8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8vfsffHhrvt1euDe60Ni8aqDQyvCa7XoeKhT1A31GtblVP6VgVx0ecmEyycCa6jlHBx5GaziMDYXOL5IDz0/vIYKj2/yuLDR3dLjnBtb8eWOHH20fz1iGxuEOzot9LDSyLz13Xt5kJIxl9AA4rCsScFAuLN1+78L9Dz781uLt+XcX3l24M3758pWZK5ffmL1wY7G9MNP9edhRAvth/aZ/2JEAAAAAAAAAAAAAOzXqqwJnXtruSyMbCo0kw9/x8D8LAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD1x9VyaD1Pk4sz5mXJ5dWW2XU698nrLZpJGIyl+lhSPkrl0p0z1dVfkj4/SGbGfjxevvP3Z49XP1/tqdtsnjXq+ua1rkyzXU6aTjNXzZzDQ37Vn7q/4T+81lAn7otPpzD1bfLA3/hsAAP//ShfsxA==")
openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x28541, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r0, &(0x7f0000000100)=ANY=[], 0x32600)
write$FUSE_NOTIFY_INVAL_ENTRY(r0, &(0x7f0000000000)={0x29, 0x3, 0x0, {0x2, 0x8, 0x0, 'hfsplus\x00'}}, 0x29)

2.039281152s ago: executing program 0 (id=1559):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="9f01000083667d1040206402d14e0102030109021b000100000000090400000190f19c000905f3ed"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000600)={0x44, &(0x7f0000000340)={0x40, 0xf, 0x1, 'V'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000780)={0x18, &(0x7f0000000580)=ANY=[], 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, &(0x7f0000000fc0)={0x84, &(0x7f0000000b40)={0x20, 0x15}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

1.880171186s ago: executing program 2 (id=1560):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
syz_mount_image$bcachefs(&(0x7f0000000140), &(0x7f0000000100)='./file0\x00', 0x2800000, &(0x7f0000000000)=ANY=[], 0xfd, 0x5a7a, &(0x7f0000006680)="$eJzs3WuQXNV9IPBzu3s0Lz1GAgcZzGiQ0Ybg2BrxKj9SsZJN7BQQSi5SDmJlw4BGRLYkVHoEECSILHhRAS6cIpXg5ANxYXYxiosq2BiFMuGxEmtjq9h4qS1MrZ3F/uAtwqIKoKVcXs/W9NzT032779yenh4hid+vYG7fM6f/99xzT9++/9NX0wEAAID3hEN37Dx62em/+90/G3/71t/7h623hcFytbwvVhhKlze+Wy3kWOqtLK8us+PiV2/+xk9Hrv3t7zw68PV3Dm48a9MPf+eUa5/8wsUH7v/rZ95a9PgvXy2KG8fTudPryetJCH3fPvIXXzr4wmmTZcniyZ+lvSEsTZY9szQJ4fb6EKM/DyFsTFeWZ+I/9vb5myaXt93V21C+JFPPeH9vmzzOSQhhz9EbPhR+9Fvrb//+im/+Xc/+1/ZOV0n66sZTCIuvrn9+TwihP/1/UhxtcTwm6XJdCGGg7nkfLWjXB9to96TVmfK4fka6XJAuBwvixd+vzKyXMvWy61FPZjlQsL25ymtHp/WKLMysJ12KG+W1M5YvTZffSpfnzjJ+Od2HchJKSajUmr8lmR4joe64JSGpHsu+2nqpdmxDuv+Z9SSzXsqsl3sy+1XdbjrQyknSWB7rZcrj6biSlp9Vf65u4fK6x/X13h/L0hfqO9k6maCDTQ9q+1UV23VkhrYcC6W6c1Cr8tqBTw/GYFo2mCxres5EC/F3B9ffvaq84dlDQzntSB5N0vhJR/H3fG/pws8/sm939n29Fv/qUhq/1FH8H19y+I0r933tq7nx743xyx3FP++pgdcvee6Olbn9cyT2T6Wj+GOvPn/PilOv2Z/b/gdi/L6O4q89cLh30dGnns5t/2jsn/6O4r/yiU/95OGXnngtN36I8Qc6ir/hwPYv9w4fPSc3/tOxfwY7Gz9v7r/o5eHhn43kxX8xxl/UUfyH9vZ+/MEld12ce3zXxf4Z6ij+pWc/efvCo0+cmXfuTB7o1jsnwHvTKek11p3peqd55lzV5Qt/NVKZuuZbmP6/qJsbylx8ZvMEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOiG933ov376f3126PVKut6bPnilNLWM5QtCSPpDCDt3je3YtXnbdSNfuH73jm1jW0bGdo2Mb9u146aRC359ZMf49i1jN03+dvTD5089b1lIppbJmU3b7p2YmCgNNZbF7f3bs/f/aNVH//e/hDD6vh8MV3Lbv/r+rQ+e2uJnRrJ24pNbd1/2gwv/Nt2vobRdQy3aNTExMRFy2vV/rvjFg39+5KfnhDD6KzO16/lXfvMfGxpULZiOkyr1hqkG9SYDLdtRa3XanthflU2bt4yPzty/k88v5+zHv7v5tZ9vuvErv5jq377c/Wizf/vXTmwp/eX6S//fX94yVVDUrnfruE/2dzkn5mS74l7E9sX+60v7e3G6X4tz9quSs193fP/pl759+r639obRypsrmo910X71pAOgJ3l/W9uNWxhIljaU96X14xGPz1u9a+v21Ttv2vPhzVvHrhu/bnzbx9ZcsOai0QsvunB1dc9Xd3n/4/b/TZv7f2zG05I/3vut+LO98dTYrgWz7o/JdhX3R32L8l5/A5d/6b6P3f/cZVMFReeVWLt2PkmXA5PHeU2oG2/NfdVqv4qOTwhhpFU/vPHWxeG0/7H59qLzUP2Rqf+ZkaydeGHlv/7tR/9m+W9MFRyT83x9gzo8z9daPd2ean/1pcdj4jjt3970bNqbDLZs15oXnuu5+9C//EmtfQsWhBvHdu3asWbq58K0pQuTM1q2K1sa92tF9Wc5pN0SasO0xXid1BOm2pc9f8bq2V4dTH83mCxruV9Z8XcH19+9qrzh2UN5PZ08OrXF/rBoapl8IKfmlswTy7UGt9r+8fr6Kxofw5/+m8c/+/jfX9A0Ps6b+lm0X0nOfn3zpYfu+/pX/sPfd2+/Pv2bh4f+9X/+0aqpgmNwXglzOq+UpxpSa3XanqT+vHJeCEWvvxWh9X7kvv5Krfen6PWX3c50/dbxRjLrg6Hc0ev1vKcGXr/kuTtW5r5ej8z0eq3f2VsanlcueL0eL+9L2ddXUmlsx/y9vhoGSrJ24jt3nrL3mVvXnT5VUPR+Wavdalyf30b+kbNf/3jly8PXj/z7/96988Y3fv2xq344tvZPpwo6P+6xLd057n1p//bl9G+t1THvrO/fj1x7/ZaNU+VF/fzuXf+my4L8J55Kdt6054tjW7aM79jZ3n61+34at5Pt5U7fT+PZbVnBfpWa9mv+HrTTX+2+3mL7N3bcX42vt8GQdPS+sOd7Sxd+/pF9u4eanpVu6OpSGr/UUfwfX3L4jSv3fe2rufHvjfErHcUfe/X5e1aces3+3PgPJGn8vuL4i0NT/LUHDvcuOvrU07nxR2P7+ztq/yuf+NRPHn7piddy44cYf7Cz/n9z/0UvDw//LDf+i0m6nclrpBAee/v8TVPrSehJX2+xHT0N7QrZ9SSzXsqsl+vXS3EWId1AOUkay2O9tPysura08oc55fEqrG/51PKduB6yD2YuP96U6s79rcqLrlMBAE528fP/eA0aP/8fTy+U8mcaYNpc87DlOXFjHjY9n9P4GevyNH58fpwHHP5IGJ1c3jYydaE/288R4ushO88Zt3POBxtjtJyfOFC/ker2m+Y5i+bfV2bWY7um5ssrdXloqjmvqYQ25t+btzPz/Htm94s/zxq5s6lZI3XzVtnj15POmLW63yHT3spkhLzxkZ0Xi/dzDC8O66rba3N8ZO+jicchex9N3M7pmRNnp/fR5I2PoeZ+aGhXHB+x3gzjo9rk4s8jm49fmKF/p49f62jZ4zeL4903WX++P5/twrxhy1PasZs3nN/Pw46LeckW8Y/xvOTCpvjpC+x4nzeM5bGfKm3OJ342p7xb84nxdBHbdWSGthwL5hOBk1XM/+N7xGT+P3kB/n8z9YrylOxVY4yXe59Qzk3YRXlH8316Ax29j284sP3LvcNHz8m9znm63fv0tjesDRTc91PUj6sy64X9mDNBU5TvZbdT1O/Z+zIGw6KO+v2hvfd//MEld12c2+/rpt5Ii/v9voa1RQX9fgLkC63jyxdOpnyhOX6X7mMomj/Lz0fKtXbMSz6S3vg0X/nIH+SUzzYfGWh6UNuvquM3H5l+I23IR3qObbsAgBNHzP9rn5+l+f8/xwuL9DqiKG89N7Me4+XmrTnXJ3l56++nyxsz9QfTf1Ex2+vmS89+8vaFR584MzdveaDdPPQ/NawNFeahc8ubc/OIdd25Xzw3j6jlWXPLE3PbX8sT55an53xMW5enzy2Pzu2fWh7dOA9w3+HpTGOm+HEeIDd+bR6gi3nuL6crHbs8t2C+LrOxuNrufN2xzqMnS3oWN+5nY1480J08Ov3ns/OVR1+eUz7bPHqw6UFtv6qO3zy6sVweDQCcrGL+Hy/jqvl/bwjPxQr98cHcPmfPzQu6dN2e/XsgtfgvzkteOR2/S5//Fud98523zndeP9/zEif657/zPS80VP0DnvM1T/au3e86L3nxP9cetZ0XpxuVFwMAcDyL+X9M8+Pn/89l6s01P2nK33qmLiGn85MTLz+vr3cC5+dXhGOVn/eeyPn5iT7/Nb/3yZxc+f+0Dj8Xf2fiJM7/q22W/wMAnJBi/h//2WP8+3//JV3P/t36NvP0B7K38/oc3efoQZ7eRp7e5Xm2GL/+PoATeB6gPPd5gP5jfn98/3T9k2keoKonmAwAADgB9FQzpeZ/Z/+5dJn9d/Z5/y7/ypz67aqkl8fX7NoxPn7V7u0bx3aNX7Xt+o3jO6+6YcfmXbvGa9fOc8sbc/OWNG/sCZW0P1rXy+ZtS9K/h7Ak5+8hZOvHsGdUHzT/PYTsZvsL/o7A9PFrr715x680Q/1W4yPveOfF/8Oc+lHt+F/7R+ddtWnnVZu3bd61eWzL5j3jjfWGqv+Suv3vzYyfU87q+1IzP5qUZv/9nfHwzK0dpaZ29KT9kff97EmmHUvTlizN+/6DnHZ/97/9+R+fPfGLh0MYfV/5A3Pqv2TtxH++Yvz3dx36wfbJ9pdmbH+tZtquou8rzdaP+1PZcv3OXR/adP3ubdlvlOxMnM8o1dbn6b6G9OVfbnN+YkNO+Wz//X656cHxqe35CQAAGsTP/+P1bPz88CvpBVQsL8zTt03Vm+vnx7l5+mh7eXr2e8mK8vRs/bi/7ebpfXPM07PbL8rTW9Vvlafn5d158f8gp/5stT9OOrjPo5L2wyP7dueOk6vbGyfZ7zMoGifZ+rMdJ8kcx0l2+0XjpFX9VuMk77jnxf9MTv08ReOhUhsPc7svJ3c83NveePi1zHrReMjWn+14KM1xPGS3XzQeWtVvNR7yjm9z/MYJgu7M/04OjOq4GL/qhut3fLGu3nx//0VoviWjnfYtmH7u/H7/R6fa79/5ve9r7u0PYW21JK/98fOBBbNqf7v3lc29/UX9P4v7yhaHpvvKctv/4txmwtpv/6zuS7wt/q7d73fJyKve/PxjNV+bDrui+8+K5nHX55TPdh53QdOD45N5XHj3xPw/Xs3F/P+udNntj4FO/O9J6+D++3gO9j1m+f3f5nXMe+79PPuRu/dzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgJNCb2V5dXnojp1HLzv9d7/7Z+Nv3/p7/7D1tl+9+Rs/Hbn2t7/z6MDX3zm48axNP/ydU6598gsXH7j/r595a9Hjv3y1MPBQ9Wfl3HS1L4Tk9SSEvm8f+YsvHXzhtMmyJIRQTob2hrA0WfbM0iQTYfTnIYSNtXY2/vKxt8/fNLm87a7ehvIlmSDZ/QqD5die+naGcGPhHnEC6kvH2Z6jN3wo/Oi31t/+/RXf/Lue/a/tna6S9NWNpxAWX13//J4QQn/6/6Q42pbHJ6fLdSGEgbrnfbSgXR9ss/2rc9bPSJcL0uVgQZz4+5WZ9VKmXnY96sks6/a1v2DTHclrR6f1iizMrGdPRnOV185YvjRdfitdnjvL+OX4fxJKSajUmr8lmR4joe64JSGpHsu+2nqpdmxDuv+Z9SSzXsqsl3sy+1XdbjrQyknSWB7rZcrj6biSlp9Vf65u4fKc8veny770hfpOXA/ZB1MGmx7U9qsqtuvIDG1J/cfWxZXiZ7ahVHcOalVeO/DpwRhMywaTZU3PmWgh/u7g+rtXlTc8e2gopx3Jo0kaP+ko/p7vLV34+Uf27V6eF//qUhq/1FH8H19y+I0r933tq7nx743xyx3FP++pgdcvee6Olbn9cyT2T6Wj+GOvPn/PilOv2Z/b/gdi/L6O4q89cLh30dGnns5t/2jsn/6O4r/yiU/95OGXnngtN36I8Qc6ir/hwPYv9w4fPSc3/tOxfwY7Gz9v7r/o5eHhn43kxX8xxl/UUfyH9t7/8QeX3HVx7vFdF/tnqKP4l5795O0Ljz5xZt65M3mgW++cAO9Np6TXWHem653mmXNVly/81Uhl6ppvYfr/om5uKGNyO4vnMT4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACenf7rlgs9d8cnPrK8kISQ5dSZaiL8rL1i7dqSD7Y69+vw9K069Zn992fIO4gAAAADFYh5eqpX0heXhhqQ/nNGyfpwjOCOuJY3l2TmEGCc7R9BpnFKLOKUO4pS71J5Kl+L0dCnOgi7F6e1SnL6COH2hvTj9M8SpTI6ANtszMGN72o8z2KU4C7sUZ1EmRKdxFnepPUu6FGdoxjjtj8OlXYqzrEtxTulSnFO7FOd9XYrzK12Kc1qX4mTnlGc7DhelNU/Pi1N9UC6MU0nKtV+0mk8/Ld3OmXPczmDBdhYVvR+3uZ3+NrfzwczzSrPcTl+b27lgjttJ2tzOr81xO6WC7cRxe2O2fXE7ca3N8X9Tl+Ls6VKcm7sU55YuxfmTLsX50y7FuTU0XpzONg5Au2L+P53vDYXeym+EgfSMk50FiPnuiurP5ve7vBNSjPeBTPmConjZRD0Tb8Vs25edQMjEW5kp72mIV6nlIzPE66uPtyrzy5n29xNrW7etPt65mfLeGeI17AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHAP/dMsFn7vik59ZH5Iw+V9LEy3E35UXrF070sF2D66/e1V5w7OH6st6Kx0EAgAAAArFPLynVtIXeitrQm+yoKFeXzoP0Jeul4emlsOLw7rJZTJSqq4PJEtnfF4lfd7qXVu3r955054Pb946dt34dePbPrbmgjUXjV540YWrN23eMj469TOE3oJ4IYTq9MPOm/Z8cWzLlvEdO6cKs+1fnj5vebqepM8b/kgYnVzelrZ/WcH2Sk3bm78HxUcPAAAAAAAAAAAAAAAAAAAAAAD+P7v2GyJpXQcA/PvMzM6Mq5cb/hsP7xzOU6ys9FpDS9wHggT/HC5CzFqbHHmStHqH3onZpAepKUWgHBwXvujCJE1645+UyD8cGGYJ7XWESvmiXhRahoovQpnY3Xnm38442yS35/X5vJjnme/v+/t9f7+H4+D7zAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABxa8/XJ2drU9Mx4EpEMyGn0kY3li2laHaHuV57c/oPS+nfO7IyVCiMsBAAAAAyV9eFjrUg5SoV85OPkxW8bomMg2n0/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw/2e+Pjlbm5qeOTqJSAbkNPrIxvLFNK2OUPfVtx7+7Evr1/+tM1YZYR0AAABguKwPz7Ui5ajEaTGWnLzQ+bei2buBtT3zl/LasnXWrTCv993BoLzTVph3xgrzPjYkb3PzenMAAADAh1/W/xdakYkoFdYs64ez/n9YX5/lndqTl29eq51J76u4kiQAAABgBbL+v9SKVKJUqLT69ZX2+xvaocWfzrP5w363z+af3pOXzR/2e/5lzavf6QEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgw2O+Pjlbm5qeyScRyYCcRh/ZWL6YptUR6m56avwfl+y/Y0NnrFQYYSEAAABgqKwPb7fe5SgVxmMsjl7s+9dfdN+jX3r08cmIWGrzi8W4ecuOHTdsWviMTVneOS/sH/v+c69/e1neOUufq3ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgAzNfn5ytTU3PHJVEJANyGn1kY/limlZHqPvK57/4lwcPPvFaZ6wywjoAAADAcFkf3u79y1GJYhTjxMVvnb3+glzP/EHvDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAjx43fvOUbW+bmtt7gZnVuGvmIw2Ab/+NN9s/pcNnPh/+mvNrbWN3/lwAAgA/eqZFE47900uWrvWsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBwMF+fnK1NTc+Uk4hkQE4jU2oHsrF8MU2rI9RNn3yxtOadp57pjFVGWAcAAAAYLuvD271/OSoxFmNxwuK3fu8EGgv9/8Qh3CQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwWJmvT87WpqZn1iQRyYCcRh/ZWL6YptUR6j6wa+/n7j/2exd3xkqFERYCAAAAhsr68GIrUo5S4eNRilOa3+e6JyT55rX/e4H2vO1d08ZXPK/eNS//fvOSQkRr3l09Jys0T7M0r5ytN7F0bdWrtuflmvOqHfMq0Spfbc1bfFi7u6qtGXK+5U8eAAAADp2s/y+1IhNRKpQ6+v+fNq9HNa+D+tzcod04AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDYma9PztampmeSJCIZkNPoIxvLF9O0OkLdW3770WO++rO7d3bGKiOsAwAAAAyX9eHt3r8clVgXH4l1i31/THTnZ3n/rL17/73/+uuZEWefeGB9oXfZH2U3v37lwqd7PyJy3dm5iGOb9ZIB9X7z+3tv2th498GIs0/In7KsXrx/ve4l08Zjta2X7XjuwPYhDwcAAACOEFn/P9aKTESpcP3A/j/rvIf0/y2LDfixN+36xfHNz2ZH3jMjN9GslxtQ7wsbH/7z6ef9/fWF/n95vU+27j6997r7j+8quBTpkaSNqet2bj5w7r5cduql+vme+tlz+fK3Xvv3NTff8+5S/XKUm/G1PVtZqrb8s6d8pI253J6ZS9/bU++uXxhw/jt+98zBX629++2F+m+dOt6qf0b0q7908sLA+nFU2hi/4s7d5+/dv7m7fkRU+9V/4+2L46Q/Xnt77/nH42DXwp1PvvOz9wGkjRc2vLnvvPsqF3TXT3rqZ8//5wcf2P2Te777eFY/+1uRM0+LFdbP9dR//q7jdj172+Vru+vnBpz/6StfWr+t+p0/9J7/6q5VCwN3sfz8D531yFUvb0lv7R0CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4sszXJ2drU9MzuSQiGZDT6CMbyxfTtDpC3VcvefGNK+/+8Q87Y5UR1gEAAACGy/rwdu9fjkoUoxjji33/Y7Wtl+147sD2mFgaTZrXwty2G3d84pptO6+/epV2DgAAAKzUq5cki/1/oRWZiFJhY4w1+/+p63ZuPnDuvlzW/+cWrklEXHPt3Nazo5X3/F3H7Xr2tsvXtt4TRCz+WUB5Ie8z7byLLnxx4s0/ff30vnmb2nkvbHhz33n3VS7I8qIz75xovZ946KxHrnp5S3pra3+deZ/62ra55uuJbN3xK+7cff7e/Ztz2XuM5nW8uW6WN5fbM3Ppe3vquYkoLYznm3nl5rkBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOXm65OztanpmchHJANyGp2agWwsX0zT6gh1L934y9uPeeeJdZ2xUmGEhQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgP+wAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhf36CY2j7OMA/jy7yZtNNmmT9gWjYppWRamHFgURvaioSCtS8FQpUm3tQRQEEaUeTKUVS1W8CFYvRVRQoxQq2FgsrZKK/4oXDyooVA9CKQY0S/Ggks0zm81kpxs3KiifDyxPnmdmvvObmWefzQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwL9KT9dwvT2x56Ha7Rfc/MkT904/fut7D+y67LE3fhjdduPHB/tePTu5ffWOr29aue3IfRsm9r90/JeBd3471Tb40dlmbepWQohnYgiV96eef3Ly0/NmxmIIoRwHx0IYiiuOD8VcwvpfQwjbG3XO33ho+qodM+2ufT3zxpfnQvLXFarlrJ5Zg/Pr5b+lkubZztojV4Rvb9i8+/NVb7/VPX56bG6XOLNPOc2nEJZtbT6+O4TQmz4zstk2nB2c2k0hhL6m465pU9fFi6x/XQi1XL/uwtT+L7XVNjnZ9jW5fim3X76f6c61fW3Ot1RFdbTdr7ez8/Xn+vnFaKkada5rPT6U2ndTu/ZP5pezTwylGLoa5d8f5+ZIaHpuMcT6s6w0+qXGsw3p+nP9mOuXcv1yd+666udNE60c4/zxbL/ceLYcd6Xx1c1rdQt3FIyfn9pK+qKezfoh/8es6oI/GtdVl9U1dY5a/gmlpjWo1XjjwaeHUU1j1bhiwTG/t5Btm9z89KXlLR+cGCyoIx6MKT92lL/zs6H+u97c+/BwUf7WUsovdZT/3caTP9259+UXC/Ofy/LLHeVfebTvzMYP96wpvD9TcyvIYvJj6mfb7j710TOr/n/PeKtnXc88kN3/Skf1Xz9xsmegdvRYYf3rs/vT21H+N9fd8v3rXx4+XZgfsvy+jvK3TDz4bM9I7fLC/GOzX4VqfYZ2MH9+Hr/6q5GRH0eL8r/I7v9Ai/zYNv+1sf3XvrJ834bC+bkpuz+DKX/hD9u58m+75Mju/trhi4rWznhgsb+wALSyMv2P9VTqt3vPPDRdavmeuVRN7wsvjHbN/gL1p8/AX3minJnzLPsb8wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD/YgQMSAAAAAEH/X7cjUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgqAAD//0wFDK4=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_SETFLAGS(r0, 0x81009431, 0x0)

