last executing test programs:

2m28.785982366s ago: executing program 0 (id=157):
r0 = io_uring_setup(0x2c4c, &(0x7f00000000c0)={0x0, 0x2, 0x1000, 0x1004003, 0x4})
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x8, 0x5, &(0x7f0000000000)=@framed={{0xffffffb4, 0x6, 0x0, 0x0, 0x0, 0x73, 0x11, 0x3c}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0xb7}], {0x95, 0x0, 0x1200}}, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb}, 0x94)
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r0, 0x18, &(0x7f0000000000), 0x1)

2m28.72532873s ago: executing program 0 (id=159):
r0 = landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3}, 0x10, 0x0)
landlock_restrict_self(r0, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x6}, 0x1c)

2m28.674354685s ago: executing program 0 (id=160):
mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, 0x0)
r0 = syz_io_uring_setup(0x22f, &(0x7f0000000080)={0x0, 0x5325, 0x10000, 0x0, 0x100002cf}, &(0x7f0000000000)=<r1=>0x0, &(0x7f0000000040)=<r2=>0x0)
syz_io_uring_submit(r1, r2, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xffffffffffffff31})
io_uring_enter(r0, 0x7a98, 0x0, 0x0, 0x0, 0x0)

2m28.612273604s ago: executing program 0 (id=163):
syz_mount_image$minix(&(0x7f0000000180), &(0x7f00000001c0)='./bus\x00', 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="00e611ed6229b277ad2a184a94283e2b34c24caf7280c18475708140abe763dfb52cdb0ba0cdc8c572346d0a832984b36248c4fa844eda0af4b1652605421a7821dc4a535811dec52519a84538a156b05b0ec3eaf24a90ceb5b7463d9fd38b49d41fbfa868653605702abe43d9c2c30aed4da0b8cc18c6b369f086a965442c1217f19a67a534064b7236a666000000000038b74a85790f23fe91b90ab66da204a1fdf7c88e12a8744a710f54a889c8d51c13d4fbe1229c52a31d2eff63a59bd8c4fd18fe9d50b18e9f29a7d417fc425bb1e2a1ec72cc3b52dba0a41ab2a61a42393305d928", @ANYRESDEC], 0x1, 0x17b, &(0x7f0000000300)="$eJzs28tO4nAUx/FfoVyGuTHDXJLJLGY1mc1QwAR1h49CoBJiUSJuICbqe7hx58PJwp0rMZS2SmWFtEX5fjacHydND4s/nBAQgI3V0B8ZMpSdht/54lnJSHokADGZeI/3EwCbJ32X9AQAkjHek/qSbm5PW0pn/bXgp19M+w2/n8o92x/GF9Iv0+sbeb0L7xdX0l//eqOw8PpC0H+/sP9PRe/+H/RRn/RZRX3RV5W8fju4/scLtyEAADaDoXI4zz2R0n7XsStBzri5qoI5y1k314L+LG8FOefmcuvIaUf4KgAsI6Xy9dMcPv/p0Pk3vfMP4PUbDEcHTcexj2Mq/O8HYr3pagqdr8UYKykyWosxKBYUptZijITfmABEzjrp9a3BcPS/22t27I59WK/V67uVne2q5S7+1vz6D+ANefzQT3oSAAAAAAAAAAAAAACwrG/6nvQIAAAAAGIS2b+IDEmX4pfFAAAAAAAAAAAAAAAAAABE4CEAAP//gNgaag==")
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000280)='./bus\x00', 0x81040a, 0x0, 0x1, 0x0, &(0x7f00000007c0))
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x10000, &(0x7f00000002c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './bus'}}], [], 0x2c})

2m28.435341228s ago: executing program 0 (id=166):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x4, 0x9, &(0x7f0000006680))
r0 = mq_open(&(0x7f00000004c0)='\r\x00elinu\xef\xe3elinux\x00\x96\xf6\x92\n#*\xac\x05\xce\xf8D\\\x9a\xe6[]L+\xf6\v\xe8\xf2\xd3\b\x15\n\xb8F!Q9o\x1f#\xbdt\r\xfb\"\x18%\xfdM\xaf_t\xd2\xdcJ\x10\a\xbab\x1a\xdf\xb1\xbdU\xd7Lo\xe7\xac\x81\x10k\xce-\xf5@\xbb\x9d;\xe8\xf6\xffQ\x04\xaai\x92k\x1b;\xddM\xa2\xe1-\x0e\xd8\xde\x00\xff\x18\xdd\bL\xfb\xa2.\xb6{\xb5\x85#\x88\xdc\xf0\x0f\x05\xf1\xc4 \xdeV\x80q\xf7\x04\xf5\x85T\x1f\xc2S]*\xc9lw\xd3J\xc5\xe8\x02\xcb\xbbAHxr\xac\xb77F\xdf\x1c\xcb\xd4\xce\x88L\xf1\xf9[\x98\xd4+pTx\x95\xb5\x1b]x\x1a\x95\xe1c6\xe7`83\xb7n#\xe0\xc1_\xec\xba\xde\a\x8b\xc5\x86woo\xbc\x1c\xa3r\x82\xf3enq-\x90/\xed\xff\xad+\x03\x10\t\xda\xfd\xa2\xd0\xef4\n%\xf1\xd8', 0x6e93ebbbcc0884f2, 0x0, 0x0)
mq_getsetattr(r0, 0x0, 0x0)

2m28.084507887s ago: executing program 0 (id=173):
syz_usb_connect(0x2, 0x24, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0xb7, 0xd0, 0xa3, 0x40, 0xc45, 0x6251, 0x9a87, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x81, 0x4, 0x0, 0x0, [{{0x9, 0x4, 0xb4, 0x3, 0x0, 0xc5, 0x64, 0xd2}}]}}]}}, 0x0)

2m27.961904171s ago: executing program 32 (id=173):
syz_usb_connect(0x2, 0x24, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0xb7, 0xd0, 0xa3, 0x40, 0xc45, 0x6251, 0x9a87, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x81, 0x4, 0x0, 0x0, [{{0x9, 0x4, 0xb4, 0x3, 0x0, 0xc5, 0x64, 0xd2}}]}}]}}, 0x0)

2m20.453796583s ago: executing program 3 (id=245):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', 0x0, 0x2000, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a0000001801000020207025"], &(0x7f00000001c0)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000580)='sched_switch\x00', r1}, 0x10)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r2, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8)
openat$nvme_fabrics(0xffffffffffffff9c, &(0x7f0000000140), 0x315542, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$vcs(0xffffffffffffff9c, 0x0, 0x161501, 0x0)
r6 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000380), 0x0, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(r6, 0xc0285700, &(0x7f0000000000)={0x0, "08000000000000000000000000000000000000b582000000010000000100", <r7=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r7, 0xc0303e03, &(0x7f0000000080)={"6739669f274d13b691ebe45b00e4f5b53e0ca34dd02acecdc67c5e3126628168", r7, <r8=>0xffffffffffffffff})
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x5)
ioctl$SYNC_IOC_MERGE(r8, 0xc0303e03, &(0x7f0000000080)={"000c00816800df00"})
connect$inet(0xffffffffffffffff, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
ioctl$sock_SIOCOUTQ(r0, 0x5411, 0x0)

2m19.133871249s ago: executing program 3 (id=257):
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff})
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000600)={'veth1_virt_wifi\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000380)=@newqdisc={0xa8, 0x24, 0xf0b, 0x20, 0x25dfdbff, {0x60, 0x0, 0x0, r2, {0x0, 0xc}, {0xffff, 0xffff}, {0x0, 0xffe0}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x7c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x5}}, @TCA_HTB_INIT={0xfffffffffffffdfa, 0x2, {0x3, 0x1, 0x2}}, @TCA_HTB_INIT={0x18, 0x2, {0x3, 0xef1, 0x6}}, @TCA_HTB_INIT={0x18, 0x2, {0x3, 0xa356, 0x3d}}, @TCA_HTB_INIT={0x18, 0x2, {0x3, 0x4e, 0xd}}]}}]}, 0xa8}, 0x1, 0x0, 0x0, 0x20000805}, 0x0)

2m18.932937858s ago: executing program 3 (id=258):
syz_mount_image$ext4(&(0x7f0000000540)='ext4\x00', &(0x7f0000000580)='./file0\x00', 0x0, &(0x7f00000005c0), 0x1, 0x538, &(0x7f0000000600)="$eJzs3c1rHOUfAPDvzGZ//fVFU/EF9VTQUqV0kzYtkltz8FipBo8Sw2YaQibZkN3UJuTQgncFBUUR1JN3ryLiH+BZRP8BRWywtN4ik91NNW+utelq5vOB2X1elnyfJ5Pvwz7DDAmgtE4UL2nEUxFxOYkY/EPfQHQ6T7Q/d3tttX5nbbWexPr6+C9JJBFxa2213v180nk/GhHXI+LJiPi6GnE63R63ubwyO5nn2WKnPtSaWxhqLq+cmZmbnM6ms/mR0QujI6MvjJ4fuW9zHZ8Yffnkdy8lXyZjL9766LWbSVxsz3/LPO6n9u+kGhe3tJ/fj2B9lPR7ANyTSifPqxHxeAxGpZP1wMG3fihiHSipRP5DSXW/BxT73+7xIL9//DzW3oAUcW93jnbPQGdv/v+NvcmRX5M/7UyK/ebxBzlQDqTrNyJieGBg+99/snlt6F4N348Bsq++GmufqO3nP91cf2KH9edY99rpP9Rd/25vW//uxq/ssv5d7jHG/Og3T+wa/0bE0zvGTzbjJzvETyPi9R7jj3/+06e79a1/EnEqdo7flex9fXjoykyeDbdfd4zx1ivDn+01/yO7xL+4x/yLtoUe5x+vPvr99T3iP/fM3ud/p/iHI+LtHsP/8ME7b+7WV8Sf2mX+e8Uv2j7uMf7J578Y6/GjAAAAAAAAAADA35Bu3MuWpLXNcprWau1neB+LI2neaLZOX2kszU+173k7HtW0e6fVYLueFPWznftxu/VzW+ojEfFIRLxbObxRr9Ub+VS/Jw8AAAAAAAAAAAAAAAAAAAD/Eke3PP9/q9J+/h8oCf/yG8pL/kN5yX8oL/kP5SX/obzkP5SX/Ifykv9QXvIfykv+Q3nJfwAAAAAAAAAAAAAAAAAAAAAAAAAA2BeXL10qjvU7a6v1oj51dXlptnH1zFTWnK3NLdVr9cbiQm260ZjOs1q9MfdXPy9vNBYuxPzStaFW1mwNNZdXJuYaS/OtiZm5yelsIqs+kFkBAAAAAAAAAAAAAAAAAADAf8uxjSNJaxGRbpTTtFaLeCgijkc1uTKTZ8MR8XBEfFupHirqZ/s9aAAAAAAAAAAAAAAAAAAAADhgmssrs5N5ni0qKCgobBb6vTIBAAAAAAAAAAAAAAAAAED53H3ot98jAQAAAAAAAAAAAAAAAAAAgDJLf0wiojhODT57bGvv/5LfKhvvEfHGh+PvXZtstRbPFu03N9tb73faz/Vj/ECvunnazWMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgrubyyuxknmeL+1jo9xwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7sXvAQAA//8GudfN")
r0 = open(&(0x7f0000000040)='./file2\x00', 0x141042, 0x0)
fallocate(r0, 0x3, 0x0, 0x2328)

2m18.718132321s ago: executing program 3 (id=261):
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
symlink(0x0, 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='debugfs\x00', 0x0, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file0/file0\x00', 0x1c0)
mount$bind(&(0x7f0000000300)='./file0\x00', &(0x7f0000000140)='./file0/file0\x00', 0x0, 0x1805406, 0x0)
mount$fuse(0x0, &(0x7f00000005c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x2125099, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000340)='./file0/file0\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000080), 0x0, 0x0)

2m18.591840828s ago: executing program 3 (id=263):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc(&(0x7f0000000e40), 0xffffffffffffffff)
sendmsg$TIPC_CMD_SET_NETID(r0, &(0x7f0000000f00)={0x0, 0x0, &(0x7f0000000ec0)={&(0x7f0000000e80)={0x24, r1, 0x1, 0x70bd29, 0x25dfdbfd, {{}, {}, {0x8, 0x2, 0x4}}}, 0x24}, 0x1, 0x0, 0x0, 0x24004002}, 0x4000)

2m18.334637803s ago: executing program 3 (id=268):
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140))
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0xf7}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0f0000000400000004000000a2"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000006c0)=ANY=[@ANYRES32=r2, @ANYRES32=r1, @ANYBLOB='&'], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r2}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20)

2m18.188068976s ago: executing program 33 (id=268):
r0 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140))
r1 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd824498949714ffaac8a6f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb5447000001000000008f2b9000f22425e4097ed62cbc891061017cfa6fa26fa7088c60897d4a6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe6b1b8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3540546bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0xf7}, 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000400)=ANY=[@ANYBLOB="0f0000000400000004000000a2"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000280)={{r2}, &(0x7f0000000180), &(0x7f00000001c0)=r0}, 0x20)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000006c0)=ANY=[@ANYRES32=r2, @ANYRES32=r1, @ANYBLOB='&'], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r2}, &(0x7f0000000000), &(0x7f0000000080)=r0}, 0x20)

5.708969764s ago: executing program 1 (id=1422):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000780)=@newlink={0x48, 0x10, 0x401, 0x0, 0x4, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @veth={{0x9}, {0x18, 0x2, 0x0, 0x1, @val=@VETH_INFO_PEER={0x14, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x0, 0x343}}}}}}]}, 0x48}}, 0x0)

5.604452661s ago: executing program 1 (id=1426):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff)
sendmsg$TIPC_NL_MON_SET(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000280)={0x38, r1, 0x1, 0x0, 0x0, {0x9}, [@TIPC_NLA_LINK={0x24, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}, @TIPC_NLA_LINK_PROP={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x5, 0x1}]}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000000}, 0x10)

5.587964891s ago: executing program 1 (id=1427):
r0 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee4, 0x400, 0x1, 0xbfdffffc}, &(0x7f0000000000)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000100)=@IORING_OP_MKDIRAT={0x25, 0x4, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x2})
io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0)

5.517081747s ago: executing program 4 (id=1428):
r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000040)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@func_proto]}}, 0x0, 0x26}, 0x20)
bpf$MAP_CREATE(0x0, &(0x7f0000000440)=@base={0x1d, 0x4, 0x2, 0x0, 0x201, 0xffffffffffffffff, 0x0, '\x00', 0x0, r0, 0x1, 0x2}, 0x48)

5.516503401s ago: executing program 4 (id=1429):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="400000002000010000000000000000000200000000000000000000001400110067656e65766531000000000000000000080010000000000008000a"], 0x40}, 0x1, 0x0, 0x0, 0x4010}, 0x0)

5.457096832s ago: executing program 4 (id=1430):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000480), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_PORT_GET(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000240)={0x14, r1, 0x701, 0x0, 0x0, {0x2e}}, 0x14}, 0x1, 0x0, 0x0, 0xc008}, 0x4008010)

5.453498122s ago: executing program 4 (id=1431):
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='schedstat\x00')
pread64(r0, &(0x7f0000000580)=""/150, 0x8f, 0x10)

5.381531889s ago: executing program 4 (id=1432):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x8, 0x56e, 0x11c, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0xa0, 0x0, [{{0x9, 0x4, 0x0, 0x5, 0x2, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000040)={0x24, &(0x7f0000000000)={0x0, 0x23, 0x5, {0x5, 0xa, "98e7c6"}}, 0x0, 0x0, 0x0}, 0x0)

5.381107175s ago: executing program 1 (id=1433):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x1808704, &(0x7f0000000500), 0xfd, 0x49f, &(0x7f0000000a40)="$eJzs3M1rXFUbAPDnTj763eTt27evra1Gqxj8SJq0ahcuVBRcKAi6qMuYpLV22kgToS1Bo0hdSsG9uBT8C9y5EXUhglsFl1IoGoSmriL3zr3NZDIzzVczTeb3g8mcc++ZOee5956Zc+/JnQDaVl/6J4nYHRG/RkRPJbu4QF/laW52evTW7PRoEvPzb/yZZOVuzk6PFkWL1+3KM/2liNInSTyfLK138vKVcyPl8vjFPD84df69wcnLV546e37kzPiZ8QvDJ0+eOD707DPDT69LnGlcNw99MHH44CtvXXtt9NS1t3/4Om3WgSOV9dVx3NGtOgHV0Zdutb/mM7XrHl1B2zeDPVXppLOFDWFFOiIi3V1dWf/viY5Y2Hk98fLHLW0ccFel303bGq+emQe2sCRa3QKgNYov+vT8t3hs0NDjnnDjhYjuPD03Oz06dzv+zijly7vuYv19EXFq5p8v0kes9DoEAMAqZGObJ+uN/0pxIHtOsvTefA6lNyL+ExH7IuK/EbE/Iv4XkZX9f0TcV3nxfM8y6++ryS8d/5Su123zOknHf89Vjf3mquLPn3o78tyeLP6u5PTZ8vixiGyb9EfXtjQ/1KSOb1/65bNG66rHf+kjrb8YC+YNuN5Zc4FubGRqZL02wo2PIg511os/uT0TkB4BByPi0Mreem+ROPv4V4cbFbpz/E2swzzT/JcRj1X2/0zUxF9Ims9PDm6P8vixweKoWOrHn6++3qj+NcW/DtL9v3Px8V9ToufvpDJf2xXl8vjFyZXXcfW3Txue06z2+O9O3szmrH96p7Ls0sjU1MWhiO7k1SxfnNNdGplfNPualRteKJ/G33+0fv/fl78mjf/+iEgP4iMR8UBEPJi3/aGIeDgijjaJ//sXH3m3SfxJJNFs/880ees1S+Mfq/v5d/v4702q5+tXkeg49903jWbMl7f/T2QboT9fkn3+3cFyG7jGzQcAAACbQikidkdSGqik+3ZHqTQwUPkf/v2xs1SemJx64vTE+xfGKvcI9EZXqbjS1VN1PXQoKS5TVPLD+bXiYv3x/Lrx5x07svzA6ER5rMWxQ7vbtbj/R9H/U390tLp1wF3nfi1oX7X9v9SidgAbbznf/84FYGuq0/93tKIdwMZz/g/tq17//7Amb/wPW9PS/v97nZ+sA7Yi439oX/o/tC/9H9rSWu7rX32iuFlg9e+zfdl3+G/KxPZ89zQscy4vsLCke8mS9U/siIUlUboXNlS7JNIes7GVLvyGCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwGb2bwAAAP//D6vjXA==")
open(&(0x7f0000000180)='./bus\x00', 0x4a37e, 0x4)
mount(&(0x7f0000000440)=@loop={'/dev/loop', 0x0}, &(0x7f0000000080)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x400, 0x0, 0x0, 0x1b, 0x0, "ef35af413bb901527fe4d0ce5d29c3ee5e5c3676345a41499db7aac63a01000000000000004faa2ae2c084a0ea0000000000000000000c00002000", "036c47c67808200400000000000000335263bdbcef549ba197fce47ddfdd753abd950100002a00ffffffffffffffff00000000e8f20000000200", "b7326736181c208220000000b9000000000000000000f0fffffffff2ff00", [0x4]})
r1 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0)

5.127204404s ago: executing program 1 (id=1434):
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x3, &(0x7f0000006700), 0x9, 0x61d, &(0x7f0000000700)="$eJzs3c9rXNUeAPDvnfxO3ntJw+M960IDoi1okyZtpYhgi+CqlPpjIbhxbNJSO/1BE9HUSlOoG0HcuBBcubAu/B+0ILjyH3DhxpVUikg3StGRO7kzTpO5yUzMzLSZzwfGOeeemznnmnx7zpw5504APWsq/U8hYndEXEwiJuvK+iMrnFo9786vV06mjyTK5Zd/SeLK1WSl/rWS7HksItKCP8Yj+TYiJvvW17u4fPlssVRauJTlZ5bOXZxZXL6878y54umF0wvn556eO3zo4KHDs/vrfurUC61e36669LHrb749/sHx1z7/9G4y+8UPx5M4Umt0el2tvvZmpmIqypn64+n/18PbXVmX9NX+Tv6WrD2w1vNtbBAtqf7+BiLi/zEefXW/zfF4/8WuNg5oq3IStT4K6DWJ+IceVR0HVN/bN/c+eLDNoxKgE24fjXiiFv8DEVGN//7VucEYrswNjN5J7pnnSSJi/zbUn9bx3TfHr6ePaNM8HNDYyrWhbAp8bf+fVGJzIoYrudE7hXviv5BN405k84cvbVzNeF7B1Jp8Vv/QVq8HaN7KtYh4qNH4f/P4fz17To+/scX6c+IfAAAAAAAA2IKbRyPiqUaf/xVq638GG6z/GYuII9tQ/+af/xVubUM1QAO3j0Y823D9b6F6ykRflvt3ZT3AQHLqTGlhf0T8JyL2xsBQmp+tf9Ev6346IvZ9OPlJXv316//SR1p/dS1g1o5b/WtWA80Xl4rbcOnQ825fi3i4P3/9T9r/Jw36/zS+LzZZx+TjN07klW0e/0C7lD+L2NOw/09q5yQb359jpjIemKmOCtZ75N2PvsqrX/xD96T9/+jG8T+U1N+vZ7G11x+MiAPL/eW88q2O/weTV/qibifiO8WlpUuzEYPJsfXH51prMzxIhps/9b2IqMRDNV7S+N/72Mbzf7Xxf10cjmT3+GrG//4c+zGvTP8P3ZPG//zG/f/Evf1/64m5GxNf59V/oqn+/2ClT9+bHTH/BxtrNkC73U4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBAVIuJfkRSma+lCYXo6Yiwi/hujhdKFxaUnT1146/x8Wlb5/v9C9Zt+x1fzSfX7/yfq8nNr8gciYldEfNw3UslPn7xQmu/2xQMAAAAAAAAAAAAAAAAAAMB9Ymz1ad3+/9RPfV1tGtAJ/dmzeIfe09/tBgBdI/6hd4l/6F358f/b3XJFR5sDdFCz/X/5apsbAnTcFsf/Pi6AHcD7f+hVA82dNtzudgDdoP8HAAAAAIAdZdejN79PImLlmZHKIzWYldU+GBzpVuuAdirkFQx1th1A51nDC73L0h/oXU0u/gV2sKSW+r3hZv/81f9JexoEAAAAAAAAAAAAAKyzZ3cT+/+BHSl3/z+w422w/7/Rxh63C4AdxP5/6F1u8wVUB/t53/Rv/z8AAAAAAAAAAAAA3AeGL58tlkoLlxaXm05cbeXkf574OfKKnutkM7YrsVK8L5rxICQGImJNUXl89c/2bLH0anS2PdWI6URdgx2sKyfRpX+PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdf4KAAD//3XcKC0=")

