last executing test programs:

6m36.618372496s ago: executing program 2 (id=64):
unshare(0xa000400)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x20, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x8e7}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000000000)=ANY=[@ANYBLOB="05000000000000007111ae00000000008510000002000000850000000500000095000000000000009500a50500000000"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000100)={r0, 0x11e, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x63, 0x10, &(0x7f0000002e00), &(0x7f0000001000), 0x8, 0xa0, 0x8, 0x0, 0x0}}, 0x10)

6m36.432289548s ago: executing program 2 (id=65):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000480)=ANY=[@ANYBLOB="6e6f757365725f78617474722c6865617274626561743d6e6f6e652c6572726f72733d72656d6f756e742d726f2c636f686572656e63793d66756c6c2c6572726f72733d636f6e74696e75652c646174613d77726974656261636b2c6572726f72733d72656d6f756e742d726f2c6e6f61636c2c0033b67a38edf7ca65cff4aecf1bccac7b7847e83ec6928ad9eff2281ff7a2314d9a8541a9772b98d067c1463bb01ed3ebf5764745d29402107611df2e22d6cfb25eb0a8b970f339cf6413aaef25cee228060d70ce0ade90d917a9c5"], 0x1, 0x442f, &(0x7f0000004480)="$eJzs3c9rHFUcAPA3k7RJan8ktYcKggsWFJWQ9KRGME3TH0lbI9UWESHdJNs2ssmWZCMeeog3wZPgQTwUBW85SQ5e65/gxaOeC3rwIghiZHdn053JLlnrbmLL53PYt/N+J9+Z2TeH3RcnyrcXV3OLq7n8cq40f3P1dO6jUnFtqRDiPdJ0/AN7Nz7t6cZ50kafff995jQzc/b8O9dPh/DDwk8Ptra2tkJFb2hqtOH9H7/fnW9M6+JMm0q/zXvrlPdDCCd2zKuiJ4Tw3vchRCGEM0neRJIOhBCOhFrZ9buf3ch1aDZ9Sbo5dmp6495m6789CuGr4jOv3Fr69fmesV9e6tDwAAAAAAAAAAAAAAAAAAA85i5cnbn29shouB+F3o2o9n3dvsbyJG31/ditjnluD/5aAAAAAAAAAAAAAAAAAAAA+H96+P3/XHQ82rlf92SSjrdov/Vm9+dI90y9NTN5bmQ02f89aiiZOVZ5fTXJ+u1MTxhqsu97dv/3M5n+m+//HnVs/vX51ccdDFE8nDqO4+HhEL5JNn4/GR2Ki6XV8ss3S2vLCx2bxmMrHf/a7v2p6CQb+rcb/4lM/93f///pHWdT5fhG506xJ1o6/j0t6/WHqK34n82024v48+jS8e+t5g00Vhiv3QC+/SQKn/fuHv/JTP/div/REEIuqsw1l7oDVNYwlfxW6xXS0vE/UM1L3TqTf2Ql/s2u/z8z8T+X6X+/7v/r2Q8imkrH/2A1rz9V4+H1PxTvfv2fz/S/H/GvzH/d539b0vFPfvmtN1Wl+p9s9/5/IdN/t+J/LU7meTRKnQEbUS2/1e/VkZaOf/+O8ofPf3Fb67+LmfZ79fxXH7f+/Fe//b8Y1Z7/aC4d/4GW9dq9/qcy7bp9/x+vrv94VOn4H6rmpdfOg9XXduM/nem/O/E/uP1uPLP+/7uvtgD42vqvLen4P1XLjBtrrFdfq+u/aPf1/6VM//ux/qvMfz3u7qhPinT8D7esV4n/j218/l/OtOt+/EMYsdZ/ZOn4H2lZr3r99+8e/yuZdt2O/wvd7BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgMTCRpIMhiodTx3E8PBzC2eT4ZDgUzeUXZueKpfkPVkOYTPJz4Xh0q1iayxdnF5dLC4XZfLFYmg/hXFJ+IvRHq8VSeXYpf+f8dl8D0e1CfqU8V8iXQwgXkvxnw5F6X3OL5aX8nRDCxe2yY3Fp5c7t/PLswuLK6yMjIyNhansOQ1Hh43JhuVwbvVYawvR228GoYXLV4kvbczkcfVhaW1nOF6v5lxvaFEvz+WJDmytJ2RdhKCqvrC3P58uF2WLpVn28/TSepJNTV9+9enl0R/mNqJZO7O20AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiX7o+99mUIobd2FIcQxutvomb1v/u58MbsX1c+3Rw7Nb1xb/NBq3oAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMA/7MCBAAAAAACQ/2sjVFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWGXjlEqBoIwAM+uRazEY1iFpLONKKKFEcETaO0JPIwexUt4BwsLWwsR4gYkL3mkea/6vmZgf3Z2YAcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA1rm86+9vmzYixeFPVcXb4/vH//y61Jez+fsHe5iR3bm66c8vmrb8e9rIT8vRZ5eH9Pvr+SFm6uh1sifTffozNH062jLX0r4tzTe+exwp1xHRlfwk5VzX63oBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8sgMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBYAAAAAEOZvHUXfBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADArwAAAP//hykaaw==")
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)

6m36.064359427s ago: executing program 2 (id=67):
r0 = syz_open_dev$vim2m(&(0x7f0000000100), 0xffffffffffffff47, 0x2)
ioctl$vim2m_VIDIOC_S_FMT(r0, 0xc0d05605, &(0x7f00000001c0)={0x1, @pix={0x0, 0x2, 0x33424752, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x5}})

6m35.939424049s ago: executing program 2 (id=68):
syz_mount_image$udf(&(0x7f00000004c0), &(0x7f0000000500)='./file0\x00', 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='shortad,partition=00000000000000000005,noadinicb,uid=', @ANYRESOCT=0x0, @ANYBLOB='\x00\x00\x00\x00=', @ANYRESDEC=0x0, @ANYBLOB=',nostrict,\x00'], 0x1, 0x489, &(0x7f0000000580)="$eJzs29trHOUfx/HPd7K72Wz7+3XbpmmVgquCSsWaQ4/Gix5iqNCkOTQiRYWYbOLSnMimkhTR4o233ngjIgoKUkULIt54pb3zD1AQBL3wQgT3wgMIgszszM5ks2nS7iHd9v2CdifPfGfmOewzz7M7zwoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEinnjrZ2WVbnQsAANBIg6Mjnd2M/wAA3FXO8/kfAADgbmJy9L1MfSMFG/D+Lkqezc1dWh7r6698WJt5R7Z48e6/ZFd3z6HDR44eC15vfHyt3aNzo+dPZk7Pzy4sZvP57GRmbC43MT+Z3fQZqj2+3AGvAjKzFy9NTk3lM90He1btXk7/0rqtI917tOOEE8SO9fX3j0ZiYvFbvvoa683wE3K0T6bfHvrUBiU5qr4uNnjv1FubV4gDXiHG+vq9gszkxueW3J1DQUU4fll9iaCOGtAWVWmX3HxZojaf2eJydEKmjp8Ldk5SS1APj3pfDK9/YKwml79lbj6fl/SAmqDNbmOtcvSjTLM7khra+mZFg8XkaFmmP3oLNuzdD9z+5N42zz6TeXpuaj4SO2R+j2r28aGRbvN7U1KOBr07fsFGtjozaDh3svSWTHs+ftmbV8ibl+7oPfrEcE90hrF3g/O4sQf9+eNmxuS4HztkQ2ZO7csFAAAAAAAAQGo1R9/JVPgqEyamTU7kkXFSxQdDma3JIoB6MUdvyzQ8UvC+ho+uS2mJrO8pafZnf/XNf1vy9PzCymJu+qWlivtTyZMv5pcWxycq71abe59tiaZstI6lSnFzlJDpuT8/stJ1i/d/fylAmJsPnwzXzCTLr++9b/5fXM8UPEM6fmFvdLtilm/i+ah7TTNHSzKd2rXPX6uS0po6UzHuc5l+f2+/H+ck3MwHp00XzziVm8l2urFfy/T+v0GstyxK2/zY3WFslxtrMr05sDp2ux/bHsZ2u7H9Ml1/oXLsnjC2x419XaaFXzNBbMqNvc+P7QhjD07Mz0xWqkrgZrn9/yeZ3m3PWNA3YsX339r+/0o4FlwpP9E6fb7a/p+OpF3x+/UFt///tc/ry17/dyr3/zdk+uSL/X5cse8l/P07vf/D/v+sTNPfro5N+bG7wtiuTVdsk3Dbf79MZ/ZcK9WN3/5+C4StFm3/e8vfHXVq/52RtLR/3dbaFB2S8iuXL47PzGQX2WCDDTZKG1t9Z0IjuOP/Z+4s6ssfSvMdf/z3P6aEM6u/Xw3H/97yE9Vp/N8VSev1ZyPxmJRcml2I75WS+ZXLj+Vmx6ez09m5Q51HOg8fOt51/Fg8EUzuwq2q6+pO5Lb/NzL9s+1q6fPu6vlf5fl/qvxEdWr/3ZG01Kr5StVFh9/+V2W6//q10vcSN5r/B9//PPJg8bXUP+vU/u2RtLR/3f/VpugAAAAAAAAAAAAAAAAA0NTi5ugDmc48HrPgt2abWf+35gdodVr/1RFJm2zQ7xWqrlQAaAKOHL0j08Mq2GtuwnZpIPqKO9p/AQAA//9HASOO")
socket$inet(0x2, 0x2, 0x1)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x1480, 0x0)
mount$bind(&(0x7f0000000000)='./file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1edc01, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0\x00', 0x0, 0x887008, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='mountinfo\x00')
read$FUSE(r0, &(0x7f0000002f40)={0x2020}, 0x2020)

6m35.853161287s ago: executing program 2 (id=69):
r0 = socket(0x1d, 0x2, 0x6)
r1 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'batadv0\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000080)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@ipv6_newnexthop={0x34, 0x68, 0x1, 0x0, 0x0, {0x2}, [@NHA_ENCAP_TYPE={0x6, 0x7, 0x2}, @NHA_ENCAP={0xc, 0x8, 0x0, 0x1, @LWT_BPF_XMIT_HEADROOM={0x8, 0x12}}, @NHA_OIF={0x8, 0x5, r2}]}, 0x34}}, 0x0)

6m35.620068912s ago: executing program 2 (id=73):
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f00000004c0)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000200)="67d8902400aa303e97380e90231bdbdaf6a4bd866226b7cdb7c26858c4e4fd703be2f51ed6ddc4a47116ec2db7", 0x2d}, {&(0x7f0000000900)="0f198d5aa5caa1c55b84b414797cbdd4e8c576a921a070fc828060506683fd1106a961ac55b5b8ea3342ca7de5559ca2c14e05e42aed8ba14b2c78cb540f71a817d80fbf1945a046ebda494a8048a106a4d49d7f214735ada53397db3b203885ce39ee48d69465935eade21ce36e61826c52c82f038341d9bab5687c740ed3c18897094e7e1391eb84a4052e03c0c7c39ae86d454938f65e284620b99481c33d9f5e5b7a6c0d7548723f55b213c76be37f40c850c38e265758ebd8238257a146d6eced16fd658a784c928fea7a841db1a7fd6520442dae5fc0d3a3d3a5f16fcf6fe4f062ecdad7d0f3c6cd339339533c0ef28ad1e2729907094c3de93c1b1b00ad6df895d9907e4afb7565d3a8e9eaea020ed173c2179fb03e0944460989240a689c7fe795d310be4e7a6b778a903280dbf426b39c3603c49049980767e31edb997f59785184cbd7b907e0974f1073c745f71db0906cb51780f908fa61634af8ac85d9f04f3dff0a948e81cd3229a59aaeb00995358155343e3239588a0383e4df109d5ca24276d0d83a27d0e9bf681c1bbea12a6f3c20ad50f63430333bb327eb6ae32fe8809065bce26d2dc2fbb2b48d404637d61fd86852e0e1b6ccc6f75b1107aaa5f60ef45f94e953b3f213c3cb4ca4c716565078c666f84e1a99bb4cb5c7190648132f752753c938da6241607a742361d995188b23cb4b8269e98e822585695962620673433748e476f7cc3e37db88639c525ff3a502c82c283b00aecfe7734ab369e1ed7c75e27a5a333641817baa3ea37844e20e6266c5095abf9d47ca5f8ad93f1a4d8795daec222ada00d65cf91425fae7939ceaa8d94ec1ab5082e1d251c27b3132119b350e81771f3733be232ffb90c03a818bf4dee8512f3bac440f5d5e4bed6b897608b01eae26a54433e5f5c74a2ee3c2fc50067be05a677ff52a7dba7010830b879a41b579d44158fb89ea05761d2d369853bea84dfb8081ed7b891dcb3bb3361534fdc5252e4964aed936ad2838e7af14fc65c7c1c6d44c6256f2462ae83cfd6a6b2651da607fe79d345e5080098e9e6e7482cc5c267e00d8d09dcde70b60fe6220fe9530547201664db91cf1885ecc2f106b66cd99131523c99f6102ddd7403791b3a7ac59b256cc4c938fe01740ae4f19b5204ca305b1666b0c2a7e5015d6d530995843adfbac3954306d4cd82257d4d2c3283d45dbae43548fedb679328f114f7c8238ac955391b24614d91be1701ae07c170a9c299fcf3d0ac4cea07e88fbf66b697883af17a06ac3f9954eb2fbd20f101802cd023fc48c5d464c16059cc9dce8558c5322ac7612db0e27252804059094a318c4cdeeddd5793a427628c2c41a21f0d2f3962e32f710bf9e216ff1694e8d88c8a81328744b36d9ef9f08c0ea3ccd4f8729e2f00a048162834a958df39f9c5a8c8e876a52816446d0106f4a81dba144c80fda0b401f0774edbf73b3de44d7ca5c28b0830910f3b0", 0x46b}], 0x2, 0x0, 0x0, 0x4008000}, 0x0)
setsockopt$RDS_CONG_MONITOR(r0, 0x114, 0x6, &(0x7f0000000680)=0x1, 0x4)
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[], 0x30}}, 0x40)

6m35.502920078s ago: executing program 32 (id=73):
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f00000004c0)={0x2, 0x4e20, @loopback}, 0x10)
setsockopt$SO_RDS_TRANSPORT(r0, 0x114, 0x8, &(0x7f00000008c0)=0x2, 0x4)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f00006dbffc), 0x4)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57)
sendmsg$xdp(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000200)="67d8902400aa303e97380e90231bdbdaf6a4bd866226b7cdb7c26858c4e4fd703be2f51ed6ddc4a47116ec2db7", 0x2d}, {&(0x7f0000000900)="0f198d5aa5caa1c55b84b414797cbdd4e8c576a921a070fc828060506683fd1106a961ac55b5b8ea3342ca7de5559ca2c14e05e42aed8ba14b2c78cb540f71a817d80fbf1945a046ebda494a8048a106a4d49d7f214735ada53397db3b203885ce39ee48d69465935eade21ce36e61826c52c82f038341d9bab5687c740ed3c18897094e7e1391eb84a4052e03c0c7c39ae86d454938f65e284620b99481c33d9f5e5b7a6c0d7548723f55b213c76be37f40c850c38e265758ebd8238257a146d6eced16fd658a784c928fea7a841db1a7fd6520442dae5fc0d3a3d3a5f16fcf6fe4f062ecdad7d0f3c6cd339339533c0ef28ad1e2729907094c3de93c1b1b00ad6df895d9907e4afb7565d3a8e9eaea020ed173c2179fb03e0944460989240a689c7fe795d310be4e7a6b778a903280dbf426b39c3603c49049980767e31edb997f59785184cbd7b907e0974f1073c745f71db0906cb51780f908fa61634af8ac85d9f04f3dff0a948e81cd3229a59aaeb00995358155343e3239588a0383e4df109d5ca24276d0d83a27d0e9bf681c1bbea12a6f3c20ad50f63430333bb327eb6ae32fe8809065bce26d2dc2fbb2b48d404637d61fd86852e0e1b6ccc6f75b1107aaa5f60ef45f94e953b3f213c3cb4ca4c716565078c666f84e1a99bb4cb5c7190648132f752753c938da6241607a742361d995188b23cb4b8269e98e822585695962620673433748e476f7cc3e37db88639c525ff3a502c82c283b00aecfe7734ab369e1ed7c75e27a5a333641817baa3ea37844e20e6266c5095abf9d47ca5f8ad93f1a4d8795daec222ada00d65cf91425fae7939ceaa8d94ec1ab5082e1d251c27b3132119b350e81771f3733be232ffb90c03a818bf4dee8512f3bac440f5d5e4bed6b897608b01eae26a54433e5f5c74a2ee3c2fc50067be05a677ff52a7dba7010830b879a41b579d44158fb89ea05761d2d369853bea84dfb8081ed7b891dcb3bb3361534fdc5252e4964aed936ad2838e7af14fc65c7c1c6d44c6256f2462ae83cfd6a6b2651da607fe79d345e5080098e9e6e7482cc5c267e00d8d09dcde70b60fe6220fe9530547201664db91cf1885ecc2f106b66cd99131523c99f6102ddd7403791b3a7ac59b256cc4c938fe01740ae4f19b5204ca305b1666b0c2a7e5015d6d530995843adfbac3954306d4cd82257d4d2c3283d45dbae43548fedb679328f114f7c8238ac955391b24614d91be1701ae07c170a9c299fcf3d0ac4cea07e88fbf66b697883af17a06ac3f9954eb2fbd20f101802cd023fc48c5d464c16059cc9dce8558c5322ac7612db0e27252804059094a318c4cdeeddd5793a427628c2c41a21f0d2f3962e32f710bf9e216ff1694e8d88c8a81328744b36d9ef9f08c0ea3ccd4f8729e2f00a048162834a958df39f9c5a8c8e876a52816446d0106f4a81dba144c80fda0b401f0774edbf73b3de44d7ca5c28b0830910f3b0", 0x46b}], 0x2, 0x0, 0x0, 0x4008000}, 0x0)
setsockopt$RDS_CONG_MONITOR(r0, 0x114, 0x6, &(0x7f0000000680)=0x1, 0x4)
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000240)=ANY=[], 0x30}}, 0x40)

4m22.925867641s ago: executing program 1 (id=1645):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f00000002c0), r0)
sendmsg$NLBL_UNLABEL_C_STATICADD(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=ANY=[@ANYBLOB='L\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010226bd7000feffffff030026f807000400ac14143114000600736974300000000000000000000000001400070000000000000000000000ffff7f000001080005"], 0x4c}, 0x8, 0x3000000000002}, 0x844)

4m22.925677091s ago: executing program 1 (id=1646):
r0 = socket(0x25, 0x1, 0x0)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1000, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000580)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}})

4m22.046890226s ago: executing program 1 (id=1656):
bpf$BPF_LINK_UPDATE(0x21, &(0x7f0000000080), 0x10)