1.497332357s ago: executing program 0 (id=1561):
syz_read_part_table(0x617, &(0x7f0000000000)="$eJzs1D+IXEUcB/Dve/v3DHEPSSEq8UBbrzCNFksuaJQgkkPFws5GsBUsLGQvJGAhaGOrIqQQC2OhqQJayF1ARM4qWIkEGytFFCEw8t7uuz2CIJiYkOPzKXZ+M7/5vZm3O7PhDndmo5Sk2utPjn6a9Esps2SrvxgcpsyD5bzxWnL4k+eefP6ZzROlXuaG83QvydG9mq3rVy2TR3c/+uaJ37by7UPf7/T2yi/V7eTjXeVK0zTV4/TeP//j4P/4BrhzXZhuT87WZZTB9NVh0p6Px6v5cSuNWVW1g+N9Rce+zD8cyf+k1x3cqsqVp9+8+vDuY81yzX0Y7Oz+tbwuTfRzup1Ud+fy223xXnKWy4veYJlo3dvdqn73Gl9cTDK6KS/ADWnP37nXhnWykeTKh0d+qqr23zB16sw+y5+llP78J75WxsmDa02qd7s3DgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHDgXptuT4b7+sVceOXn/u/VG6irpLwZXmo+32rCX5EyVVE3nvWdvyvpZ7XqDZLA+TE7/+sHh9e92Bt3OVpsFD7Xh1nxk/GLbDG94A9xWh6bbk7PnBnnnjekfg/nQ+JdF7p4fvp7Vi/j34Xh25PUyWUzpyj/f96jq+DLsglGSUq5b06EBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIPt5FOn1jZP1C8kddUfJ6lXz2+vNJmv2nwpyX31S6VezD89upjkWk5Vebnse87maN5eqjPKA8l6v+kNc7VpRh/ftZw5SnWrXo5/9XcAAAD//78RZjU=")

1.494185012s ago: executing program 2 (id=1562):
syz_open_dev$mouse(&(0x7f0000000180), 0x0, 0x2)
io_setup(0x8, &(0x7f0000004200)=<r0=>0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
io_submit(r0, 0x1, &(0x7f0000004540)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}])
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x7, 0x4, 0x6, 0xfffa}, 0x3d, [0x6, 0xc95a, 0xfffffff3, 0x8, 0x80, 0x2, 0x1, 0x7f, 0x6, 0x4d, 0xfffffff2, 0x5f, 0x0, 0x0, 0xffff2d37, 0x1dd2, 0x6, 0x7, 0x0, 0x80000001, 0x7, 0x7, 0x3, 0x3c5b, 0x1, 0x24, 0xffffffff, 0xfffffffe, 0x1f461e2c, 0x3, 0xe661, 0x4, 0x1000007, 0x3, 0x8001, 0x4c74, 0x8f00, 0x642, 0x3, 0xa, 0x0, 0x71, 0x7, 0x7, 0x103, 0x0, 0x5, 0x3d, 0x8f, 0x6, 0x1, 0x4, 0x5, 0x4, 0x5, 0x0, 0x80, 0x0, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0x10002, 0x12b, 0x8000, 0x10, 0xfffffff3, 0x129432e6, 0x3, 0xf9, 0xd, 0x2bf, 0x3, 0x1ff, 0xfffffffe, 0x3, 0x0, 0x7, 0x10000005, 0x2f, 0xe, 0x313, 0x78, 0xea4, 0xa, 0x4, 0x4, 0x7, 0x5, 0x400, 0x1, 0x7, 0x400000, 0xff, 0x1005, 0x7ff, 0x5f31, 0x4, 0x9, 0x6, 0x1000004, 0x9, 0x4, 0x9, 0x8, 0x9, 0x7, 0x5, 0x0, 0x3, 0x8000, 0xffff, 0x2, 0x7f, 0x9, 0x8, 0x3, 0x4, 0x1, 0x7, 0x7fff, 0x9, 0x48c93690, 0x2, 0xff], [0x10000007, 0x1, 0x0, 0x64e, 0xfffffdfe, 0x7fffffff, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x86, 0x3, 0x10000009, 0x3e7, 0xb, 0x5, 0x2, 0x40002, 0xf, 0x8, 0x84, 0x6d01, 0x5, 0x3b, 0x3, 0x200, 0x80, 0x3, 0x4, 0x2, 0x0, 0xa2, 0x6, 0x53cf697b, 0x5, 0x4, 0x54fe12da, 0xbf, 0x5, 0x3, 0x400000, 0xfffffff9, 0x0, 0x1, 0x5, 0x0, 0x6, 0xfffffffb, 0x120000, 0x3, 0x101, 0x9, 0x4, 0x3], [0x9, 0xbb31, 0x3, 0xfffffffc, 0x5, 0x938, 0x6, 0xd36b, 0x51bf, 0x5, 0xce7, 0x1ff, 0x6, 0x7, 0x5, 0x3, 0x104, 0x80000000, 0x6, 0x7fff, 0x8ffff, 0xa620, 0x2, 0x1, 0x1, 0xfffff801, 0x8000014c, 0x60a7, 0x6, 0x2, 0xffffffff, 0x80000003, 0x5, 0x8, 0xff, 0x3, 0x3, 0xffff, 0x3, 0x8, 0x100, 0x9602, 0xa, 0x2, 0x4, 0x6, 0x1, 0x10000, 0x5, 0x8, 0x2b91, 0xa1f, 0x8, 0x9, 0x1, 0x6c0b, 0x0, 0x2, 0x1005, 0xb1c, 0x1, 0x1ff, 0xfff, 0xfff]}, 0x45c)
r2 = syz_open_dev$evdev(&(0x7f0000000000), 0x3, 0x822b01)
write$char_usb(r2, &(0x7f0000000040)="e2", 0x918)

1.420120074s ago: executing program 0 (id=1563):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/cpuinfo\x00', 0x0, 0x0)
r1 = epoll_create1(0x0)
epoll_wait(r1, &(0x7f000000affb)=[{}], 0x1, 0x2007ffc)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f00000000c0)={0xc000000d})

549.986698ms ago: executing program 0 (id=1564):
syz_open_dev$usbfs(&(0x7f0000000040), 0x20000007d, 0x0)
r0 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xa34e, 0x8, 0x4, 0xbfdffffc}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r0, 0x47f6, 0x2000000, 0x2, 0x0, 0x0)

459.951795ms ago: executing program 0 (id=1565):
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, &(0x7f0000000280)=0x1, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4)
sendmsg$netlink(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000100)=ANY=[@ANYBLOB="1c0000005a000d03"], 0x1c}], 0x1}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r4}, 0x10)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)=ANY=[@ANYBLOB="0200000004000000080000000100000080", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0], 0x48)
openat$misdntimer(0xffffffffffffff9c, &(0x7f00000002c0), 0x8001, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0xc, 0x1c, &(0x7f0000000d80)=ANY=[@ANYBLOB="18080000e9ff0000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b70300002bb91a008500000008000000bc0900000000000045080100002000009500000000000000b7020000000000007b9af8ff00000000b5090000000000007baaf0ff00000000bf2700000000000007080000fffdffffbfa400000000000007040000f0ffffffc40200000800000018220000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7050000080000004608efff76000000bf9800000000000056090000000000008500000000020800b70000000000000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

41.627587ms ago: executing program 32 (id=1421):
r0 = syz_open_dev$sndpcmc(&(0x7f0000000180), 0x0, 0x0)
ioctl$SNDRV_PCM_IOCTL_SYNC_PTR(r0, 0xc0884123, &(0x7f0000000340)={0x2, "d94871af71e7567265fcca5f6adb6efed6de23e6a800f42d42dd30afd0953e07dde092578b0e2c786067d9a2f89696b38204a19b81dd6815536670580872221e", {0x10001, 0x1}})

0s ago: executing program 2 (id=1567):
syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f0000000a80)='./file0\x00', 0x0, &(0x7f0000000000)=ANY=[], 0x5, 0xeb1, &(0x7f0000000f80)="$eJzs3U9sHFcZAPA3639J7MbrNlC3pUloCWkDOMHJodxSKQKpqqpeuKdK4yTCDREph1aJ4nIKEoeiqJciDkXNDSkckGiFhCIkJP70wJlTBRcQClKkXIgUG9l5b71+ybDrsT0b7/5+0rdv37zZ+b7xRs7MePZtAAZWY+Xx2LHpIoQPPr124jtXFn+zvGxfa439K49F7DVDCCNt/SLb3udxwb3bl04tt4tZW4TZlcc0Hl671XrteAhhIewPN0Mz7DvUvHN16NW56x9+dvDyhVfObtHuAwDAQLnx5/m/vfjPP3196u6NvcfDWGt5Oj5vxv54PO4/Eo/v03F/I6ztF23RbjRbbyhGI1tvKFtvOMszXJJvJNvOSMl6ox3yDbUte9h+AgAAwHaUzmuboWjMrOk3GjMz98/7l30+OVrMnD83P3exR4UCAAAAld25snLTrRBCCCGEEEIIIfo4liZ7fQUCAAAAGDRp3oHW/GC5hXxmgY1pba3ZXf5bLzce/nrYBHX/+5d/e+X/+D2/cQAAqK5fjybTfqXj6DSPQT6P4FD2uvUe/zey7Qyvs86yeQW3y3yDZXXmP9dHVVn9630fe6Ws/nw+zEdVWf35PJ2PqrL6x2quo6qy+nfUXEdVZfXvrLmOqsrq31VzHVWV1T9ecx1VldU/UXMdVZXV/1jNdVRVVv/umuuoqqz+7XJbbVn9zZrrqKqs/qma66iqrP7Ha66jqrL6n6i5jqrK6t9Tcx298mxs089hbzbefv6cn9Ntl3M8AAAAGHT/Nf+fEEIIIYQQQgjR93Gl1xcgAAAAgJ5LnwtIn3pfitL4UIfx4Q7jIx3GRzuMj3UYBwAAAEL47dW5p94vVj/nv9H58NK8UWn+pfXOY5TPR7je/Bud92yj+bfLvGUAAAAMluLbNxcPnfjo7am7N/Yebzv7XYznu2ke0OF4beCT2E/3BUxk/SKdQx9fm6dRsl5+feCxsu29vsEdBQAAgAGWzt+boWjMtJ13N0OjMTOzej4+HUaKuXPzp4/Efvp+lj9OjowtL/9mzXUDAAAA3Vs933/4+X/6Ht/pMFrMnD83P3fxfn+itXyk0X5dYHJ1edF+XaCZLZ8tWX409tP3d56d3LmyfObU9+ff3OydBwAAgAFx8Z13v/fG/PzpH3jiiSeetJ70+jcTAACw2a7/49pffnh04nf3P/+/Ov9d+vz//thvxrn9/hpXSPcJpM8BPPB5/ZNr80yWrXdh7XrNbL2hGGNZ3TvathPa5htMr5sqy9dcu53RknzjWb6JLF8+T8Fwtn7Ktztbns9PmNabzJbn8zAOZzmKLP9zAQAAAModfvutC4cvvvPuN8699caZ02dOnz96ZPZbsy/Nzh6bPbxyX//h9rv7AQAAgO1o9abfXlcCAAAAAAAAAAAAAAAAAAAAg6uOrxPr9T4CAADAoPvPlRDCghBCCCGEEEIIIfo5lpbyb5oHAAAA2Fr3bl861d4+YKHY1HytrTXvN4sxb2r/cODnB5YjrXbr5bXXS3ZtajUMurr//cu/vfJ//N7m5t+RnnT9+6+xdgPHq+X96k//9UJ7/qeHu8yf7//r1fIfzPIfDN3lX/ooy3+yWv4Xsvy7usz/wP5fqJb/xZh/OtXzfLf5177/Y7FN+7Gzy/yHsv1/M3SbP9v/ZpcJM1+L+QFgEDV6XcAWSUcJ6Th6PPbT/sbDzZDf/bDe4/9Gtp3hDVe+drvpOOjJ2E/HSxNZ3mS99Y9n23usYp257XJXSVn9m/U+brWy+kdqrqOqsvpHa66jqrL6x2quo6qy+nfUXEdVZfV3ex7aa2X1b5frymX1j9dcR1Vl9U/UXEdVZfWv9//xXimrf3fNdVRVVv9kzXVUVVZ/xctqtSurf6rmOqoqq//xmuuoqqz+J2quo6qy+vfUXEevPBPbsvPhdP45GcdSv5n1xx7ys+zXawsAAACw3fzb/H9CCCGEEEIIIUTfx9JSr69A0Etb+2lmAB5Vfv8PNu//YPP+DzbvP/9Puoe/yPrJUIfx4Q7jIx3GR7Px/N/rWIfxJ7LtLkVpfE+H8S90GN/dYfzJDuPTHcaf6jD+dIfxZzqMAwAAMBi+GFvnhwAAANC/Lv/yk5/8+uDJ21N3b+w9HkYfmHf+SOyPxb+tX439fN77ZCT+zf9Hsf+L2P4+tn/P1nf/CQAAAGy99D0x/v4PAAAA/St9T6nzfwAAAOhfU7F1/g8AAAD96/HYOv8HAACAPlbsePji2KbrAs/Fttt5/QCAR9+XYvtsbPfGdl9svxzbdBzwfGy/UlN9AMDm+dl3f/zS+8XqfP9Hs/F7cXlqH7Bw/0pB0Vg7k//O2O6K7YEu68m/D6Db/MnuLvNsVf7JDeYHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPpHY+Xx2LHpIoQPPr12YvLyiTPLy/a11ti/8ljEXjOEMNJ6XRpd7f8qrnjv9qVTy+1ibJdiW4TZUISiNR5eu9XKNB5CWAj7w83QDPsONe9cHXp17vqHnx28fOGVs1v4IwAAAIC+978AAAD//8YJKhE=")
truncate(&(0x7f0000000000)='./file1\x00', 0x100000001)

kernel console output (not intermixed with test programs):

1: Using ep0 maxpacket: 8
[   76.879524][ T5914] usb 3-1: config index 0 descriptor too short (expected 19222, got 18)
[   76.884791][ T5914] usb 3-1: config 28 has too many interfaces: 241, using maximum allowed: 32
[   76.887834][ T5914] usb 3-1: config 28 has 1 interface, different from the descriptor's value: 241
[   76.894406][ T5914] usb 3-1: New USB device found, idVendor=04b4, idProduct=1002, bcdDevice=62.0d
[   76.897611][ T5914] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   76.900354][ T5914] usb 3-1: Product: syz
[   76.901904][ T5914] usb 3-1: Manufacturer: syz
[   76.904176][ T5914] usb 3-1: SerialNumber: syz
[   77.009310][ T5914] hid-generic 0005:10CF:0004.0001: item fetching failed at offset 0/1
[   77.016988][ T5914] hid-generic 0005:10CF:0004.0001: probe with driver hid-generic failed with error -22
[   77.067775][ T6254] PKCS7: Unknown OID: [4] 0.38.35.0.951690.11253
[   77.070320][ T6254] PKCS7: Only support pkcs7_signedData type
[   77.116987][ T5914] usb 3-1: USB disconnect, device number 3
[   77.578603][ T6269] loop0: detected capacity change from 0 to 32768
[   77.598684][ T6269] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   77.646698][ T6269] XFS (loop0): Ending clean mount
[   77.664401][ T6269] XFS (loop0): Quotacheck needed: Please wait.
[   77.722379][ T6269] XFS (loop0): Quotacheck: Done.
[   77.754968][   T33] audit: type=1800 audit(1755150233.522:10): pid=6269 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.113" name="bus" dev="loop0" ino=9291 res=0 errno=0
[   77.800034][ T5843] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   78.054480][ T6289] loop0: detected capacity change from 0 to 2048
[   78.120816][ T6295] iommufd_mock iommufd_mock0: Adding to iommu group 0
[   78.185371][ T6289] hpfs: filesystem error: improperly stopped; already mounted read-only
[   78.188942][ T6289] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[   78.191912][ T6289] hpfs: filesystem error: sector(s) 'dir_band_bitmap' badly placed at 00000000
[   78.939680][ T1093] Bluetooth: hci3: Frame reassembly failed (-84)
[   79.055119][ T6307] loop2: detected capacity change from 0 to 4096
[   79.273965][ T6315] netlink: 40 bytes leftover after parsing attributes in process `syz.2.129'.
[   79.277665][ T6315] netlink: 56 bytes leftover after parsing attributes in process `syz.2.129'.
[   79.410923][ T6321] loop2: detected capacity change from 0 to 8192
[   79.463001][ T5893] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   79.612326][ T5893] usb 2-1: Using ep0 maxpacket: 32
[   79.619960][ T5893] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x85 has invalid wMaxPacketSize 0
[   79.627536][ T5893] usb 2-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[   79.631294][ T5893] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   79.637558][ T5893] usb 2-1: Product: syz
[   79.641457][ T5893] usb 2-1: Manufacturer: syz
[   79.646112][ T5893] usb 2-1: SerialNumber: syz
[   79.658313][ T5893] usb 2-1: config 0 descriptor??
[   79.671084][ T5893] input: syz syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input4
[   79.695362][ T5893] usbtouchscreen 2-1:0.0: usbtouch_probe - usb_submit_urb failed with result: -8
[   79.719645][ T5893] usbtouchscreen 2-1:0.0: probe with driver usbtouchscreen failed with error -8
[   79.870525][ T5892] usb 2-1: USB disconnect, device number 2
[   79.988252][ T6334] loop2: detected capacity change from 0 to 4096
[   79.995916][ T6334] ntfs3(loop2): ino=0, mi_enum_attr
[   80.001805][ T6334] ntfs3(loop2): ino=0, mi_enum_attr
[   80.006661][ T6334] ntfs3(loop2): Failed to load $MFT (-22).