4.772921142s ago: executing program 1 (id=1435):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff}, 0x2, 0x8}}, 0x20)
write$RDMA_USER_CM_CMD_ACCEPT(r0, &(0x7f00000001c0)={0x8, 0x120, 0xfa00, {0x1, {0x9a8, 0xc1, "7c5dcee2473c28000290315d1542c293df1f8130502738a45c0e2b44ac3deddcfe5992ad7706bc9881c3102230812043155005ef54163f189c1a3331ee173813290200056df6413ecdd049e6cccf23183aeb8d0b5afedffebf5916ce07f4219ab2449cd67a30bf14f0fe6dead28fab0606a3367c1c4a0ce165477d2fb8233764013a0e73f95f52833e6bd049ac3b30a8cfecf1f044243e117b0d348a8909c0ab318faded069cf23b6d3bcd0ebc09c598325d0d61afbd21327a80b13c5713a7d147b96759a2c7d32b57b02c9803a17b91e70efaab76ca0a0ade788a64156fdda4aa29befab42e5e00d5392e381496b811e2274d02c753aa920c03af491945c7c7", 0x7f, 0x6, 0x0, 0xb, 0x0, 0x2, 0x5, 0x1}, r1}}, 0x128)

4.718894994s ago: executing program 34 (id=1435):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000140)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000180)={<r1=>0xffffffffffffffff}, 0x2, 0x8}}, 0x20)
write$RDMA_USER_CM_CMD_ACCEPT(r0, &(0x7f00000001c0)={0x8, 0x120, 0xfa00, {0x1, {0x9a8, 0xc1, "7c5dcee2473c28000290315d1542c293df1f8130502738a45c0e2b44ac3deddcfe5992ad7706bc9881c3102230812043155005ef54163f189c1a3331ee173813290200056df6413ecdd049e6cccf23183aeb8d0b5afedffebf5916ce07f4219ab2449cd67a30bf14f0fe6dead28fab0606a3367c1c4a0ce165477d2fb8233764013a0e73f95f52833e6bd049ac3b30a8cfecf1f044243e117b0d348a8909c0ab318faded069cf23b6d3bcd0ebc09c598325d0d61afbd21327a80b13c5713a7d147b96759a2c7d32b57b02c9803a17b91e70efaab76ca0a0ade788a64156fdda4aa29befab42e5e00d5392e381496b811e2274d02c753aa920c03af491945c7c7", 0x7f, 0x6, 0x0, 0xb, 0x0, 0x2, 0x5, 0x1}, r1}}, 0x128)

2.306296889s ago: executing program 4 (id=1440):
r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000100)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0xb05, 0x1abe, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0xd, 0x9, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x29}}, {{{0x9, 0x5, 0x81, 0x3, 0x0, 0x0, 0x1}}}}}]}}]}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000180)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xfffffffe}}]}, 0x0}, 0x94)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000040)={0x24, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x0, 0x22, 0x371, {0x9}}}, &(0x7f0000000080)={0xffffffffffffffeb, 0x0, 0x0, 0x0, 0x0, 0x0})

1.412391396s ago: executing program 2 (id=1444):
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x5)
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000000280)='./bus\x00', 0x2000898, &(0x7f00000002c0), 0x1, 0x55ae, &(0x7f0000005600)="$eJzs3X9snHUdB/DnruvaFdeWMOuArGwDJFtEOjdNCCR2bNNpYTnphE3I+gNH0DmtY8NVCCtinIERijWMwQoLbn9MEYqucyiJBewqul8IJtNFBbPFNWOkOBExYTG9u+d299zaHhMpwuu1tM/zvc/z/d73njx/3PvW73MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEHwx+N3TL/t3roJ26+ru++8a85e+2D3kuMX3rq1avND20v2dTz31aNVq1qPLF1w0/2JpkfW93d3BkEs2S+W7t9w2fwrr69vuKI0HLDxc6ltZeVQT5nq+mKqMTbnwcF+uT9NQRAURwYoSm/npXfiOQNkdlfkDzisayf1tE4dP69x28qujc8uu3xL/ktnUOloT2C0pK+rgyeupdrk73jkiEw769KL5Vyiqf7RC+4deREAwFtSk0huMm9H029xM+22aD3Sro202yPt8B1Ce3bjVKTGHTvUPCdH66M0z9pUVCgZcp6Revr8Z9qJaP9IOxI13sI8cw9NR5rSoebZEqmP1jwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k0uuH5m/d49D7/8ldbf/u7h17/16sePrGq8ZaC7/qJ1ix/v2PG9vx2tWtV6ZOmCm+5PND2yvr+7Mwgqk/1iqe6xZ6ri8ZkDddseu6e3puFDC9cUpccNt2OyDg72hzsXVwRBc1blYDhsf3kQJHILyWawIb/wpeTOZ8ICAAAA7yVnJn/HM+1UHCzOaceSaTKW/BdKhcVrJ/W0Th0/r3Hbyq6Nzy67fMupj5cYYrzak46XaVee+IllBeMw/kbHO1EPD12RN87woiNG8/zpx/qnNdfdUHrl7gsWzphdv+XS4CfTD3csX3TfhBfHL9nXXpOX/yuHz//hmZP/AQAA+G/I/9FxhjdS/m+uqZh0cOp3ix67rur44fkP/Lyz7/kn4w8VD3Q//dLYcbf9cnVe/p+c85R5+T+ccZj/48Gp5X8AAAB4N/tf5//avHGGN1L+/8X+zZ//98pvTDk84187Xnj69xdvnVI+/7WyGTe8+cSCVxp2tf0pL//XFJb/x2RPO3xwVzjhZRVBUFP4SQUAAAByhP/vfuKjhTCvpz45iOb1y+4qe3LXG+tvjJ/V8o8zFvfPqv7i7tVf37ApNrChc92O5XNX5OX/2sLyf/E783IBAACAAvxm+y13V395ydYtew7N2XFnYvPYS+a+uuennVf1vXwsUfT8zX15+T9RWP4vGZ2XAwAAAJzEU+MmPnfo0UNfm7177YS9q9rmPD5t3+qFD/xz9t+veOnPxzddWJ6X/xsLy/9l6W165UOq087wrxA6KoKgdHCnJVXoC9o/mSkAAAAAb5Mwpzc1revduX7MrNfOPvzDNSuW/2rvpd++a2P1zQd+XXX7ucf2996Yl/9bhr//f3ing3D9f879//LW/2cVUnf9u8SNAQAAAHg/yl/PH94eP/XNBUN9/36h6/8/euaBko7m8ysnx7dVz3rig31Xra1+fVHHRZ/YfusbH46V//VTefm/rbD8X5S9fTu//w8AAABOwf/b9/8tzhtneCPd/79v3DPnrPnsPT+o/WbZU+e+eXfzd9oPTj9v87QzPlJ0fvecmX/4fl7+by8s/4fb07JfXk94fm6vCIKJgzvpuwluDae7LFLoKs4qpE58pEd92CNd6CrJKiS1RHp8rCIIpgzutEUKp4eF9khhoDxd2BQp7A0L6eshU3g0UugJr7R7y9PTjRZ+FhbSCyy6whUUp2WWRER6HBuqx2DhpD0OZJ4cAADgfSUMz+ksW5zbDKJRtis20gFlIx0QH+mAopEOGBM5IHrgUI8HjbmF8PEfz+1e+so1D9b1Xt1w9KzZe5bc0faBnkW9O7/wo55z/nL1Cws/nZf/NxWW/8NTMTa1GWr9fxCu/09/r2Fm/X9jWKiMFLrCQiJ6x4BE+BypsHtn+ByViXSPgYmZAgAAALynhZ8LFI3yPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sHfvcVJVd4LATzf9oJum6YgBY4ygRkR3aZomGEQcUXRXo4tNJKtjhtAIjXZoAwq4YsyKr3GV6GLUmBjZwY+jJg6r+CDqRIXoiElGJfE5Kz4HnciqS9BR45gs++m+dYqqW112IaC0+/3+0XWqfud569F17r11LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/P/hsiX3Nrw58H9965ffW/f697409TdTD9m8y19uqHt3yDlPbT5ocN0tbw1asPCNtklnXtsyffk1G1YuDaGlq1xZUrzsoUHl5aP/cMxdt13xcNO0wVPOrcrUm4mHfp1/yjN3Loytvto/hLvLQqhIB0bUJYHKzP26WN8edSF8LmwJZEu01SYl0g2Hh2tCWBa2BLJV3VsTQl1OYMoTD666rDNxVU0I+4YQqtNtvFCdtFGTDgyrSgK16cCciiTw/uZENnBPeRKArVHV3YPxzZB90a9oyc/Q0H1lRV5/lR+3czuZ9PD6xERD8XxvHbaDO5Wj4Lls2aanrduXBttdwdtjtXdbL3i3FWznJZ623C9SmW8om7eEqkP5zLZZ0xd0zI+PlIfGxj7FatpBz/O6TefM2Jp0r3kdxg40bJfX4QO1k+ove3viwStP/uPp+85fO3Vbu/lczibNTe9o1SHzmus1z2M04dP7PNm8LYW3r539aSv4ljTUl64QwvF/+nzZM3Ne2n3jB6+eOPH2Fy6+etrCa6ZMfHbQL8b+47W73D3t8oL5f8NHz//jyznelufljq1+WJ/MzeMjdTGxsT6ZmwMAAECv0Rv2mn519KsvnfrQ3YteXH5cxXfH/eqk3eorzv5+x/G7rhz/xUuvbH98l4L5/9DSjv/HQ/51uaNdHcKErsQFA0LYrevxJPCz2J2TB4SwV1eqJT9wWCqwOoQvdCX2z1aVKtE3lhiaCvy+PhOYkAqsiYGWVODGGFiSClwYAytSgRkxsDoVODwGQnv+OA6oz4yj5EBNDLQmG3FFPAvhnfrYWmpbrctWBQAAsJ1kZoeV+XdzznXY1gxxermipqcM8QzsohmqUzWkZ7DZaVXRGip6qqG8pxqy41700cMvqLmsp5oLTsMoy8/w4ZDvlA+YuPeP7rpxxE3NL0787rtjj//Kn998d/X+//Tf7zln/nUHFMz/mz56/l/dTUfKCo7/hzC562/MXZ6JdGTjrS15GQAAAIBtcNVjS5+84YCj/s99L99355euvaF89dVf/7+vbLxg71HHDS/r+3ffXlEw/59Q2vn/cZ9In5zM4dG4G2L2gBCa8gNJtQcXBpKj3v0yAQAAAOgNssfjs8fC2zO3ySna6fl0Yf6WrcwfD/xP6Db/5Zv++tkvX/vkiQuH7bPhiv925gdlnx/7u12OXTvy8bf2HPYPDX0Lz/9vKe38/9r826QTa2IvrhwQQt+cwCOxl52BLkNj4OVD8wOZ8a+JG2BxrCpzYkK2qsWxRGsMNKUCy4qV+G22xG75gcyTlW38guw42jMlcgIAAADwiYu7A+Jx+Xj+/z2TD/jS/oNeGvPinvcufG3C0hNOrf3hPrfs+vqAjkljDpxwyBHPFMz/W7fu/P+ueXDB6f0d/UIYWRFCn/QPAx6tTRYGjIG6skzi/tqkrj7pqs6rDWF858DSVb2SWf+/Ir3G4BM1SVUxsNveP900rDNxQ00II3MDz3zz+jGdifmpQLbxb9SEMKRztOnGV/ZNGq9MN35N3xD2zAlkqzq5bwidjVWlq3qwOnMdg3RVt1WHMDAnkK3qwOoQFgYAeqn4r3Rm7oPzFp49e3pHR9sZOzAR9+HXhFntHW2NM+Z0zKwu0qeZqT7nLWN0XuGYSr3yzfOZJYqmDrl9eCnp7O8Em3LbyuzHLzhxMHM/fheq7Bpnc2Xe3dHpIQ/fp7CJkPNNqtiQy3fwkGtzK9nyJBbUH/NXhX6h74J5bWc0njV9/vwzRiV/S83enPyNh5mSbTUqva1qu+tbCS+PoqtlpXzcbbVfbiUj5582d+S8hWePaD9t+iltp7R9p3nsqObmMV8dO6Z5ZOeompK/PQx1v+6qTg118/Uljms7DnX3ipxKPolPDQkJid6WmL6k7PwJ0359/7f2WHPaWSft8fd7zBxx0l9d/pu5JzYeMvlX1//l2oL5/9yPnv/HT534yZ9Zn6HY8f+GeJg/eXzLYf7WGFhW6vH/hmJH87MnBgxNBRbFwCKH+QEAAPhsiLsj497MuFf6urp/uvvImTMOef+XJ0y5+m/Hjjv1rPX7Nlx89bFL/sP6d5asOuLtgvn/otJ+/7+d1v/PLl3/tWLL/O8fSzQVW/8/vcx/dv3/RcXW/08v859d/3/Zp7D+/4JsILVJ3rH+PwAA8Fnwya3/3+Py/ukLBBRk6HF5//QFAgoy9LiMf6kXCNjq9f/ndPxF7aDL54w7dMTcHz+yau8lA2/70vMTf73P0oNG3LvylvdG3Vow/19S2vzfwv0AAACw83jol32/ffG7w+5/6pH3jyy79Lcbbzr+r9oOOOQPA5tPmXx0zfdv+reC+f+y0ub/n/z6f6HY+f9DiwVaii0MaP0/AAAAeqli6//dPPDloavnj7jxsZ+/ectLrb+YOf61f7fkB1+ZPqzp5jXrftMwY33B/H9FafP/eNpFeV7u2JsP65M17UJ6TbuN9dmfDAAAAEDvUB4aGytLzJu3MuphH7/NdZmlQD8qnevp+watWlD+0FVl1Rt/cMm0QxrPPfbMOUdetP77tU/+pHZqY/UZBfP/1aXN//N+l/FA7aT6y96eePCHK0/+4+n7zl87dcvxfwAAAGDHKXW/BAAAAAAAAAAAAAAA8Ol7qnXpQR+MOvqNmXuN+tM3jn3hB4u/+M1H/ubaP5/588Pv26t987ApBb//D5O7yhX7/X+87l/8fcGuebljqz2v/5e5P+WYWxd2LVn4aH0I++QGZp8/+3Mhc23+/XIDq6buP7gzcX66xH0vHv5aZ2JaOnDUiF3e60yMTwVa4yKJX0gH4lUV3+ufCsTlFZ9MB+L2WJEOVGUCl/RPxlGW3lYb6pJtVZbeVs/VhTAgJ5DdVnfXJW2UpQd4VSqQHeDp6UAc4KRMoDzdq1v7Jb2KgbpY9G/6Jb0CAGCnFb8FVoZZ7R1tTfErfLzdvSL/Nspbsuy8wmrLSmz++czSZFOH3D68lHSf9HfRLdcarwzVnUMYVfB1NTdLWdcot08tPWy6XYsMuafV3sqLlEvb2k1XVXxENcmIGmfM6ZhZ2ePAR/ecpbmixyyjCiY7uVnKuzZpCbWU0JcSRlTitimhy/F+eWhs7JPKNS4GG0Kenl4Rpf5eP3edv2Kvgtw8f1tz7aV9Bvd5/9/GX/TQgwMqO06d3HbR7o/988BRM3/8wwdbr/l9wfy/obT5f3XuuN7LXAxgUbyy3sEDQmgtcUQAAADw2fc/z11+x4lz1myYtbri2d/9bnb5cSdWbj7nrnPOvui5+xcfdcm/v3lb4yvKntp04hubzvrrN37ylesePuulw2ecddekdYesb6u+8bt/sfzUIQXz/6Glzf/jHqzMoeBkb8fqeP3/CwaE0HVp/YYk8LM43JMHhLBXV6ollkguqP+1WKIpCfws7jDZP5Zobcmvqm8MrEgFfl+fCaxOBdbEQGYvxU9DZlfOFfUhjOlKTc4vMTeWaEgFjouBoalAYww0pQL9Y2BCKvBm/0ygJRX4xxgI7fnb6s7+mW0FAACwNTLzrMr8uyE9z1tR0VOGsp4y1PaUobynDNU9ZSg2inj/jpihMnXySllOpsp0rTWpWgoyxIvhb3W/CjKE3+bnTBcsaDqef5A936AsP8O4H97RetDX5v1408U/evzIAy88csmVb196dL/BVz77v9vP7dd/U23B/L+ptPl/bf5t0vqaOP/fcv2/JPBI7N6V8dTxoTHw8qH5gcyOgTVxsrs4W1VLpkRm0r44lpgQA0NTgbkxMCEVaJ2cCSwbnB/IzLSzjV+Qbbw9UyInAAAAAJ+4uIMg7qaJ8/+V48I7exz5fvPuVw6cO+7xR847YnrNrtU1/zx+7dLxl1Y/tF/fgvn/hNLm/7G9frmNXRh782r/EO4u29KbbGBEXRKI+zHq4s/j96gL4XM5OziyJdpqkxJVqYbDwzXJL9Sr0lXdW5OsMRDvT3niwVWXdSauqglh35y9L9k2XqhO2qhJB4ZVJYHadGBORRKIe36ygXvKkwBss+xewfiCypzqktXQfbkir7/PyjVB08Mr2AfaTb7ufnO1o1SnH8jsU83auqetoDp2iIK3x2rvtt74bmvwbsv9IpX5hrJ5S6g6lM9smzV9Qcf8+EjuL1kL7KDnOfdXqqWkt8PrcNHH723PqtMdaEp9fDR1X67712FZrO6B2kn1l7098eCVJ//x9H3nr51acjeKiD8UPvjWuQc8l7N5d7TqkHnN9brPkxafJ73x38BQT1sIYfkFs5584l/ef75iffN/OXDs8tvefGz5Tw56YNaIL2y45Msb33r3qIL5f0tp8/+K1G2XD+LGnDcghOE5G/fRuPknDkg+B3MCyafkwMJAcsh9fX3RT04AAADY3rK7O7L7C9ozt8kJ4el5cmH+lq3MH/dXTOg2f6n9HjjmH7536FWvf+Pr63e//NGlT637T2++csS0Qx/Y9PSKla83H/v5pwvm/60fPf/vm+qm4/+O/7ODOP7frZ19V3Tf9AOLtmlXdEF17BCO/3drZ3+3Of7fLcf/Hf/vjuP/PXD8v1s7+9NW8C1pri9dIYTWATfc/ova6cP7XXHOt2as/fnT7zSNe6Hu3KPv/B+HLw7XnLfqzwXz/7mlzf+t/9f9on3Z9f9ai63/N7fY+n+LrP8HAADsUEUWmkvP8wpW7yvIkF69ryBDjwsE9rjEoPX/tnr9v9qTzj7plfq39rpm4u3/+c7pFz5/0onP7tvn+RNuP+GmkVcPf+nLGwrm/4tKm//Hl0O/3NZ7y/p/QycXqWpJDMy1MCAAAAA7o2I7CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPh0rXhw8Rc3L97noJue/fxNh//rsjWz9v7VAZtHjzm5cfjigWVX/t2/vDVowcI32iadeW3L9OXXbFi5NIT2rnJlSfGyhwaVl4/+wzF33XbFw03TBk85tzpTb2Xm9ot5uWOrH9aHsCznkbqY2FjfeWdLYMoxty6s6Ew8Wh/CPrmB2efP/lxn4sb6EPbLDayauv/gzsT56RL3vXj4a52JaenAUSN2ea8zMT4TKEt397r+SXfL0t29rH8IA3IC2e5+u39+Vdk2/mMmUJ5u4+a6pI0YqItFf1SXtBEDHbFEe98QRlaE0Cdd1a+rk6r6pKv6++qkqj7pqv5rdQjjQwgV6aperEqqqkiPfG1VUlUM7Lb3TzcN60wsqwphZG7gmW9eP6YzcXoqkG3861UhDOl8yaQbv6Myabwy3fhVlSHsGUKoSpf414qkRFW6xCsVIQzMCWQbP7UihIWBz4T44TMz98F5C8+ePb2jo+2MHZioyrRVE2a1d7Q1zpjTMbM61adiynLSm8/7+GN/ftM5Mzpvpw65fXgp6YpMucquLjdX5t0dvbP3PvarNreSLc9HQf0xf1XoF/oumNd2RuNZ0+fPP2NU8rfU7M3J3z6ZaLKtRvWWbbVfbiUj5582d+S8hWePaD9t+iltp7R9p3nsqObmMV8dO6Z5ZOeompK/22Oo13/yQ929IqeST+IDQEJCorclyvM+3Zp29g/ygi/6WzpaGaq7PqALphW5Wcq6Rrk9Bn3Yxxzxx/me0uOIRhVMHAqyNPecZXTBZGJLlpokS9f3uoLJYW5N5V2bNN4vD42NfYpth4b8u7mb961t2LzrMpuu1DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPD/2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAgAAAAAAPm/NkJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVUVduBYAAAAAECYv3UYPRsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlwIAAP//WKHPZA==")
syz_mount_image$fuse(0x0, 0x0, 0x322020, 0x0, 0x1, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x37, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='sched_switch\x00', r3}, 0x10)
r4 = creat(&(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
pwritev2(r4, &(0x7f00000006c0)=[{&(0x7f0000000280)='mpE', 0x3}], 0x1, 0x9, 0x0, 0x21)