4m22.046489881s ago: executing program 1 (id=1657):
syz_mount_image$ext4(&(0x7f0000000340)='ext4\x00', &(0x7f0000000980)='./file0\x00', 0x3000010, &(0x7f0000000100)={[{@resuid}, {@nobh}]}, 0x1, 0x519, &(0x7f00000009c0)="$eJzs3cFvI1cZAPBvJvE2u5tiFxAqlSgVLcpWsHbS0DZCCMoFTpWA5b6ExImi2HEUO2UTVZCK/wAhgcSJExck/gCkqgfEGVWqBBfEAQECIdjCAQnoII/HJevYSaBJnI1/P+mt35sZz/e9ifw8M56dCWBiPRURL0XEVEQ8GxHlYnpalDjole5yb99/daVbksiyO39JIimm9dfVbU9HxM3ibTMR8ZUvRnw9ORq3vbe/udxo1HeKdq3T3K619/ZvbzSX1+vr9a3FxYUXll5cen5pPiu8p35W+pUffeGzr3/yG7+9+6db3+ym9ZkPRSkG+nGWel0v5duir7uNds4j2BhMFf0pjTsRAABOpbuP//6I+Fi+/1+OqXxvbsDUODIDAAAAzkr2udn4VxKRAQAAAFdWGhGzkaTV4lqA2UjTa8W5gQ/GjbTRanc+sdba3VrtzouoRCld22jU54trhStRSrrtheIa2377uYH2YkQ8FhHfLV/P29WVVmN1zOc+AAAAYFLcHDj+/3s5zesnG/L/BAAAAIDLqzKyAQAAAFwVDvkBAADg6hs8/n99THkAAAAA5+JLL7/cLVn/+derr+ztbrZeub1ab29Wm7sr1ZXWznZ1vdVaz+/Z1zxpfY1Wa/tTsbV7r9aptzu19t7+3WZrd6tzd+OBR2ADAAAAF+ixj77xqyQiDj59PS9R3AcQ4AG/H3cCwFmaGncCwNi4izdMrlK/cm28eQDjk5ww38U7AADw8Jv78NHf//unAkpjzQw4b671AYDJ4/d/mFwlVwDCREsj4n296iOjlhn5+/8vThslyyLeLB+e4vwiAABcrNm8JGm1OA6YjTStViMejUgrUUrWNhr1+eL44Jfl0iPd9kL+zuTEa4YBAAAAAAAAAAAAAAAAAAAAAAAAgJ4sSyIDAAAArrSI9I9Jfjf/iLnyM7OD5weuJf8oxx+Kxg/ufO/ecqezs9Cd/tf8WV7XIqLz/TulfPpzIx8fBgAAAJy15GDkrN5xevG6cKFZAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAB3r7/6kq/XGTcP38+IirD4k/HTP46E6WIuPG3JKYPvS+JiKkziH/wWkQ8Pix+Eu9kWVYpshgW//o5x6/km2Z4/DQibp5BfJhkb3THn5eGff7SeCp/Hf75my7KezV6/EuLyI/n49yw8efRI2trDo3xxFs/qY2M/1rEE9PDx5/++JuMiP/0kbX9M8uyozG+9tX9/VHxsx9GzA39/kkeiFXrNLdr7b392xvN5fX6en1rcXHhhaUXl55fmq+tbTTqxb9DY3znIz9957j+3xgS/ze/7o2/x/X/mVErHfDvt+7d/0CvWhoW/9bTQ79/Z2JE/LT47vt4Ue/On+vXD3r1w5788ZtPHtf/1RHb/6S//61T9v/ZL3/7d6dcFAC4AO29/c3lRqO+c0xl5hTLPIyVn81cijT+x0r2rd5f7rLk8/9Wunur/53S79UlSOxQJbuwWFNxSbr8bmWswxIAAHAOfv7uTv+4MwEAAAAAAAAAAAAAAAAAAIDJdRG3ExuMeTCergIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHOs/AQAA//9GB9/T")
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000800), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000002100)={0x2020, 0x0, <r1=>0x0, <r2=>0x0}, 0x2020)
syz_fuse_handle_req(r0, &(0x7f0000004380)="4e5350994ebf71ce3049a58c5d050078bf16b0757a4c27b455e2a547739587dd3380b5df8f40a0696c5bd6cdb672cffe4d870c5c90ca92095b9ebf3e92fe31d8cd74275d857d34a74f7eecc7fac15e2f148d4e9d47bb45b858bbf078999970d180f28d7b2cefd92635d45a563d9229c9fd770efdc0848e52fa5efd9ada5c94a1ba94b4b7c7507f8b0819bb20910f9f50a83a010abbe126dd9f6a7b84eab6b0d5ce78d2ade77a5f7e4e997df1d03ffab4b4c945d803e4457909013127a98769c938c237f37263bc509a42bc56ff2dbf80e847e2c407009eef94f18e1e59069d62298fdbadae007ffbdf403c5049a4530ac0abecceb5608da02754c9a575af52c0b7e41226e2d642a814861c4310c935bcbae413516dde2132652b39c7aa0218a6ce65dabb4494965209ce879ba7e7e59039db5c1d36d6a7f86d72dd59954fd6f46124a2506b245a0db11aa89d2feb312a6596ea2fecaa7b6021f37a255f628da7ff6b6c36b514d3b6be34e505f9dac6acfb888198004699fb350ac93431533554658c4957df36703591438d6488bc03dd8290a75ebb367a481a50e79a46b04d005649cabd79e5c6326c066bc2b6fc5febb87ef66d832ef31a16c2a450a0b990fb549a5d810c928d1a81fa1dc795db2607ac7d46cb5716b68acdeb00987e429fe6a394632c83b43336e7b51d9cfdb50e83d8c6ba1784d9f74c16b476e048e65e7ac0af683b347d7377ac1795422e00e5bd8da9b313af83abb3348861116de7a99959169b7dff9f7d9b7a6d107f2e76670a6214a419bf8298f80eb570fa29264ba57a383c5ec5836ce33104ecaf1aec76e311280a1d2c8bd7abff3a5a242e6a637f7db63038ef5d78aca9c680d72b60da4dbeb0e1e683ddc82898647c589a81b8f92db06711d8a0af05560cd77fa7005283db71e8da21713fccd450822062b994d152aaed2cdcf0dec9c60617e15ba4df628da4e71279bf9d1eee5c7f055c27cddfdd45f9225d5d5529ef7119e2e3c9838e7362971e069be487797e949b24297de19c61340d1cd7a2bfa3880b91a71e934720a59e1e0ea992d2a1633a0852ad8addfcab73a291e35745e694a6471f429b124305886c1f79f67c78de3f3ec998c91e7fc59d26766cd446f6f0de603f2c6892e13cdaa37d9e8e118d098b6986ccd991993ec152193e7d77394b05b99e7d310c506707f1be52249438fba9615f6dad2ec7244fedf36e34ec311b7d6bee64271d6491079e161190ded7e28e2ada4307a9b2986c267b1a30d2f720ff23408011f1d589ce9ee77f981c7833656ccf7df5b3a87ec253ff7c7ef1e67ceeb10c93e3fa683cdadad65850ffbc402b7744e94cdecef9db9d264c755c53d36278df23d4c9685fdefa69f7588a33b8a64b35191ee81abcb9765577d175cb06e31c582807ff7243bfef44961fbc0f8a235242f51ee991ea621803d4dcfed90d26f004b299425bf219f6d185fe6e088ae44601b03defada18794feac93787696a5d419f09f769bc590f43d2df6a131f6895da2de120c2644685e57b1d476c6aba5881e954fb2575356452b118b942cb02b4ea0fcf8f1bbb9a23b6e32c9d0accd3dd861452a3ad77b38fe709e216974932deb5397fd8033ff0e073d93ac0b4be762bca0424d69bd57b22ba914133f87671a29498b268c2911e793215463ca2164e38059456107dcb29beedfd6277e2b41a11d1c6f1361b19875c9384f04f9c53c1856d71f360a8fafe05f7aef750ec0cf2bfcfa971c017ad071b69a18fdaf970b384d4c889cfa5a0397dbe89543a5c6302645d6edf959aa60709ce0225fe6c3266c7ef62157ac8e78fddcd8a1f2ca5b58128218d19276885515775326aeeee0226cc810843eb05144bf8e2fe3340cf60b32cafd96d23cd7d0d3adcbdfec9a2a3d88307c362633b1c5637608ea8476d900b3f836a9734b5ecaf5e82983577128d3f74b903b0e3bf64326c1b564ae42aeeb0c07702b63a9ff74a2af6b45e5185a53f36c17bc29dfbc0ea28ca5cca43a15d751e9887ad3e6a87faacb6a278c4c8a8d21b9a77b9776f33102a6e645e99cc5cbc543ed0674282c2b9f8e5d14c2599aa9ac8f81438c77f2b9368bdac82edcdc5366f39adec9e9a3fbd55b79abc16d2ebff26b7d0c88f18b486e5836333575e3fc7808cb423b44781c57965767862922b4ff32d9bae76296843a46f430211c27ef9db168430026a5691623284dfd459dbdd1f1a6ec9bfad666507e6eacb1e2a7866da2e12e6d596d0bbb150500590013d9288af20596447f97bf1744eb9cfb244d8fca269b1fb71e14de664be4e95d83fff1b8abcfebcf3e78c1c66d28f260fb0c19f9fbcd2abbdd7dd7246e49dc25d954bf25f810a2ff6f9069dfdc62e7170fe3b0964b2ac95024256dfa3e7a426be5bb5f707fd82c2b3afec5d5dcf5bbb8fcb6dbc1b59f6c5330966c70d8b016956903a4278817414ba3652a102d7e7e37ecc79400267fc3bf7601c0731f87d479c33f100735e748874155267f708cea49d549e93cf7a398b20373dc90ad9afd56d9c77cd24e2c4a18f7130b366c7fe5b26bc4d11ca1ed1b98fa0b4d7396f82ae6593f4575d19f4d8fd586c991129e5cbe15c8bacc89c3ee15ca471dea966b5c48ede0d3ba2a7e28c75c04e6a4aa49a61f4e391ffe78eb5e40a5ef349f3aa4d15f2291cc86ec7e47ae301bf0b6083dae44b695820a893d46732553ef15ed1c16d28268d52a7e3a7e7c009d0c0708a356d3310c1ebcbcca4d7acf433e34bfc9fc115498142dcc725e7a16879c75e4c2f01c6c98b39619f3248bf530e6ee593467e38cf4026cfdc4db6296565722d587f3c580750b1453ecc141c0461495551297d88ae034acbd4f5e80ce198e6640c4c1e9501529988109cef006eb2090a6fcd974d7f60290b78f1a8ce3051ac2d69636c3219f0a6ad8c254764396a1684b2fd9805b1853525f2e640e513197283cc4d4073ac033e0539a88f08aabe1423cd40b8a7e073437d812b57a5d39a0531dcbe13f4466e89efc66c2a1e4b39a3e0b3073c9d44e6cf9b85f4df5c4e03628d05bc0f94ec04234c9eca4ed17463f190406834b02888728f625371cda75d15ec19efebd59f00ab659eb94eb88bcb2110862a369ad599610c1530fcc118f5b82205bc5215fe3623ac8ec297d8ff4eee75ace20731c5d505e6605c26203b7f754164c9463f0a6eefe3a2880b8e06e7bc66bb2adcc1a3f9b0325f5ec31d12a25f1f73c2aa6bb3a7680d786a082a63b13cce1822fa6a4b085a871ae3409eecbc1fd8661b5d52bb2b8b72f23e24a225075f272ed2ba0c6c5c693811a0ef8db6da7cfe7c966c647f0187ad223eedb1012a5b7af103e98464ac768c79b21ca45b12a52cf261de0d367442cda71c4b8ee39c94ded1b22ba06c13836cb467ebab4efea07bdf1e3de8da56a0ee6d4f848011253cc21fac10700003513d3167b7a73e0d752b861c49814bc5410ebe53a0264f76068c91ee6ec9e2daa343482b2f0f06e605c5aaf81f2a3cd570efc2094b4bc452f9526f1bbe7b22b694fb8109a5a987fabf6250912d6099e67da9cac79e8b6f2cce4702d1f17cbc5d06c38b8a48155ec758369c185ded839fb58cd736fbb74105fe5baf44e7e3ed06843f23601b60a43b1f88fd29e9b3f58479f9b95392a39d5ba1a31ee4441ca2d1fb57c0a8678a07a724b7a65b2ab16d1da197f435bce3ef003fce27fa2f0a67c9dd6c930a4bcf59e79e57b010000006fe34972958c28b56642d14ea89bf4d7d6f7fcbcf4fda8bd08fc9fe424de4359112b11f81fbdc1505658363697713ff6e1f8ca3c4be34a79993a9091f6017cda6c7489ae5c07062555231427c3eb42a049f42d22a060983b044a7d34ab5d2b5386cca79af72396a48aad6b8dcd7855410fc6106e4a165994f26efff1e7ea0aa8f560333b5dfdb2a0d899b0fda955155f90c75effd3c9535d88508e836feb7807d57b2a57cca42d3d08fe7de60d2a33376f49bdacdd3f814bd0927f417f15ad62a10b302f1cb390aaf82b0bc6af46bbf990b6ada45ef83ce13029d167c65134e7b82b59ddfdc367e61c40defd2732ccebb1d4000f6c742df964e1fb390c255d2b1dfc745c6ab34af8096b5b67aa179e3f341854f7a69f7bf47664c832037ec7a78f8e27209e3f20f833fb6e8c0fc4a40920a5ad2b0618982ff72540009d5db82f0f5bcaed2a27f35d1e50eaa0cf8e48c7a2d43c25d0264db750a7f33b44a4bfaae576cf9ee7594ed204513899566564ed8bbc97ed18b1d8868f926a5c70ac06fbac1eade46792186be7bf8ffa3301239edd093449b7d77192782b5111c14169d2b4a1b3443ad62e4abdf11aac6a5b89a5b20ab0ad0abd949b9d64582c67ffce018e7e46de4091fcc77a65b971fc67c8d9cbf0c341ca764b1056ee5014d9865059616a525a1d46ae2fad159afe86dd1df9b8246411827e19535ca0aa9f83050b06e70aa2737f27e93d584a9cef878a642e9361efaa5d20bd8da901fa2e064656f686d3b3ea31d1d850ae9196b7764548f5c6450a32a717e09b6b7e75d43fbbda76e43a24f186d5578933f408bfa28e0435cde525fb91e71d92d704cc5a9b5e3db7aaec46d2b1f8dcb3f921f69bd7397c96a1e132c39c8f1656cea4365c779abf76199cb5b6aada022edec5c901cdafa2e7f3765af9c8b20cb1a6785085fcb0dc901367b89051bdfdc6b68c5215fd04e2b3c7e1c454a4d21132953b25c50995af0f7159a5a8d0a1621f4808f126a5bd40ddc79fed90f49925ee367a57a05c070fbe39fe2c213e7c1724a907ecfa69efe6e021c06a262471a4377f3c9809e9fee4f375e27c31b6afbb2151da86b7cab63c7b4fa4b77fb30172b9d0d78b1c0535ec0639c4910b5eeecbb5b8b5c8aa74c140e7ad347812e36db3097a7ff85c09ab2c0020202307f50efefcdb497b9c060ca68c4be54a9165b4cebc6b2e2e14e5ffb9213142418faedcdf26fd326b7672399e71cfffe3ed712ced5317c254f9199ee10c24c802d102bd8749513d3145201ca4e01bc7c8bbcf430afa541ec5665f86dfb143be648521bb0f2b029018201444787f644f8c88b79e754e6ea9c797babdaec72a9680abadf3a41684cdd57c2b6e833acc0846be5aa927f1b1b36562d2acb9ecfb758455230d050daec6748ba280a5edc86d48e3f8af0f8f4ffb18ae3cd3c19a82d504a4fd52bb62289ae8026572a497fe268f87ef4b4b5886aa07eeb698b7cbf99683f710afc9ed1f8a488883ce0eb8f7fd055b82a9fe21a409caa231c41ba151008e9658919c611e157d7f3926a5e4248532a6860e615b9c86e9fea212128d96ed58c9b84ef22706071eb69f492e4d8321ed9faf6c6a8928f86172bdc930244583ea15be497d9ce4ae79cb3e6293a8512ffaa9e8e358f3c7c7117001fb92891a40b84f9126cc3def5cde67f463bbac9668b9f56c3e4ee72fceebb47e52fc226bab213d8193516e7064459fd1365350a95c5a1c3ac44a73bbba2a4c17ebe49dd781bff1995cd706b77bb533117594ad63566f4c0730beab85ff4c713b7f10b95480fe99a0f676c51ca11116b21e87887b462aa9770e85509e4e60f198148115f0a3ce6028516a946178d1acacf7767f6be7277891369eff67762aa58f928d48b7231e44d899cea8289003349117a53d61bc27b207fdc91c9db61e677d1e1a1bc6a1b6e8564130b335233db4b5de8d62324e6d0ccb2b08c2ff922324eb8c506711142d4b8d7a21223ef0a3d534fdb0de58be95cd827152f71bdd0a82766b62b4c87536f0b7e7df343c4263187da887de6e65d11d0360e2376c1d71c367ae85edeed8f767d24c644b1a9b455ded1dc3cc224f99936a6ee66931c45e5e3db2427719ab2d5cd9c20d9bb0ec004b69bccb00649f3d8e34a3572c257de114b9f027d76bc7db9007175cc03b9e2061b6b3fe7409e009b5371544e56fe438cbd361e5b11efbf2d79d1c250a1e73ca8c601c4f4d1e3761290950421c48c7daa45965e472f5ef3c4b8597444dc5dc01cd25358055b5000617f3e7291da3413e3f0853b1271366612405c35ff1b785b984d921b518425628a533a29ab65d3c11f44c6daa86f8b6457ebb9419274c481aa6f3fa4547641670aff58b9cc62c0993d49a509f02dee755ee5f1fd2710c995c43a91c4f873afa1bbdff19427cba2641052a8f361ecbc72e8a6cf587e83f8bd3110c95fb080edc77a6d43cd58c447b0e02261e4109500c6458dce70acb17aa8f9dc1d15b94a61354164031b5d563c25d0246fc45e6401cefceb501e1468903e5d677759dbe3f24bd48ce55ff8b8f26529fb3b2d669202a1e8a498984b449b4830a0126b18f0e78182c9ce78fe0c448c0e27845b926cfde28fa85e156fa98fefaeb19ed1247c9643b447b4342c94c114d3c4c35eed4d5b49aa70e6aad45bfb557f15e8fdb2d6e3d10d8338a13fe3f187751985b37a5bb10b750f79e36fc2e2ee9bdecc3ed156e202ed7b45a94809d77edaa398042fc6a825a4848c334c557303d24eb3f8e01be06995ceb283c70272b00da61c3381628f0e372fe2fcc779ff7daf7e4b7f2686c39d3fab674b8867b62b0bf9d5cfd0c1d3b270521f55f147de75142ffd7fc9ac7e5dae7ca2fdf26a9222d060823852409dd040cfd1f66f218c6dbdaaacddab34b123af22f97384d64fac64d84fd638c96378c8f9532a11927d48440bc777ff8b8b9be88f930f3b579a713c0bc449dca3a3bd5f2efa98240ccc594299e44451dc60c6c5c9edd0d7b777912b3dc40c57e0ea5f4425cd7047e686c7304f04ba9f7b5de6ad2bd524f1d29f8802a524441fa286015adf4589431710aa4d76de8a956dc1d39c0a13abb7fc309d24222d036e204ab6bb46ef8a7595d9e4512e0b9d5f8fd719a4e3072e1d806967045789c67a1681f2a9f1f4b19f4f5e1afdafc17db7a6d5196161499e62ab4b0ec27648f3eeb1fb2b78f8ecf9b05cf9509a3b9e2a361238deb1c91bdbc8b1d11bbeb939fd9da811cd439069da0ecc00665d72357aac01f259a0325409b201859cc0569e0eba67a7a9ca7e8b78078d9370bd3e37f0571680ede60cb6bbfe69435d6ab5efd80cf051d119a7004fc0b600844d49218d844de8f521524a47ee50229c7da25e42a8639b5db225e7f23967f5d4f8a297aff04a3cbedc2985b6393a5ba0b26b6c7b4ca22d369b35b410799d1ad02825104d34f73408db1948438597931ed1c1c260e78340517bfa2f734537dbdf5ec303518ff4640efe7f7b1c2f46babdb9247ce8eabad9718a8b9ddb7a18d5e87ced554c9d6de78f85d293349590c6c32483534bc968b24a28eb54b9515589d6dd8eb51a5ad0b4d896ce92250397cbc404323fcdf0ee47ed634e0c58213bc5b35a72b21a098e11b79c061430dc817c1e0c79a5b6ed3b002979933f1b83a17f250b1bd5c4958df4d75531ca03efbda89f6a92fe08c23ad9014ff562a7f3dcde578d6825b9847b5df04dbca4f2aa52d8e0f4cf8183ce121e39b50358a9796acde0372a8ff97769874a80ab997cd889145aad4888c06963c2f5b82f53a748a6729fbc79d35c06d84e05c62e44ff78040e56ebfc6efcf0d8b49337d5a17c4041f0d5a8b616244d585a162b69db073accd9071d12df5b326a43b834bbffc2f2a60deafcbddf1c6438a1769d6fb09fbe1990e89da12164ef237f326edb5be64bb64b143a030de8a99b3c5e543c871cb581e2be090a92134aa587701f864907cadd7c1ce20fcf8f5dc7f7ecd06a6c19d89a92ca0ad4393c208b80bba990c7a3702a9c79bddde75d5db244719ac32191b6ceb041ab541fb47680a97dc0422b8a50d91e32cb08cd341b0b099aca5bd12b69d4f89d10b755b351a6489180b786a3bebac926532a4a2d85b07bce6c090d1aaaff079e36d5394a612f1351b90c13a0fa6bf9d188d548dfe6fa51a9026edb52009c03ed45ac51d05c58a957bcc67e05a588985ba00d79f33ae9cdd5f5721d9fdc72ee6e880708be87e8a60c3c035c146f2091d1b9a4c2cfa56f292fe1ba62290d4e56c05669291bbe917f3cac51802a2cc8e9c90dadfe666c233c5a5bb71ee17deec51ce60c73f57bf9ecb84873afcc44815131810c6c1217bea485ef9aa2785e859b25315ef8aa3a274982786e45d622ae831fb76010d69a181b069e4cc55d4436edb10d1119b0c6000c6d5cff7c72f740a59dc0507e7a952b69403c62673f122c9d1264fac6ce2262e86cd8d6a402672f88530fc2d16f31736dd497a4e853253ac8d5aff8d1376895e9f5519b2490cc2a2412ba0c99cec855f668837310035e92fb646486de1b0acffb91ae7516df3eeef381456b55e65baa58e71461c928687e699d2b21814805591382e95e1b970aaa53259917f070281f2336b7d570249d838b3f1a32753c336864e15f4561badf8fee034a29c52ff3fca7456ae140f83e3b2fd5b57c9aef3f20c664200d235f236ec47dd2fc20b14dc6000812237aea992d987e5460679e8c5b76d931ef6d951e6c7087e3106b6ce2db9de6f228fdf3ffc38710c0e8d5000a195a79d1fa2301038f5b27c40b09c34c025e5099d40c2204ea0eae985263c9101cab88d6857a320c9e497f22348a24861a5fb8d734e08cad09f9933748ff01eab22f17756f58688dc1b486a397563ee9ad0784b8833cdb5f7c6bcf76d9c1105f71c3c6aabefd70dc6cd5c66d31caf916145ac5ed7fa070b4277c0448ab1eb78c943be9aeab0587d321a4bcb7754f070881178f8be668b686124899fac252519f4b60ec42db766a908755040463125c26850177402a977246d36d23afac0a11889d54640bd8f6f670d686cfd33f6fc5d90cf6cbd63d9d0fd201dd4c74dbbab899f3c23c0b7e37ea0b2aff421327200d0da58b5893a4186ae3652cc6e11c2c2a0e52184a3872532acce98c94cebf4f31333663a620f0dba0ffd89c3124380075bd28caa6d449a050b3661b8fbaf4747b77c4928b1378fdc8c7a7b38ade1aeec44bdfacc8271d0b132b2029b0f3582f9919f5c8cd543abc9caf6b82b197cd482c3ef61a64743506342bf50a3c1ff544563bb8b2002911ee1fad698f4ac133ffed5bfe81239c918207a03c7a8bd71a0a502aea78d38e970e3ab2abf754b598acb79cf276792aa08724d0ba24f2a694912ab795b3f45f52dec50d9bfbc99ae27e1d2c2216afec6709d6513a64b29ef58255bbe18478c5d4f15f74ea63a1e15487752eec8fd019f1d4a7aa25277664754bd2d7cd3a7a018b92c56d965a1974885363757286da9e055ef7fac17876f0a64c1026a597733b897a9155ecbf420159ae8e5209aa83a3544fff1fb4566f2d54f95e3bbd30dcca5f24397e4bd47ff01292f0d6fe9dd47a810e0c25382fa69b4987d1afd9b69ef125110ad6b240eaa9c85829a2646f9ab7874bc02bfa8346cc9190943e9d46b44880670b1e2aa3a29e83be5472d7418885a353faade6e8b18f4b588607bbb758588d1e2f11a9dfa1c4d61be50249f1ee32e6ff8c0c7722aaec1bc79654a4772efc578bd6a14c79abcc77a4e09c8b6c6ea35cd3ab31e35268fb55db843176f8042f8ce7be0ddd4ead6dbdad0ef9e7cb2323db5cc48119a72b27306b8ff6366c0bc682a85ab9e2cf2238b6d6eb2e38a97d5577e6334cb2aa6e7c86e489e876f9d7053577a5cb57f52812fab7c4bd7b19a34c228ffb67dcac9281612f778b58c580c140542200fd00cb3ad81d93420df93c5af2493f646d8de797102fa0a65247317882fbf171520f00b2c7638623b823ff11444fdde453570f99f9099b60061a908b83383ba8b82bb78edd074dccf9342afdf8d11a6129ba6ea7030f3629056264f1736c2b926171b6dc7e1fa455a473de656390495f3b6ad2f9f46f35eacb075628ff739ef78f28ba683448068c7f18fb63f28ba7dbbb78999100dde0a94e8b8570817c7114c13e139ceb333782b29a84a5b19497fa785915c7680dd7f972cb59ba22161f60886e5cb3c3e808726cbf96bc4da78914eee565c6d9d18e70d22cf8c0244cf3cf488c3550eaa400bc0f26d64e0f1bc8d0301a841d954073a641f3ef883d81f4d5db8e9df708e64e640b38df7295f7fe573863653086bae5507c880ab7fdb7a6c5ce77027ffa7395233d3ce536d77ae6c2e9c8ffb6fee78a3bcb3b5f888bd595caa3a5586948776b950a89cde4db8247ffff27491c882b430afdd60e7a22324f6635a9aa7139f3e624c6d9ece60f7f8153b2080cf0544fbf8e1c436503766e670b902604ab521e11aa5a65cedd64cfaf898ac5f55c08c87693c323517bcb0d99c28f5e072d4f6540c7ead70138d47c1a67fd72bd6ef5613af33a0af311c3d0a631ca2a2dfbe35d1021eb610e40b9be128683235a788b5a4cacf99babee382458d59e8aa1dd7bba7e09dd30c055a3df8ed721a1778b2c6ed587a403566325cd19962edd7831caa44a6b716517bad502130e7cf6a5ce5288dc84c0170f622ae0b1e1166a9c2c0771d91df9f9dd82ae210469602ce38964746c1c1d04321aae7d464eb801dbea7ec39505457e778208774d72673626c998b002c46a9b4b1e390d9344f0ca62212a1b6d41043a2100b35196bce42d40caa0ea9a486bf8526fd1f0f0d362c2cac463ea7377a20b54b9435442ca529fc00da4fd7e27c4eaf14215a06857b54254c26346956fd7fe215a5ce57ec38cedf50a3c759e563a4fd87494f00e7bd9b44f3b7e99c6ef67187056a21d2fe1ac9d24125b1947eb293189fdc448b591af4d9b8eb091d6bbb5e50fae79d000044e282bb2ab6c63cc9562b151c214e45015354e62be63e1881238b907f7bdb791ff44a4e03fa29dbd26db2f49d0f4729b7cd9ba69a65b0b493466d35d09b3f590c67c31660d95e2ab4af2c9f1df91f04ce5a57dde2d75206b42e3423126774d76593c2f713ae279d7092506b513fd5d18f0f52d3fafd7141dfd4a0de1063754dba865faf8dc0f6be9d90ef21ec86a275533f6ad4b4e360dc775413f29eab8b3daac6279b9abfe163ea2f183e09ed91ef67fbb090875109288a182cfdcc46d90678efe5edceda6518335e678438cac4bb47d376f3f0e12aa55301735d7f42653c073d6a4a37b2e17d332dc1be6b50918c007b14886307cc39250e81efecd63d24067a49994572725a9df1760caac13a28f5255556b27ec245e93969b85cdec7cd1c2d2a433d3f9572b93054a7ce8adff81bc1d30884d5fc4791e251bd907e37af5bec74235c3e2f804e4e0450b715289942b7859ad207bafcfec1b586dc15e7911fe6d20aa3d02fcd47e9956780e300d7c53c17dfa15754deb4c20efebc7270bda0fa6b37fc88c6be4250cac38c1b8186b364482026ab52d65d3a691903fccc39772277011bfaa421adba76bed9731077bec885ce88d40f36bbd2a839c67dc4b862c968491b877d4fd13fc90f8da57a29121e12f78e85af765cd66e72ba513593fe1cdf20019985b065d828707d8e509c6834eab188deea5c9ee97955f4b07d37b6fc7beed73be94887d423a349f35bb8782bc670ceaec870d97f061bda02ae73f6d575f81e0b6326eae6c1b3085cc584686120e12dd9ad8ce44036bec8a189f9", 0x2000, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)={0x90, 0x0, 0x4000000000000, {0x0, 0x200000000, 0x20000000, 0x4, 0x6, 0x0, {0x0, 0x10001, 0x0, 0xd, 0x0, 0x100, 0x10000, 0x2, 0x0, 0x0, 0xfffffffc, r2, 0x0, 0x7}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