[   80.209401][ T6345] loop2: detected capacity change from 0 to 512
[   80.214224][ T6345] EXT4-fs (loop2): Using encoding defined by superblock: utf8-12.1.0 with flags 0x0
[   80.217710][ T6345] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[   80.221180][ T6345] EXT4-fs (loop2): Couldn't mount because of unsupported optional features (fffc1829)
[   80.226724][ T6345] EXT4-fs (loop2): couldn't mount as ext3 due to feature incompatibilities
[   80.922298][ T5233] Bluetooth: hci3: command 0x1003 tx timeout
[   80.925892][ T5845] Bluetooth: hci3: Opcode 0x1003 failed: -110
[   81.046128][ T6353] loop1: detected capacity change from 0 to 32768
[   81.067997][ T6353] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   81.097661][ T6353] XFS (loop1): Ending clean mount
[   81.247615][ T6356] loop0: detected capacity change from 0 to 32768
[   81.263051][ T6356] journal_load_superblock: Cannot read journal superblock
[   81.265502][ T6356] (syz.0.144,6356,1):ocfs2_journal_init:973 ERROR: Linux journal layer error
[   81.278367][ T6356] (syz.0.144,6356,1):ocfs2_check_volume:2347 ERROR: Could not initialize journal!
[   81.284337][ T6356] (syz.0.144,6356,1):ocfs2_check_volume:2432 ERROR: status = -5
[   81.287548][ T6356] (syz.0.144,6356,1):ocfs2_mount_volume:1764 ERROR: status = -5
[   81.301062][ T6356] (syz.0.144,6356,0):ocfs2_fill_super:1177 ERROR: status = -5
[   81.318984][ T1272] cfg80211: failed to load regulatory.db
[   81.389219][ T5849] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   81.432086][ T5914] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[   81.482488][ T6372] loop0: detected capacity change from 0 to 512
[   81.491415][ T6372] EXT4-fs (loop0): invalid inodes per group: 100663328
[   81.491415][ T6372] 
[   81.678119][ T5914] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   81.681776][ T5914] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   81.685415][ T5914] usb 3-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[   81.688346][ T5914] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   81.699162][ T5914] usb 3-1: config 0 descriptor??
[   81.711002][ T6385] loop1: detected capacity change from 0 to 256
[   81.903511][ T6385] exFAT-fs (loop1): failed to load upcase table (idx : 0x0001e4a3, chksum : 0x009ea0b8, utbl_chksum : 0x7319d30d)
[   82.117289][ T5914] cp2112 0003:10C4:EA90.0002: unknown main item tag 0x0
[   82.129328][ T5914] cp2112 0003:10C4:EA90.0002: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.2-1/input0
[   82.172577][ T6390] loop1: detected capacity change from 0 to 32768
[   82.198343][ T6390] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   82.225528][ T6390] XFS (loop1): Ending clean mount
[   82.236244][ T6390] XFS (loop1): Quotacheck needed: Please wait.
[   82.260684][ T6390] XFS (loop1): Quotacheck: Done.
[   82.315319][ T5849] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   82.316026][ T5914] cp2112 0003:10C4:EA90.0002: Part Number: 0x82 Device Version: 0xFE
[   82.531473][ T6400] ieee802154 phy0 wpan0: encryption failed: -22
[   82.739411][ T6406] loop0: detected capacity change from 0 to 1024
[   82.792883][ T6406] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   82.810670][ T6406] EXT4-fs error (device loop0): ext4_generic_delete_entry:2668: inode #2: block 16: comm syz.0.159: bad entry in directory: inode out of bounds - offset=12, inode=129, rec_len=12, size=1024 fake=1
[   82.824680][ T6406] EXT4-fs error (device loop0) in ext4_delete_entry:2739: Corrupt filesystem
[   82.828796][ T6406] EXT4-fs warning (device loop0): ext4_rename_delete:3735: inode #2: comm syz.0.159: Deleting old file: nlink 4, error=-117
[   82.843931][ T6402] loop1: detected capacity change from 0 to 32768
[   82.875813][ T6402] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   82.899066][ T5843] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   82.918025][ T5914] cp2112 0003:10C4:EA90.0002: error reading lock byte: -71
[   82.953494][ T5914] usb 3-1: USB disconnect, device number 4
[   82.966157][ T6402] XFS (loop1): Ending clean mount
[   83.059092][ T5849] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[   83.582174][    T9] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   84.064404][    T9] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   84.070256][    T9] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[   84.074556][    T9] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[   84.079128][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[   84.084029][    T9] usb 1-1: SerialNumber: syz
[   84.087650][ T6444] netlink: 'syz.2.171': attribute type 2 has an invalid length.
[   84.321614][    T9] usb 1-1: 0:2 : does not exist
[   84.409830][    T9] usb 1-1: USB disconnect, device number 3
[   84.564408][ T6455] Zero length message leads to an empty skb
[   85.027704][ T6462] macvlan0: entered promiscuous mode
[   85.034596][ T6462] bond0: entered promiscuous mode
[   85.036612][ T6462] bond_slave_0: entered promiscuous mode
[   85.038900][ T6462] bond_slave_1: entered promiscuous mode
[   85.048054][ T6462] hsr1: entered allmulticast mode
[   85.050460][ T6462] macvlan0: entered allmulticast mode
[   85.053359][ T6462] veth1_vlan: entered allmulticast mode
[   85.056191][ T6462] bond0: entered allmulticast mode
[   85.058376][ T6462] bond_slave_0: entered allmulticast mode
[   85.067454][ T6462] bond_slave_1: entered allmulticast mode
[   85.918789][ T6485] loop2: detected capacity change from 0 to 128
[   85.935016][ T6485] qnx6: wrong signature (magic) at position (0x2000) - will try alternative position (0x0000).
[   85.940021][ T6485] qnx6: wrong signature (magic) in superblock #1.
[   85.948160][ T6485] qnx6: unable to read the first superblock
[   86.006435][ T6486] loop1: detected capacity change from 0 to 4096
[   86.060505][ T6486] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   86.724159][ T5849] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   86.881237][ T6515] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   86.987955][ T6521] loop1: detected capacity change from 0 to 256
[   87.027608][ T6521] FAT-fs (loop1): Directory bread(block 64) failed
[   87.030803][ T6521] FAT-fs (loop1): Directory bread(block 65) failed
[   87.034302][ T6521] FAT-fs (loop1): Directory bread(block 66) failed
[   87.037190][ T6521] FAT-fs (loop1): Directory bread(block 67) failed
[   87.040067][ T6521] FAT-fs (loop1): Directory bread(block 68) failed
[   87.043875][ T6521] FAT-fs (loop1): Directory bread(block 69) failed
[   87.046739][ T6521] FAT-fs (loop1): Directory bread(block 70) failed
[   87.049608][ T6521] FAT-fs (loop1): Directory bread(block 71) failed
[   87.053224][ T6521] FAT-fs (loop1): Directory bread(block 72) failed
[   87.159004][ T6521] FAT-fs (loop1): Directory bread(block 73) failed
[   87.337060][ T6528] netlink: 28 bytes leftover after parsing attributes in process `syz.0.206'.
[   87.672099][   T24] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[   87.680000][ T6532] loop1: detected capacity change from 0 to 512
[   87.689303][ T6532] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   87.704695][ T6532] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   87.718664][ T6532] EXT4-fs (loop1): 1 truncate cleaned up
[   87.723320][ T6532] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   87.758315][ T5849] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   87.822161][   T24] usb 3-1: Using ep0 maxpacket: 16
[   87.826210][   T24] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   87.830452][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[   87.905017][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[   87.908955][   T24] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[   87.923363][   T24] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[   87.931819][ T6539] loop1: detected capacity change from 0 to 256
[   87.935365][   T24] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[   87.938272][   T24] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[   87.940790][   T24] usb 3-1: Manufacturer: syz
[   87.957172][   T24] usb 3-1: config 0 descriptor??
[   88.202613][   T24] rc_core: IR keymap rc-hauppauge not found
[   88.204710][   T24] Registered IR keymap rc-empty
[   88.207166][   T24] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[   88.223416][   T24] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[   88.244810][   T24] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0
[   88.251132][   T24] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input5
[   88.260540][   T24] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[   88.283519][   T24] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[   88.302255][   T24] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[   88.322117][   T24] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[   88.333599][    T9] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[   88.342266][   T24] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[   88.362145][   T24] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[   88.382137][   T24] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[   88.402302][   T24] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[   88.422116][   T24] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[   88.442121][   T24] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[   88.465653][   T24] mceusb 3-1:0.0: Registered 424242424242 with mce emulator interface version 1
[   88.469197][   T24] mceusb 3-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[   88.487172][    T9] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[   88.493089][    T9] usb 2-1: config 0 has no interface number 0
[   88.497960][    T9] usb 2-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[   88.501633][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   88.506310][    T9] usb 2-1: Product: syz
[   88.507973][    T9] usb 2-1: Manufacturer: syz
[   88.509772][    T9] usb 2-1: SerialNumber: syz
[   88.520262][    T9] usb 2-1: config 0 descriptor??
[   88.617560][   T24] usb 3-1: USB disconnect, device number 5
[   88.739626][    T9] usb 2-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state
[   88.750059][    T9] usb 2-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[   88.756996][    T9] dvbdev: DVB: registering new adapter (E3C EC168 reference design)
[   88.760658][    T9] usb 2-1: media controller created
[   88.783576][    T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[   88.947901][    T9] i2c i2c-2: ec100: i2c rd failed=-71 reg=33
[   88.981283][    T9] usb 2-1: USB disconnect, device number 3
[   89.695716][ T6580] netlink: 36 bytes leftover after parsing attributes in process `syz.1.229'.
[   90.123888][ T6594] netlink: 4 bytes leftover after parsing attributes in process `syz.1.233'.
[   90.154861][ T6596] unsupported nla_type 52263
[   90.463340][ T6600] loop1: detected capacity change from 0 to 32768
[   90.489857][ T6600] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   90.513419][ T6600] XFS (loop1): Ending clean mount
[   90.524343][ T6600] XFS (loop1): Quotacheck needed: Please wait.
[   90.550268][ T6600] XFS (loop1): Quotacheck: Done.
[   90.606195][ T5849] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[   91.022113][    T9] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[   91.164399][ T6651] loop2: detected capacity change from 0 to 32768
[   91.172323][    T9] usb 2-1: Using ep0 maxpacket: 8
[   91.176234][ T6651] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.257 (6651)
[   91.177329][    T9] usb 2-1: config 162 has an invalid interface number: 97 but max is 0
[   91.187922][    T9] usb 2-1: config 162 has no interface number 0
[   91.190481][    T9] usb 2-1: config 162 interface 97 has no altsetting 0
[   91.199207][    T9] usb 2-1: New USB device found, idVendor=0c2e, idProduct=0700, bcdDevice=e1.3b
[   91.201012][ T6651] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   91.206730][ T6651] BTRFS info (device loop2): using crc32c (crc32c-lib) checksum algorithm
[   91.209060][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   91.209382][ T6651] BTRFS info (device loop2): using free-space-tree
[   91.217858][    T9] usb 2-1: Product: syz
[   91.220204][    T9] usb 2-1: Manufacturer: syz
[   91.227472][    T9] usb 2-1: SerialNumber: syz
[   91.399060][ T5847] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   91.458272][    T9] metro_usb 2-1:162.97: interrupt-out endpoint missing
[   91.480597][    T9] usb 2-1: USB disconnect, device number 4
[   91.847912][ T6681] netlink: 292 bytes leftover after parsing attributes in process `syz.2.264'.
[   92.025175][ T6693] loop2: detected capacity change from 0 to 1024
[   92.053720][ T6693] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   92.062828][   T33] audit: type=1800 audit(1755150247.832:11): pid=6693 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.270" name="file2" dev="loop2" ino=16 res=0 errno=0
[   92.078587][ T6698] loop1: detected capacity change from 0 to 256
[   92.080422][ T6693] EXT4-fs (loop2): shut down requested (0)
[   92.087519][ T6698] exfat: Deprecated parameter 'namecase'
[   92.089956][ T6698] exfat: Deprecated parameter 'namecase'
[   92.100356][ T6698] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xbc51571d, utbl_chksum : 0xe619d30d)
[   92.236741][ T5847] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   92.519766][ T6712] loop2: detected capacity change from 0 to 4096
[   92.533433][ T6712] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512).
[   92.552806][ T6712] ntfs3(loop2): ino=19, mi_enum_attr
[   92.562302][ T6712] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[   92.620585][ T6702] loop1: detected capacity change from 0 to 40427
[   92.670391][ T6702] F2FS-fs (loop1): invalid crc value
[   92.737741][ T6702] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[   92.743359][ T6702] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   92.817419][ T5849] bio_check_eod: 167 callbacks suppressed
[   92.817464][ T5849] syz-executor: attempt to access beyond end of device
[   92.817464][ T5849] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   92.829089][ T5849] CPU: 0 UID: 0 PID: 5849 Comm: syz-executor Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[   92.829123][ T5849] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   92.829133][ T5849] Call Trace:
[   92.829141][ T5849]  <TASK>
[   92.829149][ T5849]  dump_stack_lvl+0x189/0x250
[   92.829178][ T5849]  ? __pfx_dump_stack_lvl+0x10/0x10
[   92.829195][ T5849]  ? __pfx_queue_work_on+0x10/0x10
[   92.829209][ T5849]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   92.829227][ T5849]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   92.829255][ T5849]  f2fs_handle_critical_error+0x37c/0x540
[   92.829282][ T5849]  f2fs_write_end_io+0x886/0xb60
[   92.829313][ T5849]  __submit_merged_bio+0x27a/0x6a0
[   92.829339][ T5849]  __submit_merged_write_cond+0x255/0x530
[   92.829362][ T5849]  f2fs_write_data_pages+0x261d/0x3000
[   92.829412][ T5849]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   92.829495][ T5849]  ? __lock_acquire+0xab9/0xd20
[   92.829522][ T5849]  ? do_raw_spin_lock+0x121/0x290
[   92.829549][ T5849]  ? do_raw_spin_unlock+0x4d/0x240
[   92.829565][ T5849]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   92.829586][ T5849]  do_writepages+0x32e/0x550
[   92.829617][ T5849]  ? do_raw_spin_unlock+0x4d/0x240
[   92.829638][ T5849]  filemap_fdatawrite+0x199/0x240
[   92.829660][ T5849]  ? __pfx_filemap_fdatawrite+0x10/0x10
[   92.829718][ T5849]  ? do_raw_spin_unlock+0x4d/0x240
[   92.829737][ T5849]  f2fs_sync_dirty_inodes+0x31f/0x830
[   92.829763][ T5849]  f2fs_write_checkpoint+0x95a/0x1df0
[   92.829799][ T5849]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[   92.829849][ T5849]  ? f2fs_stop_gc_thread+0x7f/0xb0
[   92.829862][ T5849]  ? kfree+0x18e/0x440
[   92.829879][ T5849]  ? kill_f2fs_super+0x298/0x6c0
[   92.829897][ T5849]  kill_f2fs_super+0x2c3/0x6c0
[   92.829917][ T5849]  ? __pfx_kill_f2fs_super+0x10/0x10
[   92.829928][ T5849]  ? radix_tree_delete_item+0x2b6/0x400
[   92.829949][ T5849]  ? shrinker_free+0x2ce/0x3e0
[   92.829965][ T5849]  deactivate_locked_super+0xbc/0x130
[   92.829982][ T5849]  cleanup_mnt+0x425/0x4c0
[   92.829996][ T5849]  ? lockdep_hardirqs_on+0x9c/0x150
[   92.830045][ T5849]  task_work_run+0x1d4/0x260
[   92.830063][ T5849]  ? __pfx_task_work_run+0x10/0x10
[   92.830076][ T5849]  ? __x64_sys_umount+0x122/0x160
[   92.830105][ T5849]  ? exit_to_user_mode_loop+0x40/0x110
[   92.830127][ T5849]  exit_to_user_mode_loop+0xec/0x110
[   92.830145][ T5849]  do_syscall_64+0x2bd/0x3b0
[   92.830163][ T5849]  ? lockdep_hardirqs_on+0x9c/0x150
[   92.830179][ T5849]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.830193][ T5849]  ? exc_page_fault+0x9f/0xf0
[   92.830212][ T5849]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   92.830224][ T5849] RIP: 0033:0x7f8c7518ff17
[   92.830239][ T5849] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[   92.830250][ T5849] RSP: 002b:00007ffdbcc0f648 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   92.830266][ T5849] RAX: 0000000000000000 RBX: 00007f8c75211c05 RCX: 00007f8c7518ff17
[   92.830275][ T5849] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdbcc0f700
[   92.830283][ T5849] RBP: 00007ffdbcc0f700 R08: 0000000000000000 R09: 0000000000000000
[   92.830290][ T5849] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffdbcc10790
[   92.830298][ T5849] R13: 00007f8c75211c05 R14: 0000000000016a02 R15: 00007ffdbcc107d0
[   92.830322][ T5849]  </TASK>
[   92.830329][ T5849] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[   92.885712][ T6722] netlink: 8 bytes leftover after parsing attributes in process `syz.2.281'.
[   93.317946][ T6744] loop1: detected capacity change from 0 to 2048
[   93.353427][ T6449]  loop1: p3 < > p4 < >
[   93.354833][ T6449] loop1: partition table partially beyond EOD, truncated
[   93.358141][ T6449] loop1: p3 start 4284289 is beyond EOD, truncated
[   93.381325][ T6744]  loop1: p3 < > p4 < >
[   93.385289][ T6744] loop1: partition table partially beyond EOD, truncated
[   93.389059][ T6744] loop1: p3 start 4284289 is beyond EOD, truncated
[   93.741124][ T6449] udevd[6449]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[   93.777686][ T6449] udevd[6449]: inotify_add_watch(7, /dev/loop1p4, 10) failed: No such file or directory
[   93.922425][ T1272] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[   94.073466][ T1272] usb 3-1: Using ep0 maxpacket: 8
[   94.080881][ T1272] usb 3-1: New USB device found, idVendor=0471, idProduct=0311, bcdDevice=81.d5
[   94.084237][ T1272] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   94.087300][ T1272] usb 3-1: Product: syz
[   94.089171][ T1272] usb 3-1: Manufacturer: syz
[   94.091398][ T1272] usb 3-1: SerialNumber: syz
[   94.098652][ T1272] usb 3-1: config 0 descriptor??
[   94.119962][ T1272] pwc: Philips PCVC740K (ToUCam Pro)/PCVC840 (ToUCam II) USB webcam detected.
[   94.318755][ T1272] pwc: Failed to set LED on/off time (-71)
[   94.324714][ T1272] pwc: send_video_command error -71
[   94.328860][ T1272] pwc: Failed to set video mode VGA@30 fps; return code = -71
[   94.347647][ T1272] Philips webcam 3-1:0.0: probe with driver Philips webcam failed with error -71
[   94.360562][ T1272] usb 3-1: USB disconnect, device number 6
[   94.416267][   T33] audit: type=1326 audit(1755150250.182:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6784 comm="syz.0.308" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feba658ebe9 code=0x7ffc0000
[   94.445977][   T33] audit: type=1326 audit(1755150250.182:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6784 comm="syz.0.308" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feba658ebe9 code=0x7ffc0000
[   94.454715][   T33] audit: type=1326 audit(1755150250.182:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6784 comm="syz.0.308" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feba658ebe9 code=0x7ffc0000
[   94.463350][   T33] audit: type=1326 audit(1755150250.182:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6784 comm="syz.0.308" exe="/syz-executor" sig=0 arch=c000003e syscall=43 compat=0 ip=0x7feba658ebe9 code=0x7ffc0000
[   94.465699][ T6787] 9pnet_fd: Insufficient options for proto=fd
[   94.471636][   T33] audit: type=1326 audit(1755150250.182:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6784 comm="syz.0.308" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feba658ebe9 code=0x7ffc0000
[   94.482323][   T33] audit: type=1326 audit(1755150250.182:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6784 comm="syz.0.308" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feba658ebe9 code=0x7ffc0000
[   94.490655][   T33] audit: type=1326 audit(1755150250.182:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6784 comm="syz.0.308" exe="/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7feba658ebe9 code=0x7ffc0000
[   94.503048][   T33] audit: type=1326 audit(1755150250.182:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6784 comm="syz.0.308" exe="/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7feba658ebe9 code=0x7ffc0000
[   94.555354][ T6793] comedi comedi0: Minor 3 could not be opened
[   94.615798][ T6797] sp0: Synchronizing with TNC
[   94.991752][ T6827] libceph: resolve '4' (ret=-3): failed
[   95.059514][ T6831] netlink: 20 bytes leftover after parsing attributes in process `syz.0.331'.