528.215877ms ago: executing program 2 (id=1445):
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff})
r0 = syz_open_procfs(0x0, &(0x7f0000000400)='stack\x00')
pread64(r0, &(0x7f000001a240)=""/102386, 0x18ff2, 0x5)

200.259994ms ago: executing program 2 (id=1446):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000000080)={0x114, 0x1f, 0x1, 0x0, 0x0, "", [@nested={0x104, 0x0, 0x0, 0x1, [@typed={0xc, 0x1, 0x0, 0x0, @u64}, @typed={0x14, 0x0, 0x0, 0x0, @ipv6=@rand_addr=' \x01\x00'}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe8101000000010000008b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd"]}]}, 0x114}], 0x1}, 0x0)

114.478573ms ago: executing program 2 (id=1447):
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x3, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b40500000000000061101c000000000063013300000000009500090000000000"], &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x85}, 0x52)

111.669923ms ago: executing program 2 (id=1448):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000fc0)=ANY=[@ANYBLOB="0a000000040000000200000002"], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180), &(0x7f0000000300), 0x105, r0}, 0x38)
bpf$BPF_MAP_LOOKUP_AND_DELETE_BATCH(0x19, &(0x7f00000012c0)={0x0, 0x0, 0xffffffffffffffff, 0x0, 0x7, r0}, 0x38)

0s ago: executing program 2 (id=1449):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000480)=@base={0x5, 0x6, 0x8, 0xad, 0x0, 0xffffffffffffffff, 0x4000000}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=@base={0xd, 0x2, 0x4, 0x4002, 0x5, r0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x8000000}, 0x48)

kernel console output (not intermixed with test programs):