write$FUSE_INIT(r0, &(0x7f0000004300)={0x50, 0x0, r1, {0x7, 0x26, 0xc, 0xffffffffc7ebca6b, 0x0, 0xfffc, 0x6, 0x19f8, 0x0, 0x0, 0x80, 0x5}}, 0x50)
creat(&(0x7f0000000180)='./file0/file0\x00', 0x0)
syz_fuse_handle_req(r0, &(0x7f0000008400)="44ea07862a07eefa4de37092cf4356f54454db90301c4d373d57166f794f169d63344840a37048638ffd5e30beade3fd768b18191001eb890277fad8bdfe3742686deeb34395963bcf7a870addd76c80aba9f771ebdf410c7d7542fc2b6ae9a458d79457755d94ba8a3248b01a2293d8a70e60815b90297002652966a6b836065bcae0b44f4b26be93dec3cd4cdcbbc84c5b916a1b0d8313340675d67fb0c785d0307f95e426546c9a4d0161a8f52b02b95f4da53ced705a658722091864d74ac0a3a5f3853a0ad71ddb29835680ca9ff30531f8df0f0ac66f7f1433c33d75fa8f0f022b175df093648a81af5ed701b2e7a14199c83b539e763dbe7228f2e184a02becd41bae305d3f34c72e8db93dd214ec203eee6e6dab26b41848c95fe1ece8ca157a90bb7a990dac5f3c64cf49c5c5aa8414b9153f82eca9df88d90a8d6c0e72eacd52f82939d46d41e0f5ccf708c03fccecea467f33f5a49888514787e42c0a12255bca89e82344ab01ac3b6c6158e3c1b34ad953eaf55f3a2c487efd9423a542e41dbd0058aa021cb6fdc5df88f807033edd31abaf5ff7e6a9578d2be6a2d925d98108fda2a7e56a0bbcdce0689fa9e2111b0be8f3e2807f7f3728489917a031f2187ad98a744f19851687adf59a4b4c328ad5c4f2eaa0d112041369319f6d3f928c22d05f9fd68b5c268da5e2f433d651bc602a65ee83752c0c92f7e29002faf9475fbb57788d725f6f8fd495a58d88d55ab8467a85d1f41db5964a19bdd45377c7c8c792de5e76e87da9296ff90e7fa9e57f09358d998c8779bb2348d651808e969e960763c5231c65a06ee16979f4d990dbe7e10b3a2392dfd6483bf2c7c5f6f3d941cc17663668cca83dcc38089b4342a801c74039b32550c2d9cf95a0236523933ce3e7538ff9da2b7b741f3cbf53e6084702d0a5dadab4350848f6e7ba46d4736c7a2ae702c480c30dd78f994a10b9c3157a17e9e29576a68139403300586eb0c673252a319aa1cb01efa777228d8242ebdbef9db5c03e4c8e09bf7a009b7eb19357d1ad6d1defc0dbb58c31d85b9f1035056615ad0b0ded12751273c8bb7810ccc5b2efe51d223894b141dda837e6b7ba21de9a978ac447d995394b800e1065906455af544b9d7f353d1eefcd3387d18e3611f3913926f3a4b87efb3a9707d6136dc00e49ea5e7a6d0bea17eb49cae93c0c4422374b0f46380e0d554e1087c1392716d368b04b1da85d271206b465608468802fae00c7ad9425974d822cffbc420e739f7617f59a879f791ab5dd7a6215298cc7dc6904679889e60a09114b0f421b6f1286d0a6ab3dc887c2d3a48d53a7611ec270530b07a83ae1a2bfa6da42ab38bec3eb8ed1e207d91c02e74a31c29abbd25f5779189f5f2494ea5c3f4b829b96de0c54b3851dd58610c2b9ddcc2960f34fb857c5ab1aa67e8eb10a59639db2ddebd0206ae7ee56b21ef484e3c66003af46326f1c456ad2ab5273d0c0b2bf412f71f820ae12723c74e1857e0ae3d5587a0427c1595e06b1d5ab5e815a5558302e0d9c50b8c6cbd599eb554df6f7323b01f1353b557c565dfe0de51032a88541b49ab682a7dbe4dccb9b952ba9c9ce3bbff80af01e47953666327b8acd7d2cf363c6f7172caaf01d8e3417f768ab08f2cfa7ff26efd219e25ef0f9a84c7b116978eeafe3410972490203dbe49aec33f14d5592a466a6efe630904db9c77ece20bec7552b3dfb48d4e0427ce5024fdc0aec7271e93c51aab19d7a40670add6ea5820f625831a593137f60543e424892856b3bb9e608e88e65cc6dca098d5139a38ada517cd788b9f13618d9c2c31d7918cac6cd669710692797e61f4df3938dd429d977cc11e7465a7a23740052039d9b31cd26b95efba17bfcefe121fcbb762d29287145b11a3abb3e0683b9216a8b5d9744baa75da5d840e70cb310c507c4f7eef1d6535d8e11079edcb51df7ea63a7204e314147eeb57916171ca33c0f5932916e4d568d9e7dd3555500ae119f0c63045658303e1f4ea99c896eaeff3ebf76b2def0ea856a3f24cd76dc437236b71dad9a26fbf3882e81565851eb6c5b265a0721be43f0844f4d0e4296011e280236a0ed7656f2eb906e6b2ec4a8e5bf91eb7e8be889ded6d8492bb72f1de26cf3973249ebcb5c993d1dfa896a658a528aadf57dc28a8db32656ed8e416f96e1f89ac24d4ba587df31f3d2d8d7809d06c8b2d68eb15b377918424499cd6a7fb62e49a78831f0e4b1476bef657fb34bd59e34793d21da3f7bd0278bbea8beed261c697ce17f36f1cbc1b94aef11dd1dbf1c68496765258f4cfc8b5fdc9197d7260b733d2061f399c861bc5912ac76cfb62b9218196fe054b92a295a9b9526871167d436b830a7b4944f527fb4d75a036acf3a71a1a710f609f4e794f1d764a5317ac067e8194666dbc73e32b2870eecf8776bb7641dcdd6d764f91dec83fbb53a97e6531211dd8b86bbb57f8acd637f4b1b66fd9705a200e3081ea382262d54edb161927eb1d85cf7b9373a24607c99f3d66b85e22d2cd5cfe24020d56e0552bd43d803882128317d9a56e63a4808ed6401b662187888a0d0b311364fbddad07911b5244877eeace22ab5bd8501d748ed5cb05809e1639678c4c6cc43a3c2fcdd5b0970332429c3cde09d9556c8360f26caa744ce5e57bfaabcf7d124b2d4fa97d7e72f16cdfc35f87493717e2a852b64fa344db5ec72dbdf22dbdfcd12ff796d515d5f3fd3cddbf53426183bbd92e2fd3e91fca8fee1c1ef4f8d59036df9c48fc7677f2c4905b6cf4adcf448029c6c6a2968b13e3b77d578e2661ae7d07ef84fa098bae9a564bc8c507a103990c00a0e6d2854a1689f7b095a100b7f38df028baf20bd56c843c24f8ca4a81130256b13636440836837429c1c86ae1668d3b250108406acdd21b40450399872c1da6178184bf9c2cc11ad80caa9997d3c6631f09ba2a4d96e6b74313f1e40fbf8a29962648f400dd256c4852c556deca2e3443b858efa43d53efcd496bf5037a82e14868b508632bdb2dde924ce2cd6c65f1708c18cf49073e536f09e8fcfa9a44fdbc349ae75e17205754d3bb82d3ee8a93c59aea1bd7ea6d124224b11405f815ed518a1cb9a80191249ac1cc0e5c1f9aab8fe67bb737cdfefac82a89a7d6ae08bb9e1f710cee451d851b35ba9b886dfd9c277dd67891331d43f36353c78c65e9f3524e1b9b229c9f91de7b5ab16a66017d171e2a4e185481d33cb5bd9c5e3d93c49d2c620c16467bf4db73621957f76d656e6d4cb4d59cacf1209da4e39352554cc2abcc8e82379b4f819fd6d261c6d7615f85f6c5d0b9f57976836493367e1bbb14c57983aa97c6e4e7c4fe2a166284c904ac4f70ef2e52e4e7dbd677ace683cd61aa60b702770aa0ddf14b694bf3cfaeb585f8fd8a85bee2f78400a0874dfb4c319be24a46d1914b6e902d5de8d8375c9ec786ef6eccf1ee7a003f83d2e163097980a06ab9fe23c4ae8e91755e4217d3c302111febfa9dce02a49b217aef709d183a5ab8ad1d39e9a697a79be303fdb2290c827279ce187d1c647cc28e20c0b3ebcab2b1c75850db46211150a8bc5d80d868141f885f7a5ef520ecee6d33842141003df4ce066090c8359b5dc32dd9ecb1039454d0b691d8f97932b69981be240804e860a88d1a047f46ff43609b41ea36dc276b28e87364049940ea7b6dc78848221b30dc6aa1b60f17942c96c46e347606d14ef02ed3ebddb20f7f4d28b9460f4af047b772927ca6a046b7de2a21b8ce79eadb74e4825af5e19ac2955999d7304a35851a4b9086ff922da8845da10a55fbb62fd13d98d45f60842d0d6301cd72e7cb97bc84393a414f671e5e0115a6c1c26054a80ddde10e0a83a4ffd123504c881a844bb7187c604f87588dd0d0f11930f9a3cfeb7098f38f84923637f1a9f6b3e3d0899a156d50d7e740b118c4865ec5e69aac247a930007452748bea9af0af511cc1129740510b13f48fe07ef1417ccc765b2cd0138cb51dd71fbdbe967fc321082a9ee4bbd1ea404cb24971de5a1ee7d7993b5d11d67d30e8ba94a9e943852675a07b88a51df6f4abb507cdaee96726023855e4dee6bccb3e26a2a88fb60d812e7856c13af5f4fcb6776ba8e27a35bffc5e46473b31a4b83ea1a3376f4549af87d03102413faccc3fc897ccae95d2700163f1fc5170a643554169018c5cfcf8f50c7981270995d8aaa9f923c0679b258aab60f79111627b71404e1ce8751228972cbb2bebbe25973cf98bf8fe8e63575950a0aaa1ff060f01e96791d128d0b7b40855126ef3910ed7d7a6d9490618da352ad7b889f7d905bca2214224e170f30a088cff91921917c937950926cb11c04fdc6bee776b9abd2aa286ea5074e72756482fcb6a7d072edc075f99e02747ea49a40b26b58118b6692fbe55b09b054a044d1f481173e8923a74806cb770c4c61ffa982077f82bc4db7fee4ae2beed4673e39f5ff0614072a771034174a0f052ce39e27450d18920664e924ee963c9bbc9852fe68f30a199ee4856c1dadc08c061165867438bd3bb73f5a50f5131b7867dc80e0c5d43eae80cc2874d48edc910e7f8f9b73e032a8ccd7c348e84b4179fa101d488c2fc16cdf953e269a9cf13c0dfe575e0da49d7d2c09293296c0232bca9fe0aa8199b21e19746c4783630e432b5c7e1e25864fcd4deae07c2b07782d155fe6e6b5d9eed4beb9db47bae4007753d8be56b10723b5467c64acb0eee4cb9050b4ef2b57b630f4608af96fbe484816454ff385aa3765051408779384c6585f2e24662fcc3008dc17abb07ba9cf96ff4c795c97811e73b06c65e1b5c66c2e1873191d972830b1f53bbfedf8b5e8a64a29fb3b3eca67f1791652f9ac037c2f87c6d1d9d453b12d5d2b0c070a8084aa15505e240bd0c61895383f23f0460027d60dd9efd8539807f717bc353f9b858b9bfd2acecf2190e280faf6a1603566ff8893dba33ad3300e10438241709ba7413fde84810b966b4556f9c8a51aef27f9b9010e7b6208715169a585e42bf3f7333209afb5b19c0de7722004850d53329d93e2e4909eced3da67dd7d2c82a4c9d0d7cb6f5ff7dbf195e8b39ba9cf0c1699ea1f8b6d1293509774ef3bf48597146a60aa5b6eff2bc8a64f9ae9a81becb9c398ab9676d2cecb14d28f819d08050269bb0ca9bcf59d5c9bd2fe2bcdfe82a8f037781c6275c9229b0729cd085e66e2712bdf22009440c4136c2daa54e547386e1acd16a1d30f3d55c1ef0fe10c108210b9d8894d31e5ef17b049106700bae524eef744ef4b3a69e9cfed4efa9b0c9262177f9fe16f5b1fe5bfe5fc6a611e6ffcb9c5f329d4e328cb69912f0dfb7f4a83d326cb20b053653663096870e7ad2753e992dced7405a00a39dc55e652eb6b2e1b1e9782b42f443890c4067b07376c6f0fb2ea6589e04a8eb39a94d913d9f4410d238e6880c167a0a23b266577c41ec3e0f513eb7fc948c12b26ea2646c0481488417d9911a0107ca0ae11c2c4b8c2eefa5144ecf8b149d22abbd26d1b2a3fe51016b9bbfd229c090fc2fbbca4803217c991e36f86d4720b45ae45e6b20f09fcd8e5decd79997e79177bd67de7433282c1d0be5d585a71c873e7171a133d9f5ea35ac0ac5c1a643279ca66a365d278d14eee3ea90961eebb3f6c098c00d051d4716853ec7069be2a4625cef4c0f72abae5309d2709901d05217fc3e52049c4aa16b50121e43ce491d1bc9adb01679ec25ab5009f746170c2517f0072f16c574cb447c6d8ce4a2e45426900463c5303413bf4fe7fd64c273b404cf936068cb3085c3a81b9872ad2cb79aa4c051e7ad97cd4e8c6b94bb0df87e4347ca6f11f155ea265762f81eb0e9fbaf3dc05157eb9f12596ccdf9193018a2226824db6bbebf4e89a070688f698bbf23f30dfb04db7c3d804a7587ad0fd03e68cff7e516e5109e328e1eb3b887a6aced15804f2c898f41c5452e160ca30e35843705c150bad932d2d3fbd791100b1535d9f3306dcf127fa49c1a36b172f46b1fb676ea8783c23edf89b2446560dc1b95b39f80eb9d0994c8dcac9a5a304c554133e1d6ba368468a17312167cda37932cbd4b93c58b7ef772d56d4311182a680e19da6fb938848aad40242856379310b61d6113de6814644092712133823ee2281639b52cec52ab0dbd65ddae631e7113ca75a5476797cde5f5456acbfe63c6ca8b83774690eaca3a019771ca0e742815ca5645418730ee17f52fa2531e5487c10da3ee080acd50fbd19710ed5cb924e28a18985132afbb7d2ff90f6c3855c56970854b9a48ec4f7566d2829e271af3f0ce26742602241fef70461a484499591a9079ed53aed113589fd74918146e1917a063514d7eaa7f4720a386eb2f32b6d35baaa5d36c2013eb405cec607202f19bda80bfeda8005c5d1582208b861437fff41ec0708a6a98f2b4b4463141c1c312a8115509e363a274864898be996176049d5f7e6cba76b3a37c9b2ee9553fc70f79503797464d736d97d0bb4741ea8ad14fde6f18fbb02ae97e5a77bc1527a13f18624927d79aa5b4df2dffde7fb5356e521c7a419209031df8138838151c7e90783c9af133b6961b44f8de89d6348b191cfa6c0ab652746b8582134537727b18c670691f3c1e8ca0e3cefcd26111bef476eb816482b7726399c86cbc98f0f06929c26cf831163bdbe1fa8d8f96a65d3bbb3d37657cec4b77516864cb32404996dae1d0d9f3c12b7f2698f07930b791813b7ccf0f0dcd3320b78833f077ee55aae156af804fa9a15e60c709fb30b06ac092bf97a4fe4732ea7bc93aa73232024c80434b4900cc30de20cbc1ea407746fb186a610fe31635766f5edaa8c9ae974ff8cecc4e7e391a50bdb34ca1dec1567e866497bb59852cfc1fdb361b235c803d70cfc90c229078079619b4a8086a68d420ee1d7fac403b18c7f6aad91612e2f2b9e5e206bf897bd98a3b24a0637e2b986ae7f5d376bd63d63f6c4f151ce7eaa97a30d9d51f1a9207dca6b596831a9b92517b9d5571e72b4a06c07d5ff0d325896a1b32e9fb4f9d67a903946b205fba7beda108fde3fc503c7352c59c03bebc2891007fbe966a0441a7f4bc8320b901563ac8eadba643bdfc1636864d33549a1b9ad3ce01bec94b631ac6f46c453c57c62f2cf0f76d9f1e0731e266311624a138e607e699c91e37a33096117f418b4c92c66d96fa1b1324cfb569e3d558598ee65e69b8e0b9625d551af54a09db8082f2fa9da1386f92245aadaa13bfa3cf5c39fe455180bbb5e2427e4067bd2f5a5c755c31405477ba832dbbdd4af66acc7c11e576f700e24fb4c26160b4443b8c17805238519c7c732df774b92579e02a8da5e9a17e3c20e92afba7fab49000a7b83987ea48d5854a0411615462cabd245ab3f49ba375ef179c0a78059ffc14264177a6e45dc5f2fe6c957a313ba9889fef33b788933bb37a17943551db9cd08fd8d823fd0b35110ad589c3bb3af4f69bd1c7c7a3e726f933e4a0cb1209e75ff14910061c3750b9312de42c86838d5c35a681899c25220ea87aff02bf72fdd8745f5d751e6d62861496890c956143c08a222774974789bb46924b68a6e3138ce9dbca622e78c5aeed8215de4ee5c1f8312b6349a91ef1e210f18522b7a644700e90eff995e950c8eda05d0bb8e799ef32a7ddb8a87b4120a798a3f87cc78b6db0c7947b4786db1618c523203c097ef3d3dc0f4e1e87d0d597c4eaaac05a033a3fa91309c05cd8c14de649d7dd16d8ed81e5290950f66b66fd519a2a16fc6b3526f97aa1121b4fb52b30640122dfb50ff619fb5c88eb1c4e6ed7f6d09fd29e27b3375a1aad5b09f8175157018467f883ba385208fcd32a50a311b22f7951bd0e912d234364f8590e247dea604872f9bb847bb32b3906339f5698d6e7c0f2a3ed17b194239299091f5ee4ed51c75b76bc949cf05df5dd03cd8a553e7ec81881fdc1e15cef5e72eecd7843a981eff417682604769e302f378ff9519cdbd3ba2bfe50f85a903aa08b900118226889e9bc68124777f6e02fb26fff91d1f31d3828243cc46d4b4fa2965445774e0ddc521fe5fc9626fe3428403e746de0196a45d6acef57f662faf27294be80fed39778a7585b41178ea38f64893f9a46334af6425a4aa46e25e92b0d77750c6737b237dff19913fd9e69ed92c4b6671b4226776b34ae2468907c654bb0f619b2c9b55920fb99e97bf32212f852b615689f3cf4c03d51d1587455b5720692430fe2684522bfe6dae871aa2ff5f00045861ffcfc219888fef8320bec1307236a7a42dd4a691cb6cd4d8436f31a3f2d642b05946dbfee692aee0da31419f9b8bc0e1dcf89a8ffd7856b21b1180ebc8ad75308b1370b93d680e968bcde7d235f601760a5d181f7b55daf330a001ae1da86c130c76fbd956442b6c705889d665560f8b34663390592d85ddde790e0f4f1f0df09c1c6f95477f9d72dc0894b2efe2c3d162ad80f80cae03a06548014293a02f00d6386723d42ab09052f019a1d71d88a78db27afead58bc516be8d23893f007a17ff47b32777752a15648d0ececd345aee1f36c58abb7efaff5567100c0bfa54f172c862e15872abc9d96cead6688f02ea8466fe1134bd3756c6f0df8903fe7935dbe3e635da368f13a10e3018cfb5557d38f859a983a54d660a02bdb3dac2922e7a37651677bfc664d58df59ea625e8e63ee776bcc2937b921f5544924b75cba04bf3cd0df831938f9e9c79572e8492d884646244990920400192c63e15024e2e1239f41390bf7c0e18f852e23d514256ccb8ccb2726710401c4306657fd75eba94a353987780a6d6219012cfe80858060e37652a84ae89d07f5d651fe82a2a8d0e8568492156713b1f76e89e12f76a0254da7d526df51a089600f5b7559afdc63d4872fe8d6ce00a8d0c9b00db5ee676ae2545e74fb7b39f8345a67913b234cfb4f6e3b4e2b1e1f4f1c7fcce8c09cdeb6a1a21bd2370004e583ef62971aec24ce0c6c049b6a2e22081d36854956a362b6cbad48049d7d5f90134d3e77febf87bf4a32c07cdeb36c9cc56b2b3cc8c8b47879a32ff00f3b2e977cee0acb30fc424dbfe24c88d1a08d047925cd7d65a5834e56db2b3e7e0a23dbf948c799db5a48fd4a5fdea43913b2b2c149ae9a98f452b797b55abe1dd44b30232387f466856d6c38ca735dd6175b455363dbf228ef52e443da22a1ee3a158ee304d9ca63c110a3d19ca3bab6d1745affd81c480ff8bcf5f8f7c1ea6d08a7b3c3958c324d42732711170e19523bd209134674b184d4d442a774e04d6eb4ac89a6d018cf0bb68a73da87abce127e57428cf73a5a551c85ea8c376ae951cb8357506f037d17d163172dc5764682c753050f35c6802fb269d7490b196d57bb8a1ada55da7550f82357320e14cf573ed39860f02a11bdad917b2ba2de885c7ea8b30dd62bdad207dfe10e97c8b71abbc8c5661a4483bb6f9488ada0f5885c471cfc1271b60d54f903317cca28ce977f4444cefac5c2ff233dc872d4e809091f8452de9c774ab3bbebf62de92cd6aa7421a41f7d1dea42e4f94bd3a4869c958f3940a99c88835ed2f4021114b9a5bb17240f468887b213814956f9f5e6344cbae19d8753b97c7ce2e9d0954a30dde23dea2748e1c9514672bf4ea3ec3e348a563d9649899e7227708e2e77d0fc5847dc16b59ac3dea9449c176dea2d2ff6b6af764d28dee5ccfd0dfd6e3100d97040657d7ac5da4032e3b7f6b0cef2ec55a83350c3045abb10200c264e6e68e3e03b68546ae48a538063b86315bb8073103a812717f2d8816534fa98d0e956e0f9a67bcdc522cacefc77b0be71832a69ffb72fa15ca4d8b15f7fe03da0f4b24c5fb68e5f3a2297bb0cb0b7bfdeeec4deb64bf71f57820d62c47276e2780b4341b6bc65ac49be09c94013783455a95de92c11d91b9e921a484ed69532b92e202d684d2293a2666709ee38d2114add4c5337bfeef31d481e12530c5c7e83a6c8aa2f580f6da2d735ee5260cf9a7185eff84eb22d6e0d5ac0e63fe6a3def819274a144be5ab90fa157bb7517a54c208aa82da926d5b09ba649e326a654fe8fa9dd7e6d83b0a66253526e5b5aa03e665f2eb4678e8293110420c9d7556df07c7dd1c3e817a4c7409890c4ff5044ecdb34eb652a4d7e20b4b0d596f46ee3c3dad675e958e91c3b40f2d22e671bae51518443042c529c31e343647d6ddeac7ec370970fcc71a24a0826b58d111e9b776ac0e2fa40b3099298ffd0d1c04d41ee1dd039425f52f9f8057ac1f206203f20e1ae9cbae356518ba2fe9e49b47e36942ed7204f3d7da9e71b8d69df3ae7b2de05a13a879af6a1ea6241c645ed73c139e15060aeab6f423c2180dd101863a24f1688ec1a33edc624c3f5e80a20e4cc5c86ab2c692c2d3d17d8a68bb3924efffb29c9fc3df937526452d82a8ca9a558c75d6b2504df1b66c91823216a1c3b3bc39dee0d22491b9c891b9eea193c8af8a992096d0cd74630f7222e9a3530034a582f40601a694cf1085fda7fb33b07332c6aebfa70e2ebb8d7ccf19a69dfb5e4c166add5e153504eeec92f4ea2fe47f291625e1c470b832a488f884692b8ec49b96df235f193027ed38fb4d8b88ed382825df8ffe5b0c6fab8db3e38d60d467f9da725023deb72c378258e911442afae4db650be3621a033a3b84eee65c4c0664ec6d5771cc138937434a6a361de3dc1c12a2a6735f080e94314ddf291516971af252e3cc56e1c65ba5cf8ac2538878b22034ba458e08db26205608ae941a42a27f2643ded87bde626387c2b791ce57991dd2ba08010237279cac2760e19cab9059b229ea002ce4d3b4afa495230e424752f289003a240f5cafc7a83112636321107918d582fad2606a4319199a06ef2cbeaa3e1a4d8c30501aab796f5cbe15453b61218a396b79c547d15d5c11033b3746b432b426404f7b0421b9daafd9e8558f1901283d58e173c4db0511ee826ddc6363eb51e0837c9be6b2078d808d2c05db7495d29322ee6af68b0d52c45f00a59731c0e5b2608ae046af8bcf830f001ffd2f955ea89bed216e71ccb5b44713e2abf5ee5438d63829c9aea34b57f7ab52b820c24a7e9fa138243e4afb2df93588e805e719c1767146a351debb34678a86dd19f0587af31195460a3aa3e68773859fe13b47b6b31a501b4a25c6660cfc47f3318b33b77b10ed4ba91086482db039a56fbd1490f440a6fbb280b62b6d2333afe1c42c3f16865b9c0e484a4f6f393b8bc34fbba856cc5ffad2fe423e79f691b95e7e0dbdb2b2757d9d4443f9a23a8b1bfdb16f8bffd81b4789f80f1fc4bf751627965755d008d134e2c35da34f54718615e9deaca0685396ae7e58121327e0c0696591f6af93f2999ebd3b4e03cfe2a48b2b94015eb06b2a9031ab5e129b2700648fd62ab75f77734b89abb402282635eee41606eb306619e2dae84488e2aac1df54f78460b36115072a2c28801fc122482f1d46de4b2eec07bbbbcf85f30ffb3829c5d0fdbdf3af8c6322d62f4c55ebe8fd52728e2d5d1a24f096fffcec6ff2e752f7500", 0x2000, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e00)={0xa0, 0x0, 0x16, {{0x1, 0x0, 0x4, 0x0, 0xfffffffb, 0x3, {0x0, 0x7fff, 0x6, 0xa3a24c2, 0x4, 0x1, 0x203, 0x9, 0x0, 0x8000, 0x0, r2, 0xee01, 0xfffffff9, 0x1}}, {0x0, 0x4}}}, 0x0, 0x0})