[   95.072107][    T9] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[   95.223939][    T9] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[   95.227564][    T9] usb 2-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[   95.231896][    T9] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[   95.239649][    T9] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[   95.245307][    T9] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[   95.251409][    T9] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[   95.255076][    T9] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[   95.258090][    T9] usb 2-1: Product: syz
[   95.259496][    T9] usb 2-1: Manufacturer: syz
[   95.270397][    T9] cdc_wdm 2-1:1.0: skipping garbage
[   95.273021][    T9] cdc_wdm 2-1:1.0: skipping garbage
[   95.283671][    T9] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[   95.286010][    T9] cdc_wdm 2-1:1.0: Unknown control protocol
[   95.552902][ T6840] netlink: 16 bytes leftover after parsing attributes in process `syz.0.335'.
[   95.883673][ T1272] usb 2-1: USB disconnect, device number 5
[   96.437322][ T6848] loop1: detected capacity change from 0 to 1024
[   96.447676][ T6848] EXT4-fs: inline encryption not supported
[   96.478558][ T6848] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   97.510372][ T5849] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   97.752341][ T6866] loop1: detected capacity change from 0 to 512
[   97.768068][ T6866] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   97.781531][ T6866] EXT4-fs (loop1): 1 truncate cleaned up
[   97.804759][ T6868] overlayfs: failed to resolve './cgroup': -2
[   97.806608][ T6866] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   97.886809][ T5849] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.179786][ T6873] loop1: detected capacity change from 0 to 40427
[   98.188208][ T6873] F2FS-fs (loop1): invalid crc value
[   98.264636][ T6873] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[   98.270943][ T6873] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[   98.403145][ T5849] syz-executor: attempt to access beyond end of device
[   98.403145][ T5849] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   98.410289][ T5849] CPU: 0 UID: 0 PID: 5849 Comm: syz-executor Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[   98.410319][ T5849] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[   98.410325][ T5849] Call Trace:
[   98.410330][ T5849]  <TASK>
[   98.410335][ T5849]  dump_stack_lvl+0x189/0x250
[   98.410354][ T5849]  ? __pfx_dump_stack_lvl+0x10/0x10
[   98.410364][ T5849]  ? __pfx_queue_work_on+0x10/0x10
[   98.410373][ T5849]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[   98.410384][ T5849]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[   98.410399][ T5849]  f2fs_handle_critical_error+0x37c/0x540
[   98.410414][ T5849]  f2fs_write_end_io+0x886/0xb60
[   98.410430][ T5849]  __submit_merged_bio+0x27a/0x6a0
[   98.410444][ T5849]  __submit_merged_write_cond+0x255/0x530
[   98.410458][ T5849]  f2fs_write_data_pages+0x261d/0x3000
[   98.410484][ T5849]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   98.410515][ T5849]  ? __mod_zone_page_state+0xd7/0x140
[   98.410531][ T5849]  ? folios_put_refs+0x560/0x640
[   98.410546][ T5849]  ? __pfx_folios_put_refs+0x10/0x10
[   98.410553][ T5849]  ? rcu_is_watching+0x15/0xb0
[   98.410566][ T5849]  ? __lock_acquire+0xab9/0xd20
[   98.410614][ T5849]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[   98.410631][ T5849]  do_writepages+0x32e/0x550
[   98.410652][ T5849]  ? do_raw_spin_unlock+0x4d/0x240
[   98.410670][ T5849]  filemap_fdatawrite+0x199/0x240
[   98.410684][ T5849]  ? __pfx_filemap_fdatawrite+0x10/0x10
[   98.410717][ T5849]  ? do_raw_spin_unlock+0x4d/0x240
[   98.410734][ T5849]  f2fs_sync_dirty_inodes+0x31f/0x830
[   98.410749][ T5849]  f2fs_write_checkpoint+0x95a/0x1df0
[   98.410768][ T5849]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[   98.410797][ T5849]  ? kill_f2fs_super+0x298/0x6c0
[   98.410808][ T5849]  kill_f2fs_super+0x2c3/0x6c0
[   98.410819][ T5849]  ? __pfx_kill_f2fs_super+0x10/0x10
[   98.410825][ T5849]  ? radix_tree_delete_item+0x2b6/0x400
[   98.410840][ T5849]  ? shrinker_free+0x2ce/0x3e0
[   98.410851][ T5849]  deactivate_locked_super+0xbc/0x130
[   98.410863][ T5849]  cleanup_mnt+0x425/0x4c0
[   98.410873][ T5849]  ? lockdep_hardirqs_on+0x9c/0x150
[   98.410887][ T5849]  task_work_run+0x1d4/0x260
[   98.410899][ T5849]  ? __pfx_task_work_run+0x10/0x10
[   98.410908][ T5849]  ? __x64_sys_umount+0x122/0x160
[   98.410921][ T5849]  ? exit_to_user_mode_loop+0x40/0x110
[   98.410935][ T5849]  exit_to_user_mode_loop+0xec/0x110
[   98.410946][ T5849]  do_syscall_64+0x2bd/0x3b0
[   98.410958][ T5849]  ? lockdep_hardirqs_on+0x9c/0x150
[   98.410967][ T5849]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.410976][ T5849]  ? exc_page_fault+0x9f/0xf0
[   98.410989][ T5849]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[   98.410996][ T5849] RIP: 0033:0x7f8c7518ff17
[   98.411006][ T5849] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[   98.411012][ T5849] RSP: 002b:00007ffdbcc0f648 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[   98.411022][ T5849] RAX: 0000000000000000 RBX: 00007f8c75211c05 RCX: 00007f8c7518ff17
[   98.411027][ T5849] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffdbcc0f700
[   98.411032][ T5849] RBP: 00007ffdbcc0f700 R08: 0000000000000000 R09: 0000000000000000
[   98.411037][ T5849] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffdbcc10790
[   98.411042][ T5849] R13: 00007f8c75211c05 R14: 0000000000017fc4 R15: 00007ffdbcc107d0
[   98.411055][ T5849]  </TASK>
[   98.411100][ T5849] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[   98.643664][ T6895] bridge: RTM_NEWNEIGH with invalid ether address
[   98.903436][   T33] audit: type=1326 audit(1755150254.642:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6904 comm="syz.0.357" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feba658ebe9 code=0x7ffc0000
[   98.975168][   T33] audit: type=1326 audit(1755150254.652:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6904 comm="syz.0.357" exe="/syz-executor" sig=0 arch=c000003e syscall=117 compat=0 ip=0x7feba658ebe9 code=0x7ffc0000
[   99.008473][   T33] audit: type=1326 audit(1755150254.652:22): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=6904 comm="syz.0.357" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feba658ebe9 code=0x7ffc0000
[   99.052091][   T33] audit: type=1326 audit(1755150254.652:23): auid=4294967295 uid=60929 gid=0 ses=4294967295 subj=unconfined pid=6904 comm="syz.0.357" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feba658ebe9 code=0x7ffc0000
[   99.446648][ T6918] loop2: detected capacity change from 0 to 64
[  100.132146][ T1272] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  100.140784][ T6951] loop1: detected capacity change from 0 to 512
[  100.152510][ T6951] EXT4-fs (loop1): ea_inode feature is not supported for Hurd
[  100.181591][ T6951] futex_wake_op: syz.1.377 tries to shift op by 32; fix this program
[  100.282301][ T1272] usb 3-1: Using ep0 maxpacket: 16
[  100.287089][ T1272] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  100.290352][ T1272] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  100.299179][ T1272] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 18
[  100.310889][ T1272] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  100.320682][ T1272] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  100.330657][ T1272] usb 3-1: SerialNumber: syz
[  100.344179][ T1272] hub 3-1:1.0: bad descriptor, ignoring hub
[  100.346661][ T1272] hub 3-1:1.0: probe with driver hub failed with error -5
[  100.375113][ T1272] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -22
[  100.471142][ T6965] netlink: 72 bytes leftover after parsing attributes in process `syz.0.383'.
[  100.728288][    T9] usb 3-1: USB disconnect, device number 7
[  101.576106][ T6977] netlink: 'syz.2.388': attribute type 5 has an invalid length.
[  101.829065][ T7000] netlink: 8 bytes leftover after parsing attributes in process `syz.1.398'.
[  101.874912][ T7002] syzkaller1: tun_chr_ioctl cmd 1074025678
[  101.877548][ T7002] syzkaller1: group set to 0
[  101.982176][ T1272] usb 3-1: new low-speed USB device number 8 using dummy_hcd
[  102.145419][ T1272] usb 3-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  102.148807][ T1272] usb 3-1: config 0 interface 0 has no altsetting 0
[  102.151005][ T1272] usb 3-1: New USB device found, idVendor=05ac, idProduct=0273, bcdDevice= 0.00
[  102.165235][ T1272] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  102.174406][ T1272] usb 3-1: config 0 descriptor??
[  102.184760][ T1272] input: bcm5974 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input6
[  102.213199][ T7013] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  102.426831][ T5278] bcm5974 3-1:0.0: could not read from device
[  102.445220][ T5278] bcm5974 3-1:0.0: could not read from device
[  102.456651][ T1272] usb 3-1: USB disconnect, device number 8
[  102.458811][ T5278] bcm5974 3-1:0.0: could not read from device
[  102.608676][ T7029] mmap: syz.0.408 (7029) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  102.993809][ T7036] netlink: 'syz.1.414': attribute type 12 has an invalid length.
[  102.996362][ T7036] netlink: 'syz.1.414': attribute type 29 has an invalid length.
[  102.998770][ T7036] netlink: 148 bytes leftover after parsing attributes in process `syz.1.414'.
[  103.001647][ T7036] netlink: 4 bytes leftover after parsing attributes in process `syz.1.414'.
[  103.303726][ T7045] netlink: zone id is out of range
[  103.305832][ T7045] netlink: zone id is out of range
[  103.307631][ T7045] netlink: zone id is out of range
[  103.309414][ T7045] netlink: zone id is out of range
[  103.311314][ T7045] netlink: zone id is out of range
[  103.316683][ T7045] netlink: zone id is out of range
[  103.318706][ T7045] netlink: zone id is out of range
[  103.321689][ T7045] netlink: zone id is out of range
[  103.328373][ T7045] netlink: zone id is out of range
[  103.333001][ T7045] netlink: zone id is out of range
[  103.960846][ T7056] loop1: detected capacity change from 0 to 4096
[  103.970135][ T7056] ntfs3(loop1): Different NTFS sector size (1024) and media sector size (512).
[  103.983915][ T7056] ntfs3(loop1): ino=1a, mi_enum_attr
[  103.985941][ T7056] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  104.025231][ T7056] ntfs3(loop1): ino=1e, "file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" ntfs_sync_inode failed, -22.
[  104.080326][ T6029] ntfs3(loop1): ino=1e, ntfs3_write_inode failed, -22.
[  104.111412][ T7058] netlink: 8 bytes leftover after parsing attributes in process `syz.1.423'.
[  104.116284][ T7058] netlink: 4 bytes leftover after parsing attributes in process `syz.1.423'.
[  104.291240][ T7073] loop1: detected capacity change from 0 to 512
[  104.334100][ T7075] veth0_to_bridge: entered promiscuous mode
[  104.350751][ T7074] veth0_to_bridge: left promiscuous mode
[  104.481244][ T7089] loop2: detected capacity change from 0 to 128
[  104.578567][ T7094] loop2: detected capacity change from 0 to 16
[  104.584993][ T7094] erofs (device loop2): mounted with root inode @ nid 36.
[  105.118097][ T7094] erofs (device loop2): invalid de[0].nameoff 0 @ nid 36
[  105.231411][ T7114] 9pnet_fd: Insufficient options for proto=fd
[  105.370913][ T7112] loop2: detected capacity change from 0 to 32768
[  105.715446][   T33] audit: type=1800 audit(1755150261.462:24): pid=7126 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.452" name="/" dev="9p" ino=2 res=0 errno=0
[  106.000873][ T7126] netfs: Couldn't get user pages (rc=-14)
[  106.351559][ T7131] loop2: detected capacity change from 0 to 1024
[  106.454229][ T7137] loop2: detected capacity change from 0 to 128
[  106.464577][ T7137] qnx6: unable to set blocksize
[  107.055067][ T7159] loop1: detected capacity change from 0 to 32768
[  107.070401][ T7159] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.467 (7159)
[  107.084232][ T7159] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  107.087981][ T7159] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm
[  107.091459][ T7159] BTRFS info (device loop1): using free-space-tree
[  107.355863][ T5849] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  107.681144][ T7186] loop1: detected capacity change from 0 to 8192
[  107.724789][ T6449] Dev loop1: unable to read partition block 838860800
[  107.728195][ T6449]  loop1: RDSK (419430400) unable to read partition table
[  107.731358][ T6449] loop1: partition table beyond EOD, truncated
[  107.739986][ T7186] Dev loop1: unable to read partition block 838860800
[  107.748098][ T7186]  loop1: RDSK (419430400) unable to read partition table
[  107.751263][ T7186] loop1: partition table beyond EOD, truncated
[  107.754287][ T7186] loop_reread_partitions: partition scan of loop1 () failed (rc=-5)
[  107.914359][ T7192] netlink: 'syz.1.475': attribute type 10 has an invalid length.
[  107.924546][ T7192] team0: Port device dummy0 added
[  108.108559][ T7196] netlink: 52 bytes leftover after parsing attributes in process `syz.1.477'.
[  108.161709][ T7194] loop2: detected capacity change from 0 to 4096
[  108.305726][ T7194] ntfs3(loop2): failed to convert name for inode 1e.
[  108.310680][ T7194] ntfs3(loop2): ino=1f, mi_enum_attr
[  108.314750][ T7194] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  108.490923][ T7218] netlink: 10 bytes leftover after parsing attributes in process `syz.2.487'.
[  108.495746][ T7216] loop1: detected capacity change from 0 to 512
[  108.520106][ T7216] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.486: casefold flag without casefold feature
[  108.544588][ T7216] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.486: couldn't read orphan inode 15 (err -117)
[  108.578767][ T7216] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  108.628631][ T5849] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  109.030947][ T7231] netlink: 24 bytes leftover after parsing attributes in process `syz.2.492'.
[  109.160467][ T7241] netlink: 'syz.1.496': attribute type 3 has an invalid length.
[  109.168578][ T7243] netlink: 164 bytes leftover after parsing attributes in process `syz.2.497'.
[  110.186975][ T7270] RDS: rds_bind could not find a transport for ::ffff:0.0.0.224, load rds_tcp or rds_rdma?
[  111.162153][ T5893] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  111.378922][ T5893] usb 2-1: Using ep0 maxpacket: 32
[  111.385003][ T5893] usb 2-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  111.388561][ T5893] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  111.396107][ T5893] usb 2-1: config 0 descriptor??
[  111.616843][ T7294] overlayfs: failed to clone upperpath
[  111.855928][ T5893] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  111.870110][ T5893] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  111.877905][ T5893] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  111.880194][ T5893] usb 2-1: media controller created
[  111.894008][ T5893] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  111.908653][ T5893] az6027: usb out operation failed. (-71)
[  111.911579][ T5893] az6027: usb out operation failed. (-71)
[  111.914665][ T5893] stb0899_attach: Driver disabled by Kconfig
[  111.916622][ T5893] az6027: no front-end attached
[  111.916622][ T5893] 
[  111.919135][ T5893] az6027: usb out operation failed. (-71)
[  111.921155][ T5893] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  111.925034][ T5893] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.1/usb2/2-1/input/input7
[  111.933815][ T5893] dvb-usb: schedule remote query interval to 400 msecs.
[  111.936435][ T5893] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  111.940898][ T5893] usb 2-1: USB disconnect, device number 6
[  111.970332][ T5893] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  112.771679][ T7311] overlayfs: missing 'workdir'
[  113.716471][ T7324] loop2: detected capacity change from 0 to 512
[  113.777624][ T7324] EXT4-fs error (device loop2): ext4_validate_block_bitmap:441: comm syz.2.532: bg 0: block 248: padding at end of block bitmap is not set
[  113.791696][ T7324] Quota error (device loop2): write_blk: dquota write failed
[  113.819288][ T7324] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  113.829651][ T7324] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.532: Failed to acquire dquot type 1
[  113.870873][ T7324] EXT4-fs (loop2): 1 truncate cleaned up
[  113.877209][ T7324] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  113.892465][ T7324] ext4 filesystem being mounted at /154/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  113.912735][ T7324] EXT4-fs (loop2): shut down requested (2)
[  113.959930][ T5847] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.237300][ T7341] loop1: detected capacity change from 0 to 32768
[  114.243958][ T7341] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.539 (7341)
[  114.257748][ T7341] BTRFS info (device loop1): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  114.263007][ T7341] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm
[  114.266291][ T7341] BTRFS info (device loop1): disk space caching is enabled
[  114.268598][ T7341] BTRFS warning (device loop1): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  114.308022][ T7341] BTRFS info (device loop1): rebuilding free space tree
[  114.337471][ T7341] BTRFS info (device loop1): disabling free space tree
[  114.340298][ T7341] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  114.345289][ T7341] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  114.377218][ T5849] BTRFS info (device loop1): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  114.882353][ T5892] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  115.032039][ T5892] usb 2-1: Using ep0 maxpacket: 8
[  115.043772][ T5892] usb 2-1: unable to get BOS descriptor or descriptor too short
[  115.048669][ T5892] usb 2-1: config 0 has no interfaces?
[  115.053076][ T5892] usb 2-1: New USB device found, idVendor=05ac, idProduct=1240, bcdDevice= 0.3c
[  115.055955][ T5892] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  115.069668][ T5892] usb 2-1: Product: syz
[  115.071138][ T5892] usb 2-1: Manufacturer: syz
[  115.074577][ T5892] usb 2-1: SerialNumber: syz
[  115.081808][ T5892] apple-mfi-fastcharge 2-1: config 0 descriptor??
[  115.300231][ T5892] apple-mfi-fastcharge 2-1: USB disconnect, device number 7
[  116.208113][ T7402] loop1: detected capacity change from 0 to 2048
[  116.283949][ T7402] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  116.311638][ T7402] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000.
[  116.394394][ T5849] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.715775][ T7420] loop1: detected capacity change from 0 to 2048
[  116.744138][ T7420] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  116.771786][ T7425] netlink: 'syz.2.569': attribute type 10 has an invalid length.
[  116.801230][ T7425] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  116.823690][ T5849] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.267446][ T5892] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  117.427326][ T5892] usb 2-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00
[  117.431466][ T5892] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  117.435846][ T5892] usb 2-1: Product: syz
[  117.437697][ T5892] usb 2-1: Manufacturer: syz
[  117.439718][ T5892] usb 2-1: SerialNumber: syz
[  117.450762][ T5892] usb 2-1: config 0 descriptor??
[  117.619849][ T7463] loop2: detected capacity change from 0 to 4096
[  117.626312][ T7463] EXT4-fs (loop2): Test dummy encryption mode enabled
[  117.634960][ T7463] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[  117.638298][ T7463] System zones: 0-5
[  117.652300][ T7463] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  117.663651][ T5892] hso 2-1:0.0: Can't find BULK IN endpoint
[  117.674637][ T5892] usb-storage 2-1:0.0: USB Mass Storage device detected
[  117.711485][ T5847] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  117.870402][ T5892] usb 2-1: USB disconnect, device number 8
[  119.240683][  T794] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  119.394528][  T794] usb 3-1: config 0 has an invalid interface number: 64 but max is 0
[  119.397736][  T794] usb 3-1: config 0 has no interface number 0
[  119.404043][  T794] usb 3-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice= 0.07
[  119.407725][  T794] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  119.410838][  T794] usb 3-1: Product: syz
[  119.422345][  T794] usb 3-1: Manufacturer: syz
[  119.424001][  T794] usb 3-1: SerialNumber: syz
[  119.430397][ T7513] loop1: detected capacity change from 0 to 4096
[  119.433070][  T794] usb 3-1: config 0 descriptor??
[  119.441648][ T7513] ntfs3(loop1): Different NTFS sector size (1024) and media sector size (512).
[  119.467333][ T7513] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  119.472831][ T7513] ntfs3(loop1): Failed to load $MFT (-2).
[  119.647207][ T7516] netlink: 'syz.1.606': attribute type 153 has an invalid length.
[  119.676390][  T794] usb 3-1: Found UVC 0.00 device syz (046d:0823)
[  119.679204][  T794] usb 3-1: No valid video chain found.
[  119.695992][  T794] usb 3-1: USB disconnect, device number 9
[  120.112247][ T7518] loop1: detected capacity change from 0 to 32768
[  120.129999][ T7518] JBD2: Ignoring recovery information on journal
[  120.178640][ T7518] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  120.253063][ T5849] ocfs2: Unmounting device (7,1) on (node local)
[  120.398415][ T7536] loop1: detected capacity change from 0 to 256
[  120.429996][ T7536] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xbe675ead, utbl_chksum : 0xe619d30d)
[  120.530826][ T7543] netlink: 4 bytes leftover after parsing attributes in process `syz.0.618'.