to feature incompatibilities
[  133.214540][ T7799] loop4: detected capacity change from 0 to 256
[  133.226192][ T7799] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  133.234280][ T7799] FAT-fs (loop4): error, corrupted directory (invalid entries)
[  134.175539][ T7826] loop1: detected capacity change from 0 to 2048
[  134.190909][ T7826] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  134.204455][ T7826] ext4 filesystem being mounted at /207/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  134.727559][   T33] audit: type=1800 audit(1755037347.813:25): pid=7833 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.661" name="file0" dev="loop1" ino=13 res=0 errno=0
[  135.138433][ T5955] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  135.813305][ T7848] loop1: detected capacity change from 0 to 16
[  135.820510][ T7848] erofs (device loop1): mounted with root inode @ nid 36.
[  136.596503][ T7854] loop4: detected capacity change from 0 to 512
[  136.638206][ T7854] Quota error (device loop4): find_tree_dqentry: Cycle in quota tree detected: block 3 index 0
[  136.643499][ T7854] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0
[  136.647341][ T7854] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.668: Failed to acquire dquot type 1
[  136.654803][ T7854] EXT4-fs (loop4): 1 truncate cleaned up
[  136.659136][ T7854] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  136.667141][ T7854] ext4 filesystem being mounted at /112/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  136.695667][ T6551] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.743203][ T7858] loop4: detected capacity change from 0 to 256
[  136.753379][ T7858] exfat: Deprecated parameter 'utf8'
[  136.767413][ T7858] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x40a90196, utbl_chksum : 0xe619d30d)
[  136.930817][ T7870] loop4: detected capacity change from 0 to 1024
[  136.936131][ T7870] EXT4-fs: inline encryption not supported
[  136.946135][ T7870] EXT4-fs (loop4): can't mount with commit=, fs mounted w/o journal
[  137.580960][ T7894] netlink: 'syz.4.684': attribute type 2 has an invalid length.
[  138.590549][ T7846] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  138.593681][ T7846] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  138.603436][ T7846] Bluetooth: hci1: Opcode 0x0406 failed: -4
[  138.607414][ T7846] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  138.609516][ T7846] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  138.614359][ T7846] Bluetooth: hci2: Opcode 0x0406 failed: -4
[  138.618308][ T7846] Bluetooth: hci0: Opcode 0x0c1a failed: -4
[  138.620427][ T7846] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  138.627835][ T7846] Bluetooth: hci0: Opcode 0x0406 failed: -4
[  138.692847][ T5953] Bluetooth: hci1: command 0x0c1a tx timeout
[  138.737200][ T7904] loop4: detected capacity change from 0 to 128
[  138.758690][ T7904] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  138.768214][ T7904] ext4 filesystem being mounted at /130/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  138.864800][ T6551] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  139.360392][ T7922] loop1: detected capacity change from 0 to 1024
[  139.395522][ T7922] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  139.417899][ T7922] EXT4-fs (loop1): shut down requested (0)
[  139.423621][ T6014] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  139.453903][ T5955] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  139.592442][ T6014] usb 5-1: Using ep0 maxpacket: 32
[  139.596484][ T6014] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  139.605305][ T6014] usb 5-1: New USB device found, idVendor=05ef, idProduct=020a, bcdDevice=91.36
[  139.608619][ T6014] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  139.611833][ T6014] usb 5-1: Product: syz
[  139.615200][ T6014] usb 5-1: Manufacturer: syz
[  139.617146][ T6014] usb 5-1: SerialNumber: syz
[  139.623509][ T6014] usb 5-1: config 0 descriptor??
[  140.114317][ T6000] usb 5-1: USB disconnect, device number 4
[  140.273180][ T7930] sch_tbf: burst 3 is lower than device lo mtu (65550) !
[  140.598664][ T7935] netlink: set zone limit has 4 unknown bytes
[  140.623750][ T5953] Bluetooth: hci2: command 0x0c1a tx timeout
[  140.694145][ T5953] Bluetooth: hci0: command 0x0c1a tx timeout
[  140.773514][ T5953] Bluetooth: hci1: command 0x0c1a tx timeout
[  140.862034][ T7951] loop1: detected capacity change from 0 to 1024
[  140.890611][ T7951] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  140.906155][ T7956] netlink: 'syz.4.708': attribute type 15 has an invalid length.
[  140.908883][ T7951] EXT4-fs error (device loop1): ext4_lookup:1787: comm syz.1.707: inode #12: comm syz.1.707: iget: illegal inode #
[  140.924696][ T7951] EXT4-fs (loop1): Remounting filesystem read-only
[  140.966788][ T5955] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  141.182591][ T7972] loop4: detected capacity change from 0 to 164
[  142.097127][ T7974] 8021q: adding VLAN 0 to HW filter on device bond1
[  142.152144][ T7977] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link
[  142.160326][ T7978] bond_slave_0: entered promiscuous mode
[  142.162467][ T7978] bond_slave_1: entered promiscuous mode
[  142.173626][ T7978] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  142.176124][ T5744] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  142.194173][ T7978] bond1: (slave macvlan2): Enslaving as a backup interface with an up link
[  142.236535][ T7979] bridge_slave_0: left allmulticast mode
[  142.238789][ T7979] bridge_slave_0: left promiscuous mode
[  142.243190][ T7979] bridge0: port 1(bridge_slave_0) entered disabled state
[  142.268096][ T7979] bridge_slave_1: left allmulticast mode
[  142.270477][ T7979] bridge_slave_1: left promiscuous mode
[  142.278861][ T7979] bridge0: port 2(bridge_slave_1) entered disabled state
[  142.288518][ T7979] bond0: (slave bond_slave_0): Releasing backup interface
[  142.291475][ T7979] bond_slave_0: left promiscuous mode
[  142.300691][ T7979] bond0: (slave bond_slave_1): Releasing backup interface
[  142.306843][ T5744] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  142.316089][ T7979] bond_slave_1: left promiscuous mode
[  142.327585][ T7979] team0: Port device team_slave_0 removed
[  142.345906][ T7979] team0: Port device team_slave_1 removed
[  142.348152][ T7979] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  142.350673][ T7979] batman_adv: batadv0: Removing interface: batadv_slave_0
[  142.366313][ T7979] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  142.369286][ T7979] batman_adv: batadv0: Removing interface: batadv_slave_1
[  142.391155][ T7979] veth3: left allmulticast mode
[  142.403876][ T7979] bridge2: port 1(veth3) entered disabled state
[  142.421515][ T7979] bond1: (slave ip6gretap1): Releasing backup interface
[  142.426606][ T7979] bond1: (slave ip6gretap1): the permanent HWaddr of slave - 72:5a:b8:2a:85:65 - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts
[  142.468506][ T7979] bond1: (slave macvlan2): Removing an active aggregator
[  142.492917][ T7979] bond1: (slave macvlan2): Releasing backup interface
[  142.541127][ T7989] loop1: detected capacity change from 0 to 1024
[  142.552726][ T7989] EXT4-fs: Ignoring removed oldalloc option
[  142.554583][ T7989] EXT4-fs: Ignoring removed bh option
[  142.587447][ T7989] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  142.611936][ T7993] loop4: detected capacity change from 0 to 256
[  142.634446][ T7993] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  142.720685][ T5953] Bluetooth: hci2: command 0x0c1a tx timeout
[  142.772338][ T5953] Bluetooth: hci0: command 0x0c1a tx timeout
[  143.042493][ T5953] Bluetooth: hci1: command 0x0c1a tx timeout
[  143.344838][ T7997] netlink: 104 bytes leftover after parsing attributes in process `syz.4.722'.
[  143.479435][ T5955] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  143.794665][ T8020] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  143.798538][ T8020] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  143.802281][ T8020] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  143.805911][ T8020] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  143.809428][ T8020] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  143.813346][ T8020] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  143.817024][ T8020] ip6_tunnel: non-ECT from db5b:6861:58bb:cfe8:875a:6596:9ff5:7b00 with DS=0x31
[  143.870372][ T8022] netdevsim netdevsim2 : renamed from netdevsim0 (while UP)
[  143.940193][ T8012] loop1: detected capacity change from 0 to 40427
[  143.966895][ T8012] F2FS-fs (loop1): invalid crc value
[  144.165840][ T8012] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  144.180929][ T8012] F2FS-fs (loop1): Start checkpoint disabled!
[  144.220670][ T8012] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  144.341011][ T8034] loop2: detected capacity change from 0 to 32768
[  144.343916][ T8034] XFS: noikeep mount option is deprecated.
[  144.414715][ T8034] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  144.461889][ T8034] XFS (loop2): Torn write (CRC failure) detected at log block 0x30. Truncating head block from 0x51.
[  144.474307][ T8034] XFS (loop2): Starting recovery (logdev: internal)
[  144.487559][ T8034] XFS (loop2): Ending recovery (logdev: internal)
[  144.505993][ T8036] hub 1-0:1.0: USB hub found
[  144.518312][ T8036] hub 1-0:1.0: 1 port detected
[  144.612911][  T173] kworker/u9:3: attempt to access beyond end of device
[  144.612911][  T173] loop1: rw=1, sector=77824, nr_sectors = 8 limit=40427
[  144.630877][  T173] kworker/u9:3: attempt to access beyond end of device
[  144.630877][  T173] loop1: rw=1, sector=77832, nr_sectors = 2048 limit=40427
[  144.665269][  T173] kworker/u9:3: attempt to access beyond end of device
[  144.665269][  T173] loop1: rw=1, sector=79880, nr_sectors = 2040 limit=40427
[  144.670695][  T173] kworker/u9:3: attempt to access beyond end of device
[  144.670695][  T173] loop1: rw=1, sector=49152, nr_sectors = 8 limit=40427
[  144.681147][  T173] kworker/u9:3: attempt to access beyond end of device
[  144.681147][  T173] loop1: rw=1, sector=49160, nr_sectors = 2048 limit=40427
[  144.817293][ T5953] Bluetooth: hci2: command 0x0c1a tx timeout
[  144.885224][ T5953] Bluetooth: hci0: command 0x0c1a tx timeout
[  144.891314][ T8051] XFS (loop2): Metadata corruption detected at xfs_inobt_verify+0x9e/0x1f0, xfs_finobt block 0x8 
[  144.896055][ T8051] XFS (loop2): Unmount and run xfs_repair
[  144.898474][ T8051] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  144.901544][ T8051] 00000000: 41 42 33 42 00 00 00 02 ff ff ff ff ff ff ff ff  AB3B............
[  144.905382][ T8051] 00000010: 00 00 00 00 00 00 00 08 00 00 00 01 00 00 00 10  ................
[  144.909039][ T8051] 00000020: c4 96 e0 5e 54 0d 4c 72 b5 91 04 d7 9d 8b 4e eb  ...^T.Lr......N.
[  144.912759][ T8051] 00000030: 00 00 00 00 c8 fc 31 e4 00 00 04 4e 00 00 00 02  ......1....N....
[  144.917137][ T8051] 00000040: 00 00 04 60 00 00 0b a0 00 00 00 00 00 00 00 00  ...`............
[  144.921528][ T8051] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  144.925230][ T8051] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  144.928567][ T8051] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  144.932787][ T8051] XFS (loop2): metadata I/O error in "xfs_btree_read_buf_block+0x290/0x470" at daddr 0x8 len 8 error 117
[  144.962903][ T8048] XFS (loop2): Metadata corruption detected at xfs_btree_lookup_get_block+0x3c5/0x500, xfs_bnobt block 0x8
[  144.966281][  T173] kworker/u9:3: attempt to access beyond end of device
[  144.966281][  T173] loop1: rw=1, sector=51208, nr_sectors = 2040 limit=40427
[  144.966759][ T8048] XFS (loop2): Unmount and run xfs_repair
[  144.973464][  T173] kworker/u9:3: attempt to access beyond end of device
[  144.973464][  T173] loop1: rw=1, sector=57344, nr_sectors = 8 limit=40427
[  144.983816][ T8052] netlink: 12 bytes leftover after parsing attributes in process `syz.4.742'.
[  144.994481][  T173] kworker/u9:3: attempt to access beyond end of device
[  144.994481][  T173] loop1: rw=1, sector=57352, nr_sectors = 2792 limit=40427
[  145.008532][  T173] kworker/u9:3: attempt to access beyond end of device
[  145.008532][  T173] loop1: rw=1, sector=60144, nr_sectors = 1272 limit=40427
[  145.027646][  T173] kworker/u9:3: attempt to access beyond end of device
[  145.027646][  T173] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  145.039770][  T173] CPU: 0 UID: 0 PID: 173 Comm: kworker/u9:3 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  145.039786][  T173] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  145.039792][  T173] Workqueue: writeback wb_workfn (flush-7:1)
[  145.039809][  T173] Call Trace:
[  145.039813][  T173]  <TASK>
[  145.039819][  T173]  dump_stack_lvl+0x189/0x250
[  145.039834][  T173]  ? __pfx_dump_stack_lvl+0x10/0x10
[  145.039843][  T173]  ? __pfx_queue_work_on+0x10/0x10
[  145.039851][  T173]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  145.039862][  T173]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  145.039876][  T173]  f2fs_handle_critical_error+0x37c/0x540
[  145.039891][  T173]  f2fs_write_end_io+0x886/0xb60
[  145.039912][  T173]  __submit_merged_bio+0x27a/0x6a0
[  145.039924][  T173]  __submit_merged_write_cond+0x255/0x530
[  145.039937][  T173]  f2fs_write_data_pages+0x261d/0x3000
[  145.039962][  T173]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  145.040007][  T173]  ? f2fs_write_meta_pages+0x357/0x450
[  145.040022][  T173]  ? __lock_acquire+0xab9/0xd20
[  145.040038][  T173]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  145.040048][  T173]  do_writepages+0x32e/0x550
[  145.040062][  T173]  ? reacquire_held_locks+0x127/0x1d0
[  145.040090][  T173]  ? writeback_sb_inodes+0x384/0x1010
[  145.040105][  T173]  __writeback_single_inode+0x145/0xff0
[  145.040115][  T173]  ? do_raw_spin_unlock+0x4d/0x240
[  145.040126][  T173]  writeback_sb_inodes+0x6c7/0x1010
[  145.040169][  T173]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  145.040199][  T173]  ? rcu_is_watching+0x15/0xb0
[  145.040213][  T173]  wb_writeback+0x43b/0xaf0
[  145.040226][  T173]  ? queue_io+0x391/0x590
[  145.040237][  T173]  ? __pfx_wb_writeback+0x10/0x10
[  145.040250][  T173]  ? _raw_spin_unlock_irq+0x23/0x50
[  145.040261][  T173]  wb_workfn+0x409/0xef0
[  145.040275][  T173]  ? __pfx_wb_workfn+0x10/0x10
[  145.040286][  T173]  ? __lock_acquire+0xab9/0xd20
[  145.040301][  T173]  ? process_scheduled_works+0x9ef/0x17b0
[  145.040312][  T173]  ? _raw_spin_unlock_irq+0x23/0x50
[  145.040319][  T173]  ? process_scheduled_works+0x9ef/0x17b0
[  145.040326][  T173]  ? process_scheduled_works+0x9ef/0x17b0
[  145.040334][  T173]  process_scheduled_works+0xae1/0x17b0
[  145.040354][  T173]  ? __pfx_process_scheduled_works+0x10/0x10
[  145.040375][  T173]  worker_thread+0x8a0/0xda0
[  145.040385][  T173]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  145.040396][  T173]  ? __kthread_parkme+0x7b/0x200
[  145.040410][  T173]  kthread+0x711/0x8a0
[  145.040421][  T173]  ? __pfx_worker_thread+0x10/0x10
[  145.040428][  T173]  ? __pfx_kthread+0x10/0x10
[  145.040438][  T173]  ? _raw_spin_unlock_irq+0x23/0x50
[  145.040445][  T173]  ? lockdep_hardirqs_on+0x9c/0x150
[  145.040455][  T173]  ? __pfx_kthread+0x10/0x10
[  145.040465][  T173]  ret_from_fork+0x3fc/0x770
[  145.040475][  T173]  ? __pfx_ret_from_fork+0x10/0x10
[  145.040485][  T173]  ? __switch_to_asm+0x39/0x70
[  145.040494][  T173]  ? __switch_to_asm+0x33/0x70
[  145.040503][  T173]  ? __pfx_kthread+0x10/0x10
[  145.040512][  T173]  ret_from_fork_asm+0x1a/0x30
[  145.040529][  T173]  </TASK>
[  145.040625][  T173] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  145.239083][ T5960] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  145.267774][ T5960] XFS (loop2): Uncorrected metadata errors detected; please run xfs_repair.
[  145.520385][ T8064] netlink: 'syz.1.741': attribute type 2 has an invalid length.
[  145.591172][ T8068] loop2: detected capacity change from 0 to 1024
[  145.700045][ T8060] loop4: detected capacity change from 0 to 32768
[  145.780676][ T8060] find_entry called with index >= next_index
[  145.783035][ T8060] find_entry called with index >= next_index
[  145.785138][ T8060] find_entry called with index >= next_index
[  145.791602][ T8060] ERROR: (device loop4): jfs_readdir: JFS:Dtree error: ino = 2, bn=48, index = 1
[  145.791602][ T8060] 
[  145.798847][ T8060] ERROR: (device loop4): remounting filesystem as read-only
[  145.801450][ T8060] ERROR: (device loop4): jfs_readdir: JFS:Dtree error: ino = 2, bn=48, index = 3
[  145.801450][ T8060] 
[  145.805502][ T8060] ERROR: (device loop4): jfs_readdir: JFS:Dtree error: ino = 2, bn=48, index = 4
[  145.805502][ T8060] 
[  145.812433][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  146.493587][ T8075] loop1: detected capacity change from 0 to 2048
[  146.522367][ T8075] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  146.526337][ T8075] ext4 filesystem being mounted at /230/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  146.536629][ T8075] EXT4-fs error (device loop1): __ext4_new_inode:1279: comm syz.1.751: failed to insert inode 13: doubly allocated?
[  146.565147][ T5955] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  146.691191][ T8083] (unnamed net_device) (uninitialized): option all_slaves_active: invalid value (8)
[  146.743271][ T8077] loop4: detected capacity change from 0 to 32768
[  146.753387][ T8077] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.750 (8077)
[  146.774523][ T8077] BTRFS info (device loop4): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  146.778078][ T8086] netlink: 32 bytes leftover after parsing attributes in process `syz.1.754'.
[  146.781718][ T8077] BTRFS info (device loop4): using xxhash64 (xxhash64-generic) checksum algorithm
[  146.786354][ T8077] BTRFS info (device loop4): using free-space-tree
[  146.958155][ T6551] BTRFS info (device loop4): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  147.113233][ T5942] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  147.528045][ T5942] usb 3-1: unable to get BOS descriptor or descriptor too short
[  147.532368][ T5942] usb 3-1: config 5 has an invalid interface number: 58 but max is 0
[  147.535734][ T5942] usb 3-1: config 5 has no interface number 0
[  147.538702][ T5942] usb 3-1: config 5 interface 58 has no altsetting 0
[  147.546294][ T5942] usb 3-1: New USB device found, idVendor=045e, idProduct=0775, bcdDevice= a.af
[  147.560155][ T5942] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  147.563021][ T5942] usb 3-1: Product: syz
[  147.564358][ T5942] usb 3-1: Manufacturer: syz
[  147.565866][ T5942] usb 3-1: SerialNumber: syz
[  147.779769][ T8104] loop2: detected capacity change from 0 to 512
[  147.834468][ T8104] EXT4-fs (loop2): 1 orphan inode deleted
[  147.838529][ T8104] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  147.844315][ T8104] ext4 filesystem being mounted at /247/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  147.857401][ T3631] Quota error (device loop2): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  147.863925][ T3631] EXT4-fs error (device loop2): ext4_release_dquot:6969: comm kworker/u9:6: Failed to release dquot type 1
[  149.230624][ T8129] loop1: detected capacity change from 0 to 32768
[  149.285569][ T8129] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  149.328057][ T8129] XFS (loop1): Ending clean mount
[  149.342534][ T8129] XFS (loop1): Quotacheck needed: Please wait.
[  149.408611][ T8129] XFS (loop1): Quotacheck: Done.
[  149.455089][   T33] audit: type=1800 audit(1755037362.683:26): pid=8129 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.762" name="file1" dev="loop1" ino=9286 res=0 errno=0
[  149.473289][ T5955] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  149.977107][ T5960] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.062929][ T5942] usb 3-1: USB disconnect, device number 4
[  150.251925][ T8145] loop1: detected capacity change from 0 to 1024
[  150.256799][ T8145] EXT4-fs: inline encryption not supported
[  150.258934][ T8145] EXT4-fs: Ignoring removed i_version option
[  150.263610][ T8135] loop4: detected capacity change from 0 to 131072
[  150.268882][ T8135] F2FS-fs (loop4): Wrong CP boundary, start(512) end(198144) blocks(1024)
[  150.272347][ T8135] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[  150.278613][ T8135] F2FS-fs (loop4): invalid crc value
[  150.342065][ T8135] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  150.348780][ T8135] F2FS-fs (loop4): Try to recover 2th superblock, ret: -30
[  150.351694][ T8135] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[  150.397769][ T8135] F2FS-fs (loop4): inconsistent node block, node_type:2, nid:8, node_footer[nid:8,ino:8,ofs:0,cpver:5013063228981249506,blkaddr:15366]
[  150.411144][ T8135] fs-verity (loop4, inode 7): Error -117 getting verity descriptor size
[  150.498692][ T8150] loop2: detected capacity change from 0 to 32768
[  150.503245][ T8150] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.767 (8150)
[  150.521838][ T8150] BTRFS info (device loop2): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  150.525697][ T8150] BTRFS info (device loop2): using crc32c (crc32c-lib) checksum algorithm
[  150.529024][ T8150] BTRFS info (device loop2): using free-space-tree
[  150.541004][ T8145] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  150.668212][ T5955] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.933694][ T5960] BTRFS info (device loop2): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  151.787708][ T8189] loop1: detected capacity change from 0 to 512
[  151.801715][ T8189] EXT4-fs: Ignoring removed orlov option
[  151.832926][ T8191] netlink: 8 bytes leftover after parsing attributes in process `syz.2.775'.
[  151.877224][ T8189] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  151.915948][ T8189] ext4 filesystem being mounted at /241/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  152.181515][ T5955] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  153.024385][ T8199] loop1: detected capacity change from 0 to 40427
[  153.225217][ T8199] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  153.229086][ T8199] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  153.681983][   T33] audit: type=1326 audit(1755037366.933:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8217 comm="syz.4.785" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f079cb8ebe9 code=0x7ffc0000
[  153.722895][   T33] audit: type=1326 audit(1755037366.953:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8217 comm="syz.4.785" exe="/syz-executor" sig=0 arch=c000003e syscall=61 compat=0 ip=0x7f079cb8ebe9 code=0x7ffc0000
[  153.748949][   T33] audit: type=1326 audit(1755037366.953:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8217 comm="syz.4.785" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f079cb8ebe9 code=0x7ffc0000
[  153.781579][   T33] audit: type=1326 audit(1755037366.953:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8217 comm="syz.4.785" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f079cb8ebe9 code=0x7ffc0000
[  154.065364][ T8232] vcan0: tx drop: invalid sa for name 0x0000000000000003
[  154.077883][ T8236] loop1: detected capacity change from 0 to 512
[  154.123691][ T8236] EXT4-fs error (device loop1): ext4_expand_extra_isize_ea:2798: inode #11: comm syz.1.793: corrupted xattr block 95: invalid header
[  154.140770][ T8236] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.793: bg 0: block 7: invalid block bitmap
[  154.159741][ T8236] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6657: Corrupt filesystem
[  154.170433][ T8236] EXT4-fs error (device loop1): ext4_xattr_delete_inode:2962: inode #11: comm syz.1.793: corrupted xattr block 95: invalid header
[  154.187019][ T8236] EXT4-fs warning (device loop1): ext4_evict_inode:274: xattr delete (err -117)
[  154.190957][ T8236] EXT4-fs (loop1): 1 orphan inode deleted
[  154.195344][ T8236] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  154.237181][ T5955] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  154.548505][ T8248] loop1: detected capacity change from 0 to 32768
[  154.657469][ T8248] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nojournal_transaction_names
[  154.657484][ T8248]   allowing incompatible features above 0.0: (unknown version)
[  154.657490][ T8248]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  154.675977][ T8248] bcachefs (loop1): Using encoding defined by superblock: utf8-12.1.0
[  154.678518][ T8248] bcachefs (loop1): initializing new filesystem
[  154.690541][ T8248] bcachefs (loop1): going read-write
[  154.697961][ T8248] bcachefs (loop1): marking superblocks
[  154.711722][ T8260] loop2: detected capacity change from 0 to 32768
[  154.736169][ T8248] bcachefs (loop1): initializing freespace
[  154.753115][ T8248] bcachefs (loop1): done initializing freespace
[  154.768789][ T8248] bcachefs (loop1): reading snapshots table
[  154.780583][ T8248] bcachefs (loop1): reading snapshots done
[  154.789329][ T8260] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  154.835680][ T8248] bcachefs (loop1): done starting filesystem
[  154.877462][ T5960] ocfs2: Unmounting device (7,2) on (node local)
[  154.877855][ T8248] bcachefs (loop1): going read-only
[  154.887086][ T8248] bcachefs (loop1): finished waiting for writes to stop
[  154.935186][ T8248] bcachefs (loop1): flushing journal and stopping allocators, journal seq 2
[  154.998035][ T8248] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 2
[  155.008728][ T8248] bcachefs (loop1): clean shutdown complete, journal seq 3
[  155.013769][ T8248] bcachefs (loop1): marking filesystem clean
[  155.029306][ T8281] bcachefs (loop1): going read-write
[  155.083481][ T8248] syz.1.797 (8248) used greatest stack depth: 15896 bytes left
[  155.119767][ T5955] bcachefs (loop1): shutting down
[  155.121626][ T5955] bcachefs (loop1): going read-only
[  155.124034][ T8292] netlink: 'syz.2.811': attribute type 10 has an invalid length.
[  155.126690][ T8292] netlink: 40 bytes leftover after parsing attributes in process `syz.2.811'.
[  155.130503][ T5955] bcachefs (loop1): finished waiting for writes to stop
[  155.137795][ T5955] bcachefs (loop1): flushing journal and stopping allocators, journal seq 3
[  155.140678][ T5955] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 3
[  155.152773][ T5955] bcachefs (loop1): clean shutdown complete, journal seq 4
[  155.155293][ T5955] bcachefs (loop1): marking filesystem clean
[  155.296568][ T5955] bcachefs (loop1): shutdown complete
[  155.358215][ T8294] loop2: detected capacity change from 0 to 40427
[  155.429757][ T8294] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  155.439228][ T8294] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  155.507784][ T8296] loop4: detected capacity change from 0 to 32768
[  155.536867][ T8296] JBD2: Ignoring recovery information on journal
[  155.568002][ T8296] ocfs2: Mounting device (7,4) on (node local, slot 0) with writeback data mode.
[  155.621810][ T6551] ocfs2: Unmounting device (7,4) on (node local)
[  155.739693][ T8304] syz.2.814: attempt to access beyond end of device
[  155.739693][ T8304] loop2: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[  155.748841][ T8304] syz.2.814: attempt to access beyond end of device
[  155.748841][ T8304] loop2: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  155.764181][ T8304] syz.2.814: attempt to access beyond end of device
[  155.764181][ T8304] loop2: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  155.805094][   T33] audit: type=1326 audit(1755037369.033:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8293 comm="syz.2.814" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff612f8ebe9 code=0x0
[  155.985374][ T8307] loop4: detected capacity change from 0 to 256
[  155.999604][ T8307] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  156.116054][ T5960] syz-executor: attempt to access beyond end of device
[  156.116054][ T5960] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  156.154650][ T5960] CPU: 0 UID: 0 PID: 5960 Comm: syz-executor Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  156.154677][ T5960] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  156.154687][ T5960] Call Trace:
[  156.154703][ T5960]  <TASK>
[  156.154710][ T5960]  dump_stack_lvl+0x189/0x250
[  156.154737][ T5960]  ? __pfx_dump_stack_lvl+0x10/0x10
[  156.154754][ T5960]  ? __pfx_queue_work_on+0x10/0x10
[  156.154769][ T5960]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  156.154785][ T5960]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  156.154812][ T5960]  f2fs_handle_critical_error+0x37c/0x540
[  156.154838][ T5960]  f2fs_write_end_io+0x886/0xb60
[  156.154875][ T5960]  __submit_merged_bio+0x27a/0x6a0
[  156.154899][ T5960]  __submit_merged_write_cond+0x255/0x530
[  156.154924][ T5960]  f2fs_write_data_pages+0x261d/0x3000
[  156.154976][ T5960]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  156.155064][ T5960]  ? __lock_acquire+0xab9/0xd20
[  156.155093][ T5960]  ? do_raw_spin_lock+0x121/0x290
[  156.155149][ T5960]  ? do_raw_spin_unlock+0x4d/0x240
[  156.155168][ T5960]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  156.155188][ T5960]  do_writepages+0x32e/0x550
[  156.155219][ T5960]  ? do_raw_spin_unlock+0x4d/0x240
[  156.155240][ T5960]  filemap_fdatawrite+0x199/0x240
[  156.155261][ T5960]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  156.155325][ T5960]  ? do_raw_spin_unlock+0x4d/0x240
[  156.155347][ T5960]  f2fs_sync_dirty_inodes+0x31f/0x830
[  156.155382][ T5960]  f2fs_write_checkpoint+0x95a/0x1df0
[  156.155425][ T5960]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  156.155490][ T5960]  ? kill_f2fs_super+0x298/0x6c0
[  156.155517][ T5960]  kill_f2fs_super+0x2c3/0x6c0
[  156.155542][ T5960]  ? __pfx_kill_f2fs_super+0x10/0x10
[  156.155560][ T5960]  ? radix_tree_delete_item+0x2b6/0x400
[  156.155584][ T5960]  ? shrinker_free+0x2ce/0x3e0
[  156.155603][ T5960]  deactivate_locked_super+0xbc/0x130
[  156.155623][ T5960]  cleanup_mnt+0x425/0x4c0
[  156.155641][ T5960]  ? lockdep_hardirqs_on+0x9c/0x150
[  156.155660][ T5960]  task_work_run+0x1d4/0x260
[  156.155683][ T5960]  ? __pfx_task_work_run+0x10/0x10
[  156.155704][ T5960]  ? __x64_sys_umount+0x122/0x160
[  156.155728][ T5960]  ? exit_to_user_mode_loop+0x40/0x110
[  156.155752][ T5960]  exit_to_user_mode_loop+0xec/0x110
[  156.155773][ T5960]  do_syscall_64+0x2bd/0x3b0
[  156.155790][ T5960]  ? lockdep_hardirqs_on+0x9c/0x150
[  156.155805][ T5960]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.155820][ T5960]  ? exc_page_fault+0x9f/0xf0
[  156.155838][ T5960]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.155852][ T5960] RIP: 0033:0x7ff612f8ff17
[  156.155868][ T5960] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  156.155880][ T5960] RSP: 002b:00007fff7700d7c8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  156.155896][ T5960] RAX: 0000000000000000 RBX: 00007ff613011c05 RCX: 00007ff612f8ff17
[  156.155906][ T5960] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff7700d880