4m21.628619508s ago: executing program 1 (id=1659):
r0 = syz_genetlink_get_family_id$nl80211(&(0x7f00000006c0), 0xffffffffffffffff)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000001240)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_TID_CONFIG(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000bc0)={&(0x7f0000000200)={0x30, r0, 0x1, 0x71bd25, 0x3, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_TID_CONFIG={0x14, 0x11d, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NL80211_TID_CONFIG_ATTR_TIDS={0x6, 0x5, 0xc0}, @NL80211_TID_CONFIG_ATTR_OVERRIDE={0x4}]}]}]}, 0x30}}, 0x4000000)

4m21.398790814s ago: executing program 1 (id=1660):
writev(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000040)="390000fa461ad7e48489bffa560200130011186809fc071200000f0000ff3f21000000170a001700e0da8979d2fc6ca9e48270faf047105bc79e0b9971bcbedac0eead49db", 0x45}], 0x1)
r0 = syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x22c01)
setreuid(0x0, 0xee00)
ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f00000000c0)=ANY=[@ANYRES64=r0])

4m21.310674007s ago: executing program 33 (id=1660):
writev(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000040)="390000fa461ad7e48489bffa560200130011186809fc071200000f0000ff3f21000000170a001700e0da8979d2fc6ca9e48270faf047105bc79e0b9971bcbedac0eead49db", 0x45}], 0x1)
r0 = syz_open_dev$sg(&(0x7f0000001600), 0x0, 0x22c01)
setreuid(0x0, 0xee00)
ioctl$SCSI_IOCTL_SEND_COMMAND(r0, 0x1, &(0x7f00000000c0)=ANY=[@ANYRES64=r0])

1m46.743465864s ago: executing program 4 (id=3504):
syz_emit_ethernet(0x46, &(0x7f0000000200)={@link_local={0x3}, @multicast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x38, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @local}, @time_exceeded={0x3, 0x4, 0x0, 0x12, 0x0, 0x3f18, {0x5, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @loopback}, "00186371ae9b1c03"}}}}}, 0x0)

1m46.743259238s ago: executing program 4 (id=3506):
process_vm_readv(0x0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/43, 0x14}], 0x1, &(0x7f0000008640)=[{0x0}], 0x224, 0x0)

1m46.683600688s ago: executing program 4 (id=3508):
r0 = openat$apparmor_thread_exec(0xffffffffffffff9c, &(0x7f00000005c0), 0x2, 0x0)
write$apparmor_exec(r0, &(0x7f0000000480)=ANY=[@ANYBLOB='stack #(%#{//&@\\)//&'], 0x20)

1m46.683411863s ago: executing program 4 (id=3509):
mkdir(&(0x7f0000000080)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x195011, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
umount2(&(0x7f0000000040)='./file0/file0\x00', 0x8)

1m46.615687362s ago: executing program 4 (id=3510):
r0 = syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581)
r1 = fcntl$dupfd(r0, 0x0, r0)
ioctl$USBDEVFS_DISCARDURB(r1, 0x550b, 0x0)

1m46.504034059s ago: executing program 4 (id=3511):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, r2, {0x2, 0x0, @private=0xa010100}, 0x4}}, 0x2e)

1m46.472892853s ago: executing program 34 (id=3511):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev}, 0x2}}, 0x2e)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000100)=@pppol2tpv3={0x18, 0x1, {0x0, r2, {0x2, 0x0, @private=0xa010100}, 0x4}}, 0x2e)

1m43.403605875s ago: executing program 3 (id=3551):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000001900)=ANY=[@ANYBLOB="140000001000010000000000000000000300000a58000000090a05000000000000000000000000070900020073797a32000000000c000b408800000000000000080005400000001108000a40000000020900010073797a3000000000080003400000005408000f400000000314"], 0x80}, 0x1, 0x0, 0x0, 0x804}, 0x4004040)

1m43.325823601s ago: executing program 3 (id=3552):
syz_mount_image$btrfs(&(0x7f0000005100), &(0x7f0000000000)='./file1\x00', 0x818, &(0x7f0000000340), 0x1, 0x50f3, &(0x7f000000a2c0)="$eJzs3U+IVWUfB/Dnzp1x5lVw7isEtsoikGrh4CYioqtMUFF0y8VgBE4tgnThJEi0EMQW/Vt4S4paSK6kFsksjKA2LqQwArehYS7cKAaSi3Yac8957pz7HO+5d0ZtTD8fmTnnOb/zPOe5l7O43+uccwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEEF74/bNDVfVT16bPnJtp7jywZebyvul1p0OodbbX8vqOrc++8ua2HS9OxA6zL2fLRqPfkFnX81ljVc/GhX69P6+HEMaSAer58pk1pVGLq3vKA1a6fnH30U17mxuPH27Xr146e7L80lkwsdITWCn5eXVh8Vxqdn6PJHt024VTr9Zzimb90xPuX3kRAMCSTLU6i+7H0fwjbre9P60n7WbSbift+AmhXWwsRzbuqn7z3JDWV2iezSwqjPedZ1LP3/9uu5X2T9pJ1FjCPHt3zSPNRL95ziX1lZonAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ3kkbdHH6qqn7o2febcTHPngS0zl/dNrzsdQqOzvZaVa6vfP9z869utxw78uPmr4xeef6ye94vL0cLO4be48sRkCG8UKhfisBfXhtDqLXSa4cty4a3OynOxAAAAwN3k/s7vkW47i4NjPe1aJ03WOv+iLCxev7j76Ka9zY3HD7frVy+dPbn88Vp9xmvecLxuu7H4UysE4xh/0/EW63HXPaVxqqUjpnn+8fNTf1f1L+X/RnX+j++c/A8AAMDNkP/TcaoNyv/fvfbHJ1X9S/l/Q88hS/k/zjjm/5GwvPwPAAAAd7Lbnf+bpXGqDcr/4y+NfV3Vv5T/p4bL/6PFaceNv8YJ75oMYWrQ1AEAAIA+4v+7L361EPN69s1BmtefevTguarxSvm/OVz+H7ulrwoAAAC4GUe+2P5wVb2U/1vD5f/x2zprAAAAYCne+XDig6p6Kf/PDpf/V+fL/MqHrNNP8a8QDk2GMLGwMpcVfg7tp7sFAAAA4BaJOf3PT3f+ULVfKf/PVd//P97pIF7/33P/v9L1/4VCdte/J90YAAAAgHtR+Xr+eHv87MkF/Z6/P+z1/w/87+CrVccv5f/9w+X/enF5K5//BwAAAMvwX3v+3/bSONUG3f//vo/e/aWqfyn/t4fL/3G5pvjyTtRq2fvz3mQI6xdW8rsJfhMPtyspzI8VCh2tpMe22CMvzI8XCh1zSY/NkyE8uLCyPyn8PxbaSeHK2rxwJCmcjoX8fOgWjiWFE/FM+3xtPt208H0s5BdYzMcrKNZ0L4lIelzt12OhcMMeZ7sHBwAAuKfE8Jxn2bHeZkij7Hxt0A6rB+0wMmiH+qAdRpMd0h37bQ+zvYW4vX1m49Ke/39kuPwf34pV2aLf9f8hXv+fP9ewe/3/bCw0ksJ8LLTSOwa04jGysPtxPEajlfe4sr5bAAAAgLta/F6gvsLzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5h715j5KruA4CffY734fVCUoXQKNkkNY6beL22gUQtVdaUqhEpzbqhoCqi2NhrsnjBjm1KjEJkbCIaIShtkJIPRRhFUc0HqBWISAoIFymOUHlEVEUBBAqtIQoipSQRaYIUqtl7z+ydc3cefqzx0t9P8s6Z+Z/nnYfn3HvnXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/h4Feu+dtm8Ud/e96zL1w8fsWetRe/et15pz4ZwsTM4x1ZuKP/xtvHf373uffseWD1HfcdPv+jvXm5PB4Gqn868zs3xFoPLw7h/o4QutPAisEs0JPfH4z1vW8whFPCbKBWYrI/K5E2HL7fF8K+MBuoVfW9vhAGC4ELn3rk4Zuridv6QlgaQqikbTxfydroSwNn9GaB/jSwtTsL/OqtTC3w3c4sAMcsvhlqL/oDE/UZhucu1+D113PcOvb2SofXFRPDjfP9bO08d6qgN31g4pietlJ1zIvS2+Ogd9sCeLeVtvOtnrbiF6n8G8pbs6FK6Nw0uXnD1dM74yOdYXS0q1FN8/Q8P/P6lzYeSXrBvA5jB4aPy+vwlieW3t21/ILH71ux9OX9H9v7yrF280eFTVpMz7dKyF9zC+Z5jMZ9niyAt1/pW9KIL10hhM2f/73PNIuX5v/Dzef/8eUcbzvrcsda3xzK5ubxkcGYeG0om5sDAADAgrEQ9ppuHX3oE83qK83/R9o7/h8P+eeT+Wy0B0MYn0nsXRLCaTOPZ4G7YnOXLQnhgzOpifrA2iRwMIT3ziSW16pKSiyKJUaSwE+G8sB4EjgUAxNJ4FsxcGsSuCEGDiSBjTFwMAmcGwNhqn4cvz+Uj6PtQF8MrM824oF4FsIvhmJrybZ6rlYVAADAcZLPDnvq7xbOdTjWDHF6eaCvVYZ4BnbDDJWkhnQGW5tWNayhu1UNna1qqI17d/Phl2ruaFVz6TSMjvoMt//ybz4bmijN/8eaz/8rc3Sko3T8P4R1M39j7s48Ml2Lr5+oywAAAAAcg4H/ffGbzeKl+f94e+f/x30iXYXM4bG4G2LLkhDG6gNZtX9YDmRHvQfyAAAAACwEtePxtWPhU/ltdop2Op8u5584wvzxwP/4nPl7Dz64vll/S/P/ifbO/++vv806cSj24mtLQlhUCPwg9rIamDESAz/+ZH0gH/+huAFuilXlJybUqropllgfA2NJYF+jEj+slTitPpA/WbXG99bGMZWXKAQAAADghIu7A+Jx+Xj+/4d+s/qaZuVK8//1R3b+/8w8uHR6//RACCu7Q+hKfxjwWH+2MGAMDHbkiYf6s7q60qqu7w/hnOrA0qpezNf/707XGHyqL6sqBk770P7Xz6gmvtkXwspi4OnP3XlWNbEzCdQa/8u+ED5QHW3a+HcWZY33pI1/fVEI7y8EalVdtiiEamO9aVWPVPLrGKRV/XMlhHcVArWqzq6EsCsAsEDF/0o3FR/csevaLRumpye3z2Mi7sPvC5unpidHN26d3lRp0KdNSZ/rljG6vjymdq9881y+RNFF964bbCdd+53gWLGtfD9+6cTB/H78LtQzM87VPXV316RD/siHy02EwjepRkPunOch9xcrmX0SS/XH/L1hICy6esfk9tEvbti5c/uq7G+72Vdnf+NhpmxbrUq3Vf9cfWvj5dFwtazE0W6rZcVKVu68ctvKHbuuXTF15YbLJy+fvGrV2avHzhxbM/bxM1dWRzWW/W0x1GVzVZ0M9a072xzXcRzq6d2FSk7Ep4aEhMRCS2wdWNb0/+TS/H9b8/l//NSJn/z5+gyNjv8Px8P82eOzh/nXx8C+do//Dzc6ml87MWAkCeyOgd0O8wMAAPDOECf5cW9m3Cv90+XfeblZudL8f3d7v/8/Tuv/15auP7/RMv/LY4mxRuv/p8v819b/391o/f90mf/a+v/73ob1/6+uBZJN8gvr/wMAAO8EJ279/5bL+6cXCChlaLm8f3qBgFKGlsv4t3uBgCNe///5//yr/w5NlOb/t7Y3/7dwPwAAAJw8vvxn1/xOs3hp/r+vvfn/iV//LzQ6/3+kUWCi0cKA1v8DAABggWq0/t/wjf2XNitXmv8faG/+H0+76KzLHWt9cyhb0y6ka9q9NlT7yQAAAAAsDJ1hdLSnzbx1K6OuPfo2n8mXAm2WLnrxTw4f2fn/B9ub/9f9LuOWJ5be3bX8gsffvG/F0pf3f2zvK7PH/wEAAID50+5+CQAAAAAAAAAAAAAA4O334n/sWdMsXvr9f1g383ij3//H6/7F3xe8uy53rLX1+n/5/Qs/fc+umSULHxsK4cPFwJY9W04J+bX5lxUDD1+y/D3VxJ60xIMvnPtSNXFpGvjUilPfqCbOSQLr4yKJ700D8aqKbyxOAnF5xX9PA3F7HEgDvXngq4uzcXSk2+qng9m26ki31bODISwpBGrb6v7BrI2OdIC3JYHaAL+QBuIA/zwPdKa9umcg61UMDMaidwxkvQIA4KQVvwX2hM1T05Nj8St8vD29u/42qluy7PpytR1tNv9cvjTZRfeuG2wn3ZV+F5291nhPqFSHsKr0dbWYpWNmlMenlhab7t0NhtxqtbfOBuVSR7rpehuPqC8b0ejGrdObeloOfE3rLKu7W2ZZVZrsFLN0zmzSNmppoy9tjKjNbdNGl+P9zjA62pXk+oMYHA51Wr0i2v29fnGdv0avgmKeqw7v/VWz+krz/+H25v+V4rjeyC8GsDteWe/vlljmHwAAAObXV9f++hvx32dvfPTpZnlL8/+R9ub/cQ9Wfig429txMF7/f++SEGYurT+cBe6KzV22JIQPzqQmYonsgvrnxxJjWeCuuMNkeSyxfqK+qkUxcCAJ/GQoDxxMAodiIN9LsT/ku3L+fiiEs2ZS6+pLbIslhpPAZ2JgJAmMxsBYElgcA+NJ4NXFeWAiCfxbDISp+m117+J8WwEAAByJfJ7VU383pPO8A92tMnS0ytDfKkNnqwyVVhkajSLe/3bM0JOcvNJRyNST1tqX1FLKEC+Gf8T9KmUIP6zPmRYsNR3PP6idb9BRn+GBT3RXQhOl+f9Ye/P//vrbrPVDcf4/e/2/LPCD2L2vxVPHR2Lgx5+sD+Q7Bg7Fye5Ntaom8hL5pP2mWGI8BkaSwLYYGE8C69flgX3vqQ/kM+1a43trjU/lJQoBAAAAOOHiDoK4mybO/+/Y8ZWBZuVK8//x9ub/sb2BYmM3xFoPLw7h/o7Z3tQCKwazQNyPMRh/Hv++wRBOKezgqJWY7M9K9CYNh+/3Zb9Q702r+l5f9uODeP/Cpx55+OZq4ra+EJYW9r7U2ni+krXRlwbO6M0C/Wlga3cWiHt+aoHvdmYBOGa1vYLxBZWf6lIzPHe5Bq+/d8o1QdPhlfaBzpFvrt9czZfSDtd8n2rNkT1tTfffctyU3h4HvdsW4rtt2Lut+EUq/4by1myoEjo3TW7ecPX0zvhI8ZesJfP0PBd/pdpO+ji8DncffW9bq6QdGEs+PsbmLjf367AjVnfLE0vv7lp+weP3rVj68v6P7X2l7W40EH8o/Mh1/zr4o8LmnW+VkL/mFtznyYTPk4X438CIpy2EsO7Vr9/ULF6a/0+0N//vTm5n/DpuzB1LQvhIYeM+Fjf/Hy/JPgcLgexT8l3lQHbI/b+GGn5yAgAAwPFW291R218wld9mJ4Sn8+Ry/okjzB/3V4zPmb/dfvf/9SVLm8VL8//1zef/i5JuOv7v+D/zxPH/OZ3su6IXpQ/sPqZd0aXqmBeO/8/pZH+3Of4/J8f/Hf+fi+P/LTj+P6eT/WkrfUva5ktXCOHlP3ro2Wbx0vx/W3vzf+v/zb1oX239v/WN1v/b1mj9v93W/wMAAOZVg4Xm0nleafW+UoZ09b5ShpYLBLZcYtD6f0e8/t9Lpz//m9BEaf6/u735f3w5DBRbXyjr/42sa1DVrTGwzcKAAAAAnIwa7SAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg7fXAP/zPpmbxR3973rMvXDx+xZ61F7963XmnPhnC1MzjHVm4o//G28d/fve59+x5YPUd9x0+/6OVvFxPfvu7dbljrW8OhbCv8MhgTLw2VL0zG7jw0/fs6q4mHhsK4cPFwJY9W06pJr41FMKyYuDhS5a/p5rYk5Z48IVzX6omLk0Dn1px6hvVxDl5oCPt7j8uzrrbkXb35sUhLCkEat29YnF9VbU2/jQPdKZt/NNg1kYMDMai3xjM2oiB6VhialEIK7tD6EqrerSSVdWVVvUvlayqrrSqL1dCOCeE0J1W9UJvVlV3OvIne7OqYuC0D+1//YxqYl9vCCuLgac/d+dZ1cQXkkCt8b/oDeED1ZdM2vi3e7LGe9LGb+sJ4f0hhN60xC+7sxK9aYkXu0N4VyFQa/zz3SHsCrwjxA+fuk+0Hbuu3bJhenpy+zwmevO2+sLmqenJ0Y1bpzdVkj410lFIv3X90Y/9ude/tLF6e9G96wbbSXfn5Xpmury6p+7umpO997Ff/cVKZp+PUv0xf28YCIuu3jG5ffSLG3bu3L4q+9tu9tXZ3648mm2rVQtlWy0rVrJy55XbVu7Yde2KqSs3XD55+eRVq85ePXbm2Jqxj5+5sjqqsezv8RjqnSd+qKd3Fyo5ER8AEhISCy3RWffpNnayf5CXvujPdrQnVGY+oEvTimKWjplRHo9Brz3KER/N95SWI1pVmjiUsqyeI8v19VnWlCYTs7X0ZVlmvteVJofFxjpnNmm83xlGR7sabYfh+rvFzfuzY9i8z+Sbrt00AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP/HDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwA8cCAAAAAML8rcPo2QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEsBAAD//+erI4o=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x800, 0x0)
getdents64(r0, &(0x7f00000004c0)=""/55, 0x37)
getdents64(r0, 0xfffffffffffffffe, 0x29)

1m43.162487864s ago: executing program 3 (id=3553):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000100)={0x10, 0x16, 0x0, 0x0, 0x5}, 0x94)
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
r0 = semget$private(0x0, 0x7, 0x191)
semtimedop(r0, &(0x7f0000000200)=[{0x4, 0xffff, 0x2000}, {0x4, 0x3, 0x1800}], 0x2, 0x0)
semop(r0, &(0x7f0000000180)=[{0x2, 0x2, 0x800}], 0x1)
semop(r0, &(0x7f0000000140)=[{0x2, 0xce97, 0x800}, {0x1, 0x5, 0x1000}], 0x2)
semctl$GETZCNT(r0, 0x0, 0xf, 0x0)

1m42.205414256s ago: executing program 3 (id=3558):
syz_mount_image$cramfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="00af268263b121dc03d7d9b98b9cdb76841d31005b31fdfd141b652968fbeae7aac982a517703dc5950f6728aecf5ec337b119ffd66d0a02970718ba573db352906385cece74366e628b6a775c9a6f6fff046416c6240e39a647186c4cf0b360bd17d4cdbd912dc61fd24e6f17d8"], 0x1, 0x152, &(0x7f00000007c0)="$eJzs0E1LKnEUx/Hf3Bnlcq/eBzKwFia0aEjMacRatdBIEtKBwk0rwSYKFCOhXBrRrkXQ1oXlVnwLlrWxRgh7E23cBS0n/o7Rw67977MZ5nsOh2FWlnoqgoAMx3KpuLdvlsvmVnDdSCc3ntrtuOhuAD8/zZ39qziwI54KMDgCRL7xAtu7BXMuXyqI90EcUAEkfjtdg7P7SzSf0+YhSaKp00Bn3Gn6aO9ji47apAIk/r7fsy+AGXHv/9s94BlApRZquZCxbNu2xfeepEJTY5LTm3cZq5sKzwbMUz050fD4ZWTN20skhvPHSDf8EGk1+z0rvWakjV5U1xeimqJpsb5xb6Vi1TMoq54DYPPLPTf8ASULHEvA+XA2uJa8ADr1F6P4Z7E++tfVQzkISJVaPud3NXK+fz8gq5BARERERERERERERERERET0Xa8BAAD//wFeZcY=")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
chdir(&(0x7f00000001c0)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000500)=""/38, 0x26)

1m42.156221762s ago: executing program 3 (id=3559):
syz_usb_connect(0x0, 0x56, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000c9d1c40899040a50b7e70102030109024400020000000009049700010dd5ce0008240201000000000905000000000000000705a3f6d2fb"], 0x0)
syz_open_dev$midi(&(0x7f0000000000), 0x3, 0x88c02)

1m41.905397668s ago: executing program 3 (id=3563):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
io_setup(0x222, &(0x7f0000000180)=<r1=>0x0)
io_submit(r1, 0x1d, &(0x7f00000000c0)=[&(0x7f0000000200)={0x0, 0x0, 0x8, 0x0, 0x0, r0, &(0x7f0000000000)='%', 0x1a000}, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])

1m41.754953321s ago: executing program 35 (id=3563):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000004002, 0x0)
io_setup(0x222, &(0x7f0000000180)=<r1=>0x0)
io_submit(r1, 0x1d, &(0x7f00000000c0)=[&(0x7f0000000200)={0x0, 0x0, 0x8, 0x0, 0x0, r0, &(0x7f0000000000)='%', 0x1a000}, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])

6.596826378s ago: executing program 0 (id=4782):
syz_usb_connect(0x2, 0x24, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0xb7, 0x5c, 0x7f, 0x40, 0x547, 0x201, 0x1164, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xa2, 0xcd, 0xd2}}]}}]}}, 0x0)

3.53724642s ago: executing program 0 (id=4812):
syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)={{0x12, 0x1, 0x0, 0xdd, 0xee, 0xf7, 0x20, 0x61d, 0xc180, 0xfcf0, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x1e, 0x0, 0x0, 0x9e, 0xfb, 0x6f}}]}}]}}, 0x0)

1.479597307s ago: executing program 6 (id=4840):
r0 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000040)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x1e, 0x8, &(0x7f0000000740)=@framed={{}, [@tail_call={{0x18, 0x2, 0x1, 0x0, r0}, {}, {0x85, 0x0, 0x0, 0xa0}}]}, &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_lookup=0x24, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