[  121.682298][    T9] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  121.932422][    T9] usb 3-1: Using ep0 maxpacket: 32
[  121.936721][    T9] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  121.943514][    T9] usb 3-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80
[  121.947094][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  121.950296][    T9] usb 3-1: Product: syz
[  121.952381][    T9] usb 3-1: Manufacturer: syz
[  121.954265][    T9] usb 3-1: SerialNumber: syz
[  121.958612][    T9] usb 3-1: config 0 descriptor??
[  121.965871][    T9] usb 3-1: bad CDC descriptors
[  121.968666][    T9] usb 3-1: unsupported MDLM descriptors
[  122.356191][ T5893] usb 3-1: USB disconnect, device number 10
[  122.433859][    T9] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  122.582081][    T9] usb 2-1: Using ep0 maxpacket: 8
[  122.588678][    T9] usb 2-1: New USB device found, idVendor=2770, idProduct=9120, bcdDevice=6c.77
[  122.593641][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  122.596725][    T9] usb 2-1: Product: syz
[  122.598377][    T9] usb 2-1: Manufacturer: syz
[  122.600224][    T9] usb 2-1: SerialNumber: syz
[  122.605083][    T9] usb 2-1: config 0 descriptor??
[  122.611242][    T9] gspca_main: sq905-2.14.0 probing 2770:9120
[  123.124073][    T9] gspca_sq905: sq905_command: usb_control_msg failed (-110)
[  123.126534][    T9] sq905 2-1:0.0: probe with driver sq905 failed with error -110
[  123.262095][ T5867] usb 3-1: new full-speed USB device number 11 using dummy_hcd
[  123.593527][ T5867] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  123.597052][ T5867] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF9, changing to 0x89
[  123.601083][ T5867] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has an invalid bInterval 0, changing to 10
[  123.605928][ T5867] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 65535, setting to 64
[  123.609318][ T5867] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 10
[  123.613070][ T5867] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid maxpacket 213, setting to 64
[  123.616901][ T5867] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  123.624208][ T5867] usb 3-1: New USB device found, idVendor=0bc7, idProduct=0008, bcdDevice=4f.c8
[  123.627010][ T5867] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  123.629453][ T5867] usb 3-1: Product: syz
[  123.630852][ T5867] usb 3-1: Manufacturer: syz
[  123.632474][ T5867] usb 3-1: SerialNumber: syz
[  123.635906][ T5867] usb 3-1: config 0 descriptor??
[  123.638237][ T7577] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  123.640937][ T7577] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  124.732161][ T5867] rc_core: IR keymap rc-snapstream-firefly not found
[  124.734994][ T5867] Registered IR keymap rc-empty
[  124.737497][ T5867] rc rc0: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0
[  124.741542][ T5867] input: syz syz as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input9
[  124.755882][ T5867] input: syz syz mouse as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/input/input10
[  124.776600][ T5867] usb 3-1: USB disconnect, device number 11
[  124.778546][    C0] ati_remote 3-1:0.0: ati_remote_irq_in: usb_submit_urb()=-19
[  124.841436][ T5892] usb 2-1: USB disconnect, device number 9
[  124.984850][ T7601] loop1: detected capacity change from 0 to 2048
[  125.013533][ T7601] UDF-fs: error (device loop1): udf_process_sequence: Primary Volume Descriptor not found!
[  125.021090][ T7601] UDF-fs: warning (device loop1): udf_fill_super: No fileset found
[  125.157468][ T5867] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  125.210583][ T7611] overlayfs: failed to clone upperpath
[  125.338570][ T5867] usb 3-1: Using ep0 maxpacket: 32
[  125.355521][ T5867] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  125.368135][ T5867] usb 3-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  125.383253][ T5867] usb 3-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  125.386565][ T5867] usb 3-1: Product: syz
[  125.402964][ T5867] usb 3-1: Manufacturer: syz
[  125.404956][ T5867] usb 3-1: SerialNumber: syz
[  125.430381][ T5867] usb 3-1: config 0 descriptor??
[  125.444368][ T7598] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  125.602760][ T7622] syz.0.650 uses obsolete (PF_INET,SOCK_PACKET)
[  125.784949][ T5867] usb 3-1: USB disconnect, device number 12
[  126.991215][ T7634] loop1: detected capacity change from 0 to 32768
[  127.007926][ T7634] JBD2: Ignoring recovery information on journal
[  127.058285][ T7634] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  127.113196][ T5849] ocfs2: Unmounting device (7,1) on (node local)
[  127.254655][ T7652] loop2: detected capacity change from 0 to 32768
[  127.264915][ T7652] (syz.2.662,7652,1):ocfs2_check_set_options:1265 ERROR: ACL support requested but extended attributes feature is not enabled
[  127.280551][ T7652] (syz.2.662,7652,1):ocfs2_fill_super:1177 ERROR: status = -22
[  127.540017][ T7663] loop2: detected capacity change from 0 to 256
[  127.561040][   T33] audit: type=1800 audit(1755150283.322:25): pid=7663 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.667" name=F15BBA4E66BB75FBD5 dev="loop2" ino=1048598 res=0 errno=0
[  127.686451][ T7655] loop1: detected capacity change from 0 to 32768
[  127.732595][ T7655] XFS (loop1): alignment check failed: sunit/swidth vs. blocksize(4096)
[  128.501518][ T7688] loop1: detected capacity change from 0 to 512
[  128.579623][ T7688] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  128.589045][ T7688] ext4 filesystem being mounted at /226/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  128.654202][ T5849] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.316379][   T33] audit: type=1326 audit(1755150285.082:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7710 comm="syz.2.685" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ffbacb8ebe9 code=0x0
[  130.463888][    T9] usb 2-1: new full-speed USB device number 10 using dummy_hcd
[  130.705662][    T9] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  130.709977][    T9] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  130.717620][    T9] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40
[  130.721577][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  130.725248][    T9] usb 2-1: SerialNumber: syz
[  130.734978][    T9] usb 2-1: bad CDC descriptors
[  130.738519][    T9] usb-storage 2-1:1.0: USB Mass Storage device detected
[  130.750536][    T9] usb-storage 2-1:1.0: Quirks match for vid 0525 pid a4a5: 10000
[  130.940568][    T9] usb 2-1: USB disconnect, device number 10
[  131.371221][ T7759] loop2: detected capacity change from 0 to 64
[  131.384395][ T7759] BFS-fs: bfs_fill_super(): loop2 is unclean, continuing
[  131.458734][ T7761] netlink: 8 bytes leftover after parsing attributes in process `syz.2.706'.
[  131.565734][ T5867] IPVS: starting estimator thread 0...
[  131.956986][ T7765] IPVS: using max 63 ests per chain, 151200 per kthread
[  132.037273][ T7772] loop2: detected capacity change from 0 to 64
[  132.086190][ T7772] syz.2.711: attempt to access beyond end of device
[  132.086190][ T7772] loop2: rw=0, sector=1024, nr_sectors = 2 limit=64
[  132.090593][ T7772] Buffer I/O error on dev loop2, logical block 512, async page read
[  132.094960][ T7775] BFS-fs: bfs_fill_super(): No BFS filesystem on nullb0 (magic=00000000)
[  132.102590][ T7772] syz.2.711: attempt to access beyond end of device
[  132.102590][ T7772] loop2: rw=0, sector=113152, nr_sectors = 2 limit=64
[  132.106834][ T7772] Buffer I/O error on dev loop2, logical block 56576, async page read
[  132.121803][ T7772] syz.2.711: attempt to access beyond end of device
[  132.121803][ T7772] loop2: rw=0, sector=1024, nr_sectors = 2 limit=64
[  132.138355][ T7772] Buffer I/O error on dev loop2, logical block 512, async page read
[  132.142196][ T7772] syz.2.711: attempt to access beyond end of device
[  132.142196][ T7772] loop2: rw=0, sector=113152, nr_sectors = 2 limit=64
[  132.150509][ T7772] Buffer I/O error on dev loop2, logical block 56576, async page read
[  132.467190][ T7792] loop1: detected capacity change from 0 to 4096
[  132.525073][ T1363] ieee802154 phy0 wpan0: encryption failed: -22
[  132.527601][ T1363] ieee802154 phy1 wpan1: encryption failed: -22
[  132.637281][ T7792] ntfs3(loop1): ino=19, mi_enum_attr
[  132.640900][ T7792] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  132.781089][ T7799] netlink: 12 bytes leftover after parsing attributes in process `syz.1.722'.
[  132.920487][   T33] audit: type=1326 audit(1755150288.682:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7808 comm="syz.0.726" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7feba658ebe9 code=0x0
[  132.934610][ T7810] 9pnet_fd: Insufficient options for proto=fd
[  133.037682][ T7817] comedi comedi0: Minor 3 could not be opened
[  133.481903][ T7851] loop1: detected capacity change from 0 to 256
[  133.825452][ T7867] loop2: detected capacity change from 0 to 1024
[  133.888004][ T7867] hfsplus: bad catalog entry type
[  133.912086][  T648] hfsplus: b-tree write err: -5, ino 4
[  135.614546][ T7910] syzkaller0: entered promiscuous mode
[  135.619491][ T7910] syzkaller0: entered allmulticast mode
[  136.502226][  T794] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  136.664884][  T794] usb 2-1: Using ep0 maxpacket: 32
[  136.668852][  T794] usb 2-1: config 0 has an invalid interface number: 136 but max is 0
[  136.677340][  T794] usb 2-1: config 0 has no interface number 0
[  136.684416][  T794] usb 2-1: New USB device found, idVendor=1a0a, idProduct=0101, bcdDevice=ee.df
[  136.688044][  T794] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  136.692496][  T794] usb 2-1: Product: syz
[  136.694152][  T794] usb 2-1: Manufacturer: syz
[  136.696061][  T794] usb 2-1: SerialNumber: syz
[  136.704276][  T794] usb 2-1: config 0 descriptor??
[  136.713200][  T794] usb_ehset_test 2-1:0.136: probe with driver usb_ehset_test failed with error -32
[  136.783574][ T7934] loop2: detected capacity change from 0 to 8192
[  136.803137][ T7934] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512).
[  136.838641][ T7934] ntfs3(loop2): Failed to initialize $Extend/$ObjId.
[  136.922418][  T794] usb 2-1: USB disconnect, device number 11
[  137.362088][    T9] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  137.470841][ T7953] netlink: 12 bytes leftover after parsing attributes in process `syz.1.791'.
[  137.512639][    T9] usb 3-1: Using ep0 maxpacket: 8
[  137.515469][ T7953] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  137.518645][ T5871] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  137.522543][ T7953] netlink: 28 bytes leftover after parsing attributes in process `syz.1.791'.
[  137.524306][    T9] usb 3-1: config 0 has an invalid interface number: 31 but max is 0
[  137.525471][ T5871] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  137.528487][    T9] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  137.531520][ T5871] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  137.531545][ T5871] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  137.532911][ T7953] 8021q: adding VLAN 0 to HW filter on device bond1
[  137.539345][    T9] usb 3-1: config 0 has no interface number 0
[  137.557837][    T9] usb 3-1: New USB device found, idVendor=046d, idProduct=08c3, bcdDevice=6b.16
[  137.572061][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  137.575350][    T9] usb 3-1: Product: syz
[  137.576975][    T9] usb 3-1: Manufacturer: syz
[  137.578857][    T9] usb 3-1: SerialNumber: syz
[  137.581750][ T7956] loop1: detected capacity change from 0 to 128
[  137.589540][    T9] usb 3-1: config 0 descriptor??
[  137.622738][ T7956] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  137.629545][ T7956] ext4 filesystem being mounted at /259/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  137.658880][ T7956] fscrypt: AES-256-CBC-CTS using implementation "cts(cbc(ecb(aes-fixed-time)))"
[  137.668296][ T7956] EXT4-fs (loop1): shut down requested (1)
[  137.676344][ T7956] fscrypt: loop1: 1 inode(s) still busy after removing key with identifier 69b2f6edeee720cce0577937eb8a6751, including ino 12
[  137.701139][ T5849] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  137.819936][    T9] usb 3-1: Found UVC 0.04 device syz (046d:08c3)
[  137.822619][    T9] usb 3-1: No valid video chain found.
[  140.018902][ T7993] Bluetooth: MGMT ver 1.23
[  140.088294][ T5914] usb 3-1: USB disconnect, device number 13
[  141.222837][ T8006] loop1: detected capacity change from 0 to 2048
[  141.256113][ T8006] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[  141.338719][ T8009] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  141.779508][ T8029] warning: `syz.2.820' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  141.852328][    T9] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  141.924553][ T8035] netlink: 376 bytes leftover after parsing attributes in process `syz.0.823'.
[  142.006765][    T9] usb 2-1: Using ep0 maxpacket: 8
[  142.016096][    T9] usb 2-1: New USB device found, idVendor=0ccd, idProduct=0099, bcdDevice=95.0d
[  142.021596][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  142.024627][    T9] usb 2-1: Product: syz
[  142.025992][    T9] usb 2-1: Manufacturer: syz
[  142.027466][    T9] usb 2-1: SerialNumber: syz
[  142.033922][    T9] usb 2-1: config 0 descriptor??
[  142.249301][    T9] usb 2-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[  142.265006][    T9] dvb_usb_af9015 2-1:0.0: probe with driver dvb_usb_af9015 failed with error -22
[  142.273790][    T9] usb 2-1: dvb_usb_v2: usb_bulk_msg() failed=-22
[  142.276809][    T9] dvb_usb_af9035 2-1:0.0: probe with driver dvb_usb_af9035 failed with error -22
[  142.295937][    T9] usb 2-1: USB disconnect, device number 12
[  143.085775][   T33] audit: type=1800 audit(1755150298.852:28): pid=8069 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.837" name="SYSV00000000" dev="tmpfs" ino=0 res=0 errno=0
[  143.251710][ T8076] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  143.323428][ T8080] net_ratelimit: 3 callbacks suppressed
[  143.323449][ T8080] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  143.379079][ T8083] loop1: detected capacity change from 0 to 512
[  143.435459][ T8083] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.843: iget: bad extended attribute block 1
[  143.440291][ T8083] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.843: couldn't read orphan inode 15 (err -117)
[  143.473569][ T8083] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  143.554002][ T5849] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.615240][ T8095] loop1: detected capacity change from 0 to 512
[  143.636627][ T8095] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -2
[  143.651080][ T8095] EXT4-fs (loop1): 1 truncate cleaned up
[  143.671024][ T8095] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  143.710922][ T5849] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.395620][ T5867] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  144.565391][ T5867] usb 2-1: Using ep0 maxpacket: 8
[  144.570233][ T5867] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  144.574678][ T8129] loop2: detected capacity change from 0 to 2364
[  144.586592][ T5867] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  144.600881][ T5867] usb 2-1: config 0 interface 0 has no altsetting 0
[  144.607450][ T5867] usb 2-1: New USB device found, idVendor=09da, idProduct=000a, bcdDevice= 0.00
[  144.610459][ T5867] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  144.615949][ T5867] usb 2-1: config 0 descriptor??
[  145.115827][ T5867] a4tech 0003:09DA:000A.0003: unbalanced collection at end of report description
[  145.128012][ T5867] a4tech 0003:09DA:000A.0003: parse failed
[  145.130684][ T5867] a4tech 0003:09DA:000A.0003: probe with driver a4tech failed with error -22
[  145.267903][ T5867] usb 2-1: USB disconnect, device number 13
[  145.320510][ T8161] fuse: Bad value for 'fd'
[  145.840342][ T8189] loop1: detected capacity change from 0 to 4096
[  145.864368][ T8192] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  145.918589][ T8189] syz.1.891 (8189) used greatest stack depth: 19656 bytes left
[  145.999244][ T8194] loop1: detected capacity change from 0 to 512
[  146.013608][ T8194] EXT4-fs: Ignoring removed oldalloc option
[  146.015678][ T8194] EXT4-fs: Ignoring removed mblk_io_submit option
[  146.018450][ T8194] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  146.033121][    T9] usb 3-1: new full-speed USB device number 14 using dummy_hcd
[  146.034578][ T8194] EXT4-fs (loop1): orphan cleanup on readonly fs
[  146.043425][ T8194] Quota error (device loop1): do_check_range: Getting block 196613 out of range 1-5
[  146.046731][ T8194] Quota error (device loop1): qtree_read_dquot: Can't read quota structure for id 0
[  146.049678][ T8194] EXT4-fs error (device loop1): ext4_acquire_dquot:6933: comm syz.1.893: Failed to acquire dquot type 1
[  146.054667][ T8194] EXT4-fs (loop1): 1 truncate cleaned up
[  146.063367][ T8194] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  146.075620][ T8194] EXT4-fs: Ignoring removed orlov option
[  146.077532][ T8194] EXT4-fs: Remounting file system with no journal so ignoring journalled data option
[  146.080543][ T8194] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  146.085796][ T8194] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[  146.094062][ T8194] EXT4-fs error (device loop1): __ext4_remount:6736: comm syz.1.893: Abort forced by user
[  146.097465][ T8194] EXT4-fs (loop1): Remounting filesystem read-only
[  146.099455][ T8194] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  146.102301][ T8194] ext4 filesystem being remounted at /283/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  146.118916][ T5849] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  146.168104][   T33] audit: type=1326 audit(1755150301.932:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8197 comm="syz.1.894" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c7518ebe9 code=0x7ffc0000
[  146.186603][   T33] audit: type=1326 audit(1755150301.942:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8197 comm="syz.1.894" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c7518ebe9 code=0x7ffc0000
[  146.202361][   T33] audit: type=1326 audit(1755150301.942:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8197 comm="syz.1.894" exe="/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f8c7518ebe9 code=0x7ffc0000
[  146.212866][   T33] audit: type=1326 audit(1755150301.942:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8197 comm="syz.1.894" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c7518ebe9 code=0x7ffc0000
[  146.213789][    T9] usb 3-1: config 4 has an invalid interface number: 121 but max is 0
[  146.219845][   T33] audit: type=1326 audit(1755150301.942:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8197 comm="syz.1.894" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c7518ebe9 code=0x7ffc0000
[  146.272454][    T9] usb 3-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  146.281110][    T9] usb 3-1: config 4 has no interface number 0
[  146.284397][    T9] usb 3-1: config 4 interface 121 altsetting 3 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  146.289892][    T9] usb 3-1: config 4 interface 121 has no altsetting 0
[  146.303335][    T9] usb 3-1: New USB device found, idVendor=6b86, idProduct=c24a, bcdDevice=25.ca
[  146.307027][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  146.315813][    T9] usb 3-1: Product: syz
[  146.320923][    T9] usb 3-1: Manufacturer: syz
[  146.329459][    T9] usb 3-1: SerialNumber: syz
[  146.483306][ T8219] netlink: 'syz.0.905': attribute type 40 has an invalid length.
[  146.486026][ T8219] netlink: 52 bytes leftover after parsing attributes in process `syz.0.905'.
[  146.556629][    T9] usb 3-1: USB disconnect, device number 14
[  146.712404][ T5914] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  146.975388][ T5914] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  146.978532][ T5914] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  146.981915][ T5914] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[  146.985175][ T5914] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  146.992134][ T5914] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  147.063232][ T5914] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  147.066562][ T5914] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  147.069344][ T5914] usb 2-1: Product: syz
[  147.070852][ T5914] usb 2-1: Manufacturer: syz
[  147.240916][ T5914] cdc_wdm 2-1:1.0: skipping garbage
[  147.247026][ T5914] cdc_wdm 2-1:1.0: skipping garbage
[  147.251749][ T5914] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[  147.255615][ T5914] cdc_wdm 2-1:1.0: Unknown control protocol
[  147.442548][ T8220] cdc_wdm 2-1:1.0: Error submitting int urb - -90
[  147.446139][ T5914] usb 2-1: USB disconnect, device number 14
[  147.853655][ T8259] fuse: Bad value for 'fd'
[  148.122252][ T8273] loop1: detected capacity change from 0 to 4096
[  148.125863][ T8273] ntfs3(loop1): Different NTFS sector size (2048) and media sector size (512).
[  148.394200][ T8285] netlink: 132 bytes leftover after parsing attributes in process `syz.1.932'.