[  156.155915][ T5960] RBP: 00007fff7700d880 R08: 0000000000000000 R09: 0000000000000000
[  156.155924][ T5960] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007fff7700e910
[  156.155933][ T5960] R13: 00007ff613011c05 R14: 0000000000026156 R15: 00007fff7700e950
[  156.155960][ T5960]  </TASK>
[  156.155966][ T5960] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  156.359738][ T8310] loop4: detected capacity change from 0 to 128
[  156.367230][ T8310] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  156.382810][ T8310] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  158.156299][ T8335] loop4: detected capacity change from 0 to 1024
[  158.187496][ T8335] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  158.227307][ T6551] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  158.386742][ T8349] netlink: 8 bytes leftover after parsing attributes in process `syz.2.829'.
[  158.388237][ T8350] netlink: 'syz.4.830': attribute type 3 has an invalid length.
[  158.396709][ T8350] netlink: 132 bytes leftover after parsing attributes in process `syz.4.830'.
[  158.822368][ T2304] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  158.826271][ T5942] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  158.973328][ T2304] usb 3-1: Using ep0 maxpacket: 8
[  158.983095][ T5942] usb 2-1: config 2 has an invalid interface number: 181 but max is 0
[  158.997516][ T2304] usb 3-1: config 2 has an invalid interface number: 241 but max is 0
[  159.029533][ T5942] usb 2-1: config 2 has no interface number 0
[  159.053566][ T2304] usb 3-1: config 2 has no interface number 0
[  159.056255][ T5942] usb 2-1: config 2 interface 181 has no altsetting 0
[  159.063112][ T2304] usb 3-1: config 2 interface 241 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[  159.087479][ T5942] usb 2-1: New USB device found, idVendor=1776, idProduct=501c, bcdDevice=7e.08
[  159.091541][ T2304] usb 3-1: config 2 interface 241 has no altsetting 0
[  159.111313][ T5942] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  159.126263][ T2304] usb 3-1: New USB device found, idVendor=110a, idProduct=1130, bcdDevice=b3.a3
[  159.133111][ T5942] usb 2-1: Product: syz
[  159.138228][ T2304] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  159.143112][ T5942] usb 2-1: Manufacturer: syz
[  159.146128][ T5942] usb 2-1: SerialNumber: syz
[  159.148882][ T2304] usb 3-1: Product: syz
[  159.165177][ T2304] usb 3-1: Manufacturer: syz
[  159.176707][ T2304] usb 3-1: SerialNumber: syz
[  159.244269][ T2304] ti_usb_3410_5052 3-1:2.241: TI USB 3410 1 port adapter converter detected
[  159.286053][ T2304] ti_usb_3410_5052 3-1:2.241: missing endpoints
[  159.299590][ T5942] gspca_main: spca501-2.14.0 probing 1776:501c
[  159.509630][ T5942] gspca_spca501: reg write: error -71
[  159.511562][ T5942] spca501 2-1:2.181: Reg write failed for 0x02,0x07,0x05
[  159.542896][ T5942] spca501 2-1:2.181: probe with driver spca501 failed with error -22
[  159.650022][ T5942] usb 2-1: USB disconnect, device number 11
[  159.691824][ T6014] usb 3-1: USB disconnect, device number 5
[  160.622814][ T8391] netlink: 'syz.2.838': attribute type 21 has an invalid length.
[  160.625851][ T8391] netlink: 164 bytes leftover after parsing attributes in process `syz.2.838'.
[  161.989777][ T8412] loop4: detected capacity change from 0 to 40427
[  161.990745][ T8431] loop1: detected capacity change from 0 to 2048
[  162.001185][ T8412] F2FS-fs (loop4): invalid crc value
[  162.051555][ T8433] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  162.085843][ T8433] NILFS (loop1): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[  162.092331][ T8433] NILFS error (device loop1): nilfs_bmap_propagate: broken bmap (inode number=4)
[  162.104303][ T8412] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  162.106616][ T8433] Remounting filesystem read-only
[  162.107619][ T8412] F2FS-fs (loop4): Start checkpoint disabled!
[  162.121436][ T8412] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  162.137018][ T5955] NILFS (loop1): disposed unprocessed dirty file(s) when stopping log writer
[  162.177796][ T8412] syz.4.843: attempt to access beyond end of device
[  162.177796][ T8412] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  162.222904][ T3631] kworker/u9:6: attempt to access beyond end of device
[  162.222904][ T3631] loop4: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  162.229427][ T3631] CPU: 1 UID: 0 PID: 3631 Comm: kworker/u9:6 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  162.229443][ T3631] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  162.229450][ T3631] Workqueue: writeback wb_workfn (flush-7:4)
[  162.229468][ T3631] Call Trace:
[  162.229472][ T3631]  <TASK>
[  162.229477][ T3631]  dump_stack_lvl+0x189/0x250
[  162.229492][ T3631]  ? __pfx_dump_stack_lvl+0x10/0x10
[  162.229502][ T3631]  ? __pfx_queue_work_on+0x10/0x10
[  162.229511][ T3631]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  162.229522][ T3631]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  162.229537][ T3631]  f2fs_handle_critical_error+0x37c/0x540
[  162.229575][ T3631]  f2fs_write_end_io+0x886/0xb60
[  162.229598][ T3631]  __submit_merged_bio+0x27a/0x6a0
[  162.229612][ T3631]  __submit_merged_write_cond+0x255/0x530
[  162.229625][ T3631]  f2fs_write_data_pages+0x261d/0x3000
[  162.229653][ T3631]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  162.229671][ T3631]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  162.229701][ T3631]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  162.229717][ T3631]  ? trace_f2fs_writepages+0x7f/0x200
[  162.229728][ T3631]  ? f2fs_write_node_pages+0x478/0x6e0
[  162.229740][ T3631]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  162.229757][ T3631]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  162.229768][ T3631]  do_writepages+0x32e/0x550
[  162.229783][ T3631]  ? reacquire_held_locks+0x127/0x1d0
[  162.229791][ T3631]  ? writeback_sb_inodes+0x384/0x1010
[  162.229807][ T3631]  __writeback_single_inode+0x145/0xff0
[  162.229816][ T3631]  ? do_raw_spin_unlock+0x4d/0x240
[  162.229829][ T3631]  writeback_sb_inodes+0x6c7/0x1010
[  162.229853][ T3631]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  162.229885][ T3631]  ? rcu_is_watching+0x15/0xb0
[  162.229899][ T3631]  wb_writeback+0x43b/0xaf0
[  162.229913][ T3631]  ? queue_io+0x391/0x590
[  162.229924][ T3631]  ? __pfx_wb_writeback+0x10/0x10
[  162.229939][ T3631]  ? _raw_spin_unlock_irq+0x23/0x50
[  162.229950][ T3631]  wb_workfn+0x409/0xef0
[  162.229967][ T3631]  ? __pfx_wb_workfn+0x10/0x10
[  162.229978][ T3631]  ? __lock_acquire+0xab9/0xd20
[  162.230010][ T3631]  ? process_scheduled_works+0x9ef/0x17b0
[  162.230026][ T3631]  ? _raw_spin_unlock_irq+0x23/0x50
[  162.230038][ T3631]  ? process_scheduled_works+0x9ef/0x17b0
[  162.230047][ T3631]  ? process_scheduled_works+0x9ef/0x17b0
[  162.230056][ T3631]  process_scheduled_works+0xae1/0x17b0
[  162.230080][ T3631]  ? __pfx_process_scheduled_works+0x10/0x10
[  162.230102][ T3631]  worker_thread+0x8a0/0xda0
[  162.230112][ T3631]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  162.230125][ T3631]  ? __kthread_parkme+0x7b/0x200
[  162.230140][ T3631]  kthread+0x711/0x8a0
[  162.230152][ T3631]  ? __pfx_worker_thread+0x10/0x10
[  162.230159][ T3631]  ? __pfx_kthread+0x10/0x10
[  162.230170][ T3631]  ? _raw_spin_unlock_irq+0x23/0x50
[  162.230178][ T3631]  ? lockdep_hardirqs_on+0x9c/0x150
[  162.230188][ T3631]  ? __pfx_kthread+0x10/0x10
[  162.230198][ T3631]  ret_from_fork+0x3fc/0x770
[  162.230209][ T3631]  ? __pfx_ret_from_fork+0x10/0x10
[  162.230221][ T3631]  ? __switch_to_asm+0x39/0x70
[  162.230230][ T3631]  ? __switch_to_asm+0x33/0x70
[  162.230239][ T3631]  ? __pfx_kthread+0x10/0x10
[  162.230249][ T3631]  ret_from_fork_asm+0x1a/0x30
[  162.230268][ T3631]  </TASK>
[  162.230272][ T3631] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  162.390497][ T8436] loop1: detected capacity change from 0 to 32768
[  162.521361][ T8436] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  162.521387][ T8436]   allowing incompatible features above 0.0: (unknown version)
[  162.521396][ T8436]   features: 
[  162.548771][ T8436] bcachefs (loop1): Using encoding defined by superblock: utf8-12.1.0
[  162.557632][ T8436] bcachefs (loop1): initializing new filesystem
[  162.580948][ T8436] bcachefs (loop1): going read-write
[  162.617907][ T8436] bcachefs (loop1): marking superblocks
[  162.658022][ T8436] bcachefs (loop1): initializing freespace
[  162.671307][ T8436] bcachefs (loop1): done initializing freespace
[  162.679449][ T8436] bcachefs (loop1): reading snapshots table
[  162.681852][ T8436] bcachefs (loop1): reading snapshots done
[  162.732105][ T8436] bcachefs (loop1): done starting filesystem
[  162.910198][ T5955] bcachefs (loop1): shutting down
[  162.912105][ T5955] bcachefs (loop1): going read-only
[  162.923321][ T5955] bcachefs (loop1): finished waiting for writes to stop
[  162.949427][ T5955] bcachefs (loop1): flushing journal and stopping allocators, journal seq 2
[  163.022512][ T8461] netlink: 48 bytes leftover after parsing attributes in process `syz.2.861'.
[  163.035876][ T5955] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 3
[  163.042949][ T5955] bcachefs (loop1): clean shutdown complete, journal seq 4
[  163.045655][ T5955] bcachefs (loop1): marking filesystem clean
[  163.078814][ T5955] bcachefs (loop1): shutdown complete
[  163.094445][ T8463] netlink: 60 bytes leftover after parsing attributes in process `syz.2.862'.
[  163.235399][ T8457] loop4: detected capacity change from 0 to 32768
[  163.238980][ T8457] btrfs: Deprecated parameter 'usebackuproot'
[  163.241418][ T8457] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  163.258753][ T8457] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.854 (8457)
[  163.291564][ T8457] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  163.297189][ T8457] BTRFS info (device loop4): using crc32c (crc32c-lib) checksum algorithm
[  163.303745][ T8457] BTRFS info (device loop4): using free-space-tree
[  163.330109][   T36] BTRFS warning (device loop4): checksum verify failed on logical 5332992 mirror 1 wanted 0x0a5e5d25 found 0x26333c6f level 0
[  163.339930][ T8457] BTRFS warning (device loop4): couldn't read tree root
[  163.342771][ T8457] BTRFS warning (device loop4): try to load backup roots slot 1
[  163.346505][   T36] BTRFS warning (device loop4): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x78ca8373 level 0
[  163.351715][ T8457] BTRFS warning (device loop4): couldn't read tree root
[  163.354409][   T24] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  163.359572][ T8457] BTRFS warning (device loop4): try to load backup roots slot 2
[  163.363401][   T27] BTRFS error (device loop4): level verify failed on logical 5255168 mirror 1 wanted 0 found 1
[  163.366726][ T8457] BTRFS warning (device loop4): couldn't read tree root
[  163.368919][ T8457] BTRFS warning (device loop4): try to load backup roots slot 3
[  163.383039][ T8457] BTRFS info (device loop4): rebuilding free space tree
[  163.400403][ T8457] BTRFS info (device loop4): checking UUID tree
[  163.525360][   T24] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  163.529347][   T24] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  163.554141][   T24] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  163.557849][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  163.560909][   T24] usb 3-1: SerialNumber: syz
[  163.781469][   T24] usb 3-1: 0:2 : does not exist
[  163.784375][ T6551] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  163.839371][   T24] usb 3-1: USB disconnect, device number 6
[  163.907442][ T6188] udevd[6188]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  164.057598][ T8485] netlink: 10 bytes leftover after parsing attributes in process `syz.4.863'.
[  164.818659][ T8500] tipc: Started in network mode
[  164.822022][ T8500] tipc: Node identity 7f000001, cluster identity 4711
[  164.825057][ T8500] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  165.020629][ T8510] loop2: detected capacity change from 0 to 65
[  165.042388][ T8510] BFS-fs: bfs_fill_super(): Superblock is corrupted on loop2
[  165.240608][ T8517] loop2: detected capacity change from 0 to 4096
[  165.277144][ T8520] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  165.592674][ T8524] loop1: detected capacity change from 0 to 32768
[  165.610145][ T8524] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.879 (8524)
[  165.627127][ T8524] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  165.634899][ T8524] BTRFS info (device loop1): using sha256 (sha256-lib) checksum algorithm
[  165.638394][ T8524] BTRFS info (device loop1): using free-space-tree
[  165.700452][ T8523] loop4: detected capacity change from 0 to 32768
[  165.737019][ T5951]  loop4: p1 p3 < >
[  165.762016][ T8523]  loop4: p1 p3 < >
[  165.832679][ T5955] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  166.129823][ T8553] netlink: 'syz.4.885': attribute type 1 has an invalid length.
[  166.134085][ T8553] netlink: 224 bytes leftover after parsing attributes in process `syz.4.885'.
[  166.200443][ T5951] udevd[5951]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  166.209093][ T7376] udevd[7376]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[  166.261222][ T7376] udevd[7376]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[  166.269717][ T5951] udevd[5951]: inotify_add_watch(7, /dev/loop4p1, 10) failed: No such file or directory
[  167.098918][ T8582] loop2: detected capacity change from 0 to 512
[  167.117274][ T8582] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  167.134073][ T8582] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c842e02c, mo2=0002]
[  167.144881][ T8582] EXT4-fs (loop2): orphan cleanup on readonly fs
[  167.152757][ T8582] EXT4-fs error (device loop2): ext4_orphan_get:1418: comm syz.2.898: bad orphan inode 267
[  167.168126][ T8582] EXT4-fs (loop2): Remounting filesystem read-only
[  167.178377][ T8582] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none.
[  167.228789][ T8582] EXT4-fs warning (device loop2): dx_probe:861: inode #2: comm syz.2.898: dx entry: limit 0 != root limit 125
[  167.248920][ T8582] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.898: Corrupt directory, running e2fsck is recommended
[  167.375637][ T5960] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  168.439279][ T8590] loop1: detected capacity change from 0 to 8192
[  168.545123][ T6188] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting.
[  168.548309][ T6188] ldm_validate_privheads(): Cannot find PRIVHEAD 1.
[  168.551210][ T6188]  loop1: unable to read partition table
[  168.562739][ T8590] ldm_parse_privhead(): Cannot find PRIVHEAD structure. LDM database is corrupt. Aborting.
[  168.566214][ T8590] ldm_validate_privheads(): Cannot find PRIVHEAD 1.
[  168.568751][ T8590]  loop1: unable to read partition table
[  168.571108][ T8590] loop_reread_partitions: partition scan of loop1 () failed (rc=-5)
[  168.966285][ T8620] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  168.968984][ T8620] IPv6: NLM_F_CREATE should be set when creating new route
[  168.971445][ T8620] IPv6: NLM_F_CREATE should be set when creating new route
[  169.174737][ T8614] loop4: detected capacity change from 0 to 32768
[  169.228141][ T8614] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  169.319158][ T8614] XFS (loop4): Ending clean mount
[  169.411306][ T6551] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  169.916474][ T8651] netlink: 'syz.4.922': attribute type 6 has an invalid length.
[  170.509147][ T8665] netlink: 'syz.1.928': attribute type 2 has an invalid length.
[  171.339688][ T8673] loop4: detected capacity change from 0 to 1024
[  171.358442][ T8673] EXT4-fs: Ignoring removed nobh option
[  171.449109][ T8673] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  171.606320][ T6551] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.732562][ T8686] loop1: detected capacity change from 0 to 256
[  172.376006][ T8707] netlink: 'syz.1.946': attribute type 25 has an invalid length.
[  172.600984][ T8711] loop1: detected capacity change from 0 to 64
[  172.649221][ T8711] MINIX-fs: bad superblock or unable to read bitmaps
[  172.734148][ T8715] misc userio: Invalid payload size
[  173.700233][ T8730] netlink: 16 bytes leftover after parsing attributes in process `syz.4.957'.
[  173.878712][ T8733] input: syz1 as /devices/virtual/input/input8
[  175.143406][ T8748] loop4: detected capacity change from 0 to 2048
[  175.153578][ T8748] hpfs: filesystem error: invalid size in superblock: ffffffff; already mounted read-only
[  175.339487][ T8753] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  175.344379][ T8753] team0: Device ipvlan2 is already an upper device of the team interface
[  175.404296][ T8757] loop1: detected capacity change from 0 to 128
[  176.363853][ T3577] kworker/u9:4: attempt to access beyond end of device
[  176.363853][ T3577] loop1: rw=1, sector=153, nr_sectors = 8 limit=128
[  176.377709][ T3577] kworker/u9:4: attempt to access beyond end of device
[  176.377709][ T3577] loop1: rw=1, sector=169, nr_sectors = 8 limit=128
[  176.408144][ T3577] kworker/u9:4: attempt to access beyond end of device
[  176.408144][ T3577] loop1: rw=1, sector=185, nr_sectors = 8 limit=128
[  176.420647][ T3577] kworker/u9:4: attempt to access beyond end of device
[  176.420647][ T3577] loop1: rw=1, sector=201, nr_sectors = 8 limit=128
[  176.426530][ T3577] kworker/u9:4: attempt to access beyond end of device
[  176.426530][ T3577] loop1: rw=1, sector=217, nr_sectors = 8 limit=128
[  176.431413][ T3577] kworker/u9:4: attempt to access beyond end of device
[  176.431413][ T3577] loop1: rw=1, sector=233, nr_sectors = 8 limit=128
[  176.445987][ T3577] kworker/u9:4: attempt to access beyond end of device
[  176.445987][ T3577] loop1: rw=1, sector=249, nr_sectors = 8 limit=128
[  176.450451][ T3577] kworker/u9:4: attempt to access beyond end of device
[  176.450451][ T3577] loop1: rw=1, sector=265, nr_sectors = 8 limit=128
[  176.451288][ T8763] loop2: detected capacity change from 0 to 40427
[  176.459072][ T3577] kworker/u9:4: attempt to access beyond end of device
[  176.459072][ T3577] loop1: rw=1, sector=281, nr_sectors = 8 limit=128
[  176.461442][ T8763] F2FS-fs (loop2): Image doesn't support compression
[  176.466612][ T8763] F2FS-fs (loop2): build fault injection rate: 690
[  176.469204][ T8763] F2FS-fs (loop2): build fault injection type: 0x35f7
[  176.471980][ T3577] kworker/u9:4: attempt to access beyond end of device
[  176.471980][ T3577] loop1: rw=1, sector=297, nr_sectors = 8 limit=128
[  176.476314][ T8763] F2FS-fs (loop2): invalid crc value
[  176.532490][ T8763] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  176.535995][ T8763] F2FS-fs (loop2): Start checkpoint disabled!
[  176.547990][ T8763] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  176.697281][ T8785] loop4: detected capacity change from 0 to 64
[  176.888722][ T8789] loop2: detected capacity change from 0 to 2048
[  177.007711][ T8789] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000900 r/w without journal. Quota mode: none.
[  177.017073][ T2304] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  177.096922][ T8789] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  177.121563][ T8789] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 950 with error 28
[  177.127101][ T8789] EXT4-fs (loop2): This should not happen!! Data will be lost
[  177.127101][ T8789] 
[  177.131423][ T8789] EXT4-fs (loop2): Total free blocks count 0
[  177.133871][ T8789] EXT4-fs (loop2): Free/Dirty block details
[  177.135782][ T8789] EXT4-fs (loop2): free_blocks=2415919104
[  177.137948][ T8789] EXT4-fs (loop2): dirty_blocks=960
[  177.139585][ T8789] EXT4-fs (loop2): Block reservation details
[  177.141631][ T8789] EXT4-fs (loop2): i_reserved_data_blocks=60
[  177.172559][    C1] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  177.198056][ T2304] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  177.205308][ T2304] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  177.208738][ T2304] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  177.221970][ T2304] usb 5-1: config 1 has no interface number 1
[  177.225921][ T2304] usb 5-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  177.237871][ T2304] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  177.247815][ T2304] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  177.251957][ T8783] loop1: detected capacity change from 0 to 131072
[  177.252690][ T2304] usb 5-1: Product: syz
[  177.255572][ T8783] F2FS-fs (loop1): Wrong CP boundary, start(512) end(1536) blocks(0)
[  177.258709][ T8783] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  177.263525][ T8783] F2FS-fs (loop1): invalid crc value
[  177.268211][ T2304] usb 5-1: Manufacturer: syz
[  177.276368][ T2304] usb 5-1: SerialNumber: syz
[  177.305852][ T8783] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  177.317041][ T8783] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  177.319782][ T8783] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  177.378202][   T68] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  177.553771][ T2304] usb 5-1: No MIDI 2.0 at altset 1, falling back to MIDI 1.0
[  177.557906][ T2304] usb 5-1: MIDIStreaming interface descriptor not found
[  177.722639][ T2304] usb 5-1: USB disconnect, device number 5
[  177.852074][ T8804] proc: Bad value for 'gid'
[  177.893370][ T6243] udevd[6243]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  179.129139][ T8818] netlink: 'syz.4.989': attribute type 20 has an invalid length.
[  179.879476][ T8823] netlink: 12 bytes leftover after parsing attributes in process `syz.2.991'.
[  180.316970][ T8831] sch_fq: defrate 4294967295 ignored.
[  180.332567][ T2304] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  180.496771][ T2304] usb 3-1: unable to get BOS descriptor or descriptor too short
[  180.502650][ T2304] usb 3-1: config index 0 descriptor too short (expected 64776, got 27)
[  180.506092][ T2304] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  180.510256][ T2304] usb 3-1: config 1 interface 0 altsetting 9 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  180.520184][ T2304] usb 3-1: config 1 interface 0 has no altsetting 0
[  180.527073][ T2304] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  180.530682][ T2304] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  180.537008][ T2304] usb 3-1: Product: syz
[  180.538725][ T2304] usb 3-1: Manufacturer: syz
[  180.540339][ T2304] usb 3-1: SerialNumber: syz
[  180.763475][ T2304] usb 3-1: USB disconnect, device number 7
[  180.863159][ T6013] usb 2-1: new full-speed USB device number 12 using dummy_hcd
[  181.016342][ T6013] usb 2-1: config 0 has no interfaces?
[  181.021663][ T6013] usb 2-1: New USB device found, idVendor=3344, idProduct=22f0, bcdDevice=ef.4d
[  181.025662][ T6013] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  181.028906][ T6013] usb 2-1: Product: syz
[  181.030672][ T6013] usb 2-1: Manufacturer: syz
[  181.034320][ T6013] usb 2-1: SerialNumber: syz
[  181.038964][ T6013] usb 2-1: config 0 descriptor??
[  181.116237][ T8854] loop4: detected capacity change from 0 to 32768
[  181.146968][ T8854] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  181.185861][ T8854] XFS (loop4): Ending clean mount
[  181.193619][ T8854] XFS (loop4): Quotacheck needed: Please wait.
[  181.229283][ T8854] XFS (loop4): Quotacheck: Done.
[  181.258247][ T8848] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  181.266497][ T8848] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  181.286770][ T6551] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  181.306397][ T8848] netlink: 48 bytes leftover after parsing attributes in process `syz.1.998'.
[  181.319972][ T6000] usb 2-1: USB disconnect, device number 12
[  181.534478][ T8873] loop4: detected capacity change from 0 to 1024
[  181.540661][ T8874] orangefs_devreq_open: device cannot be opened in blocking mode
[  181.548727][ T8873] EXT4-fs: Ignoring removed orlov option
[  181.570947][ T8873] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  181.646142][ T6551] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  181.902022][ T8890] batman_adv: batadv0: Adding interface: gretap1
[  181.910450][ T8890] batman_adv: batadv0: The MTU of interface gretap1 is too small (1462) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  181.924500][ T8890] batman_adv: batadv0: Interface activated: gretap1
[  182.000948][ T8896] loop2: detected capacity change from 0 to 2048
[  182.023635][ T8896] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  182.028997][ T8896] ext4 filesystem being mounted at /329/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  182.077846][ T5960] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  182.132434][ T6000] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  182.168902][ T8892] loop4: detected capacity change from 0 to 32768
[  182.236261][ T8892] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  182.250904][ T8892] XFS (loop4): Ending clean mount
[  182.261416][ T8892] XFS (loop4): Quotacheck needed: Please wait.
[  182.301966][ T8892] XFS (loop4): Quotacheck: Done.
[  182.303771][ T6000] usb 2-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  182.306555][ T6000] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  182.308972][ T6000] usb 2-1: Product: syz
[  182.310238][ T6000] usb 2-1: Manufacturer: syz
[  182.311661][ T6000] usb 2-1: SerialNumber: syz
[  182.316249][ T6000] usb 2-1: config 0 descriptor??
[  182.328269][ T6000] ch341 2-1:0.0: ch341-uart converter detected
[  182.365529][ T6551] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  182.470350][ T6013] usb 3-1: new full-speed USB device number 8 using dummy_hcd
[  182.620803][ T8912] loop4: detected capacity change from 0 to 4096
[  182.657375][ T6013] usb 3-1: config 0 has an invalid interface number: 251 but max is 0
[  182.657900][ T8912] ntfs3(loop4): Mark volume as dirty due to NTFS errors
[  182.662486][ T6013] usb 3-1: config 0 has no interface number 0
[  182.677072][ T6013] usb 3-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[  182.679970][ T6013] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  182.685971][ T6013] usb 3-1: Product: syz
[  182.687455][ T6013] usb 3-1: Manufacturer: syz
[  182.688922][ T6013] usb 3-1: SerialNumber: syz
[  182.694588][ T6551] ntfs3(loop4): ino=9, ntfs_sync_fs failed, -22.
[  182.705520][ T6013] usb 3-1: config 0 descriptor??
[  182.798778][ T8918] loop4: detected capacity change from 0 to 164
[  182.817111][ T8918] ISOFS: primary root directory is empty. Disabling Rock Ridge and switching to Joliet.
[  183.131550][ T8931] comedi comedi4: bad chanlist[0]=0x032c0000 chan=0 range length=2
[  183.343014][ T6000] usb 2-1: failed to send control message: -71
[  183.375358][ T6000] ch341-uart ttyUSB0: probe with driver ch341-uart failed with error -71
[  183.407691][ T6000] usb 2-1: USB disconnect, device number 13
[  183.435330][ T6000] ch341 2-1:0.0: device disconnected
[  183.535615][ T6013] asix 3-1:0.251 (unnamed net_device) (uninitialized): Invalid PHY address 0xd7
[  183.737064][ T2304] usb 3-1: USB disconnect, device number 8
[  184.300754][ T8945] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1033'.
[  184.306723][ T5953] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  184.394727][   T33] audit: type=1326 audit(1755037397.653:32): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8948 comm="syz.2.1035" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff612f8ebe9 code=0x7ffc0000
[  184.411463][   T33] audit: type=1326 audit(1755037397.653:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8948 comm="syz.2.1035" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff612f8ebe9 code=0x7ffc0000
[  184.421695][ T8949] loop2: detected capacity change from 0 to 1024
[  184.424601][   T33] audit: type=1326 audit(1755037397.663:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8948 comm="syz.2.1035" exe="/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7ff612f8ebe9 code=0x7ffc0000
[  184.435424][ T8949] ext4: Bad value for 'stripe'
[  184.443173][   T33] audit: type=1326 audit(1755037397.663:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8948 comm="syz.2.1035" exe="/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7ff612f8ec23 code=0x7ffc0000
[  184.470687][   T33] audit: type=1326 audit(1755037397.663:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8948 comm="syz.2.1035" exe="/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7ff612f8d69f code=0x7ffc0000
[  184.492381][   T33] audit: type=1326 audit(1755037397.663:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8948 comm="syz.2.1035" exe="/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7ff612f8ec77 code=0x7ffc0000
[  184.510202][   T33] audit: type=1326 audit(1755037397.663:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8948 comm="syz.2.1035" exe="/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff612f8d550 code=0x7ffc0000
[  184.585779][   T33] audit: type=1326 audit(1755037397.663:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8948 comm="syz.2.1035" exe="/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff612f8e7eb code=0x7ffc0000
[  184.602468][   T33] audit: type=1326 audit(1755037397.693:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8948 comm="syz.2.1035" exe="/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7ff612f8d84a code=0x7ffc0000
[  184.610508][   T33] audit: type=1326 audit(1755037397.693:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8948 comm="syz.2.1035" exe="/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7ff612f8d84a code=0x7ffc0000
[  184.697054][ T8940] loop4: detected capacity change from 0 to 32768
[  184.747573][ T8940] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  184.792735][ T8940] XFS (loop4): Ending clean mount
[  184.848084][ T8972] loop2: detected capacity change from 0 to 1024
[  184.854674][ T8972] EXT4-fs: Ignoring removed oldalloc option
[  184.857013][ T8972] EXT4-fs: Ignoring removed bh option
[  184.910851][ T6551] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  184.936087][ T8972] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  185.759873][ T5960] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  185.785769][ T8997] netlink: 'syz.2.1051': attribute type 2 has an invalid length.
[  185.967557][ T9001] loop2: detected capacity change from 0 to 32768
[  185.970625][ T9001] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1053 (9001)
[  185.976671][ T9001] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  185.980257][ T9001] BTRFS info (device loop2): using crc32c (crc32c-lib) checksum algorithm
[  185.983431][ T9001] BTRFS info (device loop2): using free-space-tree
[  186.290578][ T9001] BTRFS info (device loop2 state M): resize thread pool 4 -> 2097158
[  186.294315][ T9001] workqueue: max_active 2097158 requested for btrfs-endio is out of range, clamping between 1 and 2048
[  186.298357][ T9001] workqueue: max_active 2097158 requested for btrfs-endio-meta is out of range, clamping between 1 and 2048
[  186.302578][ T9001] BTRFS warning (device loop2 state M): remount supports changing free space tree only from RO to RW