1.399611139s ago: executing program 6 (id=4841):
syz_mount_image$ext4(&(0x7f0000000b80)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x0, &(0x7f0000000c00), 0x1, 0xb7e, &(0x7f0000000c40)="$eJzs3M1rVFcbAPDn3nwYNb6JL/LyWkoNtGChOBrFSl2py9ZFof0DDHEiIdcPkhRMcBHbhXRVC910UWgXpX9AoetstNBV6aaVFrqXShHdp9zJnWQwM0mqMx4/fj84c8/HZM7z5JK555C5E8BLa6x8yCP2R8S5LGKk6s8jYrBRG4pYWn3eg/vXJh/evzaZxcrKB39nkVV9zdfKquPuqjEUEb+cyeK/n2ycd25hcWaiKOqzVfvw/MUrh+cWFg9NX5y4UL9QvzR+YvzY8RPHjr99pGu5vrv35tmvxk/t+f7Mrauv3fj9yyxOxXA11ppHt4zFWKxUWvv7I2Ki25Ml0lflk7X0Zf0JAwIAYFN5yxrufzESfbG+eBuJW78mDQ4AAADoipW+WPsfFQAAAPCiyuz/AQAA4AXX/BzAg/vXJpsl7ScSnq57pyNitF3+/bHUOA7FQETsepBF622t2eqPPbGxiNj30+iPZYke3Ye8maXrEfH/dvlnjfxHG3dxb8w/j4hu3Jk99kj7ecr/VBfmT50/AC+n5dOrF7KN1798bf0Tba5//W2uXY8j9fWv8/pvPf++Duu/97c5R/3Ap593Gmtd/xXfvnq7nL88PlFS/8K96xGv9Hde/5T5Zx3yP7fNOQb++PmHTmNl/mW+zfK081/5JuJg2/3P+jfaZJt/P9HhqemiXj22nePG7e/2dZq/9fyXpZy/uRd4Gsrzv6tD/lud/yvbnGP5r4N/dhrbOv/87mD2YaM2WPVcnZifnx2PGMzObuw/unkszec0X6PM/83XN//7b5d/+Z6wVP0eyr3A9epYtj9+ZM5D773zxuPn31tl/ucf8/zf3OYcX382e7fTWOr8AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHg+5BExHFleW6vnea0WsTsi9sWuvLg8N//W1OWPLp0vxyJGYyCfmi7qRyJiZLWdle3xRn29ffSR9rGI2BsRX4zsbLRrk5eL86mTBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYM3uiBiOLK9FRB4RD0fyvFZLHRUAAADQdaOpAwAAAAB6zv4fAAAAXnz2/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPTY3gPLd7KIWDq5s1FKg9XYQNLIgF7LUwcAJNOXOgAgmf7UAQDJ2OMD2RbjQx1HdnQ9FgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACeXQf3L9/JImLp5M5GKQ1WYwNJIwN6LU8dAJBMX+oAgGT6UwcAJGOPD2RbjA91HNnR9VgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeHYNN0qW1yIib9TzvFaL2BMRozGQTU0X9SMR8Z+I+G1kYEfZHk8dNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF03t7A4M1EU9VkVFRWVtUrqdyYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFKYW1icmSiK+uxc6kgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA1OYWFmcmiqI+28NK6hwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEjnnwAAAP///JMJmQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file0/file0\x00', 0x0, 0x650ce4b086bd440f)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='freezer.state\x00', 0x275a, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x42)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r1, 0x8004587d, &(0x7f0000000080)={@id={0x2, 0x0, @d}})
ioctl$FS_IOC_ENABLE_VERITY(r0, 0x40806685, &(0x7f0000000440)={0x1, 0x1, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0})

1.330373971s ago: executing program 6 (id=4842):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000080)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_VFIO_IOAS$SET(r0, 0x3b88, &(0x7f0000000200)={0xc, r1})
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000000)={0xc})
ioctl$IOMMU_DESTROY$ioas(r0, 0x3b80, &(0x7f0000000380)={0x8, r1})

1.209919158s ago: executing program 6 (id=4843):
unshare(0x20000400)
bpf$PROG_LOAD(0x25, 0x0, 0x0)

1.209744523s ago: executing program 6 (id=4844):
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x4, 0x16, &(0x7f0000000b80)=ANY=[@ANYBLOB="61128c000000000061134c0000000000bf2000000000000007000000080000003d0301000000000095000000000000006926000000000000bf67000000000000260608000104004e4507000003000000240600000ee60000bf050000000000000f630000000000006507000002000000070700004c0000001f75000000000000bf54000000000000070400000400f9ff2d350100000000009500000000000000050000000000000095000000000000001f1bd182bd43cb58074e0816289328452c0880fe4b3af9c97925711095cc7d3ebcd8418ffdc4a1da470a14e4391c3fb6915cbff2a4911fe82664d775cdb9dfc83fa32db39b636c1866b526185f4ab35172a74e9afe751664f575306ebb2c2890a4fa79303101a652776cc2fb4f01e79cd10215d917a116350d60f27fdc244bdab56ee3ad8f5fdf82027a1215bc54045d6b9f30bdebcf053aa120397695ffd0f6e5fe24ce4b9143a3d8419fb51331ca5fef"], &(0x7f0000000100)='GPL\x00'}, 0x48)

1.180377722s ago: executing program 6 (id=4845):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000180)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x46d, 0xc623, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x7}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f00000000c0)={0x2c, &(0x7f0000000100)=ANY=[@ANYBLOB="00000700000007007604000004"], 0x0, 0x0, 0x0, 0x0}, 0x0)

499.018435ms ago: executing program 0 (id=4850):
mount_setattr(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000000180), 0x28)

418.598094ms ago: executing program 0 (id=4852):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x4, 0xc00}}}]}, 0x38}}, 0x0)
r4 = socket(0x400000000010, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000140)=@newtfilter={0x38, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r6, {0x0, 0x3}, {}, {0x8}}, [@filter_kind_options=@f_u32={{0x8}, {0xc, 0x2, [@TCA_U32_HASH={0x8, 0x2, 0x6}]}}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000011}, 0x0)

359.268175ms ago: executing program 0 (id=4853):
r0 = socket$packet(0x11, 0x2, 0x300)
getsockopt$packet_int(r0, 0x107, 0x9, 0x0, &(0x7f0000000040))

359.173116ms ago: executing program 0 (id=4854):
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='pagemap\x00')
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')

182.125819ms ago: executing program 5 (id=4857):
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0xc0800, 0x0)
fsync(r0)

181.989263ms ago: executing program 5 (id=4858):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000000)='./bus\x00', 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="73686f72746e616d653d6d697865642c696f636861727365743d95703836352c696f636861727365743d63703836302c73686f72746e616d653d6d697865642c756e695f786c6174653d312c636f6465706167653d3836322c726f6469722c756e695f786c6174653d312c696f636861727365743d63703837344573686f72746e616d653d77696e6e742c726f6469722c73686f72746e616d653d6d697865642c696f636861727365743d63703933322c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6d697865642c757466383d312c757466383d312c00"], 0x25, 0x353, &(0x7f0000000840)="$eJzs3T9sG2UUAPDnXhKnESUZkCqYDBsSqpogBpgSVUWqyABFFv8WLJryJzaVYmEpDHG8gComEAsSTGwdYOyMGBBiY2ClSKiAWOhWqRGHzj7b59ihyeDQit9vsJ7e9737vrueepcoeXm9HZuXZuPyrVs3Y36+FDOr51bjdimW4kQk0bMbE300NzkPANzjbqdp/JX23H32Jwv9yLMfAO5f3ef/m6eGifIRiq8+MI0tAQBTdsiv/5+fmL0ytW0BAFM09vx/bGR437f5ZwY/EwAA3L9efOXV59bWIy5WKvMRjQ9b1VY1nhmOr12Ot6MeG3E2FmMvovei0HtbyD6fvbB+/mwl89tSVLOKVjWi0W5Ve28Ka0m3vhzLsRhLeX06qE+y+uVufSUidtvd9aNRalVnYyFf/+eF2IiVWIyHxuojLqyfX6nkB6g2+vXtiE7M908i2/+ZWIwf34grUY9LkdUO97+zXKmcS9dH6lvXyt15AAAAAAAAAAAAAAAAAAAAAAAwDWe6nXNms4+lQf+btNFufXCxOGF0vNvfpzec9wfq9PoDpeV+d56ryf7+QKP9eVrVmTjxn545AAAAAAAAAAAAAAAAAAAA3Dua23NRq9c3tprb728Wg3Yh8+73X317MvpDM3npO8mwKvLkyHH6EwtHTmKwRDooT5OROXmQRPQn79auXR/suDinPDiLsfIsKI8NlfI91er1U4/++vmkqr+zYLebSWLssowGpXz9wlDjwSwxHxF7B1UdHKzcZc6NNE0PKt/5bLwqShEzceRtHCL47uZbDz/ZPP1UN/NN3vTh8ScWX7rx6Zd/bNbq0eldmXp9bqu5lx7iyNlex4eSwv1Tyq9zacKdMDnoDDOdreZ2Lfnpz5cf+fiHfZOTyfdPWsy8d/BaX+/PzPWCUsRS/yL821ZnJ9z8k4PX7gzu3qP/w53+YrV2feeX3w9bVfhPQqMOAAAAAAAAAAAAAAAAAAA4FoXfFT+Cp1+Y3o4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4PgN//5/IeiMZQ4T3GnH+FB5Y6t54OInj/VUAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4H/snAAD//3tUcu4=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x40000, 0x0)
fadvise64(r0, 0x0, 0x0, 0x3)

69.622494ms ago: executing program 5 (id=4859):
unshare(0xa000200)
semget$private(0x0, 0x4000, 0x0)
semtimedop(0x0, &(0x7f0000000000)=[{0x2, 0x40, 0x1800}], 0x1, 0x0)
unshare(0x20060400)

69.341793ms ago: executing program 5 (id=4860):
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x12, 0x4, &(0x7f0000000c80)=@framed={{0x18, 0x0, 0x0, 0x0, 0x80}, [@call={0x85, 0x0, 0x0, 0x54}]}, &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x9, '\x00', 0x0, @cgroup_sock_addr=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

236.933µs ago: executing program 5 (id=4861):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x20080000001, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000180)={0x10, 0x1, 0x2, "d569e861dd2f1aeb7ee8589325f457a0c04b14100000000096ba216b1e8ac19e", 0x32344d59})

0s ago: executing program 5 (id=4862):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x141, 0x48, 0x13, 0x44, 0x20, 0x424, 0x7500, 0x69ee, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0xb8, 0x7, 0x2, 0x96, 0xd1, 0xca, 0x0, [], [{{0x9, 0x5, 0x6, 0x2, 0x200, 0xd, 0x0, 0x6}}, {{0x9, 0x5, 0x82, 0x2, 0x200, 0x0, 0x1, 0x10}}]}}]}}]}}, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f00000006c0)={0x2c, &(0x7f00000004c0)={0x0, 0x31, 0x4, "0ad89177"}, 0x0, 0x0, 0x0, 0x0})

kernel console output (not intermixed with test programs):