[  148.510410][ T8289] loop1: detected capacity change from 0 to 512
[  148.516004][ T8289] EXT4-fs: Ignoring removed i_version option
[  148.518543][ T8289] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  148.523633][ T8289] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2842e12c, mo2=0002]
[  148.526440][ T8289] System zones: 1-12
[  148.527892][ T8289] EXT4-fs (loop1): orphan cleanup on readonly fs
[  148.531102][ T8289] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.934: invalid indirect mapped block 12 (level 1)
[  148.544591][ T8289] EXT4-fs (loop1): Remounting filesystem read-only
[  148.547795][ T8289] EXT4-fs (loop1): 1 truncate cleaned up
[  148.551617][ T8289] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none.
[  148.562327][ T5893] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  148.585854][ T5849] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  148.712436][ T5893] usb 3-1: Using ep0 maxpacket: 32
[  148.729234][ T5893] usb 3-1: config 0 has an invalid interface number: 54 but max is 0
[  148.738822][ T5893] usb 3-1: config 0 has no interface number 0
[  148.747058][ T5893] usb 3-1: config 0 interface 54 altsetting 16 bulk endpoint 0x6 has invalid maxpacket 1023
[  148.763915][ T5893] usb 3-1: config 0 interface 54 altsetting 16 bulk endpoint 0x82 has invalid maxpacket 8
[  148.768190][ T5893] usb 3-1: config 0 interface 54 has no altsetting 0
[  148.774500][ T5893] usb 3-1: New USB device found, idVendor=0cf2, idProduct=6250, bcdDevice=46.42
[  148.778132][ T5893] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  148.786154][ T5893] usb 3-1: Product: syz
[  148.787515][ T5893] usb 3-1: Manufacturer: syz
[  148.789030][ T5893] usb 3-1: SerialNumber: syz
[  148.803221][ T5893] usb 3-1: config 0 descriptor??
[  148.806942][ T8279] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  148.809575][ T8279] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  148.957183][ T8306] bridge0: port 1(bridge_slave_0) entered disabled state
[  148.995946][ T6027] bridge0: port 1(bridge_slave_0) entered blocking state
[  149.000632][ T6027] bridge0: port 1(bridge_slave_0) entered forwarding state
[  149.033286][ T5893] ums_eneub6250 3-1:0.54: USB Mass Storage device detected
[  149.049397][ T5893] scsi host6: usb-storage 3-1:0.54
[  149.119063][ T5893] ums_eneub6250 3-1:0.54: probe with driver ums_eneub6250 failed with error 3
[  149.135223][ T5893] usb 3-1: USB disconnect, device number 15
[  149.910227][ T8339] sctp: [Deprecated]: syz.1.953 (pid 8339) Use of int in max_burst socket option deprecated.
[  149.910227][ T8339] Use struct sctp_assoc_value instead
[  150.313885][ T5893] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  150.552084][ T5893] usb 3-1: Using ep0 maxpacket: 32
[  150.556285][ T5893] usb 3-1: config 0 interface 0 has no altsetting 0
[  151.029070][ T5893] usb 3-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  151.032678][ T5893] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  151.035416][ T5893] usb 3-1: Product: syz
[  151.036886][ T5893] usb 3-1: Manufacturer: syz
[  151.038455][ T5893] usb 3-1: SerialNumber: syz
[  151.048520][ T5893] usb 3-1: config 0 descriptor??
[  151.374319][ T8362] netlink: 12 bytes leftover after parsing attributes in process `syz.0.962'.
[  151.476258][ T8368] fuse: Bad value for 'fd'
[  151.578183][ T5893] gs_usb 3-1:0.0: Configuring for 1 interfaces
[  151.787376][ T5893] gs_usb 3-1:0.0: Couldn't register candev for channel 0 (-EINVAL)
[  151.804259][ T5893] gs_usb 3-1:0.0: probe with driver gs_usb failed with error -22
[  151.981557][  T794] usb 3-1: USB disconnect, device number 16
[  152.159222][ T8389] loop1: detected capacity change from 0 to 32768
[  152.163820][ T8389] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.975 (8389)
[  152.169848][ T8389] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  152.174596][ T8389] BTRFS info (device loop1): using crc32c (crc32c-lib) checksum algorithm
[  152.177549][ T8389] BTRFS info (device loop1): using free-space-tree
[  152.262855][ T5849] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  152.965209][ T8425] netlink: 112 bytes leftover after parsing attributes in process `syz.2.983'.
[  153.048633][ T8429] loop1: detected capacity change from 0 to 4096
[  153.246202][ T8438] input: syz1 as /devices/virtual/input/input11
[  153.643169][    T9] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  153.802191][    T9] usb 3-1: Using ep0 maxpacket: 32
[  153.806350][    T9] usb 3-1: config index 0 descriptor too short (expected 29220, got 36)
[  153.809799][    T9] usb 3-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  153.814949][    T9] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 81
[  153.818613][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid maxpacket 2763, setting to 1024
[  153.823343][    T9] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 1024
[  153.827455][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  153.830690][    T9] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  153.834477][    T9] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  153.838935][    T9] usb 3-1: New USB device found, idVendor=03f0, idProduct=0004, bcdDevice= 0.40
[  153.842413][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  153.847652][    T9] usb 3-1: config 0 descriptor??
[  153.854411][ T8450] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  153.858492][    T9] usblp0: Disabling reads from problematic bidirectional printer
[  154.084931][    T9] usblp 3-1:0.0: usblp0: USB Unidirectional printer dev 17 if 0 alt 0 proto 3 vid 0x03F0 pid 0x0004
[  154.097165][    T9] usb 3-1: USB disconnect, device number 17
[  154.108279][    T9] usblp0: removed
[  154.380397][ T8476] loop1: detected capacity change from 0 to 256
[  154.384601][ T8476] exfat: Deprecated parameter 'utf8'
[  154.386438][ T8476] exfat: Unknown parameter 'iocht'
[  156.043045][   T33] audit: type=1326 audit(1755150311.792:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8499 comm="syz.1.1016" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c7518ebe9 code=0x7ffc0000
[  156.064217][   T33] audit: type=1326 audit(1755150311.792:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8499 comm="syz.1.1016" exe="/syz-executor" sig=0 arch=c000003e syscall=261 compat=0 ip=0x7f8c7518ebe9 code=0x7ffc0000
[  156.079947][ T8506] batman_adv: batadv0: Adding interface: dummy0
[  156.083217][   T33] audit: type=1326 audit(1755150311.792:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8499 comm="syz.1.1016" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c7518ebe9 code=0x7ffc0000
[  156.089924][ T8506] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  156.098023][   T33] audit: type=1326 audit(1755150311.792:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8499 comm="syz.1.1016" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8c7518ebe9 code=0x7ffc0000
[  156.106393][ T8506] batman_adv: batadv0: Interface activated: dummy0
[  156.118836][ T8506] batadv0: mtu less than device minimum
[  156.121511][ T8506] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  156.125620][ T8506] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  156.129453][ T8506] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  156.133306][ T8506] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  156.137245][ T8506] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  156.141243][ T8506] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  156.145286][ T8506] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  156.149156][ T8506] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  156.152978][ T8506] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320)
[  157.249927][ T8536] loop1: detected capacity change from 0 to 128
[  157.254701][ T5867] usb 3-1: new full-speed USB device number 18 using dummy_hcd
[  157.428799][ T5867] usb 3-1: config 0 has an invalid interface number: 1 but max is 0
[  157.432711][ T5867] usb 3-1: config 0 has no interface number 0
[  157.435260][ T5867] usb 3-1: New USB device found, idVendor=0b48, idProduct=1005, bcdDevice=8c.1e
[  157.441117][ T5867] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  157.467282][ T8542] loop1: detected capacity change from 0 to 1024
[  157.528475][ T8542] hfsplus: Unknown parameter ''
[  157.863896][ T5867] usb 3-1: config 0 descriptor??
[  157.880758][ T5867] usb 3-1: selecting invalid altsetting 1
[  157.893004][ T5867] dvb_ttusb_budget: ttusb_init_controller: error
[  157.895578][ T5867] dvbdev: DVB: registering new adapter (Technotrend/Hauppauge Nova-USB)
[  158.036899][ T5867] DVB: Unable to find symbol cx22700_attach()
[  158.112610][ T5867] DVB: Unable to find symbol tda10046_attach()
[  158.162409][ T5867] dvb_ttusb_budget: no frontend driver found for device [0b48:1005]
[  158.170681][ T5867] usb 3-1: USB disconnect, device number 18
[  158.282100][ T8550] syz.0.1036 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  159.208115][ T8560] ALSA: mixer_oss: invalid OSS volume ''
[  159.471366][ T8575] loop1: detected capacity change from 0 to 2048
[  159.495104][ T8575] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  160.151674][ T8596] loop1: detected capacity change from 0 to 32768
[  160.382190][ T5892] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  160.563284][ T5892] usb 3-1: Using ep0 maxpacket: 16
[  160.571330][ T5892] usb 3-1: unable to get BOS descriptor or descriptor too short
[  160.576534][ T5892] usb 3-1: config 117 has an invalid interface number: 106 but max is 0
[  160.586101][ T5892] usb 3-1: config 117 has no interface number 0
[  160.588220][ T5892] usb 3-1: config 117 interface 106 has no altsetting 0
[  160.598964][ T5892] usb 3-1: New USB device found, idVendor=110a, idProduct=1451, bcdDevice=6d.26
[  160.606075][ T5892] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  160.609274][ T5892] usb 3-1: Product: syz
[  160.610727][ T5892] usb 3-1: Manufacturer: syz
[  160.622285][ T5892] usb 3-1: SerialNumber: syz
[  161.133641][ T5892] mxuport 3-1:117.106: mxuport_send_ctrl_data_urb - usb_control_msg failed (-71)
[  161.136963][ T5892] mxuport 3-1:117.106: mxuport_send_ctrl_data_urb - usb_control_msg failed (-71)
[  161.140260][ T5892] mxuport 3-1:117.106: probe with driver mxuport failed with error -71
[  161.145399][ T5892] usb 3-1: USB disconnect, device number 19
[  161.675506][ T8647] loop1: detected capacity change from 0 to 2048
[  161.690656][ T8647] EXT4-fs warning (device loop1): ext4_multi_mount_protect:318: fsck is running on the filesystem
[  161.699927][ T8647] EXT4-fs warning (device loop1): ext4_multi_mount_protect:318: MMP failure info: last update time: 1669132791, last update node: dvyukov-desk.muc.corp.google.com, last update device: loop4
[  162.202180][ T5892] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  162.352102][ T5892] usb 2-1: Using ep0 maxpacket: 16
[  162.355284][ T5892] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  162.358483][ T5892] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  162.374025][ T5892] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  162.376844][ T5892] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  162.379286][ T5892] usb 2-1: Product: syz
[  162.380564][ T5892] usb 2-1: Manufacturer: syz
[  162.382360][ T5892] usb 2-1: SerialNumber: syz
[  162.589936][ T8673] netlink: 'syz.2.1087': attribute type 1 has an invalid length.
[  162.597959][ T8673] netlink: 1284 bytes leftover after parsing attributes in process `syz.2.1087'.
[  162.610928][ T5892] usb 2-1: 2:1 : UAC_AS_GENERAL descriptor not found
[  162.678376][ T5892] usb 2-1: USB disconnect, device number 15
[  162.681419][ T8676] loop2: detected capacity change from 0 to 8
[  162.738766][ T6449] udevd[6449]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  162.779003][ T8676] SQUASHFS error: xz decompression failed, data probably corrupt
[  162.782850][ T8676] SQUASHFS error: Failed to read block 0xa8: -5
[  162.787971][ T8676] SQUASHFS error: xz decompression failed, data probably corrupt
[  162.790626][ T8676] SQUASHFS error: Failed to read block 0xa8: -5
[  162.795402][   T33] audit: type=1800 audit(1755150318.562:38): pid=8676 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1088" name="file0" dev="loop2" ino=3 res=0 errno=0
[  163.415395][ T8697] loop1: detected capacity change from 0 to 4096
[  163.457352][ T8698] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  163.871091][ T8710] loop2: detected capacity change from 0 to 4096
[  163.903749][ T8711] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  163.945348][ T8710] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=12)
[  163.953376][ T8710] Remounting filesystem read-only
[  163.977547][ T8713] netlink: 'syz.0.1103': attribute type 10 has an invalid length.
[  163.992697][ T8713] team0: Port device syz_tun added
[  163.992912][ T5847] NILFS (loop2): disposed unprocessed dirty file(s) when detaching log writer
[  164.159624][ T8727] loop2: detected capacity change from 0 to 128
[  164.504108][ T5867] usb 3-1: new full-speed USB device number 20 using dummy_hcd
[  164.654181][ T5867] usb 3-1: config index 0 descriptor too short (expected 69, got 36)
[  164.657636][ T5867] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  164.675111][ T5867] usb 3-1: New USB device found, idVendor=093a, idProduct=2622, bcdDevice=b7.89
[  164.678702][ T5867] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  164.681833][ T5867] usb 3-1: Product: syz
[  164.692067][ T5867] usb 3-1: Manufacturer: syz
[  164.693944][ T5867] usb 3-1: SerialNumber: syz
[  164.698694][ T5867] usb 3-1: config 0 descriptor??
[  164.729409][ T5867] gspca_main: gspca_pac7302-2.14.0 probing 093a:2622
[  164.785313][ T8753] netlink: 'syz.1.1122': attribute type 1 has an invalid length.
[  164.789746][ T8753] netlink: 244 bytes leftover after parsing attributes in process `syz.1.1122'.
[  164.795968][ T8753] NCSI netlink: No device for ifindex 0
[  164.839130][ T8755] loop1: detected capacity change from 0 to 1024
[  164.882514][ T8755] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  164.893439][ T8755] ext4 filesystem being mounted at /365/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  164.903823][ T8755] EXT4-fs error (device loop1): ext4_map_blocks:814: inode #15: comm syz.1.1123: lblock 0 mapped to illegal pblock 0 (length 3)
[  164.921481][ T8755] EXT4-fs (loop1): Remounting filesystem read-only
[  164.942807][ T5849] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  165.185840][ T8766] loop1: detected capacity change from 0 to 64
[  165.275981][ T8768] Illegal XDP return value 4294967294 on prog  (id 107) dev N/A, expect packet loss!
[  165.324180][ T5867] gspca_pac7302: reg_w() failed i: ff v: 01 error -71
[  165.326400][ T5867] gspca_pac7302 3-1:0.0: probe with driver gspca_pac7302 failed with error -71
[  165.334650][ T5867] usb 3-1: USB disconnect, device number 20
[  166.277397][ T8785] netlink: 'syz.2.1134': attribute type 10 has an invalid length.
[  166.280550][ T8785] bridge0: port 2(bridge_slave_1) entered disabled state
[  166.283306][ T8785] bridge0: port 1(bridge_slave_0) entered disabled state
[  166.294359][ T8785] bridge0: port 2(bridge_slave_1) entered blocking state
[  166.296791][ T8785] bridge0: port 2(bridge_slave_1) entered forwarding state
[  166.299298][ T8785] bridge0: port 1(bridge_slave_0) entered blocking state
[  166.301683][ T8785] bridge0: port 1(bridge_slave_0) entered forwarding state
[  166.306661][ T8785] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  166.422889][ T8789] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1135'.
[  166.977049][   T33] audit: type=1326 audit(1755150322.732:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8804 comm="syz.2.1142" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ffbacb8ebe9 code=0x0
[  167.000755][ T8813] bond0: option lp_interval: invalid value (0)
[  167.003567][ T8813] bond0: option lp_interval: allowed values 1 - 2147483647
[  167.179263][ T8819] net_ratelimit: 10 callbacks suppressed
[  167.179431][ T8819] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  167.478804][ T8827] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  167.478804][ T8827] The task syz.0.1151 (8827) triggered the difference, watch for misbehavior.
[  167.908491][ T8831] loop1: detected capacity change from 0 to 32768
[  167.917131][ T8831] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1153 (8831)
[  167.937771][ T8831] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  167.952540][ T8831] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm
[  167.967439][ T8831] BTRFS info (device loop1): using free-space-tree
[  168.057802][ T8831] BTRFS info (device loop1): rebuilding free space tree
[  169.170962][ T5849] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  169.972091][ T8893] binder: 8891:8893 ioctl c0306201 2000000003c0 returned -14
[  170.111047][ T8900] loop2: detected capacity change from 0 to 128
[  170.129245][ T8900] ufs: You didn't specify the type of your ufs filesystem
[  170.129245][ T8900] 
[  170.129245][ T8900] mount -t ufs -o ufstype=sun|sunx86|44bsd|ufs2|5xbsd|old|hp|nextstep|nextstep-cd|openstep ...
[  170.129245][ T8900] 
[  170.129245][ T8900] >>>WARNING<<< Wrong ufstype may corrupt your filesystem, default is ufstype=old
[  170.178495][ T8900] ufs: ufstype=old is supported read-only
[  170.207908][ T8900] ufs: ufs_fill_super(): bad magic number
[  170.765406][ T8906] loop1: detected capacity change from 0 to 32768
[  170.770964][ T8906] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1180 (8906)
[  170.782926][ T8906] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  170.786398][ T8906] BTRFS info (device loop1): using crc32c (crc32c-lib) checksum algorithm
[  170.789912][ T8906] BTRFS info (device loop1): using free-space-tree
[  170.883435][ T8906] BTRFS info (device loop1): rebuilding free space tree
[  170.936321][   T33] audit: type=1800 audit(1755150326.702:40): pid=8906 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1180" name="file1" dev="loop1" ino=260 res=0 errno=0
[  171.840652][ T5849] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  172.034937][ T8938] loop2: detected capacity change from 0 to 512
[  172.069117][ T8938] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  172.073147][ T8938] EXT4-fs (loop2): can't mount with commit=, fs mounted w/o journal
[  172.352309][ T5892] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  172.512265][ T5892] usb 3-1: Using ep0 maxpacket: 16
[  172.518688][ T5892] usb 3-1: config 1 has an invalid descriptor of length 189, skipping remainder of the config
[  172.522688][ T5892] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18
[  172.528764][ T5892] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice=f1.40
[  172.531686][ T5892] usb 3-1: New USB device strings: Mfr=255, Product=255, SerialNumber=0
[  172.538023][ T5892] usb 3-1: Product: syz
[  172.539801][ T5892] usb 3-1: Manufacturer: syz
[  172.560541][ T5892] cdc_ether 3-1:1.0: skipping garbage
[  172.564011][ T5892] cdc_ether 3-1:1.0: probe with driver cdc_ether failed with error -22
[  172.755684][    T9] usb 3-1: USB disconnect, device number 21
[  174.172259][    T9] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  174.283483][ T8967] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1199'.
[  174.366275][    T9] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  174.369979][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  174.388599][    T9] usb 2-1: config 0 descriptor??
[  174.416119][    T9] cp210x 2-1:0.0: cp210x converter detected
[  175.066572][    T9] cp210x 2-1:0.0: failed to get vendor val 0x000e size 678: -71
[  175.070065][    T9] cp210x 2-1:0.0: GPIO initialisation failed: -71
[  175.125294][    T9] usb 2-1: cp210x converter now attached to ttyUSB0
[  175.134946][    T9] usb 2-1: USB disconnect, device number 16
[  175.151433][    T9] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  175.156849][    T9] cp210x 2-1:0.0: device disconnected
[  175.656750][ T8986] loop1: detected capacity change from 0 to 47
[  175.679166][ T8986] MINIX-fs: deleted inode referenced: 9
[  175.683880][ T8986] MINIX-fs: deleted inode referenced: 9
[  175.740952][ T8988] loop1: detected capacity change from 0 to 256
[  175.879350][ T8992] loop1: detected capacity change from 0 to 512
[  175.884345][ T8992] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  175.899361][ T8992] EXT4-fs (loop1): 1 truncate cleaned up
[  175.910907][ T8992] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  175.964073][ T5849] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.140303][ T9004] loop1: detected capacity change from 0 to 256
[  176.152930][ T9004] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  176.160184][ T9004] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[  176.182232][ T9004] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  176.279798][ T9006] tipc: Started in network mode
[  176.282921][ T9006] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  176.289816][ T9006] tipc: New replicast peer: 0000:0000:0000:0000:0000:ffff:6401:0100
[  176.302994][ T9006] tipc: Enabled bearer <udp:syz2>, priority 10
[  176.455025][ T9016] loop2: detected capacity change from 0 to 1024
[  176.459014][ T9016] EXT4-fs: Ignoring removed bh option
[  176.474765][ T9016] EXT4-fs (loop2): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  176.490727][ T9016] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  176.494932][ T9020] loop1: detected capacity change from 0 to 512
[  176.500460][ T9020] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  176.538425][ T9020] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  176.573964][ T5847] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.658394][ T5849] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.855453][ T9032] loop1: detected capacity change from 0 to 512
[  176.873842][ T9032] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  176.883903][ T9032] EXT4-fs (loop1): 1 truncate cleaned up
[  176.891318][ T9032] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  176.895202][ T9026] loop2: detected capacity change from 0 to 32768
[  176.922417][ T9026] XFS (loop2): Mounting V5 Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  176.965105][ T5849] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  176.987575][ T9026] XFS (loop2): Ending clean mount
[  177.097120][ T5847] XFS (loop2): Unmounting Filesystem 9f1cad42-11bd-4e12-8f0b-f07876b81d9a
[  177.305473][ T9046] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1231'.