[  186.306226][ T9001] BTRFS info (device loop2 state M): disabling log replay at mount time
[  186.309369][ T9001] BTRFS info (device loop2 state M): force clearing of disk cache
[  186.311955][ T9001] BTRFS info (device loop2 state M): ignoring bad roots
[  186.314097][ T9001] BTRFS info (device loop2 state M): ignoring data csums
[  186.316197][ T9001] BTRFS info (device loop2 state M): ignoring meta csums
[  186.318293][ T9001] BTRFS info (device loop2 state M): ignoring unknown super block flags
[  186.413482][ T5960] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  188.022591][ T2304] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  188.173750][ T2304] usb 5-1: Using ep0 maxpacket: 32
[  188.178271][ T2304] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  188.192126][ T2304] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  188.195182][ T2304] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  188.197852][ T2304] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  188.212663][ T2304] usb 5-1: config 0 descriptor??
[  188.221532][ T2304] hub 5-1:0.0: USB hub found
[  188.240580][ T9076] netlink: 84 bytes leftover after parsing attributes in process `syz.1.1078'.
[  188.520028][ T2304] hub 5-1:0.0: 1 port detected
[  189.065555][ T9090] netlink: 'syz.2.1084': attribute type 11 has an invalid length.
[  189.068323][ T9090] netlink: 149476 bytes leftover after parsing attributes in process `syz.2.1084'.
[  189.108552][ T9089] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  189.218938][ T2304] hub 5-1:0.0: activate --> -90
[  189.329328][ T9096] loop1: detected capacity change from 0 to 256
[  189.338924][ T9096] exfat: Deprecated parameter 'utf8'
[  189.344128][ T9096] exfat: Deprecated parameter 'utf8'
[  189.345848][ T9096] exfat: Deprecated parameter 'utf8'
[  189.356275][ T9096] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011ded, chksum : 0x185b6804, utbl_chksum : 0xe619d30d)
[  189.415503][ T9098] use of bytesused == 0 is deprecated and will be removed in the future,
[  189.418570][ T9098] use the actual size instead.
[  189.582830][ T6013] usb 5-1: USB disconnect, device number 6
[  189.815271][ T9102] loop1: detected capacity change from 0 to 32768
[  189.925734][ T9102] bcachefs (loop1): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  189.925760][ T9102]   allowing incompatible features above 0.0: (unknown version)
[  189.925770][ T9102]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  189.947021][ T9102] bcachefs (loop1): Using encoding defined by superblock: utf8-12.1.0
[  189.950461][ T9102] bcachefs (loop1): initializing new filesystem
[  189.965147][ T9102] bcachefs (loop1): going read-write
[  189.983154][ T9102] bcachefs (loop1): marking superblocks
[  190.005526][ T9102] bcachefs (loop1): initializing freespace
[  190.011515][ T9102] bcachefs (loop1): done initializing freespace
[  190.020351][ T9102] bcachefs (loop1): reading snapshots table
[  190.023705][ T9102] bcachefs (loop1): reading snapshots done
[  190.048808][ T9102] bcachefs (loop1): done starting filesystem
[  190.323280][ T5953] Bluetooth: hci2: ACL packet for unknown connection handle 201
[  190.334751][ T5955] bcachefs (loop1): shutting down
[  190.336400][ T5955] bcachefs (loop1): going read-only
[  190.338063][ T5955] bcachefs (loop1): finished waiting for writes to stop
[  190.372496][ T5955] bcachefs (loop1): flushing journal and stopping allocators, journal seq 3
[  190.436038][ T5955] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 4
[  190.445131][ T5955] bcachefs (loop1): clean shutdown complete, journal seq 5
[  190.453267][ T5955] bcachefs (loop1): marking filesystem clean
[  190.497068][ T5955] bcachefs (loop1): shutdown complete
[  190.712731][ T6013] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  190.863220][ T6013] usb 5-1: Using ep0 maxpacket: 32
[  190.867982][ T6013] usb 5-1: New USB device found, idVendor=0b89, idProduct=0007, bcdDevice=ef.64
[  190.870965][ T6013] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  190.875609][ T6013] usb 5-1: config 0 descriptor??
[  190.901618][ T6013] as10x_usb: device has been detected
[  190.907517][ T6013] dvbdev: DVB: registering new adapter (nBox DVB-T Dongle)
[  190.924663][ T6013] usb 5-1: DVB: registering adapter 1 frontend 0 (nBox DVB-T Dongle)...
[  190.959987][ T6013] as10x_usb: error during firmware upload part1
[  190.964191][ T6013] Registered device nBox DVB-T Dongle
[  191.096769][ T6013] usb 5-1: USB disconnect, device number 7
[  191.135395][ T6013] Unregistered device nBox DVB-T Dongle
[  191.137735][ T6013] as10x_usb: device has been disconnected
[  192.657141][ T9135] syz.2.1101 (9135): drop_caches: 2
[  192.799143][ T9166] binder: 9165:9166 ioctl c0306201 2000000003c0 returned -14
[  193.062458][ T2304] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  193.232566][ T2304] usb 3-1: Using ep0 maxpacket: 32
[  193.286846][ T2304] usb 3-1: config 0 has an invalid interface number: 96 but max is 0
[  193.309560][ T2304] usb 3-1: config 0 has no interface number 0
[  193.329232][ T2304] usb 3-1: config 0 interface 96 has no altsetting 0
[  193.409108][ T2304] usb 3-1: New USB device found, idVendor=0694, idProduct=0001, bcdDevice=b2.44
[  193.421579][ T2304] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  193.428393][ T2304] usb 3-1: Product: syz
[  193.430847][ T2304] usb 3-1: Manufacturer: syz
[  193.438189][ T2304] usb 3-1: SerialNumber: syz
[  193.444351][ T2304] usb 3-1: config 0 descriptor??
[  193.454724][ T2304] legousbtower 3-1:0.96: interrupt endpoints not found
[  193.628028][ T9193] loop4: detected capacity change from 0 to 512
[  193.665296][ T2304] usb 3-1: USB disconnect, device number 9
[  193.675642][ T9193] __quota_error: 69 callbacks suppressed
[  193.675689][ T9193] Quota error (device loop4): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  193.681987][ T9193] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  193.688858][ T9193] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.1126: Failed to acquire dquot type 1
[  193.696561][ T9193] EXT4-fs (loop4): 1 truncate cleaned up
[  193.700151][ T9193] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  193.704587][ T9193] ext4 filesystem being mounted at /295/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  193.714282][ T9193] Quota error (device loop4): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  193.718720][ T9193] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  193.721787][ T9193] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.1126: Failed to acquire dquot type 1
[  193.804957][ T6551] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.816889][ T1364] ieee802154 phy0 wpan0: encryption failed: -22
[  193.820230][ T1364] ieee802154 phy1 wpan1: encryption failed: -22
[  194.035222][ T9206] loop4: detected capacity change from 0 to 4096
[  194.049337][ T9206] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512).
[  194.069241][ T9206] ntfs3(loop4): Mark volume as dirty due to NTFS errors
[  194.074177][ T9206] ntfs3(loop4): ino=19, mi_enum_attr
[  194.088881][ T9206] ntfs3(loop4): failed to convert "c46c" to macceltic
[  194.097829][ T9206] ntfs3(loop4): ino=20, mi_enum_attr
[  194.162491][ T2304] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  194.322367][ T2304] usb 2-1: Using ep0 maxpacket: 16
[  194.339183][ T2304] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  194.343580][ T2304] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  194.349692][ T2304] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  194.362363][ T2304] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  194.367467][ T2304] usb 2-1: Product: syz
[  194.369182][ T2304] usb 2-1: Manufacturer: syz
[  194.371059][ T2304] usb 2-1: SerialNumber: syz
[  194.506774][ T9217] loop2: detected capacity change from 0 to 1024
[  194.510335][ T9217] EXT4-fs: Ignoring removed bh option
[  194.526932][ T9217] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  194.901923][ T2304] usb 2-1: 0:2 : does not exist
[  194.917140][ T2304] usb 2-1: 5:0: failed to get current value for ch 0 (-22)
[  195.088963][ T2304] usb 2-1: USB disconnect, device number 14
[  195.116077][ T8805] udevd[8805]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  195.388743][ T5960] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  196.012952][ T9239] netlink: 'syz.1.1143': attribute type 27 has an invalid length.
[  196.016713][ T9239] netlink: 'syz.1.1143': attribute type 3 has an invalid length.
[  196.019972][ T9239] netlink: 132 bytes leftover after parsing attributes in process `syz.1.1143'.
[  196.078793][ T9241] loop2: detected capacity change from 0 to 256
[  196.316316][ T9254] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1149'.
[  196.326662][ T9255] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1150'.
[  196.464572][ T6013] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  196.627255][ T6013] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  196.631293][ T6013] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  196.632289][ T6014] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  196.636635][ T6013] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  196.642360][ T6013] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  196.645008][ T6013] usb 2-1: SerialNumber: syz
[  196.794672][ T6014] usb 3-1: unable to get BOS descriptor or descriptor too short
[  196.798846][ T6014] usb 3-1: config 6 has an invalid interface number: 158 but max is 0
[  196.801946][ T6014] usb 3-1: config 6 has no interface number 0
[  196.806898][ T6014] usb 3-1: config 6 interface 158 has no altsetting 0
[  196.813594][ T6014] usb 3-1: New USB device found, idVendor=0bda, idProduct=0140, bcdDevice=da.29
[  196.816932][ T6014] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  196.819930][ T6014] usb 3-1: Product: syz
[  196.821589][ T6014] usb 3-1: Manufacturer: syz
[  196.827204][ T6014] usb 3-1: SerialNumber: syz
[  196.859865][ T6013] usb 2-1: 0:2 : does not exist
[  196.872637][ T6013] usb 2-1: USB disconnect, device number 15
[  196.892344][   T10] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  196.903598][ T8805] udevd[8805]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  197.046521][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  197.051078][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  197.055289][   T10] usb 5-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  197.058936][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  197.066729][   T10] usb 5-1: config 0 descriptor??
[  197.501378][   T10] pyra 0003:1E7D:2CF6.0002: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.4-1/input0
[  197.662888][ T9278] vlan2: entered promiscuous mode
[  197.665084][ T9278] bond0: entered promiscuous mode
[  197.667546][ T9278] bond_slave_0: entered promiscuous mode
[  197.670841][ T9278] bond_slave_1: entered promiscuous mode
[  197.802745][ T6014] rtsx_usb 3-1:6.158: probe with driver rtsx_usb failed with error -71
[  197.854329][ T6014] usb 3-1: USB disconnect, device number 10
[  198.517917][   T10] pyra 0003:1E7D:2CF6.0002: couldn't init struct pyra_device
[  198.553774][   T10] pyra 0003:1E7D:2CF6.0002: couldn't install mouse
[  198.588160][   T10] pyra 0003:1E7D:2CF6.0002: probe with driver pyra failed with error -71
[  198.612942][   T10] usb 5-1: USB disconnect, device number 8
[  198.614234][ T9280] vivid-004: disconnect
[  198.626386][ T9279] vivid-004: reconnect
[  199.408322][ T9290] loop2: detected capacity change from 0 to 32768
[  199.427371][ T9290] 
[  199.427371][ T9290]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  199.427371][ T9290] 
[  199.756502][ T1090] ERROR: (device loop2): diWrite: ixpxd invalid
[  199.756502][ T1090] 
[  199.761976][   T10] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  199.776676][ T1090] ERROR: (device loop2): txCommit: 
[  199.776676][ T1090] 
[  199.779280][ T1090] jfs_write_inode: jfs_commit_inode failed!
[  199.781690][ T5960] 
[  199.781690][ T5960]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  199.781690][ T5960] 
[  199.791558][ T5960] 
[  199.791558][ T5960]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  199.791558][ T5960] 
[  199.899681][ T9302] net_ratelimit: 3322 callbacks suppressed
[  199.899723][ T9302] batman_adv: batadv0: adding TT local entry aa:aa:aa:aa:aa:2a to non-existent VLAN 3946
[  199.912480][   T10] usb 5-1: Using ep0 maxpacket: 8
[  199.917431][   T10] usb 5-1: config 0 has an invalid interface number: 33 but max is 1
[  199.920646][   T10] usb 5-1: config 0 has no interface number 1
[  199.923817][   T10] usb 5-1: config 0 interface 33 altsetting 0 endpoint 0x6 has an invalid bInterval 0, changing to 7
[  199.932971][   T10] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 247
[  199.944509][   T10] usb 5-1: New USB device found, idVendor=2040, idProduct=2950, bcdDevice=85.f1
[  199.948106][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  199.951410][   T10] usb 5-1: Product: syz
[  199.955497][   T10] usb 5-1: Manufacturer: syz
[  199.957301][   T10] usb 5-1: SerialNumber: syz
[  199.959791][ T9304] IPVS: set_ctl: invalid protocol: 8 0.0.0.0:20003
[  199.974626][   T10] usb 5-1: config 0 descriptor??
[  199.984652][   T10] pvrusb2: Hardware description: WinTV PVR USB2 Model 29xxx
[  200.215888][   T10] pvrusb2: Hardware description: WinTV PVR USB2 Model 29xxx
[  200.227168][ T2398] pvrusb2: Failed to submit write-control URB status=-2
[  200.248242][ T2398] usb 5-1: Direct firmware load for v4l-pvrusb2-29xxx-01.fw failed with error -2
[  200.264567][ T2398] usb 5-1: Falling back to sysfs fallback for: v4l-pvrusb2-29xxx-01.fw
[  200.295734][ T9306] loop2: detected capacity change from 0 to 32768
[  200.298834][ T9306] BTRFS: device fsid 34a2da50-e117-4d40-8878-8e0fb0127b5f devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1173 (9306)
[  200.309307][ T9306] BTRFS info (device loop2): first mount of filesystem 34a2da50-e117-4d40-8878-8e0fb0127b5f
[  200.314059][ T9306] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm
[  200.332380][ T9306] BTRFS info (device loop2): using free-space-tree
[  200.443425][   T10] usb 5-1: USB disconnect, device number 9
[  200.471459][   T33] audit: type=1800 audit(1755037413.723:111): pid=9306 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1173" name="file1" dev="loop2" ino=260 res=0 errno=0
[  200.512064][ T5960] BTRFS info (device loop2): last unmount of filesystem 34a2da50-e117-4d40-8878-8e0fb0127b5f
[  200.938031][ T9326] loop1: detected capacity change from 0 to 40427
[  200.971726][ T9326] F2FS-fs (loop1): Fix alignment : done, start(4096) end(16896) block(12288)
[  200.993458][ T9326] F2FS-fs (loop1): invalid crc value
[  201.123781][ T9326] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  201.130803][ T9326] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  201.302134][ T5955] bio_check_eod: 102 callbacks suppressed
[  201.302151][ T5955] syz-executor: attempt to access beyond end of device
[  201.302151][ T5955] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  201.314971][ T5955] CPU: 1 UID: 0 PID: 5955 Comm: syz-executor Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  201.314995][ T5955] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  201.315006][ T5955] Call Trace:
[  201.315012][ T5955]  <TASK>
[  201.315020][ T5955]  dump_stack_lvl+0x189/0x250
[  201.315047][ T5955]  ? __pfx_dump_stack_lvl+0x10/0x10
[  201.315065][ T5955]  ? __pfx_queue_work_on+0x10/0x10
[  201.315080][ T5955]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  201.315099][ T5955]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  201.315122][ T5955]  f2fs_handle_critical_error+0x37c/0x540
[  201.315146][ T5955]  f2fs_write_end_io+0x886/0xb60
[  201.315180][ T5955]  __submit_merged_bio+0x27a/0x6a0
[  201.315204][ T5955]  __submit_merged_write_cond+0x255/0x530
[  201.315226][ T5955]  f2fs_write_data_pages+0x261d/0x3000
[  201.315270][ T5955]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  201.315319][ T5955]  ? __mod_zone_page_state+0xd7/0x140
[  201.315347][ T5955]  ? folios_put_refs+0x560/0x640
[  201.315370][ T5955]  ? __pfx_folios_put_refs+0x10/0x10
[  201.315385][ T5955]  ? rcu_is_watching+0x15/0xb0
[  201.315407][ T5955]  ? __lock_acquire+0xab9/0xd20
[  201.315441][ T5955]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  201.315460][ T5955]  do_writepages+0x32e/0x550
[  201.315489][ T5955]  ? do_raw_spin_unlock+0x4d/0x240
[  201.315509][ T5955]  filemap_fdatawrite+0x199/0x240
[  201.315529][ T5955]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  201.315583][ T5955]  ? do_raw_spin_unlock+0x4d/0x240
[  201.315605][ T5955]  f2fs_sync_dirty_inodes+0x31f/0x830
[  201.315642][ T5955]  f2fs_write_checkpoint+0x95a/0x1df0
[  201.315681][ T5955]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  201.315734][ T5955]  ? kill_f2fs_super+0x298/0x6c0
[  201.315759][ T5955]  kill_f2fs_super+0x2c3/0x6c0
[  201.315784][ T5955]  ? __pfx_kill_f2fs_super+0x10/0x10
[  201.315801][ T5955]  ? radix_tree_delete_item+0x2b6/0x400
[  201.315825][ T5955]  ? shrinker_free+0x2ce/0x3e0
[  201.315843][ T5955]  deactivate_locked_super+0xbc/0x130
[  201.315862][ T5955]  cleanup_mnt+0x425/0x4c0
[  201.315879][ T5955]  ? lockdep_hardirqs_on+0x9c/0x150
[  201.315898][ T5955]  task_work_run+0x1d4/0x260
[  201.315920][ T5955]  ? __pfx_task_work_run+0x10/0x10
[  201.315935][ T5955]  ? __x64_sys_umount+0x122/0x160
[  201.315986][ T5955]  ? exit_to_user_mode_loop+0x40/0x110
[  201.316011][ T5955]  exit_to_user_mode_loop+0xec/0x110
[  201.316031][ T5955]  do_syscall_64+0x2bd/0x3b0
[  201.316050][ T5955]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  201.316065][ T5955]  ? asm_sysvec_call_function_single+0x1a/0x20
[  201.316083][ T5955]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  201.316095][ T5955] RIP: 0033:0x7faca038ff17
[  201.316109][ T5955] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  201.316122][ T5955] RSP: 002b:00007ffd426ec8b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  201.316138][ T5955] RAX: 0000000000000000 RBX: 00007faca0411c05 RCX: 00007faca038ff17
[  201.316149][ T5955] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd426ec970
[  201.316157][ T5955] RBP: 00007ffd426ec970 R08: 0000000000000000 R09: 0000000000000000
[  201.316165][ T5955] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd426eda00
[  201.316173][ T5955] R13: 00007faca0411c05 R14: 0000000000031192 R15: 00007ffd426eda40
[  201.316198][ T5955]  </TASK>
[  201.316276][ T5955] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  203.265326][   T33] audit: type=1326 audit(1755037416.523:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9374 comm="syz.2.1193" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff612f8ebe9 code=0x0
[  203.951685][ T9372] loop1: detected capacity change from 0 to 131072
[  204.114627][ T9372] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  204.123136][ T9372] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  204.315063][ T9372] F2FS-fs (loop1): sanity_check_inode: inode (ino=4) has corrupted i_extra_isize: 6, max: 36
[  204.796812][ T9394] loop2: detected capacity change from 0 to 131072
[  204.800454][ T9394] F2FS-fs (loop2): Invalid log sectors per block(570425347) log sectorsize(9)
[  204.803358][ T9394] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[  204.834341][ T9394] F2FS-fs (loop2): invalid crc value
[  205.018189][ T9394] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=3000000, run fsck to fix.
[  205.033334][ T9394] F2FS-fs (loop2): Bad quota inode 2:50331648
[  205.035878][ T9394] F2FS-fs (loop2): Failed to enable quota tracking (type=2, err=-22). Please run fsck to fix.
[  205.039910][ T9394] F2FS-fs (loop2): Cannot turn on quotas: error -22
[  205.042894][ T9394] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  205.051779][ T9394] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0
[  205.054912][ T9394] F2FS-fs (loop2): Mounted with checkpoint version = 753bd00b
[  205.357957][ T9400] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1200'.
[  205.414635][ T5237] Bluetooth: hci0: command 0x0c1a tx timeout
[  205.418898][ T9402] loop4: detected capacity change from 0 to 128
[  205.487805][ T9404] loop1: detected capacity change from 0 to 512
[  205.701017][ T9404] EXT4-fs error (device loop1): ext4_orphan_get:1418: comm syz.1.1203: bad orphan inode 17
[  205.740947][ T9404] ext4_test_bit(bit=16, block=4) = 1
[  205.770813][ T9404] is_bad_inode(inode)=0
[  205.785287][ T9404] NEXT_ORPHAN(inode)=0
[  205.798831][ T9404] max_ino=32
[  205.808289][ T9404] i_nlink=1
[  205.856850][ T9404] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  206.078742][ T5955] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  206.478716][ T9412] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  206.890157][ T9419] loop4: detected capacity change from 0 to 1024
[  206.941822][ T9419] hfsplus: wrong filesystem version
[  207.231884][ T9433] loop4: detected capacity change from 0 to 256
[  207.247241][ T9433] exFAT-fs (loop4): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6d3f72e, utbl_chksum : 0xe619d30d)
[  207.578347][ T9443] openvswitch: netlink: Unexpected mask (mask=240, allowed=10048)
[  207.926116][   T33] audit: type=1800 audit(1755037421.183:113): pid=9469 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.1231" name="/" dev="9p" ino=2 res=0 errno=0
[  209.188662][ T9510] loop1: detected capacity change from 0 to 64
[  209.341531][ T5986] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  209.350842][ T9514] loop1: detected capacity change from 0 to 1024
[  209.354714][ T9514] EXT4-fs: Ignoring removed nomblk_io_submit option
[  209.371158][ T9514] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  209.385541][ T5986] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  209.392467][ T9514] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  209.457574][ T5955] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  209.626867][ T9526] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  209.817711][ T9534] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  210.006774][ T9542] binder: 9541:9542 ioctl c018620c 200000000040 returned -22
[  210.221198][ T9540] loop1: detected capacity change from 0 to 40427
[  210.305187][ T9557] loop2: detected capacity change from 0 to 4096
[  210.336956][ T9540] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  210.370501][ T9540] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  210.765224][ T5986] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  211.232289][ T5986] usb 3-1: Using ep0 maxpacket: 16
[  211.241574][ T5986] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  211.245925][ T5986] usb 3-1: config 0 interface 0 has no altsetting 0
[  211.250996][ T5986] usb 3-1: New USB device found, idVendor=06cb, idProduct=0006, bcdDevice=9a.eb
[  211.258904][ T5986] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  211.261463][ T5986] usb 3-1: Product: syz
[  211.262161][ T9579] overlayfs: option "index=on" is useless in a non-upper mount, ignore
[  211.265570][ T5986] usb 3-1: Manufacturer: syz
[  211.265755][ T9579] overlayfs: option "volatile" is meaningless in a non-upper mount, ignoring it.
[  211.267044][ T5986] usb 3-1: SerialNumber: syz
[  211.273491][ T5986] usb 3-1: config 0 descriptor??
[  211.278232][ T9579] overlayfs: option "uuid=on" requires an upper fs, falling back to uuid=null.
[  211.282118][ T9579] overlayfs: missing 'lowerdir'
[  211.385002][ T9583] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  211.387288][ T9583] IPv6: NLM_F_CREATE should be set when creating new route
[  211.389791][ T9583] IPv6: NLM_F_CREATE should be set when creating new route
[  211.482342][ T5986] usb 3-1: Can not set alternate setting to 1, error: -71
[  211.484598][ T5986] synaptics_usb 3-1:0.0: probe with driver synaptics_usb failed with error -71
[  211.493095][ T5986] usb 3-1: USB disconnect, device number 11
[  212.540132][ T9602] loop4: detected capacity change from 0 to 8
[  212.592359][   T33] audit: type=1800 audit(1755037425.843:114): pid=9602 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.1287" name="file1" dev="loop4" ino=5 res=0 errno=0
[  213.028224][ T9608] loop4: detected capacity change from 0 to 2048
[  213.040917][ T9608] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  213.242822][ T9616] loop4: detected capacity change from 0 to 1024
[  213.253285][ T9616] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  213.270276][ T9616] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  213.283968][ T9616] EXT4-fs (loop4): orphan cleanup on readonly fs
[  213.286942][ T9616] EXT4-fs error (device loop4): ext4_free_blocks:6696: comm syz.4.1293: Freeing blocks not in datazone - block = 0, count = 4096
[  213.295998][ T9616] EXT4-fs (loop4): 1 orphan inode deleted
[  213.299749][ T9616] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  213.405932][ T6551] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  213.455101][ T6000] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  213.563629][ T9629] loop4: detected capacity change from 0 to 16
[  213.575153][ T9629] erofs (device loop4): mounted with root inode @ nid 36.
[  213.581668][   T33] audit: type=1800 audit(1755037426.833:115): pid=9629 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1299" name="file1" dev="loop4" ino=86 res=0 errno=0
[  213.613731][ T6000] usb 2-1: Using ep0 maxpacket: 16
[  213.617446][ T6000] usb 2-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  213.628072][ T6000] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  213.631381][ T6000] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 42580, setting to 1024
[  213.637635][ T6000] usb 2-1: New USB device found, idVendor=0e20, idProduct=0101, bcdDevice= 0.5a
[  213.640401][ T6000] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  213.659535][ T6000] usb 2-1: config 0 descriptor??
[  213.662055][ T9615] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  213.669662][ T6000] pegasus_notetaker 2-1:0.0: probe with driver pegasus_notetaker failed with error -12
[  213.719276][ T9638] loop4: detected capacity change from 0 to 16
[  213.726500][ T9638] erofs (device loop4): mounted with root inode @ nid 36.
[  213.847718][ T9646] loop4: detected capacity change from 0 to 2048
[  213.857484][ T9646] UDF-fs: error (device loop4): udf_process_sequence: Primary Volume Descriptor not found!
[  213.864964][ T9646] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  213.872110][ T6000] usb 2-1: USB disconnect, device number 16
[  213.959529][ T5942] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  214.242337][ T5942] usb 3-1: Using ep0 maxpacket: 32
[  214.246039][ T5942] usb 3-1: unable to get BOS descriptor or descriptor too short
[  214.249284][ T5942] usb 3-1: config 7 has an invalid interface number: 187 but max is 0
[  214.252473][ T5942] usb 3-1: config 7 has no interface number 0
[  214.255055][ T5942] usb 3-1: config 7 interface 187 altsetting 6 endpoint 0x3 has invalid wMaxPacketSize 0
[  214.258307][ T5942] usb 3-1: config 7 interface 187 has no altsetting 0
[  214.262311][ T5942] usb 3-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice=5a.bb
[  214.265371][ T5942] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  214.268205][ T5942] usb 3-1: Product: syz
[  214.269648][ T5942] usb 3-1: Manufacturer: syz
[  214.271183][ T5942] usb 3-1: SerialNumber: syz
[  214.486420][ T5942] usb 3-1: Unknown endpoint type found, address 0x07
[  214.488632][ T5942] usb 3-1: Unknown endpoint type found, address 0x03
[  214.491087][ T5942] usb 3-1: Not enough endpoints found in device, aborting!
[  214.683262][ T6000] usb 3-1: USB disconnect, device number 12
[  214.777311][ T9651] loop1: detected capacity change from 0 to 32768
[  214.783434][ T9651] bcachefs (/dev/loop1): error validating superblock: Invalid superblock section members_v1: device 0: too many buckets (got 16981954538416098692, max 2147483583)
[  214.783434][ T9651] members_v1 (size 152):
[  214.783434][ T9651] Device:                        0
[  214.783434][ T9651]   Label:                       invalid label 98
[  214.783434][ T9651]   UUID:                        88000000-0000-0000-7af6-772b00de4159
[  214.783434][ T9651]   Size:                        0
[  214.783434][ T9651]   read errors:                 0
[  214.783434][ T9651]   write errors:                0
[  214.783434][ T9651]   checksum errors:             0
[  214.783434][ T9651]   seqread iops:                1611530240
[  214.783434][ T9651]   seqwrite iops:               0
[  214.783434][ T9651]   randread iops:               0
[  214.783434][ T9651]   randwrite iops:              0
[  214.783434][ T9651]   Bucket size:                 0
[  214.783434][ T9651]   First bucket:                128
[  214.783434][ T9651]   Buckets:                     16981954538416098692
[  214.783434][ T9651]   Last mount:                  34376515584
[  214.783434][ T9651]   Last superblock write:       0
[  214.783434][ T9651]   State:                       spare
[  214.783434][ T9651]   Data allowed:                free,sb,journal
[  214.783434][ T9651]   Has data:                    journal,btree,user
[  214.783434][ T9651]   Btree allocated bitmap blocksize:1
[  214.783434][ T9651]   Btree allocated bitmap:      00000000000000000
[  214.783536][ T9651] bcachefs: bch2_fs_get_tree() error: invalid_sb_members
[  214.823646][    C0] vkms_vblank_simulate: vblank timer overrun
[  214.967918][ T9656] netlink: 47 bytes leftover after parsing attributes in process `syz.1.1310'.
[  215.008801][ T9659] netlink: 'syz.1.1311': attribute type 2 has an invalid length.
[  215.146635][ T9669] loop1: detected capacity change from 0 to 128
[  215.160150][ T9669] affs: No valid root block on device loop1
[  216.779236][ T9720] loop4: detected capacity change from 0 to 128
[  216.801761][ T9720] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  216.808816][ T9720] ext4 filesystem being mounted at /371/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  216.848124][ T6551] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  217.042410][ T9726] loop1: detected capacity change from 0 to 512
[  217.050671][ T9726] EXT4-fs: Ignoring removed orlov option
[  217.075681][ T9726] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  217.097142][ T9724] loop4: detected capacity change from 0 to 40427
[  217.100302][ T9724] F2FS-fs: heap/no_heap options were deprecated
[  217.102734][ T9724] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504)
[  217.104992][ T9724] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  217.109185][ T9726] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002]
[  217.113888][ T9724] F2FS-fs (loop4): invalid crc value
[  217.120011][ T9726] EXT4-fs error (device loop1): ext4_iget_extra_inode:5104: inode #15: comm syz.1.1338: corrupted in-inode xattr: e_value size too large
[  217.129869][ T9726] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.1338: couldn't read orphan inode 15 (err -117)
[  217.139155][ T9726] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  217.170412][ T9724] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  217.174564][ T9724] F2FS-fs (loop4): Start checkpoint disabled!