5][T16204] netlink: 'syz.6.3961': attribute type 2 has an invalid length.
[  392.248584][T16204] netlink: 1192 bytes leftover after parsing attributes in process `syz.6.3961'.
[  392.264803][ T5897] usb 33-1: new low-speed USB device number 2 using vhci_hcd
[  392.267824][ T5897] usb 33-1: enqueue for inactive port 0
[  392.344425][ T5897] vhci_hcd: vhci_device speed not set
[  392.540891][T16224] loop5: detected capacity change from 0 to 256
[  392.703342][T16221] loop6: detected capacity change from 0 to 32768
[  392.960330][   T33] audit: type=1326 audit(392.989:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16252 comm="syz.0.3983" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa87bb8ebe9 code=0x0
[  393.270997][T16247] loop5: detected capacity change from 0 to 131072
[  393.275385][T16247] F2FS-fs (loop5): Test dummy encryption mode enabled
[  393.278751][T16247] F2FS-fs (loop5): invalid crc value
[  393.307389][T16247] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  393.311035][T16247] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  393.327353][T16247] fscrypt: AES-256-XTS using implementation "xts(ecb(aes-fixed-time))"
[  393.335936][   T33] audit: type=1800 audit(393.369:122): pid=16247 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.3980" name="file1" dev="loop5" ino=10 res=0 errno=0
[  393.403559][ T2017] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  393.555985][ T2017] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[  393.560123][ T2017] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0xD has invalid wMaxPacketSize 0
[  393.566644][ T2017] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  393.574832][ T2017] usb 7-1: New USB device found, idVendor=07c9, idProduct=0012, bcdDevice=c2.f4
[  393.578504][ T2017] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  393.583005][ T2017] usb 7-1: Product: syz
[  393.588218][ T2017] usb 7-1: Manufacturer: syz
[  393.590314][ T2017] usb 7-1: SerialNumber: syz
[  393.594055][ T2017] usb 7-1: config 0 descriptor??
[  393.751147][T16262] loop5: detected capacity change from 0 to 512
[  393.755250][T16262] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  393.762475][T16262] EXT4-fs (loop5): 1 truncate cleaned up
[  393.766200][T16262] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  393.819121][ T2017] usb 7-1: USB disconnect, device number 5
[  393.832692][T15017] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  394.119502][T16270] loop0: detected capacity change from 0 to 32768
[  394.134190][T16270] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  394.185462][ T5844] ocfs2: Unmounting device (7,0) on (node local)
[  394.468302][T16308] netlink: 'syz.6.4008': attribute type 11 has an invalid length.
[  394.471271][T16308] netlink: 228 bytes leftover after parsing attributes in process `syz.6.4008'.
[  394.495736][T16310] netlink: 40 bytes leftover after parsing attributes in process `syz.5.4007'.
[  394.500007][T16310] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4007'.
[  394.548372][T16296] loop0: detected capacity change from 0 to 32768
[  394.551011][T16296] XFS: ikeep mount option is deprecated.
[  394.558491][T16314] loop5: detected capacity change from 0 to 65
[  394.563723][T16314] BFS-fs: bfs_fill_super(): loop5 is unclean, continuing
[  394.566070][T16314] BFS-fs: bfs_fill_super(): Superblock is corrupted on loop5
[  394.597891][T16296] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  394.638889][T16296] XFS (loop0): Ending clean mount
[  394.641832][T16296] XFS (loop0): Quotacheck needed: Please wait.
[  394.686855][T16296] XFS (loop0): Quotacheck: Done.
[  394.720080][ T5844] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  395.217801][T16344] loop5: detected capacity change from 0 to 1024
[  395.287894][T16344] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  395.368864][T15017] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  396.610311][T16351] loop0: detected capacity change from 0 to 40427
[  396.632754][T16351] F2FS-fs (loop0): Invalid SB checksum offset: 0
[  396.635252][T16351] F2FS-fs (loop0): Can't find valid F2FS filesystem in 2th superblock
[  396.644341][T16351] F2FS-fs (loop0): invalid crc value
[  396.678833][T16351] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  396.683938][T16351] F2FS-fs (loop0): Try to recover 2th superblock, ret: 0
[  396.686209][T16351] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  396.717431][ T5844] syz-executor: attempt to access beyond end of device
[  396.717431][ T5844] loop0: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  396.725526][ T5844] CPU: 1 UID: 0 PID: 5844 Comm: syz-executor Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  396.725545][ T5844] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  396.725554][ T5844] Call Trace:
[  396.725559][ T5844]  <TASK>
[  396.725567][ T5844]  dump_stack_lvl+0x189/0x250
[  396.725588][ T5844]  ? __pfx_dump_stack_lvl+0x10/0x10
[  396.725603][ T5844]  ? __pfx_queue_work_on+0x10/0x10
[  396.725616][ T5844]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  396.725633][ T5844]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  396.725659][ T5844]  f2fs_handle_critical_error+0x37c/0x540
[  396.725683][ T5844]  f2fs_write_end_io+0x886/0xb60
[  396.725711][ T5844]  __submit_merged_bio+0x27a/0x6a0
[  396.725734][ T5844]  __submit_merged_write_cond+0x255/0x530
[  396.725757][ T5844]  f2fs_write_data_pages+0x261d/0x3000
[  396.725773][ T5844]  ? __lock_acquire+0xab9/0xd20
[  396.725820][ T5844]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  396.725874][ T5844]  ? __mod_zone_page_state+0xd7/0x140
[  396.725901][ T5844]  ? folios_put_refs+0x560/0x640
[  396.725926][ T5844]  ? __lock_acquire+0xab9/0xd20
[  396.725956][ T5844]  ? do_raw_spin_lock+0x121/0x290
[  396.725981][ T5844]  ? do_raw_spin_unlock+0x4d/0x240
[  396.725996][ T5844]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  396.726015][ T5844]  do_writepages+0x32e/0x550
[  396.726038][ T5844]  ? do_raw_spin_unlock+0x4d/0x240
[  396.726056][ T5844]  filemap_fdatawrite+0x199/0x240
[  396.726071][ T5844]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  396.726122][ T5844]  ? do_raw_spin_unlock+0x4d/0x240
[  396.726139][ T5844]  f2fs_sync_dirty_inodes+0x31f/0x830
[  396.726164][ T5844]  f2fs_write_checkpoint+0x95a/0x1df0
[  396.726194][ T5844]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  396.726246][ T5844]  ? kill_f2fs_super+0x298/0x6c0
[  396.726263][ T5844]  kill_f2fs_super+0x2c3/0x6c0
[  396.726280][ T5844]  ? __pfx_kill_f2fs_super+0x10/0x10
[  396.726290][ T5844]  ? radix_tree_delete_item+0x2b6/0x400
[  396.726312][ T5844]  ? shrinker_free+0x2ce/0x3e0
[  396.726327][ T5844]  deactivate_locked_super+0xbc/0x130
[  396.726344][ T5844]  cleanup_mnt+0x425/0x4c0
[  396.726358][ T5844]  ? lockdep_hardirqs_on+0x9c/0x150
[  396.726376][ T5844]  task_work_run+0x1d4/0x260
[  396.726421][ T5844]  ? __pfx_task_work_run+0x10/0x10
[  396.726436][ T5844]  ? __x64_sys_umount+0x122/0x160
[  396.726458][ T5844]  ? exit_to_user_mode_loop+0x40/0x110
[  396.726476][ T5844]  exit_to_user_mode_loop+0xec/0x110
[  396.726493][ T5844]  do_syscall_64+0x2bd/0x3b0
[  396.726509][ T5844]  ? lockdep_hardirqs_on+0x9c/0x150
[  396.726525][ T5844]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  396.726536][ T5844]  ? exc_page_fault+0x9f/0xf0
[  396.726553][ T5844]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  396.726565][ T5844] RIP: 0033:0x7fa87bb8ff17
[  396.726578][ T5844] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  396.726588][ T5844] RSP: 002b:00007ffd95d56df8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  396.726602][ T5844] RAX: 0000000000000000 RBX: 00007fa87bc11c05 RCX: 00007fa87bb8ff17
[  396.726611][ T5844] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd95d56eb0
[  396.726617][ T5844] RBP: 00007ffd95d56eb0 R08: 0000000000000000 R09: 0000000000000000
[  396.726626][ T5844] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd95d57f40
[  396.726633][ T5844] R13: 00007fa87bc11c05 R14: 0000000000060dc5 R15: 00007ffd95d57f80
[  396.726655][ T5844]  </TASK>
[  396.726661][ T5844] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  397.408705][T16398] loop6: detected capacity change from 0 to 1024
[  397.435767][ T1091] hfsplus: b-tree write err: -5, ino 4
[  397.473056][T16402] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4042'.
[  397.717924][T16424] hub 9-0:1.0: USB hub found
[  397.720238][T16424] hub 9-0:1.0: 1 port detected
[  397.742044][   T47] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  397.819292][T16432] netlink: 48 bytes leftover after parsing attributes in process `syz.5.4056'.
[  397.892059][   T47] usb 7-1: Using ep0 maxpacket: 32
[  397.895639][   T47] usb 7-1: config 64 has an invalid interface number: 110 but max is 0
[  397.898716][   T47] usb 7-1: config 64 has no interface number 0
[  397.901610][   T47] usb 7-1: config 64 interface 110 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  397.905337][   T47] usb 7-1: config 64 interface 110 altsetting 0 has an endpoint descriptor with address 0xDB, changing to 0x8B
[  397.909481][   T47] usb 7-1: config 64 interface 110 altsetting 0 endpoint 0x8B has invalid maxpacket 28739, setting to 1024
[  397.915304][   T47] usb 7-1: config 64 interface 110 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  397.918676][   T47] usb 7-1: config 64 interface 110 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  397.922953][   T47] usb 7-1: config 64 interface 110 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0
[  397.926460][   T47] usb 7-1: config 64 interface 110 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  397.933720][   T47] usb 7-1: New USB device found, idVendor=04fc, idProduct=0231, bcdDevice=6f.a9
[  397.937457][   T47] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  397.940658][   T47] usb 7-1: Product: syz
[  397.942377][   T47] usb 7-1: Manufacturer: syz
[  397.943810][   T47] usb 7-1: SerialNumber: syz
[  397.947093][T16405] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  397.950414][   T47] spcp8x5 7-1:64.110: SPCP8x5 converter detected
[  397.955559][   T47] usb 7-1: SPCP8x5 converter now attached to ttyUSB0
[  398.003254][T16441] loop5: detected capacity change from 0 to 1024
[  398.022720][T16441] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  398.069761][T15017] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  398.117503][T16446] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6gretap1
[  398.151286][   T10] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  398.158698][   T47] usb 7-1: USB disconnect, device number 6
[  398.164589][   T47] SPCP8x5 ttyUSB0: SPCP8x5 converter now disconnected from ttyUSB0
[  398.168624][   T47] spcp8x5 7-1:64.110: device disconnected
[  398.531251][   T10] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  398.681061][ T5707] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  398.684831][   T10] usb 6-1: Using ep0 maxpacket: 8
[  398.692350][   T10] usb 6-1: unable to get BOS descriptor or descriptor too short
[  398.701203][   T10] usb 6-1: config 8 has an invalid interface number: 118 but max is 0
[  398.704421][   T10] usb 6-1: config 8 has no interface number 0
[  398.706742][   T10] usb 6-1: config 8 interface 118 altsetting 1 bulk endpoint 0x2 has invalid maxpacket 125
[  398.711014][   T10] usb 6-1: config 8 interface 118 altsetting 1 endpoint 0xF has invalid wMaxPacketSize 0
[  398.715217][   T10] usb 6-1: config 8 interface 118 has no altsetting 0
[  398.718726][T16458] pim6reg1: entered allmulticast mode
[  398.721307][ T5897] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  398.727769][   T10] usb 6-1: New USB device found, idVendor=04cc, idProduct=2533, bcdDevice=9b.b7
[  398.733022][   T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  398.736307][   T10] usb 6-1: Product: syz
[  398.738007][   T10] usb 6-1: Manufacturer: syz
[  398.739817][   T10] usb 6-1: SerialNumber: syz
[  398.753185][T16456] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  398.971569][   T10] pn533_usb 6-1:8.118: NFC: Could not find bulk-in or bulk-out endpoint
[  398.983941][   T10] usb 6-1: USB disconnect, device number 8
[  399.012431][T16466] loop6: detected capacity change from 0 to 4096
[  399.099923][T16468] loop6: detected capacity change from 0 to 8
[  399.108525][T16468] SQUASHFS error: Failed to read block 0x63a: -5
[  399.113799][T16468] SQUASHFS error: Unable to read metadata cache entry [638]
[  399.117890][T16468] SQUASHFS error: Unable to read directory block [26067d:0]
[  399.237411][T16474] loop6: detected capacity change from 0 to 512
[  399.245155][T16474] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  399.283052][T15182] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  399.376753][T16482] A link change request failed with some changes committed already. Interface dummy0 may have been left with an inconsistent configuration, please check.
[  399.556227][T16484] loop6: detected capacity change from 0 to 32768
[  399.559284][T16484] XFS: ikeep mount option is deprecated.
[  399.571080][T16484] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  399.609304][T16484] XFS (loop6): Ending clean mount
[  399.613250][T16484] XFS (loop6): Quotacheck needed: Please wait.
[  399.652574][T16484] XFS (loop6): Quotacheck: Done.
[  399.680587][T15182] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  399.717879][T16502] loop5: detected capacity change from 0 to 512
[  399.728045][T16502] EXT4-fs: Ignoring removed nomblk_io_submit option
[  399.750734][T16502] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  399.754082][T16502] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c01d, mo2=0102]
[  399.770801][T16502] EXT4-fs (loop5): couldn't mount RDWR because of unsupported optional features (80)
[  399.774764][T16502] EXT4-fs (loop5): Skipping orphan cleanup due to unknown ROCOMPAT features
[  399.776607][   T13] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  399.786299][T16502] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  399.792694][   T13] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  399.806081][T16502] EXT4-fs warning (device loop5): dx_probe:861: inode #2: comm syz.5.4085: dx entry: limit 65535 != root limit 120
[  399.811548][T16502] EXT4-fs warning (device loop5): dx_probe:934: inode #2: comm syz.5.4085: Corrupt directory, running e2fsck is recommended
[  399.817380][T16502] EXT4-fs error (device loop5): ext4_readdir:264: inode #2: block 3: comm syz.5.4085: path /267/file0: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=4294967295, rec_len=17, size=1024 fake=0
[  399.855468][T15017] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  399.978672][T16513] loop5: detected capacity change from 0 to 256
[  399.987333][T16513] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  399.991626][   T10] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  400.009640][T16505] loop6: detected capacity change from 0 to 40427
[  400.015226][T16505] F2FS-fs (loop6): Invalid log blocks per segment (3279)
[  400.018668][T16505] F2FS-fs (loop6): Can't find valid F2FS filesystem in 2th superblock
[  400.023014][T16505] F2FS-fs (loop6): invalid crc value
[  400.025298][T16505] F2FS-fs (loop6): invalid journal entries nats 0 sits 50950
[  400.028431][T16505] F2FS-fs (loop6): Failed to initialize F2FS segment manager (-22)
[  400.205586][T16519] loop6: detected capacity change from 0 to 512
[  400.208603][T16519] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  400.218213][T16519] EXT4-fs (loop6): 1 truncate cleaned up
[  400.222696][T16519] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  400.254482][T15182] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  400.270061][ T2017] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  400.325960][T16524] loop6: detected capacity change from 0 to 128
[  400.328728][T16524] EXT4-fs: Ignoring removed oldalloc option
[  400.331895][T16524] EXT4-fs: Ignoring removed nomblk_io_submit option
[  400.338215][T16524] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  400.358049][T15182] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  400.431889][ T2017] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  400.436411][ T2017] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  400.442452][ T2017] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  400.446481][ T2017] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  400.456633][ T2017] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  400.460396][ T2017] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  400.467197][ T2017] usb 6-1: config 0 descriptor??
[  400.482839][T16531] loop6: detected capacity change from 0 to 1024
[  400.486856][T16531] EXT4-fs: Ignoring removed orlov option
[  400.490674][T16531] EXT4-fs (loop6): stripe (5) is not aligned with cluster size (16), stripe is disabled
[  400.507111][T16531] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  400.525173][T16531] EXT4-fs error (device loop6): ext4_check_all_de:659: inode #12: block 7: comm syz.6.4097: bad entry in directory: rec_len is too small for name_len - offset=16, inode=14, rec_len=40, size=108 fake=0
[  400.560518][T15182] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  400.604542][T16535] netlink: 8 bytes leftover after parsing attributes in process `syz.6.4098'.
[  400.650244][ T5847] Bluetooth: hci1: ISO packet too small
[  400.947442][T16541] loop6: detected capacity change from 0 to 40427
[  400.952048][T16541] F2FS-fs (loop6): build fault injection rate: 771
[  400.956587][T16541] F2FS-fs (loop6): invalid crc value
[  401.014203][T16541] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  401.019160][T16541] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  401.071441][T15182] syz-executor: attempt to access beyond end of device
[  401.071441][T15182] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  401.079071][T15182] CPU: 0 UID: 0 PID: 15182 Comm: syz-executor Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  401.079091][T15182] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  401.079099][T15182] Call Trace:
[  401.079106][T15182]  <TASK>
[  401.079111][T15182]  dump_stack_lvl+0x189/0x250
[  401.079134][T15182]  ? __pfx_dump_stack_lvl+0x10/0x10
[  401.079150][T15182]  ? __pfx_queue_work_on+0x10/0x10
[  401.079161][T15182]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  401.079177][T15182]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  401.079203][T15182]  f2fs_handle_critical_error+0x37c/0x540
[  401.079226][T15182]  f2fs_write_end_io+0x886/0xb60
[  401.079254][T15182]  __submit_merged_bio+0x27a/0x6a0
[  401.079276][T15182]  __submit_merged_write_cond+0x255/0x530
[  401.079299][T15182]  f2fs_write_data_pages+0x261d/0x3000
[  401.079388][T15182]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  401.079455][T15182]  ? folios_put_refs+0x559/0x640
[  401.079477][T15182]  ? __pfx_folios_put_refs+0x10/0x10
[  401.079489][T15182]  ? rcu_is_watching+0x15/0xb0
[  401.079511][T15182]  ? __lock_acquire+0xab9/0xd20
[  401.079543][T15182]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  401.079562][T15182]  do_writepages+0x32e/0x550
[  401.079589][T15182]  ? do_raw_spin_unlock+0x4d/0x240
[  401.079607][T15182]  filemap_fdatawrite+0x199/0x240
[  401.079624][T15182]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  401.079701][T15182]  ? do_raw_spin_unlock+0x4d/0x240
[  401.079719][T15182]  f2fs_sync_dirty_inodes+0x31f/0x830
[  401.079745][T15182]  f2fs_write_checkpoint+0x95a/0x1df0
[  401.079779][T15182]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  401.079827][T15182]  ? f2fs_stop_gc_thread+0x7f/0xb0
[  401.079838][T15182]  ? kfree+0x18e/0x440
[  401.079852][T15182]  ? kill_f2fs_super+0x298/0x6c0
[  401.079868][T15182]  kill_f2fs_super+0x2c3/0x6c0
[  401.079886][T15182]  ? __pfx_kill_f2fs_super+0x10/0x10
[  401.079902][T15182]  ? radix_tree_delete_item+0x2b6/0x400
[  401.079924][T15182]  ? shrinker_free+0x2ce/0x3e0
[  401.079939][T15182]  deactivate_locked_super+0xbc/0x130
[  401.079957][T15182]  cleanup_mnt+0x425/0x4c0
[  401.079972][T15182]  ? lockdep_hardirqs_on+0x9c/0x150
[  401.079990][T15182]  task_work_run+0x1d4/0x260
[  401.080010][T15182]  ? __pfx_task_work_run+0x10/0x10
[  401.080024][T15182]  ? __x64_sys_umount+0x122/0x160
[  401.080043][T15182]  ? exit_to_user_mode_loop+0x40/0x110
[  401.080063][T15182]  exit_to_user_mode_loop+0xec/0x110
[  401.080081][T15182]  do_syscall_64+0x2bd/0x3b0
[  401.080096][T15182]  ? lockdep_hardirqs_on+0x9c/0x150
[  401.080111][T15182]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  401.080122][T15182]  ? exc_page_fault+0x9f/0xf0
[  401.080140][T15182]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  401.080152][T15182] RIP: 0033:0x7f309b98ff17
[  401.080163][T15182] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  401.080174][T15182] RSP: 002b:00007ffd44f2d688 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  401.080187][T15182] RAX: 0000000000000000 RBX: 00007f309ba11c05 RCX: 00007f309b98ff17
[  401.080196][T15182] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd44f2d740
[  401.080203][T15182] RBP: 00007ffd44f2d740 R08: 0000000000000000 R09: 0000000000000000
[  401.080211][T15182] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd44f2e7d0
[  401.080219][T15182] R13: 00007f309ba11c05 R14: 0000000000061ec7 R15: 00007ffd44f2e810
[  401.080241][T15182]  </TASK>
[  401.219197][T16543] loop0: detected capacity change from 0 to 40427
[  401.223502][T16543] F2FS-fs (loop0): Wrong SSA boundary, start(3584) end(4096) blocks(0)
[  401.226919][T16543] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  401.230825][T16543] F2FS-fs (loop0): build fault injection type: 0x6
[  401.235422][T16543] F2FS-fs (loop0): invalid crc value
[  401.237936][ T2017] plantronics 0003:047F:FFFF.001F: ignoring exceeding usage max
[  401.249170][ T2017] plantronics 0003:047F:FFFF.001F: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[  401.296725][T15182] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  401.310415][T16543] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  401.314706][T16543] F2FS-fs (loop0): Start checkpoint disabled!
[  401.320065][T16543] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  401.323118][T16543] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  401.413292][ T2017] usb 6-1: USB disconnect, device number 9
[  401.926386][T16555] netlink: 92 bytes leftover after parsing attributes in process `syz.6.4104'.
[  401.932851][T16555] netlink: 16 bytes leftover after parsing attributes in process `syz.6.4104'.
[  402.219167][T16565] loop5: detected capacity change from 0 to 128
[  402.247120][T16565] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  402.525510][T15017] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  402.937579][T15860] kworker/u10:7: attempt to access beyond end of device
[  402.937579][T15860] loop0: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  402.957666][T15860] CPU: 1 UID: 0 PID: 15860 Comm: kworker/u10:7 Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  402.957687][T15860] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  402.957696][T15860] Workqueue: writeback wb_workfn (flush-7:0)
[  402.957719][T15860] Call Trace:
[  402.957725][T15860]  <TASK>
[  402.957731][T15860]  dump_stack_lvl+0x189/0x250
[  402.957751][T15860]  ? __pfx_dump_stack_lvl+0x10/0x10
[  402.957765][T15860]  ? __pfx_queue_work_on+0x10/0x10
[  402.957777][T15860]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  402.957791][T15860]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  402.957812][T15860]  f2fs_handle_critical_error+0x37c/0x540
[  402.957834][T15860]  f2fs_write_end_io+0x886/0xb60
[  402.957858][T15860]  __submit_merged_bio+0x27a/0x6a0
[  402.957880][T15860]  __submit_merged_write_cond+0x255/0x530
[  402.957901][T15860]  f2fs_write_data_pages+0x261d/0x3000
[  402.957943][T15860]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  402.957970][T15860]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  402.958008][T15860]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  402.958033][T15860]  ? trace_f2fs_writepages+0x7f/0x200
[  402.958058][T15860]  ? f2fs_write_node_pages+0x478/0x6e0
[  402.958090][T15860]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  402.958108][T15860]  do_writepages+0x32e/0x550
[  402.958128][T15860]  ? reacquire_held_locks+0x127/0x1d0
[  402.958141][T15860]  ? writeback_sb_inodes+0x384/0x1010
[  402.958163][T15860]  __writeback_single_inode+0x145/0xff0
[  402.958179][T15860]  ? do_raw_spin_unlock+0x4d/0x240
[  402.958197][T15860]  writeback_sb_inodes+0x6c7/0x1010
[  402.958218][T15860]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  402.958246][T15860]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  402.958293][T15860]  ? rcu_is_watching+0x15/0xb0
[  402.958339][T15860]  wb_writeback+0x43b/0xaf0
[  402.958363][T15860]  ? queue_io+0x3c1/0x590
[  402.958380][T15860]  ? __pfx_wb_writeback+0x10/0x10
[  402.958402][T15860]  ? _raw_spin_unlock_irq+0x23/0x50
[  402.958420][T15860]  wb_workfn+0x409/0xef0
[  402.958465][T15860]  ? __pfx_wb_workfn+0x10/0x10
[  402.958482][T15860]  ? __lock_acquire+0xab9/0xd20
[  402.958508][T15860]  ? process_scheduled_works+0x9ef/0x17b0
[  402.958525][T15860]  ? _raw_spin_unlock_irq+0x23/0x50
[  402.958539][T15860]  ? process_scheduled_works+0x9ef/0x17b0
[  402.958550][T15860]  ? process_scheduled_works+0x9ef/0x17b0
[  402.958563][T15860]  process_scheduled_works+0xae1/0x17b0
[  402.958598][T15860]  ? __pfx_process_scheduled_works+0x10/0x10
[  402.958623][T15860]  worker_thread+0x8a0/0xda0
[  402.958638][T15860]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  402.958659][T15860]  ? __kthread_parkme+0x7b/0x200
[  402.958680][T15860]  kthread+0x711/0x8a0
[  402.958698][T15860]  ? __pfx_worker_thread+0x10/0x10
[  402.958710][T15860]  ? __pfx_kthread+0x10/0x10
[  402.958727][T15860]  ? _raw_spin_unlock_irq+0x23/0x50
[  402.958741][T15860]  ? lockdep_hardirqs_on+0x9c/0x150
[  402.958754][T15860]  ? __pfx_kthread+0x10/0x10
[  402.958770][T15860]  ret_from_fork+0x3fc/0x770
[  402.958785][T15860]  ? __pfx_ret_from_fork+0x10/0x10
[  402.958802][T15860]  ? __switch_to_asm+0x39/0x70
[  402.958836][T15860]  ? __switch_to_asm+0x33/0x70
[  402.958850][T15860]  ? __pfx_kthread+0x10/0x10
[  402.958866][T15860]  ret_from_fork_asm+0x1a/0x30
[  402.958893][T15860]  </TASK>
[  403.113214][T15860] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  403.116076][T15860] CPU: 1 UID: 0 PID: 15860 Comm: kworker/u10:7 Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  403.116094][T15860] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  403.116101][T15860] Workqueue: writeback wb_workfn (flush-7:0)
[  403.116120][T15860] Call Trace:
[  403.116125][T15860]  <TASK>
[  403.116130][T15860]  dump_stack_lvl+0x189/0x250
[  403.116148][T15860]  ? __pfx_dump_stack_lvl+0x10/0x10
[  403.116160][T15860]  ? __pfx_queue_work_on+0x10/0x10
[  403.116170][T15860]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  403.116184][T15860]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  403.116205][T15860]  f2fs_handle_critical_error+0x37c/0x540
[  403.116228][T15860]  f2fs_write_end_io+0x886/0xb60
[  403.116255][T15860]  __submit_merged_bio+0x27a/0x6a0
[  403.116277][T15860]  __submit_merged_write_cond+0x255/0x530
[  403.116299][T15860]  f2fs_write_data_pages+0x261d/0x3000
[  403.116374][T15860]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  403.116402][T15860]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  403.116445][T15860]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  403.116473][T15860]  ? trace_f2fs_writepages+0x7f/0x200
[  403.116491][T15860]  ? f2fs_write_node_pages+0x478/0x6e0
[  403.116529][T15860]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  403.116548][T15860]  do_writepages+0x32e/0x550
[  403.116569][T15860]  ? reacquire_held_locks+0x127/0x1d0
[  403.116581][T15860]  ? writeback_sb_inodes+0x384/0x1010
[  403.116604][T15860]  __writeback_single_inode+0x145/0xff0
[  403.116620][T15860]  ? do_raw_spin_unlock+0x4d/0x240
[  403.116639][T15860]  writeback_sb_inodes+0x6c7/0x1010
[  403.116662][T15860]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  403.116692][T15860]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  403.116745][T15860]  ? rcu_is_watching+0x15/0xb0
[  403.116767][T15860]  wb_writeback+0x43b/0xaf0
[  403.116789][T15860]  ? queue_io+0x3c1/0x590
[  403.116807][T15860]  ? __pfx_wb_writeback+0x10/0x10
[  403.116831][T15860]  ? _raw_spin_unlock_irq+0x23/0x50
[  403.116850][T15860]  wb_workfn+0x409/0xef0
[  403.116877][T15860]  ? __pfx_wb_workfn+0x10/0x10
[  403.116895][T15860]  ? __lock_acquire+0xab9/0xd20
[  403.116923][T15860]  ? process_scheduled_works+0x9ef/0x17b0
[  403.116942][T15860]  ? _raw_spin_unlock_irq+0x23/0x50
[  403.116956][T15860]  ? process_scheduled_works+0x9ef/0x17b0
[  403.116966][T15860]  ? process_scheduled_works+0x9ef/0x17b0
[  403.116980][T15860]  process_scheduled_works+0xae1/0x17b0
[  403.117020][T15860]  ? __pfx_process_scheduled_works+0x10/0x10
[  403.117054][T15860]  worker_thread+0x8a0/0xda0
[  403.117070][T15860]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  403.117093][T15860]  ? __kthread_parkme+0x7b/0x200
[  403.117116][T15860]  kthread+0x711/0x8a0
[  403.117134][T15860]  ? __pfx_worker_thread+0x10/0x10
[  403.117146][T15860]  ? __pfx_kthread+0x10/0x10
[  403.117163][T15860]  ? _raw_spin_unlock_irq+0x23/0x50
[  403.117177][T15860]  ? lockdep_hardirqs_on+0x9c/0x150
[  403.117191][T15860]  ? __pfx_kthread+0x10/0x10
[  403.117207][T15860]  ret_from_fork+0x3fc/0x770
[  403.117223][T15860]  ? __pfx_ret_from_fork+0x10/0x10
[  403.117242][T15860]  ? __switch_to_asm+0x39/0x70
[  403.117257][T15860]  ? __switch_to_asm+0x33/0x70
[  403.117270][T15860]  ? __pfx_kthread+0x10/0x10
[  403.117286][T15860]  ret_from_fork_asm+0x1a/0x30