[  177.428184][ T5914] tipc: Node number set to 1
[  178.128081][ T9061] loop2: detected capacity change from 0 to 1024
[  178.132262][ T9061] hfsplus: Unknown parameter ''
[  178.214763][ T9062] RDS: rds_bind could not find a transport for fe80::bb, load rds_tcp or rds_rdma?
[  179.019510][ T9075] netlink: 'syz.0.1242': attribute type 10 has an invalid length.
[  179.039819][ T9075] 8021q: adding VLAN 0 to HW filter on device batadv0
[  179.063813][ T9075] batadv0: entered promiscuous mode
[  179.066885][ T9075] batadv0: entered allmulticast mode
[  179.071022][ T9075] bond0: (slave batadv0): Enslaving as an active interface with an up link
[  179.247846][ T9078] syzkaller1: entered promiscuous mode
[  179.250278][ T9078] syzkaller1: entered allmulticast mode
[  179.602176][ T5867] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  179.772101][ T5867] usb 3-1: Using ep0 maxpacket: 32
[  179.782857][ T5867] usb 3-1: config index 0 descriptor too short (expected 35577, got 27)
[  179.786309][ T5867] usb 3-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  179.789835][ T5867] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  179.803610][ T5867] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 92
[  179.812052][ T5867] usb 3-1: config 1 has no interface number 0
[  179.817493][ T5867] usb 3-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  179.827675][ T5867] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  179.847268][ T5867] snd_usb_pod 3-1:1.1: Line 6 Pocket POD found
[  179.918772][ T9095] loop1: detected capacity change from 0 to 32768
[  179.969428][ T9095] ERROR: (device loop1): dbAlloc: the hint is outside the map
[  179.969428][ T9095] 
[  179.990051][  T140] read_mapping_page failed!
[  179.991769][  T140] ERROR: (device loop1): txCommit: 
[  179.991769][  T140] 
[  179.996598][  T140] jfs_write_inode: jfs_commit_inode failed!
[  180.048786][ T5867] snd_usb_pod 3-1:1.1: set_interface failed
[  180.051593][ T5867] snd_usb_pod 3-1:1.1: Line 6 Pocket POD now disconnected
[  180.062900][ T5867] snd_usb_pod 3-1:1.1: probe with driver snd_usb_pod failed with error -71
[  180.074397][ T5867] usb 3-1: USB disconnect, device number 22
[  180.435310][    T9] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  180.602751][    T9] usb 2-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  180.606243][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  180.610794][ T9117] loop2: detected capacity change from 0 to 764
[  180.616561][    T9] usb 2-1: config 0 descriptor??
[  180.621872][    T9] gspca_main: STV06xx-2.14.0 probing 046d:0870
[  180.965037][ T9126] vivid-007: disconnect
[  180.970573][ T9125] vivid-007: reconnect
[  181.026081][    T9] gspca_stv06xx: I2C: Read error writing address: -71
[  181.040959][    T9] usb 2-1: USB disconnect, device number 17
[  181.268654][ T9128] loop2: detected capacity change from 0 to 32768
[  181.273087][ T9128] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1266 (9128)
[  181.288864][ T9128] BTRFS info (device loop2): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  181.304246][ T9128] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[  181.308237][ T9128] BTRFS info (device loop2): using free-space-tree
[  181.872748][ T5892] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  181.992677][ T5847] BTRFS info (device loop2): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  182.022075][ T5892] usb 2-1: Using ep0 maxpacket: 8
[  182.033928][ T5892] usb 2-1: config 150 has an invalid interface number: 204 but max is 0
[  182.037257][ T5892] usb 2-1: config 150 has no interface number 0
[  182.039735][ T5892] usb 2-1: config 150 interface 204 has no altsetting 0
[  182.049956][ T5892] usb 2-1: New USB device found, idVendor=04e2, idProduct=1424, bcdDevice=c7.eb
[  182.055181][ T5892] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  182.058787][ T5892] usb 2-1: Product: syz
[  182.062678][ T5892] usb 2-1: Manufacturer: syz
[  182.064559][ T5892] usb 2-1: SerialNumber: syz
[  182.341245][ T9162] loop2: detected capacity change from 0 to 256
[  182.348186][ T9162] exfat: Deprecated parameter 'namecase'
[  182.357782][ T9162] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  182.481679][ T5892] usb 2-1: USB disconnect, device number 18
[  182.485299][   T33] audit: type=1326 audit(1755150338.242:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9167 comm="syz.0.1274" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feba658ebe9 code=0x7ffc0000
[  182.496912][   T33] audit: type=1326 audit(1755150338.242:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9167 comm="syz.0.1274" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feba658ebe9 code=0x7ffc0000
[  182.522686][   T33] audit: type=1326 audit(1755150338.262:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9167 comm="syz.0.1274" exe="/syz-executor" sig=0 arch=c000003e syscall=65 compat=0 ip=0x7feba658ebe9 code=0x7ffc0000
[  182.535837][   T33] audit: type=1326 audit(1755150338.262:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9167 comm="syz.0.1274" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feba658ebe9 code=0x7ffc0000
[  182.549736][ T9170] loop2: detected capacity change from 0 to 256
[  182.552314][   T33] audit: type=1326 audit(1755150338.262:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9167 comm="syz.0.1274" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feba658ebe9 code=0x7ffc0000
[  182.563506][ T9170] exFAT-fs (loop2): bogus sector size bits : 0
[  182.565502][ T9170] exFAT-fs (loop2): failed to read boot sector
[  182.567470][ T9170] exFAT-fs (loop2): failed to recognize exfat type
[  182.832341][ T5914] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  182.985673][ T5914] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  182.992288][ T5914] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  182.996695][ T5914] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  183.000930][ T5914] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  183.008912][ T5914] usb 3-1: New USB device found, idVendor=0bfd, idProduct=010c, bcdDevice=2d.16
[  183.015688][ T5914] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  183.019015][ T5914] usb 3-1: Product: syz
[  183.020710][ T5914] usb 3-1: Manufacturer: syz
[  183.022720][ T5914] usb 3-1: SerialNumber: syz
[  183.035854][ T5914] usb 3-1: config 0 descriptor??
[  183.046645][ T5914] kvaser_usb 3-1:0.0: CMD_MAP_CHANNEL_REQ failed for CAN0
[  183.049677][ T5914] kvaser_usb 3-1:0.0: error -EMSGSIZE: Failed to initialize card
[  183.058930][ T5914] kvaser_usb 3-1:0.0: probe with driver kvaser_usb failed with error -90
[  183.128278][ T9176] loop1: detected capacity change from 0 to 4096
[  183.149650][ T9176] ntfs3(loop1): ino=0, mi_enum_attr
[  183.168566][ T9176] ntfs3(loop1): ino=0, mi_enum_attr
[  183.265410][ T5914] usb 3-1: USB disconnect, device number 23
[  183.306076][ T9184] loop1: detected capacity change from 0 to 64
[  183.585650][ T9200] loop1: detected capacity change from 0 to 4096
[  183.926186][ T9204] loop1: detected capacity change from 0 to 32768
[  183.963824][ T9204] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  183.995022][ T9204] (syz.1.1293,9204,1):ocfs2_reflink_ioctl:4417 ERROR: status = -2
[  184.035512][ T5849] (syz-executor,5849,0):ocfs2_inode_is_valid_to_delete:948 ERROR: Skipping delete of system file 72
[  184.045170][ T5849] ocfs2: Unmounting device (7,1) on (node local)
[  184.739830][ T9228] fuse: Bad value for 'fd'
[  184.867869][ T5845] Bluetooth: hci0: Malformed Event: 0x02
[  184.984805][ T9242] loop2: detected capacity change from 0 to 2048
[  184.993483][ T9242] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[  184.997554][ T9242] UDF-fs: Scanning with blocksize 512 failed
[  185.008064][ T9242] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  185.124841][ T9245] netlink: 248 bytes leftover after parsing attributes in process `syz.1.1312'.
[  185.252272][ T9252] loop1: detected capacity change from 0 to 256
[  185.264354][ T9252] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000e8a4, chksum : 0x7bc75166, utbl_chksum : 0xe619d30d)
[  185.562274][ T1272] usb 3-1: new high-speed USB device number 24 using dummy_hcd
[  185.732215][ T1272] usb 3-1: Using ep0 maxpacket: 16
[  185.738865][ T1272] usb 3-1: config 0 has an invalid interface number: 8 but max is 0
[  185.743087][ T1272] usb 3-1: config 0 has no interface number 0
[  185.745627][ T1272] usb 3-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  185.750187][ T1272] usb 3-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  185.758405][ T1272] usb 3-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  185.764847][ T1272] usb 3-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  185.768161][ T1272] usb 3-1: Product: syz
[  185.769771][ T1272] usb 3-1: SerialNumber: syz
[  185.774959][    T9] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  185.789651][ T1272] usb 3-1: config 0 descriptor??
[  185.794259][ T1272] cm109 3-1:0.8: invalid payload size 0, expected 4
[  185.799976][ T1272] input: CM109 USB driver as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.8/input/input12
[  185.952231][    T9] usb 2-1: Using ep0 maxpacket: 32
[  185.956275][    T9] usb 2-1: config 0 has an invalid interface number: 43 but max is 1
[  185.959881][    T9] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  185.965658][    T9] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 2
[  185.968783][    T9] usb 2-1: config 0 has no interface number 0
[  185.970863][    T9] usb 2-1: config 0 interface 43 altsetting 250 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  185.976436][    T9] usb 2-1: config 0 interface 43 has no altsetting 0
[  185.981062][    T9] usb 2-1: New USB device found, idVendor=06cd, idProduct=0104, bcdDevice=c8.6a
[  185.984418][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  185.987060][    T9] usb 2-1: Product: syz
[  185.988443][    T9] usb 2-1: Manufacturer: syz
[  185.989938][    T9] usb 2-1: SerialNumber: syz
[  186.002084][    T9] usb 2-1: config 0 descriptor??
[  186.004125][    C0] cm109 3-1:0.8: cm109_urb_ctl_callback: usb_submit_urb (urb_irq) failed -90
[  186.212409][    T9] keyspan_pda 2-1:0.43: required endpoints missing
[  186.221216][    T9] usb 2-1: USB disconnect, device number 19
[  186.422371][ T5914] usb 3-1: USB disconnect, device number 24
[  186.433746][ T5914] cm109 3-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  186.967178][ T9304] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  187.053753][ T9311] loop2: detected capacity change from 0 to 128
[  187.072081][ T9311] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  187.076790][ T9311] ext4 filesystem being mounted at /370/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  187.115441][ T5847] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  187.244777][ T9320] tap0: tun_chr_ioctl cmd 1074025675
[  187.246839][ T9320] tap0: persist enabled
[  187.292475][    T9] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  187.443844][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  187.448111][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  187.451637][    T9] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  187.455284][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  187.460162][    T9] usb 2-1: config 0 descriptor??
[  187.875060][    T9] pyra 0003:1E7D:2CF6.0004: ignoring exceeding usage max
[  187.879699][    T9] pyra 0003:1E7D:2CF6.0004: ignoring exceeding usage max
[  187.883681][    T9] pyra 0003:1E7D:2CF6.0004: usage index exceeded
[  187.886500][    T9] pyra 0003:1E7D:2CF6.0004: item 0 1 2 2 parsing failed
[  187.891456][    T9] pyra 0003:1E7D:2CF6.0004: parse failed
[  187.897409][    T9] pyra 0003:1E7D:2CF6.0004: probe with driver pyra failed with error -22
[  188.081377][   T24] usb 2-1: USB disconnect, device number 20
[  188.251457][ T9345] loop2: detected capacity change from 0 to 256
[  189.655611][ T9372] loop2: detected capacity change from 0 to 256
[  189.677720][ T9374] loop1: detected capacity change from 0 to 512
[  189.719235][ T9374] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.1362: casefold flag without casefold feature
[  189.736258][ T9374] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.1362: couldn't read orphan inode 15 (err -117)
[  189.748000][ T9374] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  189.828698][ T9374] evm: overlay not supported
[  189.988685][ T5849] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  190.032099][    T9] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  190.111565][ T9386] loop1: detected capacity change from 0 to 1764
[  190.136480][ T9386] iso9660: Corrupted directory entry in block 2 of inode 1920
[  190.195671][    T9] usb 3-1: Using ep0 maxpacket: 16
[  190.200239][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  190.215947][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  190.219757][    T9] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  190.227154][    T9] usb 3-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  190.230774][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  190.237560][    T9] usb 3-1: config 0 descriptor??
[  190.355491][ T9395] loop1: detected capacity change from 0 to 4096
[  190.378481][ T9395] ntfs3(loop1): ino=19, mi_enum_attr
[  190.380322][ T9395] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  190.390012][ T9395] ntfs3(loop1): try to read out of volume at offset 0x3fffffc7000
[  190.395494][ T9395] ntfs3(loop1): ino=21, The size of extended attributes must not exceed 64KiB
[  190.491060][ T9399] loop1: detected capacity change from 0 to 256
[  190.533287][ T9399] FAT-fs (loop1): Directory bread(block 64) failed
[  190.540885][ T9399] FAT-fs (loop1): Directory bread(block 65) failed
[  190.544873][ T9399] FAT-fs (loop1): Directory bread(block 66) failed
[  190.549686][ T9399] FAT-fs (loop1): Directory bread(block 67) failed
[  190.552582][ T9399] FAT-fs (loop1): Directory bread(block 68) failed
[  190.554695][ T9399] FAT-fs (loop1): Directory bread(block 69) failed
[  190.557439][ T9399] FAT-fs (loop1): Directory bread(block 70) failed
[  190.559492][ T9399] FAT-fs (loop1): Directory bread(block 71) failed
[  190.561886][ T9399] FAT-fs (loop1): Directory bread(block 72) failed
[  190.565622][ T9399] FAT-fs (loop1): Directory bread(block 73) failed
[  190.694277][    T9] input: HID 0955:7214 Haptics as /devices/virtual/input/input13
[  190.790004][    T9] shield 0003:0955:7214.0005: Registered Thunderstrike controller
[  190.793336][    T9] shield 0003:0955:7214.0005: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.2-1/input0
[  190.806747][ T9412] loop1: detected capacity change from 0 to 1024
[  190.823055][ T9412] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  190.826984][ T9412] ext4 filesystem being mounted at /440/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  190.868122][ T6029] EXT4-fs error (device loop1): ext4_validate_block_bitmap:441: comm kworker/u10:16: bg 0: block 393: padding at end of block bitmap is not set
[  190.883976][ T6029] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 2050 with max blocks 1 with error 28
[  190.890366][ T6029] EXT4-fs (loop1): This should not happen!! Data will be lost
[  190.890366][ T6029] 
[  190.891339][    T9] usb 3-1: USB disconnect, device number 25
[  190.896274][ T5867] shield 0003:0955:7214.0005: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  190.899811][ T5867] shield 0003:0955:7214.0005: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  190.900137][ T6029] EXT4-fs (loop1): Total free blocks count 0
[  190.908669][ T5867] shield 0003:0955:7214.0005: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  190.909802][ T6029] EXT4-fs (loop1): Free/Dirty block details
[  190.914259][ T9357] Bluetooth: hci1: command 0x0406 tx timeout
[  190.917012][ T9358] Bluetooth: hci0: command 0x0406 tx timeout
[  190.919112][ T5867] shield 0003:0955:7214.0005: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  190.926560][ T6029] EXT4-fs (loop1): free_blocks=0
[  190.940521][ T6029] EXT4-fs (loop1): dirty_blocks=16
[  190.952843][ T6029] EXT4-fs (loop1): Block reservation details
[  190.960877][ T6029] EXT4-fs (loop1): i_reserved_data_blocks=1
[  190.975173][ T5849] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  191.272098][ T5914] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  191.434435][ T5914] usb 2-1: Using ep0 maxpacket: 32
[  191.441057][ T5914] usb 2-1: config 0 has an invalid interface number: 67 but max is 0
[  191.445374][ T5914] usb 2-1: config 0 has no interface number 0
[  191.455204][ T5914] usb 2-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  191.460745][ T5914] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  191.464162][ T5914] usb 2-1: Product: syz
[  191.465584][ T5914] usb 2-1: Manufacturer: syz
[  191.467063][ T5914] usb 2-1: SerialNumber: syz
[  191.470545][ T5914] usb 2-1: config 0 descriptor??
[  191.479925][ T5914] smsc95xx v2.0.0
[  191.735317][ T9425] loop2: detected capacity change from 0 to 32768
[  192.291596][ T5914] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): EEPROM read operation timeout
[  192.414401][ T5867] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  192.494207][ T5914] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[  192.498859][ T5914] smsc95xx 2-1:0.67: probe with driver smsc95xx failed with error -71
[  192.506106][ T5914] usb 2-1: USB disconnect, device number 21
[  192.562116][ T5867] usb 3-1: Using ep0 maxpacket: 8
[  192.565553][ T5867] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 13
[  192.571095][ T5867] usb 3-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58
[  192.574988][ T5867] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  192.578119][ T5867] usb 3-1: Product: syz
[  192.579757][ T5867] usb 3-1: Manufacturer: syz
[  192.581620][ T5867] usb 3-1: SerialNumber: syz
[  192.587214][ T5867] usb 3-1: config 0 descriptor??
[  192.593687][ T5867] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae
[  193.744531][ T9504] loop1: detected capacity change from 0 to 512
[  193.772537][ T9504] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.1420: bg 0: block 5: invalid block bitmap
[  193.783664][ T9504] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  193.786959][ T9504] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.1420: invalid indirect mapped block 3 (level 2)
[  193.791866][ T9504] EXT4-fs (loop1): 1 orphan inode deleted
[  193.793828][ T9504] EXT4-fs (loop1): 1 truncate cleaned up
[  193.796794][ T9504] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  193.829418][ T5849] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.970117][ T1363] ieee802154 phy0 wpan0: encryption failed: -22
[  193.973097][ T1363] ieee802154 phy1 wpan1: encryption failed: -22
[  195.659145][ T5867] gspca_zc3xx: reg_r err -71
[  195.660991][ T5867] gspca_zc3xx 3-1:0.0: probe with driver gspca_zc3xx failed with error -71
[  195.667135][ T5867] usb 3-1: USB disconnect, device number 26
[  196.367090][ T9533] loop2: detected capacity change from 0 to 65
[  196.375235][ T9533] BFS-fs: bfs_fill_super(): NOTE: filesystem loop2 was created with 512 inodes, the real maximum is 511, mounting anyway
[  196.491538][ T9537] loop2: detected capacity change from 0 to 512
[  196.496747][ T9537] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  196.511214][ T9537] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  196.518013][ T9537] ext4 filesystem being mounted at /390/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  196.546536][   T33] audit: type=1326 audit(1755150352.312:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9541 comm="syz.0.1438" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feba658ebe9 code=0x7ffc0000
[  196.555381][   T33] audit: type=1326 audit(1755150352.312:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9541 comm="syz.0.1438" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feba658ebe9 code=0x7ffc0000
[  196.571584][ T5847] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.582092][   T33] audit: type=1326 audit(1755150352.322:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9541 comm="syz.0.1438" exe="/syz-executor" sig=0 arch=c000003e syscall=161 compat=0 ip=0x7feba658ebe9 code=0x7ffc0000
[  196.588628][   T33] audit: type=1326 audit(1755150352.322:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9541 comm="syz.0.1438" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feba658ebe9 code=0x7ffc0000
[  196.599211][   T33] audit: type=1326 audit(1755150352.322:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9541 comm="syz.0.1438" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7feba658ebe9 code=0x7ffc0000
[  196.666486][ T9548] vimc link validate: Scaler:src:640x480 (0x33424752, 8, 0, 0, 0) RGB/YUV Capture:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  196.972294][ T5867] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  197.146491][ T5867] usb 3-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00
[  197.150136][ T5867] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  197.156013][ T5867] usb 3-1: Product: syz
[  197.157763][ T5867] usb 3-1: Manufacturer: syz
[  197.159642][ T5867] usb 3-1: SerialNumber: syz
[  197.164196][ T5867] usb 3-1: config 0 descriptor??