[  217.183826][ T9724] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  217.185999][ T9724] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  217.197511][ T5955] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  217.900450][  T327] kworker/u10:3: attempt to access beyond end of device
[  217.900450][  T327] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  217.907767][  T327] CPU: 1 UID: 0 PID: 327 Comm: kworker/u10:3 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  217.907789][  T327] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  217.907798][  T327] Workqueue: writeback wb_workfn (flush-7:4)
[  217.907824][  T327] Call Trace:
[  217.907833][  T327]  <TASK>
[  217.907840][  T327]  dump_stack_lvl+0x189/0x250
[  217.907865][  T327]  ? __pfx_dump_stack_lvl+0x10/0x10
[  217.907881][  T327]  ? __pfx_queue_work_on+0x10/0x10
[  217.907895][  T327]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  217.907912][  T327]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  217.907937][  T327]  f2fs_handle_critical_error+0x37c/0x540
[  217.907962][  T327]  f2fs_write_end_io+0x886/0xb60
[  217.907995][  T327]  __submit_merged_bio+0x27a/0x6a0
[  217.908015][  T327]  __submit_merged_write_cond+0x255/0x530
[  217.908039][  T327]  f2fs_write_data_pages+0x261d/0x3000
[  217.908095][  T327]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  217.908129][  T327]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  217.908182][  T327]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  217.908213][  T327]  ? trace_f2fs_writepages+0x7f/0x200
[  217.908231][  T327]  ? f2fs_write_node_pages+0x478/0x6e0
[  217.908253][  T327]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  217.908283][  T327]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  217.908302][  T327]  do_writepages+0x32e/0x550
[  217.908329][  T327]  ? reacquire_held_locks+0x127/0x1d0
[  217.908345][  T327]  ? writeback_sb_inodes+0x384/0x1010
[  217.908371][  T327]  __writeback_single_inode+0x145/0xff0
[  217.908389][  T327]  ? do_raw_spin_unlock+0x4d/0x240
[  217.908439][  T327]  writeback_sb_inodes+0x6c7/0x1010
[  217.908484][  T327]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  217.908539][  T327]  ? rcu_is_watching+0x15/0xb0
[  217.908565][  T327]  wb_writeback+0x43b/0xaf0
[  217.908590][  T327]  ? queue_io+0x391/0x590
[  217.908611][  T327]  ? __pfx_wb_writeback+0x10/0x10
[  217.908638][  T327]  ? _raw_spin_unlock_irq+0x23/0x50
[  217.908660][  T327]  wb_workfn+0x409/0xef0
[  217.908689][  T327]  ? __pfx_wb_workfn+0x10/0x10
[  217.908710][  T327]  ? __lock_acquire+0xab9/0xd20
[  217.908742][  T327]  ? process_scheduled_works+0x9ef/0x17b0
[  217.908764][  T327]  ? _raw_spin_unlock_irq+0x23/0x50
[  217.908778][  T327]  ? process_scheduled_works+0x9ef/0x17b0
[  217.908791][  T327]  ? process_scheduled_works+0x9ef/0x17b0
[  217.908806][  T327]  process_scheduled_works+0xae1/0x17b0
[  217.908847][  T327]  ? __pfx_process_scheduled_works+0x10/0x10
[  217.908887][  T327]  worker_thread+0x8a0/0xda0
[  217.908905][  T327]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  217.908928][  T327]  ? __kthread_parkme+0x7b/0x200
[  217.908956][  T327]  kthread+0x711/0x8a0
[  217.908979][  T327]  ? __pfx_worker_thread+0x10/0x10
[  217.908994][  T327]  ? __pfx_kthread+0x10/0x10
[  217.909014][  T327]  ? _raw_spin_unlock_irq+0x23/0x50
[  217.909031][  T327]  ? lockdep_hardirqs_on+0x9c/0x150
[  217.909054][  T327]  ? __pfx_kthread+0x10/0x10
[  217.909094][  T327]  ret_from_fork+0x3fc/0x770
[  217.909114][  T327]  ? __pfx_ret_from_fork+0x10/0x10
[  217.909136][  T327]  ? __switch_to_asm+0x39/0x70
[  217.909154][  T327]  ? __switch_to_asm+0x33/0x70
[  217.909173][  T327]  ? __pfx_kthread+0x10/0x10
[  217.909191][  T327]  ret_from_fork_asm+0x1a/0x30
[  217.909225][  T327]  </TASK>
[  217.910391][  T327] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  218.172365][   T24] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  218.322310][   T24] usb 3-1: Using ep0 maxpacket: 16
[  218.329235][   T24] usb 3-1: New USB device found, idVendor=09c0, idProduct=0201, bcdDevice= a.a4
[  218.333025][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  218.336475][   T24] usb 3-1: Product: syz
[  218.338880][   T24] usb 3-1: Manufacturer: syz
[  218.352137][   T24] usb 3-1: SerialNumber: syz
[  218.356943][   T24] usb 3-1: config 0 descriptor??
[  218.371431][   T24] dvb-usb: found a 'Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver' in warm state.
[  218.371753][ T9752] loop1: detected capacity change from 0 to 2048
[  218.385837][ T9752] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  218.437183][ T9756] loop4: detected capacity change from 0 to 1024
[  218.569006][   T24] gp8psk: usb in 128 operation failed.
[  218.573918][   T24] gp8psk: usb in 137 operation failed.
[  218.576093][   T24] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  218.580494][   T24] dvbdev: DVB: registering new adapter (Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver)
[  218.584410][   T24] usb 3-1: media controller created
[  218.602843][   T24] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  218.620073][   T24] gp8psk_fe: Frontend revision 1 attached
[  218.622598][   T24] usb 3-1: DVB: registering adapter 1 frontend 0 (Genpix DVB-S)...
[  218.626422][   T24] dvbdev: dvb_create_media_entity: media entity 'Genpix DVB-S' registered.
[  218.870304][   T24] dvb-usb: Genpix 8PSK-to-USB2 Rev.1 DVB-S receiver successfully initialized and connected.
[  218.874609][   T24] gp8psk: found Genpix USB device pID = 201 (hex)
[  219.084033][   T24] usb 3-1: USB disconnect, device number 13
[  219.151039][   T24] dvb-usb: Genpix 8PSK-to-USB2 Rev.1 DVB-S receive successfully deinitialized and disconnected.
[  219.296223][ T9763] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1352'.
[  219.594059][ T9771] loop1: detected capacity change from 0 to 32768
[  219.615345][ T9771] (syz.1.1356,9771,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  219.627133][ T9771] (syz.1.1356,9771,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  219.644033][ T9771] (syz.1.1356,9771,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xcde76f4d, computed 0xb6b5285. Applying ECC.
[  219.648635][ T9771] (syz.1.1356,9771,0):ocfs2_block_check_validate:416 ERROR: Fixed CRC32 failed: stored: 0xcde76f4d, computed 0x2b8ee4d5
[  219.655996][ T9771] (syz.1.1356,9771,0):ocfs2_validate_inode_block:1455 ERROR: Checksum failed for dinode 21
[  219.659238][ T9771] (syz.1.1356,9771,0):ocfs2_read_locked_inode:597 ERROR: status = -5
[  219.661938][ T9771] (syz.1.1356,9771,0):_ocfs2_get_system_file_inode:144 ERROR: status = -5
[  219.668699][ T9771] (syz.1.1356,9771,0):ocfs2_init_global_system_inodes:465 ERROR: status = -22
[  219.672125][ T9771] (syz.1.1356,9771,0):ocfs2_init_global_system_inodes:467 ERROR: Unable to load system inode 2, possibly corrupt fs?
[  219.672143][ T9771] (syz.1.1356,9771,0):ocfs2_init_global_system_inodes:476 ERROR: status = -22
[  219.681732][ T9771] (syz.1.1356,9771,0):ocfs2_initialize_super:2198 ERROR: status = -22
[  219.686479][ T9771] (syz.1.1356,9771,0):ocfs2_fill_super:1177 ERROR: status = -22
[  219.748703][ T9769] loop4: detected capacity change from 0 to 32768
[  219.793502][ T9769] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  219.801957][ T9780] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1358'.
[  219.820889][ T9769] XFS (loop4): Ending clean mount
[  219.908385][ T6551] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  220.112529][ T5942] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  220.262262][ T5942] usb 3-1: Using ep0 maxpacket: 16
[  220.265475][ T5942] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  220.268674][ T5942] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  220.271900][ T5942] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  220.275086][ T5942] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  220.278069][ T5942] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  220.283490][ T5942] usb 3-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  220.286246][ T5942] usb 3-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  220.288618][ T5942] usb 3-1: Manufacturer: syz
[  220.291578][ T5942] usb 3-1: config 0 descriptor??
[  220.544985][ T5942] rc_core: IR keymap rc-hauppauge not found
[  220.547968][ T5942] Registered IR keymap rc-empty
[  220.550514][ T5942] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  220.572946][ T5942] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  220.594418][ T5942] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0
[  220.602126][ T5942] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/rc/rc0/input10
[  220.614379][ T5942] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  220.643571][ T5942] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  220.676604][ T5942] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  220.692963][ T5942] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  220.716494][ T5942] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  220.745248][ T5942] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  220.772536][ T5942] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  220.797466][ T5942] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  220.838809][ T5942] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  220.872697][ T5942] mceusb 3-1:0.0: Error: mce write submit urb error = -90
[  220.906613][ T5942] mceusb 3-1:0.0: Registered  with mce emulator interface version 1
[  220.909076][ T5942] mceusb 3-1:0.0: 2 tx ports (0x1 cabled) and 2 rx sensors (0x0 active)
[  220.960851][ T6000] usb 3-1: USB disconnect, device number 14
[  221.056055][ T5942] kernel write not supported for file /amidi2 (pid: 5942 comm: kworker/1:4)
[  221.196355][ T9808] loop4: detected capacity change from 0 to 256
[  221.364126][ T9815] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1372'.
[  221.461982][ T9821] loop4: detected capacity change from 0 to 2048
[  221.527047][ T9821] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  221.578665][ T6551] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  221.642588][ T6000] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  221.689465][ T9832] netlink: 'syz.4.1379': attribute type 9 has an invalid length.
[  221.691929][ T9832] netlink: 211988 bytes leftover after parsing attributes in process `syz.4.1379'.
[  221.729931][ T9836] sch_tbf: burst 0 is lower than device lo mtu (65550) !
[  221.805354][ T6000] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  221.808949][ T6000] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  221.817519][ T6000] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[  221.825681][ T6000] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  221.828621][ T6000] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  221.831041][ T6000] usb 2-1: Product: syz
[  221.832679][ T6000] usb 2-1: Manufacturer: syz
[  221.834175][ T6000] usb 2-1: SerialNumber: syz
[  221.901263][ T9846] netlink: 'syz.4.1386': attribute type 83 has an invalid length.
[  221.922518][    T9] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  221.947785][ T9848] netlink: 56 bytes leftover after parsing attributes in process `syz.4.1387'.
[  222.052812][ T9819] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  222.096411][    T9] usb 3-1: New USB device found, idVendor=08fd, idProduct=0002, bcdDevice=ca.fd
[  222.099299][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  222.102161][    T9] usb 3-1: Product: syz
[  222.104189][    T9] usb 3-1: Manufacturer: syz
[  222.105653][    T9] usb 3-1: SerialNumber: syz
[  222.113788][    T9] usb 3-1: config 0 descriptor??
[  222.136059][ T5237] Bluetooth: hci3: urb ffff888108f42800 submission failed (2)
[  222.331745][   T24] usb 3-1: USB disconnect, device number 15
[  222.370593][ T9865] loop4: detected capacity change from 0 to 128
[  222.671001][ T9819] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  222.876988][ T6000] cdc_mbim 2-1:1.0: bind() failure
[  222.886676][ T6000] cdc_ncm 2-1:1.1: probe with driver cdc_ncm failed with error -71
[  222.897939][ T6000] cdc_mbim 2-1:1.1: probe with driver cdc_mbim failed with error -71
[  222.904861][ T6000] usbtest 2-1:1.1: probe with driver usbtest failed with error -71
[  222.927662][ T6000] usb 2-1: USB disconnect, device number 17
[  223.572647][ T6000] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  223.733437][ T6000] usb 3-1: Using ep0 maxpacket: 8
[  223.749931][ T6000] usb 3-1: config 0 has an invalid interface number: 186 but max is 0
[  223.752906][ T6000] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  223.756130][ T6000] usb 3-1: config 0 has no interface number 0
[  223.758163][ T6000] usb 3-1: config 0 interface 186 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  223.761673][ T6000] usb 3-1: config 0 interface 186 altsetting 0 endpoint 0xC has invalid wMaxPacketSize 0
[  223.772631][ T6000] usb 3-1: New USB device found, idVendor=07c0, idProduct=1505, bcdDevice=b8.c5
[  223.776015][ T6000] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  223.778673][ T6000] usb 3-1: Product: syz
[  223.780206][ T6000] usb 3-1: Manufacturer: syz
[  223.781751][ T6000] usb 3-1: SerialNumber: syz
[  223.793362][ T6000] usb 3-1: config 0 descriptor??
[  223.819299][ T6000] iowarrior 3-1:0.186: no interrupt-in endpoint found
[  224.101018][ T6000] usb 3-1: USB disconnect, device number 16
[  224.694491][ T9931] loop4: detected capacity change from 0 to 128
[  224.709732][ T9931] ufs: ufs_fill_super(): fragment size 2066844866 is not a power of 2
[  224.890351][   T24] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  224.915753][ T9945] loop1: detected capacity change from 0 to 512
[  224.959523][ T9945] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.1433: casefold flag without casefold feature
[  224.970130][ T9945] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.1433: couldn't read orphan inode 15 (err -117)
[  224.975693][ T9945] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  225.042544][ T9945] loop1: detected capacity change from 512 to 0
[  225.058912][ T9945] syz.1.1433: attempt to access beyond end of device
[  225.058912][ T9945] loop1: rw=14337, sector=2, nr_sectors = 2 limit=0
[  225.061640][   T24] usb 3-1: New USB device found, idVendor=055f, idProduct=c230, bcdDevice=b6.ac
[  225.068486][ T9945] buffer_io_error: 6 callbacks suppressed
[  225.068499][ T9945] Buffer I/O error on dev loop1, logical block 1, lost sync page write
[  225.069424][   T24] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  225.070829][ T9945] EXT4-fs (loop1): I/O error while writing superblock
[  225.074557][   T24] usb 3-1: Product: syz
[  225.082020][   T24] usb 3-1: Manufacturer: syz
[  225.084234][   T24] usb 3-1: SerialNumber: syz
[  225.092882][   T24] usb 3-1: config 0 descriptor??
[  225.099032][   T24] gspca_main: sunplus-2.14.0 probing 055f:c230
[  225.108282][ T5955] syz-executor: attempt to access beyond end of device
[  225.108282][ T5955] loop1: rw=12288, sector=72, nr_sectors = 2 limit=0
[  225.118788][ T5955] EXT4-fs warning (device loop1): htree_dirblock_to_tree:1051: inode #2: lblock 0: comm syz-executor: error -5 reading directory block
[  225.125497][ T5955] syz-executor: attempt to access beyond end of device
[  225.125497][ T5955] loop1: rw=524288, sector=12, nr_sectors = 2 limit=0
[  225.131257][ T5955] syz-executor: attempt to access beyond end of device
[  225.131257][ T5955] loop1: rw=524288, sector=14, nr_sectors = 2 limit=0
[  225.141270][ T5955] syz-executor: attempt to access beyond end of device
[  225.141270][ T5955] loop1: rw=524288, sector=16, nr_sectors = 2 limit=0
[  225.148013][ T5955] syz-executor: attempt to access beyond end of device
[  225.148013][ T5955] loop1: rw=524288, sector=18, nr_sectors = 2 limit=0
[  225.156000][ T5955] syz-executor: attempt to access beyond end of device
[  225.156000][ T5955] loop1: rw=524288, sector=20, nr_sectors = 2 limit=0
[  225.161430][ T5955] syz-executor: attempt to access beyond end of device
[  225.161430][ T5955] loop1: rw=524288, sector=22, nr_sectors = 2 limit=0
[  225.168237][ T5955] syz-executor: attempt to access beyond end of device
[  225.168237][ T5955] loop1: rw=524288, sector=24, nr_sectors = 2 limit=0
[  225.174902][ T5955] syz-executor: attempt to access beyond end of device
[  225.174902][ T5955] loop1: rw=524288, sector=26, nr_sectors = 2 limit=0
[  225.180142][ T5955] EXT4-fs error (device loop1): ext4_get_inode_loc:4999: inode #2: block 5: comm syz-executor: unable to read itable block
[  225.185849][ T5955] Buffer I/O error on dev loop1, logical block 1, lost sync page write
[  225.189160][ T5955] EXT4-fs (loop1): I/O error while writing superblock
[  225.191885][ T5955] EXT4-fs error (device loop1) in ext4_reserve_inode_write:6334: IO failure
[  225.195893][ T5955] Buffer I/O error on dev loop1, logical block 1, lost sync page write
[  225.199369][ T5955] EXT4-fs (loop1): I/O error while writing superblock
[  225.202071][ T5955] EXT4-fs error (device loop1): ext4_dirty_inode:6538: inode #2: comm syz-executor: mark_inode_dirty error
[  225.207035][ T5955] Buffer I/O error on dev loop1, logical block 1, lost sync page write
[  225.210290][ T5955] EXT4-fs (loop1): I/O error while writing superblock
[  225.238129][   T27] EXT4-fs error (device loop1): __ext4_get_inode_loc_noinmem:4984: inode #2: block 5: comm kworker/u10:0: unable to read itable block
[  225.244867][   T27] Buffer I/O error on dev loop1, logical block 1, lost sync page write
[  225.247463][   T27] EXT4-fs (loop1): I/O error while writing superblock
[  225.256092][ T5955] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  225.273282][ T5955] Buffer I/O error on dev loop1, logical block 1, lost sync page write
[  225.276853][ T5955] EXT4-fs (loop1): I/O error while writing superblock
[  225.673992][ T5999] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  225.729907][ T5942] usb 3-1: USB disconnect, device number 17
[  225.766368][ T5953] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  225.774172][ T5953] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  225.781220][ T5953] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  225.794534][ T5999] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  225.801157][ T5953] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  225.806360][ T5953] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  225.882059][ T5999] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  225.966271][ T5999] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  226.112148][ T9949] chnl_net:caif_netlink_parms(): no params data found
[  226.233454][ T5999] bridge_slave_1: left allmulticast mode
[  226.235599][ T5999] bridge_slave_1: left promiscuous mode
[  226.237921][ T5999] bridge0: port 2(bridge_slave_1) entered disabled state
[  226.251367][ T5999] bridge_slave_0: left allmulticast mode
[  226.254456][ T5999] bridge_slave_0: left promiscuous mode
[  226.256929][ T5999] bridge0: port 1(bridge_slave_0) entered disabled state
[  226.290964][ T9958] loop2: detected capacity change from 0 to 256
[  226.305353][ T9958] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xb5fb52fc, utbl_chksum : 0xe619d30d)
[  226.547556][ T9960] loop2: detected capacity change from 0 to 32768
[  226.726660][ T9960] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nocow
[  226.726681][ T9960]   allowing incompatible features above 0.0: (unknown version)
[  226.726691][ T9960]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  226.740261][ T9960] bcachefs (loop2): Using encoding defined by superblock: utf8-12.1.0
[  226.743350][ T9960] bcachefs (loop2): initializing new filesystem
[  226.753956][ T9960] bcachefs (loop2): going read-write
[  226.776103][ T9960] bcachefs (loop2): marking superblocks
[  226.792941][ T9960] bcachefs (loop2): initializing freespace
[  226.798133][ T9960] bcachefs (loop2): done initializing freespace
[  226.803415][ T9960] bcachefs (loop2): reading snapshots table
[  226.805744][ T9960] bcachefs (loop2): reading snapshots done
[  226.879960][ T9960] bcachefs (loop2): done starting filesystem
[  226.978742][ T5960] bcachefs (loop2): shutting down
[  226.980836][ T5960] bcachefs (loop2): going read-only
[  226.986984][ T5960] bcachefs (loop2): finished waiting for writes to stop
[  227.008372][ T5960] bcachefs (loop2): flushing journal and stopping allocators, journal seq 3
[  227.173939][ T5960] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 3
[  227.189908][ T5960] bcachefs (loop2): clean shutdown complete, journal seq 4
[  227.196197][ T5960] bcachefs (loop2): marking filesystem clean
[  227.199122][ T5999] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  227.204358][ T5999] bond_slave_0: left promiscuous mode
[  227.209916][ T5999] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  227.218379][ T5960] bcachefs (loop2): shutdown complete
[  227.220984][ T5999] bond_slave_1: left promiscuous mode
[  227.241010][ T5999] bond0 (unregistering): Released all slaves
[  227.262377][ T9949] bridge0: port 1(bridge_slave_0) entered blocking state
[  227.265132][ T9949] bridge0: port 1(bridge_slave_0) entered disabled state
[  227.267873][ T9949] bridge_slave_0: entered allmulticast mode
[  227.275795][ T9949] bridge_slave_0: entered promiscuous mode
[  227.292893][ T9949] bridge0: port 2(bridge_slave_1) entered blocking state
[  227.295717][ T9949] bridge0: port 2(bridge_slave_1) entered disabled state
[  227.298498][ T9949] bridge_slave_1: entered allmulticast mode
[  227.302083][ T9949] bridge_slave_1: entered promiscuous mode
[  227.352625][ T9949] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  227.372502][ T9949] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  227.520683][ T9949] team0: Port device team_slave_0 added
[  227.532576][ T9949] team0: Port device team_slave_1 added
[  227.607245][ T9949] batman_adv: batadv0: Adding interface: batadv_slave_0
[  227.610064][ T9949] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  227.627128][ T9949] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  227.668504][ T9949] batman_adv: batadv0: Adding interface: batadv_slave_1
[  227.671387][ T9949] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  227.686160][ T9949] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  227.773156][ T5999] hsr_slave_0: left promiscuous mode
[  227.775306][ T5999] hsr_slave_1: left promiscuous mode
[  227.777811][ T5999] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  227.780109][ T5999] batman_adv: batadv0: Removing interface: batadv_slave_0
[  227.785585][ T5999] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  227.787872][ T5999] batman_adv: batadv0: Removing interface: batadv_slave_1
[  227.804528][ T5999] veth1_macvtap: left promiscuous mode
[  227.806245][ T5999] veth0_macvtap: left promiscuous mode
[  227.807992][ T5999] veth1_vlan: left promiscuous mode
[  227.809619][ T5999] veth0_vlan: left promiscuous mode
[  227.904345][ T5953] Bluetooth: hci1: command tx timeout
[  228.371277][ T5999] team0 (unregistering): Port device team_slave_1 removed
[  228.428548][ T5999] team0 (unregistering): Port device team_slave_0 removed
[  228.984436][ T9989] loop2: detected capacity change from 0 to 32768
[  228.988595][ T9989] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1444 (9989)
[  228.997346][ T9989] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  229.000508][ T9989] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm
[  229.003151][ T9989] BTRFS info (device loop2): using free-space-tree
[  229.400207][ T9949] hsr_slave_0: entered promiscuous mode
[  229.422502][ T9949] hsr_slave_1: entered promiscuous mode
[  229.614554][ T9949] debugfs: 'hsr0' already exists in 'hsr'
[  229.627535][ T9949] Cannot create hsr debugfs directory
[  229.807923][ T5960] BTRFS info (device loop2): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  229.982584][ T5953] Bluetooth: hci1: command tx timeout
[  230.070373][T10018] netlink: 'syz.2.1446': attribute type 1 has an invalid length.
[  230.084084][T10018] netlink: 224 bytes leftover after parsing attributes in process `syz.2.1446'.
[  230.181400][ T9949] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  230.210982][ T9949] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  230.254656][ T9949] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  230.287360][ T9949] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  230.312985][ T5999] ------------[ cut here ]------------
[  230.316116][ T5999] WARNING: CPU: 0 PID: 5999 at net/xfrm/xfrm_state.c:3303 xfrm_state_fini+0x270/0x2f0
[  230.319525][ T5999] Modules linked in:
[  230.321377][ T5999] CPU: 0 UID: 0 PID: 5999 Comm: kworker/u8:4 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  230.326547][ T5999] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  230.329980][ T5999] Workqueue: netns cleanup_net
[  230.331649][ T5999] RIP: 0010:xfrm_state_fini+0x270/0x2f0
[  230.333994][ T5999] Code: c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 a8 e0 01 f8 48 8b 3b 5b 41 5c 41 5d 41 5e 41 5f 5d e9 56 9e e2 f7 e8 f1 75 9e f7 90 <0f> 0b 90 e9 fd fd ff ff e8 e3 75 9e f7 90 0f 0b 90 e9 60 fe ff ff
[  230.341096][ T5999] RSP: 0018:ffffc900046ff898 EFLAGS: 00010293
[  230.343180][ T5999] RAX: ffffffff8a2135bf RBX: ffff888027ae8000 RCX: ffff888109aa5640
[  230.345534][ T5999] RDX: 0000000000000000 RSI: ffffffff8dba33cb RDI: ffff888109aa5640
[  230.348421][ T5999] RBP: ffffc900046ff9b0 R08: ffffffff8fa34237 R09: 1ffffffff1f46846
[  230.351144][ T5999] R10: dffffc0000000000 R11: fffffbfff1f46847 R12: ffffffff8f62d2e0
[  230.353613][ T5999] R13: 1ffff920008dff40 R14: ffff888027ae9480 R15: dffffc0000000000
[  230.356142][ T5999] FS:  0000000000000000(0000) GS:ffff8880b8624000(0000) knlGS:0000000000000000
[  230.359147][ T5999] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  230.361218][ T5999] CR2: 0000001b3101fff8 CR3: 000000000df36000 CR4: 00000000000006f0
[  230.363758][ T5999] Call Trace:
[  230.364810][ T5999]  <TASK>
[  230.365717][ T5999]  xfrm_net_exit+0x2d/0x70
[  230.367133][ T5999]  ops_undo_list+0x49a/0x990
[  230.368623][ T5999]  ? __pfx_ops_undo_list+0x10/0x10
[  230.370335][ T5999]  ? do_raw_spin_unlock+0x4d/0x240
[  230.372375][ T5999]  cleanup_net+0x4c5/0x800
[  230.373759][ T5999]  ? __pfx_cleanup_net+0x10/0x10
[  230.375320][ T5999]  ? _raw_spin_unlock_irq+0x23/0x50
[  230.377234][ T5999]  ? process_scheduled_works+0x9ef/0x17b0
[  230.379555][ T5999]  ? process_scheduled_works+0x9ef/0x17b0
[  230.381868][ T5999]  process_scheduled_works+0xae1/0x17b0
[  230.384437][ T5999]  ? __pfx_process_scheduled_works+0x10/0x10
[  230.386583][ T5999]  worker_thread+0x8a0/0xda0
[  230.388057][ T5999]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  230.390237][ T5999]  ? __kthread_parkme+0x7b/0x200
[  230.391976][ T5999]  kthread+0x711/0x8a0
[  230.393368][ T5999]  ? __pfx_worker_thread+0x10/0x10
[  230.394962][ T5999]  ? __pfx_kthread+0x10/0x10
[  230.396710][ T5999]  ? _raw_spin_unlock_irq+0x23/0x50
[  230.398879][ T5999]  ? lockdep_hardirqs_on+0x9c/0x150
[  230.400862][ T5999]  ? __pfx_kthread+0x10/0x10
[  230.402896][ T5999]  ret_from_fork+0x3fc/0x770
[  230.404778][ T5999]  ? __pfx_ret_from_fork+0x10/0x10
[  230.406813][ T5999]  ? __switch_to_asm+0x39/0x70
[  230.408752][ T5999]  ? __switch_to_asm+0x33/0x70
[  230.410682][ T5999]  ? __pfx_kthread+0x10/0x10
[  230.412632][ T5999]  ret_from_fork_asm+0x1a/0x30
[  230.414527][ T5999]  </TASK>
[  230.415774][ T5999] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  230.418628][ T5999] CPU: 0 UID: 0 PID: 5999 Comm: kworker/u8:4 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  230.423579][ T5999] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  230.427559][ T5999] Workqueue: netns cleanup_net
[  230.429521][ T5999] Call Trace:
[  230.430822][ T5999]  <TASK>
[  230.431982][ T5999]  dump_stack_lvl+0x99/0x250
[  230.433811][ T5999]  ? __asan_memcpy+0x40/0x70
[  230.435758][ T5999]  ? __pfx_dump_stack_lvl+0x10/0x10
[  230.437901][ T5999]  ? __pfx__printk+0x10/0x10
[  230.439850][ T5999]  vpanic+0x281/0x750
[  230.441510][ T5999]  ? __pfx__printk+0x10/0x10
[  230.443397][ T5999]  ? __pfx_vpanic+0x10/0x10
[  230.445291][ T5999]  ? is_bpf_text_address+0x292/0x2b0
[  230.447475][ T5999]  panic+0xb9/0xc0
[  230.449030][ T5999]  ? __pfx_panic+0x10/0x10
[  230.450884][ T5999]  __warn+0x31b/0x4b0
[  230.452540][ T5999]  ? xfrm_state_fini+0x270/0x2f0
[  230.454505][ T5999]  ? xfrm_state_fini+0x270/0x2f0
[  230.456470][ T5999]  report_bug+0x2be/0x4f0
[  230.458242][ T5999]  ? xfrm_state_fini+0x270/0x2f0
[  230.460290][ T5999]  ? xfrm_state_fini+0x270/0x2f0
[  230.462314][ T5999]  ? xfrm_state_fini+0x272/0x2f0
[  230.464329][ T5999]  handle_bug+0x84/0x160
[  230.466056][ T5999]  exc_invalid_op+0x1a/0x50
[  230.467924][ T5999]  asm_exc_invalid_op+0x1a/0x20
[  230.469918][ T5999] RIP: 0010:xfrm_state_fini+0x270/0x2f0
[  230.472177][ T5999] Code: c1 e8 03 42 80 3c 28 00 74 08 48 89 df e8 a8 e0 01 f8 48 8b 3b 5b 41 5c 41 5d 41 5e 41 5f 5d e9 56 9e e2 f7 e8 f1 75 9e f7 90 <0f> 0b 90 e9 fd fd ff ff e8 e3 75 9e f7 90 0f 0b 90 e9 60 fe ff ff
[  230.479796][ T5999] RSP: 0018:ffffc900046ff898 EFLAGS: 00010293
[  230.482186][ T5999] RAX: ffffffff8a2135bf RBX: ffff888027ae8000 RCX: ffff888109aa5640
[  230.485311][ T5999] RDX: 0000000000000000 RSI: ffffffff8dba33cb RDI: ffff888109aa5640
[  230.488384][ T5999] RBP: ffffc900046ff9b0 R08: ffffffff8fa34237 R09: 1ffffffff1f46846
[  230.491533][ T5999] R10: dffffc0000000000 R11: fffffbfff1f46847 R12: ffffffff8f62d2e0
[  230.494713][ T5999] R13: 1ffff920008dff40 R14: ffff888027ae9480 R15: dffffc0000000000
[  230.497891][ T5999]  ? xfrm_state_fini+0x26f/0x2f0
[  230.499946][ T5999]  ? xfrm_state_fini+0x26f/0x2f0
[  230.501982][ T5999]  xfrm_net_exit+0x2d/0x70
[  230.503798][ T5999]  ops_undo_list+0x49a/0x990
[  230.505665][ T5999]  ? __pfx_ops_undo_list+0x10/0x10
[  230.507718][ T5999]  ? do_raw_spin_unlock+0x4d/0x240
[  230.509667][ T5999]  cleanup_net+0x4c5/0x800
[  230.511517][ T5999]  ? __pfx_cleanup_net+0x10/0x10
[  230.513546][ T5999]  ? _raw_spin_unlock_irq+0x23/0x50
[  230.515665][ T5999]  ? process_scheduled_works+0x9ef/0x17b0
[  230.517944][ T5999]  ? process_scheduled_works+0x9ef/0x17b0
[  230.520228][ T5999]  process_scheduled_works+0xae1/0x17b0
[  230.522508][ T5999]  ? __pfx_process_scheduled_works+0x10/0x10
[  230.524921][ T5999]  worker_thread+0x8a0/0xda0
[  230.526802][ T5999]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  230.529362][ T5999]  ? __kthread_parkme+0x7b/0x200
[  230.531382][ T5999]  kthread+0x711/0x8a0
[  230.533007][ T5999]  ? __pfx_worker_thread+0x10/0x10
[  230.535149][ T5999]  ? __pfx_kthread+0x10/0x10
[  230.536965][ T5999]  ? _raw_spin_unlock_irq+0x23/0x50
[  230.539054][ T5999]  ? lockdep_hardirqs_on+0x9c/0x150
[  230.541151][ T5999]  ? __pfx_kthread+0x10/0x10
[  230.542978][ T5999]  ret_from_fork+0x3fc/0x770
[  230.544836][ T5999]  ? __pfx_ret_from_fork+0x10/0x10
[  230.546867][ T5999]  ? __switch_to_asm+0x39/0x70
[  230.548809][ T5999]  ? __switch_to_asm+0x33/0x70
[  230.550671][ T5999]  ? __pfx_kthread+0x10/0x10
[  230.552555][ T5999]  ret_from_fork_asm+0x1a/0x30
[  230.554511][ T5999]  </TASK>
[  230.556426][ T5999] Kernel Offset: disabled
[  230.558195][ T5999] Rebooting in 86400 seconds..