[  403.117341][T15860]  </TASK>
[  403.117348][T15860] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  403.638342][ T2017] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  403.711487][T16593] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  403.795784][ T2017] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  403.801278][ T2017] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  403.806057][ T2017] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  403.811093][ T2017] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  403.817740][ T2017] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  403.824512][ T2017] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  403.831499][ T2017] usb 6-1: config 0 descriptor??
[  403.834931][T16580] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  403.998289][    C0] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  404.246906][ T2017] plantronics 0003:047F:FFFF.0020: reserved main item tag 0xd
[  404.251978][ T2017] plantronics 0003:047F:FFFF.0020: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[  404.455819][ T5897] usb 6-1: USB disconnect, device number 10
[  404.496139][T16608] loop0: detected capacity change from 0 to 8
[  404.505263][T16608] SQUASHFS error: xz decompression failed, data probably corrupt
[  404.512874][T16608] SQUASHFS error: Failed to read block 0x108: -5
[  404.515639][T16608] SQUASHFS error: Unable to read metadata cache entry [106]
[  404.520729][T16608] SQUASHFS error: Unable to read inode 0x11f
[  405.227449][ T5897] usb 7-1: new full-speed USB device number 7 using dummy_hcd
[  405.311459][T16644] loop5: detected capacity change from 0 to 8192
[  405.379988][ T5897] usb 7-1: config 0 interface 0 altsetting 4 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  405.385079][ T5897] usb 7-1: config 0 interface 0 altsetting 4 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  405.392365][ T5897] usb 7-1: config 0 interface 0 has no altsetting 0
[  405.397454][ T5897] usb 7-1: New USB device found, idVendor=054c, idProduct=024b, bcdDevice= 0.00
[  405.401095][ T5897] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  405.406067][ T5897] usb 7-1: config 0 descriptor??
[  405.409366][T16632] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  405.663251][T16656] loop0: detected capacity change from 0 to 2048
[  405.681986][T16656] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  405.720310][ T5844] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  405.749322][   T47] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  405.822672][ T5897] sony 0003:054C:024B.0021: item fetching failed at offset 0/2
[  405.825811][ T5897] sony 0003:054C:024B.0021: parse failed
[  405.828370][ T5897] sony 0003:054C:024B.0021: probe with driver sony failed with error -22
[  405.976089][   T47] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  405.993174][   T47] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  406.004795][T16663] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  406.007680][T16663] IPv6: NLM_F_CREATE should be set when creating new route
[  406.021331][   T47] usb 6-1: too many endpoints for config 1 interface 1 altsetting 145: 217, using maximum allowed: 30
[  406.032173][   T47] usb 6-1: config 1 interface 1 altsetting 145 has 0 endpoint descriptors, different from the interface descriptor's value: 217
[  406.046340][   T47] usb 6-1: config 1 interface 1 has no altsetting 0
[  406.076209][   T47] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  406.104029][   T47] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  406.121093][   T47] usb 6-1: Product: syz
[  406.130221][   T47] usb 6-1: Manufacturer: syz
[  406.139987][   T47] usb 6-1: SerialNumber: syz
[  406.253024][   T24] usb 7-1: USB disconnect, device number 7
[  406.299623][   T47] cdc_acm 6-1:1.0: probe with driver cdc_acm failed with error -22
[  406.513078][   T47] usb 6-1: USB disconnect, device number 11
[  406.881493][T16665] (unnamed net_device) (uninitialized): option resend_igmp: invalid value (1024)
[  406.885494][T16665] (unnamed net_device) (uninitialized): option resend_igmp: allowed values 0 - 255
[  407.726526][T16684] netlink: 32 bytes leftover after parsing attributes in process `syz.5.4160'.
[  407.730772][T16684] netlink: 32 bytes leftover after parsing attributes in process `syz.5.4160'.
[  408.308405][T16703] loop0: detected capacity change from 0 to 1024
[  408.356674][T16703] hfsplus: extend alloc file! (8192,512,17039360)
[  408.542104][T16723] netlink: 'syz.6.4178': attribute type 11 has an invalid length.
[  408.722319][T16727] loop0: detected capacity change from 0 to 32768
[  408.725284][T16727] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.4180 (16727)
[  408.732362][T16727] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  408.735772][T16727] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  408.739040][T16727] BTRFS info (device loop0): using free-space-tree
[  408.872543][ T5844] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  409.832029][T16772] loop0: detected capacity change from 0 to 512
[  409.836809][T16772] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a842c11d, mo2=0002]
[  409.839546][T16772] System zones: 1-12
[  409.841452][T16772] EXT4-fs error (device loop0): ext4_iget_extra_inode:5104: inode #15: comm syz.0.4194: corrupted in-inode xattr: e_value size too large
[  409.846974][T16772] EXT4-fs error (device loop0): ext4_orphan_get:1397: comm syz.0.4194: couldn't read orphan inode 15 (err -117)
[  409.851735][T16772] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  409.888197][ T5844] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  410.027256][   T47] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  410.194979][   T47] usb 7-1: Using ep0 maxpacket: 16
[  410.199312][   T47] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  410.203384][   T47] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 3
[  410.210874][   T47] usb 7-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  410.214558][   T47] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  410.217904][   T47] usb 7-1: Product: syz
[  410.219602][   T47] usb 7-1: Manufacturer: syz
[  410.221493][   T47] usb 7-1: SerialNumber: syz
[  410.432682][   T47] usb 7-1: 0:2 : does not exist
[  410.438986][   T47] usb 7-1: USB disconnect, device number 8
[  410.760532][T16791] batadv_slave_1: entered promiscuous mode
[  410.763920][T16791] batadv_slave_1: left promiscuous mode
[  410.808640][T16793] loop5: detected capacity change from 0 to 512
[  410.814103][T16793] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  410.826257][T16793] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a843c018, mo2=0002]
[  410.829703][T16793] System zones: 0-2, 18-18, 34-34
[  410.833909][T16793] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  410.853684][T16793] Quota error (device loop5): do_check_range: Getting dqdh_prev_free 1792 out of range 0-5
[  410.861262][T16793] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[  410.865980][T16793] EXT4-fs error (device loop5): ext4_acquire_dquot:6933: comm syz.5.4202: Failed to acquire dquot type 1
[  410.896320][T15017] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  410.951468][T16805] loop0: detected capacity change from 0 to 64
[  410.974964][   T33] audit: type=1800 audit(411.008:123): pid=16805 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.4207" name="file2" dev="loop0" ino=6 res=0 errno=0
[  411.000835][T16808] loop6: detected capacity change from 0 to 512
[  411.044168][T16808] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  411.215814][T15182] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  411.266906][T16828] loop5: detected capacity change from 0 to 16
[  411.276539][T16828] erofs (device loop5): too large lz4 pclusterblks 16832
[  411.364533][T16824] loop0: detected capacity change from 0 to 32768
[  411.367774][T16824] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 (7:0) scanned by syz.0.4215 (16824)
[  411.375068][T16824] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  411.378514][T16824] BTRFS info (device loop0): using sha256 (sha256-lib) checksum algorithm
[  411.381310][T16824] BTRFS info (device loop0): using free-space-tree
[  411.407978][T16824] BTRFS info (device loop0): rebuilding free space tree
[  411.485466][   T13] BTRFS info (device loop0): qgroup scan completed (inconsistency flag cleared)
[  411.492552][T16829] loop6: detected capacity change from 0 to 32768
[  411.522144][T16829] ocfs2: Mounting device (7,6) on (node local, slot 0) with writeback data mode.
[  411.548148][ T5844] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  411.581046][T15182] ocfs2: Unmounting device (7,6) on (node local)
[  411.798430][T16868] loop0: detected capacity change from 0 to 1024
[  411.826019][   T33] audit: type=1800 audit(411.869:124): pid=16868 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.4228" name="file1" dev="loop0" ino=2 res=0 errno=0
[  411.835169][T16868] hfsplus: catalog searching failed
[  411.835386][T16862] loop6: detected capacity change from 0 to 32768
[  411.852968][   T36] hfsplus: bad catalog file entry
[  411.854970][   T36] hfsplus: b-tree write err: -5, ino 3
[  411.860449][T16862] syz.6.4225: attempt to access beyond end of device
[  411.860449][T16862] loop6: rw=1, sector=4680032, nr_sectors = 8 limit=32768
[  411.872243][T16862] metapage_write_end_io: I/O error
[  411.878109][T16862] ERROR: (device loop6): release_metapage: metapage_write_one() failed
[  411.878109][T16862] 
[  411.890546][T16862] ERROR: (device loop6): remounting filesystem as read-only
[  411.894824][T16862] blkno = 8ed2c, nblocks = 1
[  411.896966][T16862] ERROR: (device loop6): dbUpdatePMap: blocks are outside the map
[  411.896966][T16862] 
[  411.909590][T16862] ERROR: (device loop6): diRead: i_ino != di_number
[  411.909590][T16862] 
[  411.930383][  T117] blkno = 8ed2c, nblocks = 4
[  411.931948][  T117] ERROR: (device loop6): dbUpdatePMap: blocks are outside the map
[  411.931948][  T117] 
[  411.939589][T15182] syz-executor: attempt to access beyond end of device
[  411.939589][T15182] loop6: rw=1, sector=4680032, nr_sectors = 8 limit=32768
[  411.947285][T15182] metapage_write_end_io: I/O error
[  411.949822][T15182] JFS: metapage_get_blocks failed
[  411.952012][T15182] JFS: metapage_get_blocks failed
[  411.957947][T15182] JFS: metapage_get_blocks failed
[  411.960154][T15182] JFS: metapage_get_blocks failed
[  413.038997][T16890] loop0: detected capacity change from 0 to 256
[  413.042631][T16890] exfat: Deprecated parameter 'utf8'
[  413.045240][T16890] exfat: Deprecated parameter 'namecase'
[  413.072378][T16890] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x7b823c56, utbl_chksum : 0xe619d30d)
[  413.186943][T16904] 9pnet_fd: p9_fd_create_tcp (16904): problem binding to privport
[  413.193449][    C0] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  413.345104][T16920] netlink: 16 bytes leftover after parsing attributes in process `syz.0.4253'.
[  413.465691][T16934] GUP no longer grows the stack in syz.0.4259 (16934): 200000004000-20000000a000 (200000002000)
[  413.469917][T16934] CPU: 1 UID: 0 PID: 16934 Comm: syz.0.4259 Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  413.469929][T16934] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  413.469934][T16934] Call Trace:
[  413.469938][T16934]  <TASK>
[  413.469941][T16934]  dump_stack_lvl+0x189/0x250
[  413.469976][T16934]  ? __pfx_dump_stack_lvl+0x10/0x10
[  413.469985][T16934]  ? __pfx__printk+0x10/0x10
[  413.469994][T16934]  ? find_vma+0xe7/0x160
[  413.470010][T16934]  __get_user_pages+0x24d0/0x2ce0
[  413.470027][T16934]  ? mtree_load+0x100/0x700
[  413.470042][T16934]  get_user_pages_remote+0x2f1/0xad0
[  413.470050][T16934]  ? __pfx_mtree_load+0x10/0x10
[  413.470062][T16934]  ? __pfx_get_user_pages_remote+0x10/0x10
[  413.470071][T16934]  ? __access_remote_vm+0x367/0x7d0
[  413.470082][T16934]  __access_remote_vm+0x211/0x7d0
[  413.470095][T16934]  ? __pfx___access_remote_vm+0x10/0x10
[  413.470105][T16934]  ? alloc_pages_noprof+0xbe/0x190
[  413.470116][T16934]  proc_pid_cmdline_read+0x430/0x810
[  413.470129][T16934]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  413.470137][T16934]  ? rw_verify_area+0x2a6/0x4d0
[  413.470149][T16934]  vfs_readv+0x5aa/0x850
[  413.470178][T16934]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  413.470190][T16934]  ? __pfx_vfs_readv+0x10/0x10
[  413.470203][T16934]  ? __fget_files+0x2a/0x420
[  413.470212][T16934]  ? __fget_files+0x3a0/0x420
[  413.470219][T16934]  ? __fget_files+0x2a/0x420
[  413.470228][T16934]  __x64_sys_preadv+0x197/0x2a0
[  413.470240][T16934]  ? __pfx___x64_sys_preadv+0x10/0x10
[  413.470250][T16934]  ? rcu_is_watching+0x15/0xb0
[  413.470260][T16934]  ? do_syscall_64+0xbe/0x3b0
[  413.470272][T16934]  do_syscall_64+0xfa/0x3b0
[  413.470281][T16934]  ? lockdep_hardirqs_on+0x9c/0x150
[  413.470290][T16934]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  413.470297][T16934]  ? exc_page_fault+0x9f/0xf0
[  413.470307][T16934]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  413.470314][T16934] RIP: 0033:0x7fa87bb8ebe9
[  413.470321][T16934] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  413.470327][T16934] RSP: 002b:00007fa87cac2038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  413.470336][T16934] RAX: ffffffffffffffda RBX: 00007fa87bdb5fa0 RCX: 00007fa87bb8ebe9
[  413.470341][T16934] RDX: 0000000000000001 RSI: 00002000000003c0 RDI: 0000000000000003
[  413.470346][T16934] RBP: 00007fa87bc11e19 R08: 0000000021000008 R09: 0000000000000000
[  413.470350][T16934] R10: 0000000000000304 R11: 0000000000000246 R12: 0000000000000000
[  413.470354][T16934] R13: 00007fa87bdb6038 R14: 00007fa87bdb5fa0 R15: 00007ffd95d57b68
[  413.470366][T16934]  </TASK>
[  413.483908][T16936] tmpfs: Bad value for 'mpol'
[  413.742392][T16950] (unnamed net_device) (uninitialized): (slave wg2): Device is not bonding slave
[  413.746053][T16948] loop5: detected capacity change from 0 to 2048
[  413.746257][T16950] (unnamed net_device) (uninitialized): option active_slave: invalid value (wg2)
[  413.749851][T16948] UDF-fs: error (device loop5): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  413.763262][T16948] UDF-fs: error (device loop5): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4
[  413.770462][T16948] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  413.814788][T16952] vim2m vim2m.0: Fourcc format (0x47425247) invalid.
[  413.927882][T16958] loop0: detected capacity change from 0 to 512
[  413.931180][T16958] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  413.945973][T16958] EXT4-fs (loop0): 1 truncate cleaned up
[  413.950641][T16958] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  413.970400][   T33] audit: type=1326 audit(1182.018:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16960 comm="syz.5.4271" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f754418ebe9 code=0x7ffc0000
[  413.991372][   T33] audit: type=1326 audit(1182.018:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16960 comm="syz.5.4271" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f754418ebe9 code=0x7ffc0000
[  414.004227][   T33] audit: type=1326 audit(1182.028:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16960 comm="syz.5.4271" exe="/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f754418d69f code=0x7ffc0000
[  414.011863][   T33] audit: type=1326 audit(1182.028:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16960 comm="syz.5.4271" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f754418ebe9 code=0x7ffc0000
[  414.025958][   T33] audit: type=1326 audit(1182.028:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=16960 comm="syz.5.4271" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f754418ebe9 code=0x7ffc0000
[  414.040288][ T5844] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  414.559078][T16972] loop5: detected capacity change from 0 to 32768
[  414.594527][T16972] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  414.617732][T16972] XFS (loop5): Ending clean mount
[  414.627231][T16972] XFS (loop5): Quotacheck needed: Please wait.
[  414.668183][T16972] XFS (loop5): Quotacheck: Done.
[  414.668263][T16976] loop0: detected capacity change from 0 to 32768
[  414.689252][T16976] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  414.714904][T15017] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  414.718278][T16976] XFS (loop0): Ending clean mount
[  414.742022][T16976] XFS (loop0): WARNING: Reset corrupted AGFL on AG 0. 1 blocks leaked. Please unmount and run xfs_repair.
[  414.808454][ T5844] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  415.030231][T16994] loop5: detected capacity change from 0 to 32768
[  415.332119][T17004] loop5: detected capacity change from 0 to 64
[  415.536417][T17009] loop6: detected capacity change from 0 to 40427
[  415.539156][T17009] F2FS-fs: heap/no_heap options were deprecated
[  415.541672][T17009] F2FS-fs (loop6): Invalid segment count (1)
[  415.543815][T17009] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  415.547867][T17009] F2FS-fs (loop6): invalid crc value
[  415.578589][T17009] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  415.581813][T17009] F2FS-fs (loop6): Try to recover 1th superblock, ret: -30
[  415.584651][T17009] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  415.585104][T17020] input: syz0 as /devices/virtual/input/input35
[  415.744641][T17022] loop5: detected capacity change from 0 to 32768
[  415.759570][T17022] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  415.786910][T17022] (syz.5.4294,17022,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is smaller than minimal - offset=16, inode=65, rec_len=12, name_len=0
[  415.796208][T17022] (syz.5.4294,17022,0):ocfs2_prepare_dir_for_insert:4302 ERROR: status = -2
[  415.799855][T17022] (syz.5.4294,17022,0):ocfs2_rename:1486 ERROR: status = -2
[  415.804789][T17022] (syz.5.4294,17022,1):ocfs2_rename:1702 ERROR: status = -2
[  415.828255][T15017] ocfs2: Unmounting device (7,5) on (node local)
[  416.008732][T17038] 9pnet: p9_errstr2errno: server reported unknown error 1844674
[  416.346291][T17057] loop5: detected capacity change from 0 to 16
[  416.348816][T17057] MTD: Attempt to mount non-MTD device "/dev/loop5"
[  416.500633][T17067] loop0: detected capacity change from 0 to 2048
[  416.543710][T17067] EXT4-fs (loop0): mounted filesystem 00000800-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  416.571415][T17073] deleting an unspecified loop device is not supported.
[  416.578835][ T5844] EXT4-fs (loop0): unmounting filesystem 00000800-0000-0000-0000-000000000000.
[  416.686230][T17081] loop5: detected capacity change from 0 to 16
[  416.696616][T17081] erofs (device loop5): rootino(nid 36) is not a directory(i_mode 127766)
[  417.000910][T17096] IPVS: rr: UDP 224.0.0.2:0 - no destination available
[  417.008718][ T5897] IPVS: starting estimator thread 0...
[  417.076106][T17100] bond1: entered promiscuous mode
[  417.078083][T17100] 8021q: adding VLAN 0 to HW filter on device bond1
[  417.111967][T17098] IPVS: using max 80 ests per chain, 192000 per kthread
[  417.708712][T17119] loop5: detected capacity change from 0 to 512
[  417.725974][T17119] EXT4-fs warning (device loop5): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-22, ino=3). Please run e2fsck to fix.
[  417.732502][T17119] EXT4-fs (loop5): mount failed
[  417.860288][T17127] netlink: 8 bytes leftover after parsing attributes in process `syz.5.4336'.
[  418.060034][T17137] loop6: detected capacity change from 0 to 128
[  418.068153][T17137] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  418.077688][T17137] EXT4-fs (loop6): resizing filesystem from 64 to 1 blocks
[  418.080507][T17137] EXT4-fs warning (device loop6): ext4_resize_fs:2042: can't shrink FS - resize aborted
[  418.093478][T17133] loop5: detected capacity change from 0 to 32768
[  418.097569][T15182] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  418.112898][T17133] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.4339 (17133)
[  418.118279][T17133] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  418.121640][T17133] BTRFS info (device loop5): using sha256 (sha256-lib) checksum algorithm
[  418.124570][T17133] BTRFS info (device loop5): using free-space-tree
[  418.254307][T15017] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  419.224836][T17175] : renamed from veth0_vlan (while UP)
[  419.381001][ T5897] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  419.522418][T17195] netlink: 44 bytes leftover after parsing attributes in process `syz.5.4361'.
[  419.525890][T17195] netlink: 43 bytes leftover after parsing attributes in process `syz.5.4361'.
[  419.529199][T17195] netlink: 'syz.5.4361': attribute type 5 has an invalid length.
[  419.531066][ T5897] usb 7-1: Using ep0 maxpacket: 8
[  419.534969][T17195] netlink: 43 bytes leftover after parsing attributes in process `syz.5.4361'.
[  419.539558][ T5897] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 7
[  419.546613][ T5897] usb 7-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[  419.550209][ T5897] usb 7-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[  419.557610][ T5897] usb 7-1: Product: syz
[  419.559586][ T5897] usb 7-1: Manufacturer: syz
[  419.561664][ T5897] usb 7-1: SerialNumber: syz
[  419.750116][T17207] overlayfs: upper fs does not support file handles, falling back to index=off.
[  419.757600][T17207] overlayfs: fs on './file0' does not support file handles, falling back to xino=off.
[  419.767902][ T5897] usb 7-1: Handspring Visor / Palm OS: No valid connect info available
[  419.772863][ T5897] usb 7-1: Handspring Visor / Palm OS: port 255, is for unknown use
[  419.775889][ T5897] usb 7-1: Handspring Visor / Palm OS: port 255, is for unknown use
[  419.778709][ T5897] usb 7-1: Handspring Visor / Palm OS: Number of ports: 2
[  419.870878][   T10] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  419.973345][ T5897] usb 7-1: palm_os_3_probe - error -71 getting bytes available request
[  419.976437][ T5897] visor 7-1:1.0: Handspring Visor / Palm OS converter detected
[  419.981856][ T5897] usb 7-1: Handspring Visor / Palm OS converter now attached to ttyUSB0
[  419.988287][ T5897] usb 7-1: Handspring Visor / Palm OS converter now attached to ttyUSB1
[  419.992897][ T5897] usb 7-1: USB disconnect, device number 9
[  419.996809][ T5897] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0
[  420.002353][ T5897] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1
[  420.006245][ T5897] visor 7-1:1.0: device disconnected
[  420.022769][   T10] usb 6-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  420.026319][   T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  420.031587][   T10] usb 6-1: config 0 descriptor??
[  420.035387][   T10] cp210x 6-1:0.0: cp210x converter detected
[  420.438513][   T10] cp210x 6-1:0.0: failed to get vendor val 0x000e size 3: -32
[  420.653778][   T10] usb 6-1: cp210x converter now attached to ttyUSB0
[  420.681150][T17221] bridge0: entered allmulticast mode
[  420.683707][T17221] netlink: 4 bytes leftover after parsing attributes in process `syz.0.4373'.
[  420.687195][T17221] bridge_slave_1: left allmulticast mode
[  420.689296][T17221] bridge_slave_1: left promiscuous mode
[  420.695365][T17221] bridge0: port 2(bridge_slave_1) entered disabled state
[  420.701882][T17221] bridge_slave_0: left allmulticast mode
[  420.704911][T17221] bridge_slave_0: left promiscuous mode
[  420.707349][T17221] bridge0: port 1(bridge_slave_0) entered disabled state
[  420.747614][T17221] bridge0 (unregistering): left allmulticast mode
[  420.850310][   T10] usb 6-1: USB disconnect, device number 12
[  420.859360][   T10] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  420.867489][   T10] cp210x 6-1:0.0: device disconnected
[  420.939501][T17239] loop6: detected capacity change from 0 to 64
[  420.954473][T17239] syz.6.4382: attempt to access beyond end of device
[  420.954473][T17239] loop6: rw=2049, sector=268435468, nr_sectors = 2 limit=64
[  421.179413][T17249] loop0: detected capacity change from 0 to 32768
[  421.182619][T17249] XFS: noikeep mount option is deprecated.
[  421.188348][T17249] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  421.205181][T17249] XFS (loop0): Ending clean mount
[  421.211647][T17249] XFS (loop0): Quotacheck needed: Please wait.
[  421.245742][T17249] XFS (loop0): Quotacheck: Done.
[  421.271644][ T5844] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  421.501855][T17263] netlink: 'syz.5.4390': attribute type 1 has an invalid length.
[  421.519071][T17265] netlink: 256 bytes leftover after parsing attributes in process `syz.0.4391'.
[  421.697675][T17281] loop5: detected capacity change from 0 to 256
[  421.717332][T17281] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  421.993977][T17289] netlink: 'syz.5.4402': attribute type 1 has an invalid length.
[  421.999199][T17289] netlink: 224 bytes leftover after parsing attributes in process `syz.5.4402'.
[  422.322767][T17293] loop5: detected capacity change from 0 to 40427
[  422.326122][T17293] F2FS-fs: heap/no_heap options were deprecated
[  422.334419][T17293] F2FS-fs (loop5): build fault injection rate: 19
[  422.340013][T17293] F2FS-fs (loop5): build fault injection type: 0x3bfe8c
[  422.344381][T17293] F2FS-fs (loop5): invalid crc value
[  422.354078][T17293] F2FS-fs (loop5): inject page alloc in f2fs_grab_cache_folio of f2fs_ra_meta_pages+0x615/0x970
[  422.398867][T17293] F2FS-fs (loop5): inject slab alloc in f2fs_kmem_cache_alloc of read_node_folio+0x20a/0x3f0
[  422.404999][T17293] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  422.413480][T17293] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  422.440881][T17293] F2FS-fs (loop5): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x1d9/0xa40
[  422.461694][T17293] F2FS-fs (loop5): inject dquot initialize in f2fs_dquot_initialize of f2fs_new_inode+0x509/0x1050
[  422.470463][T17307] bond2: entered allmulticast mode
[  422.474346][T17293] F2FS-fs (loop5): inject page alloc in f2fs_grab_cache_folio of f2fs_new_node_folio+0x131/0xa40
[  422.479687][T17307] 8021q: adding VLAN 0 to HW filter on device bond2
[  422.482656][T17307] bridge0: port 3(bond2) entered blocking state
[  422.491220][T17307] bridge0: port 3(bond2) entered disabled state
[  422.557589][T17307] bond2: entered promiscuous mode
[  422.569396][T17307] bridge0: port 3(bond2) entered blocking state
[  422.572673][T17307] bridge0: port 3(bond2) entered forwarding state
[  422.592535][T15017] syz-executor: attempt to access beyond end of device
[  422.592535][T15017] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  422.598112][T15017] CPU: 0 UID: 0 PID: 15017 Comm: syz-executor Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  422.598125][T15017] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  422.598130][T15017] Call Trace:
[  422.598133][T15017]  <TASK>
[  422.598136][T15017]  dump_stack_lvl+0x189/0x250
[  422.598151][T15017]  ? __pfx_dump_stack_lvl+0x10/0x10
[  422.598159][T15017]  ? __pfx_queue_work_on+0x10/0x10
[  422.598167][T15017]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  422.598177][T15017]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  422.598191][T15017]  f2fs_handle_critical_error+0x37c/0x540
[  422.598204][T15017]  f2fs_write_end_io+0x886/0xb60
[  422.598219][T15017]  __submit_merged_bio+0x27a/0x6a0
[  422.598232][T15017]  __submit_merged_write_cond+0x255/0x530
[  422.598244][T15017]  f2fs_write_data_pages+0x261d/0x3000
[  422.598253][T15017]  ? __lock_acquire+0xab9/0xd20
[  422.598278][T15017]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  422.598307][T15017]  ? __mod_zone_page_state+0xd7/0x140
[  422.598321][T15017]  ? folios_put_refs+0x560/0x640
[  422.598335][T15017]  ? __lock_acquire+0xab9/0xd20
[  422.598349][T15017]  ? do_raw_spin_lock+0x121/0x290
[  422.598362][T15017]  ? do_raw_spin_unlock+0x4d/0x240
[  422.598370][T15017]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  422.598380][T15017]  do_writepages+0x32e/0x550
[  422.598395][T15017]  ? do_raw_spin_unlock+0x4d/0x240
[  422.598405][T15017]  filemap_fdatawrite+0x199/0x240
[  422.598414][T15017]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  422.598445][T15017]  ? do_raw_spin_unlock+0x4d/0x240
[  422.598455][T15017]  f2fs_sync_dirty_inodes+0x31f/0x830
[  422.598469][T15017]  f2fs_write_checkpoint+0x95a/0x1df0
[  422.598487][T15017]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  422.598515][T15017]  ? kill_f2fs_super+0x298/0x6c0
[  422.598525][T15017]  kill_f2fs_super+0x2c3/0x6c0
[  422.598535][T15017]  ? __pfx_kill_f2fs_super+0x10/0x10
[  422.598540][T15017]  ? radix_tree_delete_item+0x2b6/0x400
[  422.598553][T15017]  ? shrinker_free+0x2ce/0x3e0
[  422.598567][T15017]  deactivate_locked_super+0xbc/0x130
[  422.598577][T15017]  cleanup_mnt+0x425/0x4c0
[  422.598585][T15017]  ? lockdep_hardirqs_on+0x9c/0x150
[  422.598596][T15017]  task_work_run+0x1d4/0x260
[  422.598606][T15017]  ? __pfx_task_work_run+0x10/0x10
[  422.598614][T15017]  ? __x64_sys_umount+0x122/0x160
[  422.598625][T15017]  ? exit_to_user_mode_loop+0x40/0x110
[  422.598637][T15017]  exit_to_user_mode_loop+0xec/0x110
[  422.598646][T15017]  do_syscall_64+0x2bd/0x3b0
[  422.598655][T15017]  ? lockdep_hardirqs_on+0x9c/0x150
[  422.598663][T15017]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  422.598670][T15017]  ? exc_page_fault+0x9f/0xf0
[  422.598680][T15017]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  422.598686][T15017] RIP: 0033:0x7f754418ff17
[  422.598694][T15017] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  422.598700][T15017] RSP: 002b:00007ffe1b3eb6f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  422.598709][T15017] RAX: 0000000000000000 RBX: 00007f7544211c05 RCX: 00007f754418ff17