[  197.550488][ T5867] hso 3-1:0.0: Failed to find INT IN ep
[  197.553222][ T5867] usb-storage 3-1:0.0: USB Mass Storage device detected
[  197.622294][   T24] usb 3-1: USB disconnect, device number 27
[  198.166460][ T9590] loop2: detected capacity change from 0 to 512
[  198.179841][ T9590] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  198.184156][ T9590] ext4 filesystem being mounted at /394/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  198.215185][ T5847] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.297467][ T9597] loop2: detected capacity change from 0 to 1024
[  198.320532][ T9597] hfsplus: found bad thread record in catalog
[  198.532253][ T9601] loop2: detected capacity change from 0 to 32768
[  198.542263][ T9601] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1461 (9601)
[  198.550178][ T9601] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  198.553764][ T9601] BTRFS info (device loop2): using crc32c (crc32c-lib) checksum algorithm
[  198.556583][ T9601] BTRFS info (device loop2): using free-space-tree
[  198.622982][ T9601] BTRFS info (device loop2): rebuilding free space tree
[  198.678778][ T5847] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  200.518538][ T9652] fuse: Bad value for 'fd'
[  201.137772][ T9676] loop2: detected capacity change from 0 to 1024
[  201.153597][ T9676] hfsplus: request for non-existent node 3 in B*Tree
[  201.156236][ T9676] hfsplus: request for non-existent node 3 in B*Tree
[  201.274141][ T9682] loop2: detected capacity change from 0 to 128
[  204.307508][ T9760] loop2: detected capacity change from 0 to 256
[  204.341242][ T9760] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[  204.445811][ T9762] loop2: detected capacity change from 0 to 8
[  205.374092][ T9790] syzkaller1: entered promiscuous mode
[  205.376013][ T9790] syzkaller1: entered allmulticast mode
[  207.426533][ T9839] loop2: detected capacity change from 0 to 32768
[  207.514503][ T9839] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  207.514522][ T9839]   allowing incompatible features above 0.0: (unknown version)
[  207.514528][ T9839]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  207.528603][ T9839] bcachefs (loop2): Using encoding defined by superblock: utf8-12.1.0
[  207.531174][ T9839] bcachefs (loop2): initializing new filesystem
[  207.540597][ T9839] bcachefs (loop2): going read-write
[  207.554201][ T9839] bcachefs (loop2): marking superblocks
[  207.569464][ T9839] bcachefs (loop2): initializing freespace
[  207.574030][ T9839] bcachefs (loop2): done initializing freespace
[  207.578267][ T9839] bcachefs (loop2): reading snapshots table
[  207.580373][ T9839] bcachefs (loop2): reading snapshots done
[  207.621308][ T9839] bcachefs (loop2): done starting filesystem
[  207.650432][ T9839] syz.2.1560 (9839) used greatest stack depth: 17448 bytes left
[  207.681801][ T5847] bcachefs (loop2): shutting down
[  207.686105][ T5847] bcachefs (loop2): going read-only
[  207.688310][ T5847] bcachefs (loop2): finished waiting for writes to stop
[  207.698458][ T5847] bcachefs (loop2): flushing journal and stopping allocators, journal seq 2
[  207.758932][ T5847] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 3
[  207.765769][ T5847] bcachefs (loop2): clean shutdown complete, journal seq 4
[  207.768827][ T5847] bcachefs (loop2): marking filesystem clean
[  207.811753][ T5847] bcachefs (loop2): shutdown complete
[  208.769579][ T9861] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1565'.
[  209.255766][ T9868] loop2: detected capacity change from 0 to 4096
[  209.320837][ T9869] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  209.386344][ T6252] ==================================================================
[  209.389051][ T6252] BUG: KASAN: slab-use-after-free in __mutex_lock+0x7fc/0x1360
[  209.391506][ T6252] Read of size 8 at addr ffff888028db40a0 by task khidpd_10cf0004/6252
[  209.395009][ T6252] 
[  209.396193][ T6252] CPU: 1 UID: 0 PID: 6252 Comm: khidpd_10cf0004 Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  209.396206][ T6252] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  209.396213][ T6252] Call Trace:
[  209.396219][ T6252]  <TASK>
[  209.396224][ T6252]  dump_stack_lvl+0x189/0x250
[  209.396240][ T6252]  ? __kasan_check_byte+0x12/0x40
[  209.396254][ T6252]  ? __pfx_dump_stack_lvl+0x10/0x10
[  209.396262][ T6252]  ? lock_release+0x4b/0x3e0
[  209.396276][ T6252]  ? __virt_addr_valid+0x4a5/0x5c0
[  209.396287][ T6252]  print_report+0xca/0x240
[  209.396297][ T6252]  ? __mutex_lock+0x7fc/0x1360
[  209.396308][ T6252]  kasan_report+0x118/0x150
[  209.396318][ T6252]  ? __mutex_lock+0x7fc/0x1360
[  209.396329][ T6252]  __mutex_lock+0x7fc/0x1360
[  209.396340][ T6252]  ? __mutex_lock+0x5b6/0x1360
[  209.396350][ T6252]  ? l2cap_unregister_user+0x6a/0x1b0
[  209.396362][ T6252]  ? __pfx___mutex_lock+0x10/0x10
[  209.396373][ T6252]  ? __pfx___timer_delete_sync+0x10/0x10
[  209.396386][ T6252]  l2cap_unregister_user+0x6a/0x1b0
[  209.396395][ T6252]  hidp_session_thread+0x3c9/0x410
[  209.396407][ T6252]  ? __pfx_hidp_session_thread+0x10/0x10
[  209.396415][ T6252]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  209.396432][ T6252]  ? __pfx_hidp_session_wake_function+0x10/0x10
[  209.396442][ T6252]  ? __pfx_hidp_session_wake_function+0x10/0x10
[  209.396450][ T6252]  ? __kthread_parkme+0x7b/0x200
[  209.396460][ T6252]  ? __kthread_parkme+0x1a1/0x200
[  209.396468][ T6252]  kthread+0x711/0x8a0
[  209.396477][ T6252]  ? __pfx_hidp_session_thread+0x10/0x10
[  209.396486][ T6252]  ? __pfx_kthread+0x10/0x10
[  209.396494][ T6252]  ? _raw_spin_unlock_irq+0x23/0x50
[  209.396503][ T6252]  ? lockdep_hardirqs_on+0x9c/0x150
[  209.396512][ T6252]  ? __pfx_kthread+0x10/0x10
[  209.396521][ T6252]  ret_from_fork+0x3fc/0x770
[  209.396530][ T6252]  ? __pfx_ret_from_fork+0x10/0x10
[  209.396539][ T6252]  ? __switch_to_asm+0x39/0x70
[  209.396548][ T6252]  ? __switch_to_asm+0x33/0x70
[  209.396556][ T6252]  ? __pfx_kthread+0x10/0x10
[  209.396565][ T6252]  ret_from_fork_asm+0x1a/0x30
[  209.396577][ T6252]  </TASK>
[  209.396580][ T6252] 
[  209.461877][ T6252] Allocated by task 5849:
[  209.463251][ T6252]  kasan_save_track+0x3e/0x80
[  209.464732][ T6252]  __kasan_kmalloc+0x93/0xb0
[  209.466221][ T6252]  __kmalloc_noprof+0x27a/0x4f0
[  209.467724][ T6252]  hci_alloc_dev_priv+0x28/0x2060
[  209.469299][ T6252]  vhci_create_device+0x120/0x6e0
[  209.470943][ T6252]  vhci_write+0x3ce/0x4a0
[  209.472655][ T6252]  vfs_write+0x5c9/0xb30
[  209.474260][ T6252]  ksys_write+0x145/0x250
[  209.475983][ T6252]  do_syscall_64+0xfa/0x3b0
[  209.477709][ T6252]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.479653][ T6252] 
[  209.480542][ T6252] Freed by task 6966:
[  209.482153][ T6252]  kasan_save_track+0x3e/0x80
[  209.483681][ T6252]  kasan_save_free_info+0x46/0x50
[  209.485322][ T6252]  __kasan_slab_free+0x5b/0x80
[  209.486766][ T6252]  kfree+0x18e/0x440
[  209.487981][ T6252]  bt_host_release+0x82/0x90
[  209.489466][ T6252]  device_release+0x9c/0x1c0
[  209.491155][ T6252]  kobject_put+0x22b/0x480
[  209.492908][ T6252]  vhci_release+0x88/0xd0
[  209.494706][ T6252]  __fput+0x44c/0xa70
[  209.496409][ T6252]  task_work_run+0x1d4/0x260
[  209.498359][ T6252]  do_exit+0x6b5/0x2300
[  209.500070][ T6252]  do_group_exit+0x21c/0x2d0
[  209.501952][ T6252]  get_signal+0x1286/0x1340
[  209.503751][ T6252]  arch_do_signal_or_restart+0x9a/0x750
[  209.505983][ T6252]  exit_to_user_mode_loop+0x75/0x110
[  209.508308][ T6252]  do_syscall_64+0x2bd/0x3b0
[  209.510306][ T6252]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.512636][ T6252] 
[  209.513442][ T6252] Last potentially related work creation:
[  209.515356][ T6252]  kasan_save_stack+0x3e/0x60
[  209.516917][ T6252]  kasan_record_aux_stack+0xbd/0xd0
[  209.518633][ T6252]  insert_work+0x3d/0x330
[  209.520088][ T6252]  __queue_work+0xbaf/0xfb0
[  209.521847][ T6252]  queue_work_on+0x181/0x270
[  209.523437][ T6252]  l2cap_recv_frame+0x2f3d/0xeae0
[  209.525074][ T6252]  l2cap_recv_acldata+0x531/0x1210
[  209.526958][ T6252]  hci_rx_work+0x5bb/0xe80
[  209.528678][ T6252]  process_scheduled_works+0xae1/0x17b0
[  209.530776][ T6252]  worker_thread+0x8a0/0xda0
[  209.532549][ T6252]  kthread+0x711/0x8a0
[  209.534000][ T6252]  ret_from_fork+0x3fc/0x770
[  209.535537][ T6252]  ret_from_fork_asm+0x1a/0x30
[  209.537216][ T6252] 
[  209.537969][ T6252] Second to last potentially related work creation:
[  209.540004][ T6252]  kasan_save_stack+0x3e/0x60
[  209.541538][ T6252]  kasan_record_aux_stack+0xbd/0xd0
[  209.543161][ T6252]  insert_work+0x3d/0x330
[  209.544519][ T6252]  __queue_work+0xcd2/0xfb0
[  209.546011][ T6252]  queue_work_on+0x181/0x270
[  209.547540][ T6252]  hci_recv_frame+0x5c9/0x720
[  209.549085][ T6252]  vhci_write+0x358/0x4a0
[  209.550520][ T6252]  vfs_write+0x5c9/0xb30
[  209.552220][ T6252]  ksys_write+0x145/0x250
[  209.553959][ T6252]  do_syscall_64+0xfa/0x3b0
[  209.555803][ T6252]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.558177][ T6252] 
[  209.559157][ T6252] The buggy address belongs to the object at ffff888028db4000
[  209.559157][ T6252]  which belongs to the cache kmalloc-8k of size 8192
[  209.564339][ T6252] The buggy address is located 160 bytes inside of
[  209.564339][ T6252]  freed 8192-byte region [ffff888028db4000, ffff888028db6000)
[  209.568565][ T6252] 
[  209.569320][ T6252] The buggy address belongs to the physical page:
[  209.571466][ T6252] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x28db0
[  209.574929][ T6252] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  209.578267][ T6252] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  209.581151][ T6252] page_type: f5(slab)
[  209.582761][ T6252] raw: 00fff00000000040 ffff88801a442280 ffffea0000879600 dead000000000002
[  209.585844][ T6252] raw: 0000000000000000 0000000000020002 00000000f5000000 0000000000000000
[  209.589109][ T6252] head: 00fff00000000040 ffff88801a442280 ffffea0000879600 dead000000000002
[  209.592363][ T6252] head: 0000000000000000 0000000000020002 00000000f5000000 0000000000000000
[  209.594910][ T6252] head: 00fff00000000003 ffffea0000a36c01 00000000ffffffff 00000000ffffffff
[  209.597961][ T6252] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  209.601277][ T6252] page dumped because: kasan: bad access detected
[  209.603769][ T6252] page_owner tracks the page as allocated
[  209.606065][ T6252] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5586, tgid 5586 (S41dhcpcd), ts 33420933873, free_ts 31794856955
[  209.614169][ T6252]  post_alloc_hook+0x240/0x2a0
[  209.616140][ T6252]  get_page_from_freelist+0x21e4/0x22c0
[  209.618348][ T6252]  __alloc_frozen_pages_noprof+0x181/0x370
[  209.620653][ T6252]  alloc_pages_mpol+0x232/0x4a0
[  209.622574][ T6252]  allocate_slab+0x8a/0x370
[  209.624402][ T6252]  ___slab_alloc+0xbeb/0x1410
[  209.626387][ T6252]  __kmalloc_cache_noprof+0x296/0x3d0
[  209.628508][ T6252]  tomoyo_init_log+0x111f/0x1f70
[  209.630428][ T6252]  tomoyo_supervisor+0x340/0x1480
[  209.632407][ T6252]  tomoyo_env_perm+0x149/0x1e0
[  209.633882][ T6252]  tomoyo_find_next_domain+0x15cf/0x1aa0
[  209.635614][ T6252]  tomoyo_bprm_check_security+0x11c/0x180
[  209.637366][ T6252]  security_bprm_check+0x89/0x270
[  209.638909][ T6252]  bprm_execve+0x8ee/0x1450
[  209.640378][ T6252]  do_execveat_common+0x510/0x6a0
[  209.642008][ T6252]  __x64_sys_execve+0x94/0xb0
[  209.643476][ T6252] page last free pid 5299 tgid 5299 stack trace:
[  209.645420][ T6252]  __free_frozen_pages+0xbc4/0xd30
[  209.646950][ T6252]  __put_partials+0x156/0x1a0
[  209.648381][ T6252]  put_cpu_partial+0x17c/0x250
[  209.649920][ T6252]  __slab_free+0x2d5/0x3c0
[  209.651362][ T6252]  qlist_free_all+0x97/0x140
[  209.653145][ T6252]  kasan_quarantine_reduce+0x148/0x160
[  209.655341][ T6252]  __kasan_slab_alloc+0x22/0x80
[  209.657287][ T6252]  __kvmalloc_node_noprof+0x2b0/0x5f0
[  209.659435][ T6252]  seq_read_iter+0x1fd/0xe10
[  209.661340][ T6252]  vfs_read+0x55a/0xa30
[  209.663001][ T6252]  ksys_read+0x145/0x250
[  209.664724][ T6252]  do_syscall_64+0xfa/0x3b0
[  209.666615][ T6252]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  209.668981][ T6252] 
[  209.669955][ T6252] Memory state around the buggy address:
[  209.672214][ T6252]  ffff888028db3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  209.675070][ T6252]  ffff888028db4000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  209.677501][ T6252] >ffff888028db4080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  209.680249][ T6252]                                ^
[  209.682235][ T6252]  ffff888028db4100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  209.685377][ T6252]  ffff888028db4180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  209.688502][ T6252] ==================================================================
[  209.692662][ T6252] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  209.695561][ T6252] CPU: 1 UID: 0 PID: 6252 Comm: khidpd_10cf0004 Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  209.700632][ T6252] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  209.704622][ T6252] Call Trace:
[  209.705948][ T6252]  <TASK>
[  209.706906][ T6252]  dump_stack_lvl+0x99/0x250
[  209.708410][ T6252]  ? __asan_memcpy+0x40/0x70
[  209.709852][ T6252]  ? __pfx_dump_stack_lvl+0x10/0x10
[  209.711637][ T6252]  ? __pfx__printk+0x10/0x10
[  209.713531][ T6252]  vpanic+0x281/0x750
[  209.715251][ T6252]  ? __pfx_vpanic+0x10/0x10
[  209.717135][ T6252]  ? irqentry_exit+0x74/0x90
[  209.719095][ T6252]  panic+0xb9/0xc0
[  209.720721][ T6252]  ? __pfx_panic+0x10/0x10
[  209.722678][ T6252]  ? _raw_spin_unlock_irqrestore+0xa8/0x110
[  209.725057][ T6252]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  209.727508][ T6252]  ? __mutex_lock+0x7fc/0x1360
[  209.729448][ T6252]  check_panic_on_warn+0x89/0xb0
[  209.731500][ T6252]  ? __mutex_lock+0x7fc/0x1360
[  209.733441][ T6252]  end_report+0x78/0x160
[  209.734862][ T6252]  kasan_report+0x129/0x150
[  209.736347][ T6252]  ? __mutex_lock+0x7fc/0x1360
[  209.738027][ T6252]  __mutex_lock+0x7fc/0x1360
[  209.739744][ T6252]  ? __mutex_lock+0x5b6/0x1360
[  209.741489][ T6252]  ? l2cap_unregister_user+0x6a/0x1b0
[  209.743197][ T6252]  ? __pfx___mutex_lock+0x10/0x10
[  209.745063][ T6252]  ? __pfx___timer_delete_sync+0x10/0x10
[  209.747335][ T6252]  l2cap_unregister_user+0x6a/0x1b0
[  209.749341][ T6252]  hidp_session_thread+0x3c9/0x410
[  209.751308][ T6252]  ? __pfx_hidp_session_thread+0x10/0x10
[  209.753434][ T6252]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  209.755272][ T6252]  ? __pfx_hidp_session_wake_function+0x10/0x10
[  209.757193][ T6252]  ? __pfx_hidp_session_wake_function+0x10/0x10
[  209.759263][ T6252]  ? __kthread_parkme+0x7b/0x200
[  209.761244][ T6252]  ? __kthread_parkme+0x1a1/0x200
[  209.763314][ T6252]  kthread+0x711/0x8a0
[  209.765013][ T6252]  ? __pfx_hidp_session_thread+0x10/0x10
[  209.767364][ T6252]  ? __pfx_kthread+0x10/0x10
[  209.769245][ T6252]  ? _raw_spin_unlock_irq+0x23/0x50
[  209.771342][ T6252]  ? lockdep_hardirqs_on+0x9c/0x150
[  209.773415][ T6252]  ? __pfx_kthread+0x10/0x10
[  209.774861][ T6252]  ret_from_fork+0x3fc/0x770
[  209.776254][ T6252]  ? __pfx_ret_from_fork+0x10/0x10
[  209.777830][ T6252]  ? __switch_to_asm+0x39/0x70
[  209.779352][ T6252]  ? __switch_to_asm+0x33/0x70
[  209.780896][ T6252]  ? __pfx_kthread+0x10/0x10
[  209.782348][ T6252]  ret_from_fork_asm+0x1a/0x30
[  209.783836][ T6252]  </TASK>
[  209.785402][ T6252] Kernel Offset: disabled
[  209.786744][ T6252] Rebooting in 86400 seconds..

VM DIAGNOSIS:
05:46:05  Registers:
info registers vcpu 0

CPU#0
RAX=1ffffffff1b7bda2 RBX=0000000000000000 RCX=3d8eed8092e04a00 RDX=ffff888022875640
RSI=ffffffff8be33460 RDI=ffffffff8be33420 RBP=ffff8881095352d8 RSP=ffffc90002bcfa00
R8 =0000000000000000 R9 =ffffffff8b46d2e2 R10=dffffc0000000000 R11=ffffffff8b46d210
R12=dffffc0000000000 R13=ffffffff8b46d2e2 R14=ffffffff8dbded10 R15=dffffc0000000000
RIP=ffffffff81a65dba RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880b861c000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000055557016c5c8 CR3=0000000127ac2000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=9500000000000000 b700080200000000 XMM03=8500000000000009 5600000000000098
XMM04=00000000fff89a7b 00000000000002b7 XMM05=0000221800000008 000002c4fffffff0
XMM06=0000040700000000 0000a4bffffffdff XMM07=0000080700000000 000027bf00000000
XMM08=fff0aa7b00000000 000009b500000000 XMM09=0000000000000000 00007feba6612fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000035 RBX=0000000000000035 RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc900062cf370
R8 =ffff888106dd0237 R9 =1ffff11020dba046 R10=dffffc0000000000 R11=ffffffff854f0330
R12=dffffc0000000000 R13=ffffffff99af98d4 R14=ffffffff99dee3e0 R15=0000000000000000
RIP=ffffffff854f03ac RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8881a3c1c000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007ffbad8e56c0 CR3=000000010bad8000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000001 XMM01=0000000000000015 000000000003bf12
XMM02=0010002a80043b80 040e0174dc112a09 XMM03=ef0800033e80043a e210000a02000004
XMM04=0000000000000000 0000000000000000 XMM05=000055557ab02192 000055557ab02140
XMM06=0000000000000000 0000000000000000 XMM07=0800033e80043ae2 10000a0200000400
XMM08=10002a80043b8004 0e0174dc112a09c6 XMM09=0000000000000000 0000000000000000
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