VM DIAGNOSIS:
22:24:03  Registers:
info registers vcpu 0

CPU#0
RAX=000000000000002d RBX=000000000000002d RCX=0000000000000000 RDX=00000000000003f8
RSI=0000000000000000 RDI=0000000000000020 RBP=00000000000003f8 RSP=ffffc900046ff030
R8 =ffff8880206b8237 R9 =1ffff110040d7046 R10=dffffc0000000000 R11=ffffffff854e72a0
R12=dffffc0000000000 R13=ffffffff99af1915 R14=ffffffff99de64e0 R15=0000000000000000
RIP=ffffffff854e731c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880b8624000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000001b3101fff8 CR3=000000000df36000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=ffffffff8133c57e ffffffff8133c57e
XMM02=00007ff613187498 ffffffff8133c57e XMM03=00007ff6131874a8 00007ff6131874a0
XMM04=00007ff613ced100 00007ff613187460 XMM05=00007ff613187478 00007ff6131874c0
XMM06=00007ff6131874b8 00007ff6131874b0 XMM07=00007ff6131874a8 00007ff6131874a0
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007ff613012fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000001 RBX=ffffffff9040fc01 RCX=3d6c7acb3e34a900 RDX=ffffc900034fee01
RSI=ffffffff8be325e0 RDI=ffffffff8be325a0 RBP=dffffc0000000000 RSP=ffffc900034fed40
R8 =ffffc900034ff0d8 R9 =0000000000000000 R10=ffffc900034feeb8 R11=fffff5200069fdd9
R12=ffffc900034ff0e8 R13=ffffc900034f8000 R14=ffffc900034fee68 R15=ffffffff8172c195
RIP=ffffffff8b78b190 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8881a3c24000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007fe3278e7d60 CR3=000000000df36000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=00007fe326d876c3 00007fe326d876c3 XMM01=2525252525252525 2525252525252525
XMM02=0000000000000000 00ff000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 0000000000ff0000 XMM05=00005555602ab33a 00005555602a19e0
XMM06=0000555560268a58 0000555560268a50 XMM07=0300080023f80301 80808080080023f0
XMM08=0300080023e80301 080023e003000800 XMM09=660a79656b5f5f2e 6e6f6974656c706d
XMM10=2030323833303061 3966666666666666 XMM11=696c5f6f676c615f 7664617461622062
XMM12=5f5f2e6574616572 635f6b636f737761 XMM13=3030613966666666 666666660a79656b
XMM14=5f70636c6c5f6366 6e20622030306434 XMM15=2e6563697665645f 7265747369676572