[  422.598714][T15017] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffe1b3eb7b0
[  422.598718][T15017] RBP: 00007ffe1b3eb7b0 R08: 0000000000000000 R09: 0000000000000000
[  422.598722][T15017] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffe1b3ec840
[  422.598727][T15017] R13: 00007f7544211c05 R14: 00000000000672c7 R15: 00007ffe1b3ec880
[  422.598740][T15017]  </TASK>
[  422.598743][T15017] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  422.688201][T17312] delete_channel: no stack
[  422.765015][  T136] bridge0: port 3(bond2) entered disabled state
[  422.854918][T17317] loop6: detected capacity change from 0 to 4096
[  422.858305][T17317] ntfs3: Unknown parameter 'Y'
[  423.349801][   T10] usb 7-1: new full-speed USB device number 10 using dummy_hcd
[  423.501883][   T10] usb 7-1: config 1 interface 0 has no altsetting 0
[  423.507508][   T10] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  423.511462][   T10] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  423.514778][   T10] usb 7-1: Product: syz
[  423.516405][T17341] loop5: detected capacity change from 0 to 4096
[  423.516621][   T10] usb 7-1: Manufacturer: syz
[  423.521013][   T10] usb 7-1: SerialNumber: syz
[  423.534266][T17341] ntfs3(loop5): Mark volume as dirty due to NTFS errors
[  423.543740][T17341] ntfs3(loop5): Failed to load $Extend (-22).
[  423.545768][T17341] ntfs3(loop5): Failed to initialize $Extend.
[  423.664703][T17345] netlink: 84 bytes leftover after parsing attributes in process `syz.5.4426'.
[  423.934305][   T10] usblp 7-1:1.0: usblp0: USB Unidirectional printer dev 10 if 0 alt 253 proto 1 vid 0x0525 pid 0xA4A8
[  424.049242][   T47] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  424.204864][   T47] usb 6-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  424.207903][   T47] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  424.212403][   T47] usb 6-1: Product: syz
[  424.214701][   T47] usb 6-1: Manufacturer: syz
[  424.216726][   T47] usb 6-1: SerialNumber: syz
[  424.223666][   T47] usb 6-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  424.264554][ T2017] usb 6-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  424.678799][  T794] usb 6-1: USB disconnect, device number 13
[  425.203389][T17358] netlink: 'syz.5.4432': attribute type 1 has an invalid length.
[  425.206404][T17358] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4432'.
[  425.261354][T17362] loop5: detected capacity change from 0 to 128
[  425.358920][ T2017] ath9k_htc 6-1:1.0: ath9k_htc: Target is unresponsive
[  425.364103][ T2017] ath9k_htc: Failed to initialize the device
[  425.366589][T17368] netlink: 'syz.5.4437': attribute type 3 has an invalid length.
[  425.369906][  T794] usb 6-1: ath9k_htc: USB layer deinitialized
[  425.463330][T17372] loop5: detected capacity change from 0 to 4096
[  425.466197][T17372] ntfs3(loop5): Different NTFS sector size (2048) and media sector size (512).
[  425.469885][T17372] ntfs3(loop5): Failed to load $MFTMirr (-22).
[  425.781918][T17384] loop0: detected capacity change from 0 to 16
[  425.784858][T17384] erofs (device loop0): mounted with root inode @ nid 36.
[  425.808764][  T794] usb 6-1: new full-speed USB device number 14 using dummy_hcd
[  425.960747][  T794] usb 6-1: unable to get BOS descriptor or descriptor too short
[  425.964496][  T794] usb 6-1: not running at top speed; connect to a high speed hub
[  425.968599][  T794] usb 6-1: config 1 interface 0 altsetting 9 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  425.973713][  T794] usb 6-1: config 1 interface 0 has no altsetting 0
[  425.978350][  T794] usb 6-1: New USB device found, idVendor=0b0e, idProduct=ffff, bcdDevice= 0.40
[  425.981378][  T794] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  425.984326][  T794] usb 6-1: Product: syz
[  425.985866][  T794] usb 6-1: Manufacturer: syz
[  425.987819][  T794] usb 6-1: SerialNumber: syz
[  426.111637][ T2017] usb 7-1: USB disconnect, device number 10
[  426.123903][ T2017] usblp0: removed
[  426.202865][  T794] usbhid 6-1:1.0: can't add hid device: -71
[  426.204865][  T794] usbhid 6-1:1.0: probe with driver usbhid failed with error -71
[  426.209582][  T794] usb 6-1: USB disconnect, device number 14
[  426.537315][T17411] netlink: 15 bytes leftover after parsing attributes in process `syz.6.4458'.
[  426.541457][T17411] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4458'.
[  426.580368][T17413] netlink: 'syz.6.4459': attribute type 1 has an invalid length.
[  426.640584][T17417] loop6: detected capacity change from 0 to 1024
[  426.652448][T17417] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  426.674960][T15182] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  426.754227][   T33] audit: type=1326 audit(1194.803:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17426 comm="syz.5.4465" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f754418ebe9 code=0x7ffc0000
[  426.761829][   T33] audit: type=1326 audit(1194.803:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17426 comm="syz.5.4465" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f754418ebe9 code=0x7ffc0000
[  426.769801][   T33] audit: type=1326 audit(1194.803:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17426 comm="syz.5.4465" exe="/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f754418ebe9 code=0x7ffc0000
[  426.779521][   T33] audit: type=1326 audit(1194.803:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17426 comm="syz.5.4465" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f754418ebe9 code=0x7ffc0000
[  426.788552][   T33] audit: type=1326 audit(1194.803:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17426 comm="syz.5.4465" exe="/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f754418ebe9 code=0x7ffc0000
[  426.799662][   T33] audit: type=1326 audit(1194.803:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17426 comm="syz.5.4465" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f754418ebe9 code=0x7ffc0000
[  426.809078][   T33] audit: type=1326 audit(1194.803:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17426 comm="syz.5.4465" exe="/syz-executor" sig=0 arch=c000003e syscall=128 compat=0 ip=0x7f754418ebe9 code=0x7ffc0000
[  426.818818][   T33] audit: type=1326 audit(1194.873:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17426 comm="syz.5.4465" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f754418ebe9 code=0x7ffc0000
[  426.826412][   T33] audit: type=1326 audit(1194.873:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17426 comm="syz.5.4465" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f754418ebe9 code=0x7ffc0000
[  426.905207][T17439] netlink: 4 bytes leftover after parsing attributes in process `syz.6.4470'.
[  427.131505][T17443] loop6: detected capacity change from 0 to 32768
[  427.135095][T17443] (syz.6.4472,17443,0):ocfs2_initialize_super:2019 ERROR: Invalid number of node slots (0)
[  427.139047][T17443] (syz.6.4472,17443,0):ocfs2_fill_super:1177 ERROR: status = -22
[  427.208385][   T24] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  427.241424][T17445] syzkaller1: entered promiscuous mode
[  427.243352][T17445] syzkaller1: entered allmulticast mode
[  427.371440][   T24] usb 6-1: Using ep0 maxpacket: 16
[  427.383013][   T24] usb 6-1: config 3 has an invalid interface number: 201 but max is 0
[  427.386932][   T24] usb 6-1: config 3 has no interface number 0
[  427.389727][   T24] usb 6-1: config 3 interface 201 has no altsetting 0
[  427.394908][   T24] usb 6-1: New USB device found, idVendor=2c7c, idProduct=0191, bcdDevice=a4.e0
[  427.400766][   T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  427.404220][   T24] usb 6-1: Product: syz
[  427.406103][   T24] usb 6-1: Manufacturer: syz
[  427.408250][   T24] usb 6-1: SerialNumber: syz
[  427.573723][T17459] loop6: detected capacity change from 0 to 512
[  427.576800][T17459] EXT4-fs (loop6): Test dummy encryption mode enabled
[  427.579445][T17459] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  427.582833][T17459] EXT4-fs (loop6): SIPHASH is not a valid default hash value
[  427.618106][   T24] option 6-1:3.201: GSM modem (1-port) converter detected
[  427.624831][   T24] usb 6-1: USB disconnect, device number 15
[  427.629810][   T24] option 6-1:3.201: device disconnected
[  427.674837][T17465] netlink: 32 bytes leftover after parsing attributes in process `syz.6.4483'.
[  428.178136][T17486] loop6: detected capacity change from 0 to 32768
[  428.187045][T17486] XFS (loop6): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  428.203411][T17486] XFS (loop6): Ending clean mount
[  428.412734][T17507] netlink: 60 bytes leftover after parsing attributes in process `syz.5.4495'.
[  428.415622][T17507] netlink: 35 bytes leftover after parsing attributes in process `syz.5.4495'.
[  429.145406][T15182] XFS (loop6): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  429.271081][T17527] loop5: detected capacity change from 0 to 512
[  429.301161][T17527] EXT4-fs error (device loop5): ext4_iget_extra_inode:5104: inode #15: comm syz.5.4502: corrupted in-inode xattr: invalid ea_ino
[  429.311313][T17527] EXT4-fs error (device loop5): ext4_orphan_get:1397: comm syz.5.4502: couldn't read orphan inode 15 (err -117)
[  429.319590][T17527] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  429.473824][T17536] input: syz0 as /devices/virtual/input/input37
[  429.588047][   T33] audit: type=1326 audit(1197.634:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17542 comm="syz.6.4511" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f309b98ebe9 code=0x50000
[  430.028324][T15017] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  430.466864][    C0] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  430.617213][   T24] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  430.776893][   T24] usb 6-1: Using ep0 maxpacket: 32
[  430.781941][   T24] usb 6-1: config index 0 descriptor too short (expected 35577, got 27)
[  430.786329][   T24] usb 6-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  430.798149][   T24] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  430.803027][   T24] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 92
[  430.808686][   T24] usb 6-1: config 1 has no interface number 0
[  430.817828][   T24] usb 6-1: config 1 interface 1 has no altsetting 0
[  430.820873][   T24] usb 6-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  430.825445][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  430.833801][   T24] snd_usb_pod 6-1:1.1: Line 6 Pocket POD found
[  430.836514][   T24] usb 6-1: selecting invalid altsetting 0
[  430.840397][   T24] snd_usb_pod 6-1:1.1: set_interface failed
[  430.843792][   T24] snd_usb_pod 6-1:1.1: Line 6 Pocket POD now disconnected
[  430.847212][   T24] snd_usb_pod 6-1:1.1: probe with driver snd_usb_pod failed with error -22
[  431.036329][   T24] usb 6-1: USB disconnect, device number 16
[  431.735734][T17563] bochs-drm 0000:00:01.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=none:owns=io+mem
[  431.757081][   T33] kauditd_printk_skb: 11389 callbacks suppressed
[  431.757095][   T33] audit: type=1326 audit(1199.805:11529): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17542 comm="syz.6.4511" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f309b98ebe9 code=0x50000
[  431.769775][   T33] audit: type=1326 audit(1199.815:11530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17542 comm="syz.6.4511" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f309b98ebe9 code=0x50000
[  431.780783][   T33] audit: type=1326 audit(1199.815:11531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17542 comm="syz.6.4511" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f309b98ebe9 code=0x50000
[  431.791123][   T33] audit: type=1326 audit(1199.815:11532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17542 comm="syz.6.4511" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f309b98ebe9 code=0x50000
[  431.805670][   T33] audit: type=1326 audit(1199.815:11533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17542 comm="syz.6.4511" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f309b98ebe9 code=0x50000
[  431.815643][   T33] audit: type=1326 audit(1199.815:11534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17542 comm="syz.6.4511" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f309b98ebe9 code=0x50000
[  431.825652][   T33] audit: type=1326 audit(1199.815:11535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17542 comm="syz.6.4511" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f309b98ebe9 code=0x50000
[  431.836156][   T33] audit: type=1326 audit(1199.815:11536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17542 comm="syz.6.4511" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f309b98ebe9 code=0x50000
[  431.861216][   T33] audit: type=1326 audit(1199.815:11537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17542 comm="syz.6.4511" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f309b98ebe9 code=0x50000
[  431.876689][   T33] audit: type=1326 audit(1199.815:11538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17542 comm="syz.6.4511" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f309b98ebe9 code=0x50000
[  431.904203][T17565] overlayfs: missing 'lowerdir'
[  432.214551][T17572] loop5: detected capacity change from 0 to 1024
[  432.252665][T17572] hfsplus: bad catalog entry type
[  432.279190][   T36] hfsplus: b-tree write err: -5, ino 4
[  432.871349][  T794] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  433.004701][T17598] loop5: detected capacity change from 0 to 256
[  433.028549][  T794] usb 7-1: Using ep0 maxpacket: 16
[  433.042013][  T794] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  433.056072][  T794] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  433.059578][  T794] usb 7-1: New USB device found, idVendor=05ac, idProduct=0231, bcdDevice= 0.00
[  433.073824][  T794] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  433.104499][  T794] usb 7-1: config 0 descriptor??
[  433.362008][  T794] usb 7-1: string descriptor 0 read error: -71
[  433.387154][  T794] input: bcm5974 as /devices/platform/dummy_hcd.6/usb7/7-1/7-1:0.0/input/input38
[  433.404755][  T794] usb 7-1: USB disconnect, device number 11
[  434.087387][  T794] kernel write not supported for file /622/clear_refs (pid: 794 comm: kworker/0:2)
[  434.136581][T17618] netlink: 28 bytes leftover after parsing attributes in process `syz.6.4545'.
[  434.599711][T17666] loop6: detected capacity change from 0 to 256
[  434.602220][T17666] vfat: Unknown parameter '00000000000000000000003'
[  434.674272][T17668] netlink: zone id is out of range
[  434.696346][   T24] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  434.714576][T17668] netlink: set zone limit has 4 unknown bytes
[  434.739475][T17668] netlink: del zone limit has 4 unknown bytes
[  434.792390][T17666] netlink: 20 bytes leftover after parsing attributes in process `syz.6.4569'.
[  434.877589][   T24] usb 6-1: Using ep0 maxpacket: 32
[  434.889276][   T24] usb 6-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f
[  434.893241][   T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  434.907564][   T24] usb 6-1: Product: syz
[  434.909395][   T24] usb 6-1: Manufacturer: syz
[  434.911355][   T24] usb 6-1: SerialNumber: syz
[  434.919229][   T24] usb 6-1: config 0 descriptor??
[  435.334092][   T24] airspy 6-1:0.0: Board ID: 00
[  435.337719][   T24] airspy 6-1:0.0: Firmware version: 
[  435.456209][T17703] loop6: detected capacity change from 0 to 32768
[  435.467525][T17703] (syz.6.4583,17703,0):ocfs2_load_local_alloc:339 ERROR: inconsistent detected, clean journal with unrecovered local alloc, please run fsck.ocfs2!
[  435.467525][T17703] found = 0, set = 0, taken = 0, off = 1280
[  435.475721][T17703] (syz.6.4583,17703,0):ocfs2_load_local_alloc:356 ERROR: status = -22
[  435.478716][T17703] (syz.6.4583,17703,0):ocfs2_check_volume:2404 ERROR: status = -22
[  435.481625][T17703] (syz.6.4583,17703,0):ocfs2_check_volume:2432 ERROR: status = -22
[  435.484535][T17703] (syz.6.4583,17703,0):ocfs2_mount_volume:1764 ERROR: status = -22
[  435.489563][T17703] (syz.6.4583,17703,0):ocfs2_fill_super:1177 ERROR: status = -22
[  435.800519][   T24] airspy 6-1:0.0: usb_control_msg() failed -71 request 0e
[  435.812050][   T24] airspy 6-1:0.0: Registered as swradio24
[  435.814412][   T24] airspy 6-1:0.0: SDR API is still slightly experimental and functionality changes may follow
[  435.819966][   T24] usb 6-1: USB disconnect, device number 17
[  436.837522][T17737] syzkaller1: entered promiscuous mode
[  436.841870][T17737] syzkaller1: entered allmulticast mode
[  436.894957][T17742] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4598'.
[  436.982674][T17746] loop5: detected capacity change from 0 to 1024
[  437.039972][   T27] hfsplus: b-tree write err: -5, ino 3
[  437.044048][T15017] hfsplus: node 4:3 still has 1 user(s)!
[  437.078716][T17753] loop5: detected capacity change from 0 to 512
[  437.083506][T17753] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  437.102090][T17753] EXT4-fs (loop5): 1 truncate cleaned up
[  437.103584][T17753] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  437.119698][T17753] EXT4-fs error (device loop5): ext4_generic_delete_entry:2668: inode #2: block 13: comm syz.5.4604: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  437.135655][T17753] EXT4-fs (loop5): Remounting filesystem read-only
[  437.138276][T17753] EXT4-fs warning (device loop5): ext4_rename_delete:3735: inode #2: comm syz.5.4604: Deleting old file: nlink 5, error=-117
[  437.162113][T15017] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  437.229045][T17763] loop5: detected capacity change from 0 to 256
[  437.239705][T17763] FAT-fs (loop5): Directory bread(block 64) failed
[  437.241914][T17763] FAT-fs (loop5): Directory bread(block 65) failed
[  437.247063][T17763] FAT-fs (loop5): Directory bread(block 66) failed
[  437.249174][T17763] FAT-fs (loop5): Directory bread(block 67) failed
[  437.251466][T17763] FAT-fs (loop5): Directory bread(block 68) failed
[  437.253641][T17763] FAT-fs (loop5): Directory bread(block 69) failed
[  437.262771][T17763] FAT-fs (loop5): Directory bread(block 70) failed
[  437.266764][T17763] FAT-fs (loop5): Directory bread(block 71) failed
[  437.268928][T17763] FAT-fs (loop5): Directory bread(block 72) failed
[  437.271073][T17763] FAT-fs (loop5): Directory bread(block 73) failed
[  437.292143][T17769] loop6: detected capacity change from 0 to 128
[  437.312735][T17769] syz.6.4611: attempt to access beyond end of device
[  437.312735][T17769] loop6: rw=2049, sector=145, nr_sectors = 8 limit=128
[  437.320105][T17769] syz.6.4611: attempt to access beyond end of device
[  437.320105][T17769] loop6: rw=2049, sector=161, nr_sectors = 8 limit=128
[  437.339045][T17769] syz.6.4611: attempt to access beyond end of device
[  437.339045][T17769] loop6: rw=2049, sector=177, nr_sectors = 24 limit=128
[  437.347323][T17769] syz.6.4611: attempt to access beyond end of device
[  437.347323][T17769] loop6: rw=2049, sector=209, nr_sectors = 8 limit=128
[  437.352304][T17769] syz.6.4611: attempt to access beyond end of device
[  437.352304][T17769] loop6: rw=2049, sector=225, nr_sectors = 8 limit=128
[  437.365375][T17769] syz.6.4611: attempt to access beyond end of device
[  437.365375][T17769] loop6: rw=2049, sector=241, nr_sectors = 8 limit=128
[  437.370112][T17769] syz.6.4611: attempt to access beyond end of device
[  437.370112][T17769] loop6: rw=2049, sector=257, nr_sectors = 8 limit=128
[  437.384369][T17769] syz.6.4611: attempt to access beyond end of device
[  437.384369][T17769] loop6: rw=2049, sector=273, nr_sectors = 8 limit=128
[  437.393849][T17769] syz.6.4611: attempt to access beyond end of device
[  437.393849][T17769] loop6: rw=2049, sector=289, nr_sectors = 9 limit=128
[  437.413925][T17777] syz.6.4611: attempt to access beyond end of device
[  437.413925][T17777] loop6: rw=2049, sector=305, nr_sectors = 80 limit=128
[  437.450970][T17779] tipc: Enabling <eth:lo> not permitted
[  437.453531][T17779] tipc: Enabling of bearer <eth:lo> rejected, failed to enable media
[  437.563599][   T47] kernel write not supported for file /691/net/fib_triestat (pid: 47 comm: kworker/1:1)
[  437.617927][T17789] netlink: 24 bytes leftover after parsing attributes in process `syz.5.4618'.
[  437.629001][T17788] loop6: detected capacity change from 0 to 2048
[  437.633398][T17788] NILFS (loop6): broken superblock, retrying with spare superblock (blocksize = 1024)
[  437.651290][T17790] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  437.676945][T17788] NILFS error (device loop6): nilfs_bmap_lookup_contig: broken bmap (inode number=16)
[  437.687750][T17788] Remounting filesystem read-only
[  437.690012][T17788] NILFS error (device loop6): nilfs_bmap_last_key: broken bmap (inode number=16)
[  437.695010][T17788] NILFS (loop6): error -5 truncating bmap (ino=16)
[  437.714232][T15182] NILFS (loop6): disposed unprocessed dirty file(s) when detaching log writer
[  437.750557][T17795] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[  437.792041][T17797] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  437.927617][T17807] loop0: detected capacity change from 0 to 764
[  437.930985][T17807] iso9660: Unknown parameter 'over	'
[  438.115894][T17823] netlink: 132 bytes leftover after parsing attributes in process `syz.0.4633'.
[  438.176289][T17825] loop0: detected capacity change from 0 to 4096
[  438.188159][T17825] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  438.191056][T17825] ntfs3(loop0): Failed to load $Extend (-22).
[  438.193441][T17825] ntfs3(loop0): Failed to initialize $Extend.
[  438.200459][T17825] ntfs3(loop0): ino=1b, "file0" ntfs_readdir
[  438.695249][T17837] loop5: detected capacity change from 0 to 32768
[  438.698663][T17837] bcachefs (/dev/loop5): error validating superblock: Invalid superblock section members_v2: device 0: bucket size 9 smaller than btree node size 256
[  438.698663][T17837] members_v2 (size 152):
[  438.698663][T17837] Device:                        0
[  438.698663][T17837]   Label:                       (none)
[  438.698663][T17837]   UUID:                        7af6772b-00de-4159-84cd-1faead05e13e
[  438.698663][T17837]   Size:                        589824
[  438.698663][T17837]   read errors:                 0
[  438.698663][T17837]   write errors:                0
[  438.698663][T17837]   checksum errors:             0
[  438.698663][T17837]   seqread iops:                0
[  438.698663][T17837]   seqwrite iops:               0
[  438.698663][T17837]   randread iops:               0
[  438.698663][T17837]   randwrite iops:              0
[  438.698663][T17837]   Bucket size:                 4608
[  438.698663][T17837]   First bucket:                0
[  438.698663][T17837]   Buckets:                     128
[  438.698663][T17837]   Last mount:                  1714618368
[  438.698663][T17837]   Last superblock write:       42
[  438.698663][T17837]   State:                       rw
[  438.698663][T17837]   Data allowed:                journal,btree,user
[  438.698663][T17837]   Has data:                    (none)
[  438.698663][T17837]   Btree allocated bitmap blocksize:1
[  438.698663][T17837]   Btree allocated bitmap:      0000000000000000000001000010000010011000000000000000000000000000
[  438.698663][T17837]   Durab
[  438.698853][T17837] bcachefs: bch2_fs_get_tree() error: invalid_sb_members
[  439.119260][T17839] loop6: detected capacity change from 0 to 32768
[  439.128101][T17839] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.4641 (17839)
[  439.140635][T17839] BTRFS info (device loop6): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  439.144426][T17839] BTRFS info (device loop6): using crc32c (crc32c-lib) checksum algorithm
[  439.147214][T17839] BTRFS info (device loop6): disk space caching is enabled
[  439.149624][T17839] BTRFS warning (device loop6): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  439.199980][T17839] BTRFS info (device loop6): rebuilding free space tree
[  439.226042][T17839] BTRFS info (device loop6): disabling free space tree
[  439.228668][T17839] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  439.232679][T17839] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  439.406421][T15182] BTRFS info (device loop6): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  439.429986][ T1363] ieee802154 phy0 wpan0: encryption failed: -22
[  440.723218][  T794] usb 7-1: new full-speed USB device number 12 using dummy_hcd
[  440.876169][  T794] usb 7-1: config 0 has an invalid descriptor of length 89, skipping remainder of the config
[  440.883566][  T794] usb 7-1: New USB device found, idVendor=22b8, idProduct=6027, bcdDevice=c2.80
[  440.887252][  T794] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  440.890493][  T794] usb 7-1: Product: syz
[  440.892239][  T794] usb 7-1: Manufacturer: syz
[  440.895700][  T794] usb 7-1: SerialNumber: syz
[  440.909512][  T794] usb 7-1: config 0 descriptor??
[  441.139513][  T794] usb 7-1: bad CDC descriptors
[  441.154426][  T794] usb 7-1: unsupported MDLM descriptors
[  441.161346][  T794] usb 7-1: USB disconnect, device number 12
[  441.197479][T17889] loop5: detected capacity change from 0 to 512
[  441.217762][T17889] EXT4-fs warning (device loop5): ext4_enable_quotas:7168: Failed to enable quota tracking (type=0, err=-13, ino=3). Please run e2fsck to fix.
[  441.223396][T17889] EXT4-fs (loop5): mount failed
[  441.851397][T17905] random: crng reseeded on system resumption
[  441.991639][T17907] loop6: detected capacity change from 0 to 256
[  442.013254][T17907] exFAT-fs (loop6): failed to load upcase table (idx : 0x00011bf5, chksum : 0xcea91b8a, utbl_chksum : 0xe619d30d)
[  442.020485][T17907] exFAT-fs (loop6): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  442.688697][T17911] ptrace attach of "/syz-executor exec"[5844] was attempted by ""[17911]
[  443.358648][T17932] loop5: detected capacity change from 0 to 32768
[  443.400386][T17935] loop6: detected capacity change from 0 to 32768
[  443.406805][T17932] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  443.424073][T17935] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.4675 (17935)
[  443.439641][T17935] BTRFS info (device loop6): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  443.449374][T17935] BTRFS info (device loop6): using xxhash64 (xxhash64-generic) checksum algorithm
[  443.457632][T17935] BTRFS info (device loop6): disk space caching is enabled
[  443.460261][T17935] BTRFS warning (device loop6): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  443.468488][T15017] (syz-executor,15017,0):ocfs2_inode_is_valid_to_delete:948 ERROR: Skipping delete of system file 72
[  443.481234][T15017] ocfs2: Unmounting device (7,5) on (node local)
[  443.538514][T17935] BTRFS info (device loop6): rebuilding free space tree
[  443.563799][T17935] BTRFS info (device loop6): disabling free space tree
[  443.566114][T17935] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  443.577062][T17935] BTRFS info (device loop6): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  443.651513][T15182] BTRFS info (device loop6): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  444.221672][ T5847] Bluetooth: hci1: command tx timeout
[  444.548460][T17994] loop5: detected capacity change from 0 to 32768
[  444.565075][T17994] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  444.580842][T17994] (syz.5.4695,17994,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is smaller than minimal - offset=16, inode=65, rec_len=12, name_len=0
[  444.589945][T17994] (syz.5.4695,17994,1):__ocfs2_delete_entry:1170 ERROR: status = -5
[  444.593593][T17994] (syz.5.4695,17994,1):ocfs2_unlink:993 ERROR: status = -5
[  444.596850][T17994] (syz.5.4695,17994,1):ocfs2_unlink:1046 ERROR: status = -5
[  444.633478][T15017] ocfs2: Unmounting device (7,5) on (node local)
[  445.022992][   T10] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  445.048829][T18002] loop6: detected capacity change from 0 to 32768
[  445.053828][T18002] bcachefs (/dev/loop6): error validating superblock: Invalid superblock section members_v2: section too small (1104 > 152)
[  445.053828][T18002] members_v2 (size 152):
[  445.053828][T18002] nr_devices mismatch: have 1 entries, should be 8Device:0
[  445.053828][T18002]   Label:                       (none)
[  445.053828][T18002]   UUID:                        7af6772b-00de-4159-84cd-1faead05aceb
[  445.053828][T18002]   Size:                        16777216
[  445.053828][T18002]   read errors:                 0
[  445.053828][T18002]   write errors:                0
[  445.053828][T18002]   checksum errors:             0
[  445.053828][T18002]   seqread iops:                0
[  445.053828][T18002]   seqwrite iops:               0
[  445.053828][T18002]   randread iops:               0
[  445.053828][T18002]   randwrite iops:              0
[  445.053828][T18002]   Bucket size:                 131072
[  445.053828][T18002]   First bucket:                0
[  445.053828][T18002]   Buckets:                     128
[  445.053828][T18002]   Last mount:                  1714681267
[  445.053828][T18002]   Last superblock write:       42
[  445.053828][T18002]   State:                       rw
[  445.053828][T18002]   Data allowed:                journal,btree,user
[  445.053828][T18002]   Has data:                    (none)
[  445.053828][T18002]   Btree allocated bitmap blocksize:256
[  445.053828][T18002]   Btree allocated bitmap:      0000000000000000000001000010000010011000000000000000000000000000
[  445.053828][T18002]   D
[  445.054000][T18002] bcachefs: bch2_fs_get_tree() error: invalid_sb_members
[  445.191384][   T10] usb 6-1: Using ep0 maxpacket: 32
[  445.195756][   T10] usb 6-1: config 0 has an invalid interface number: 51 but max is 0
[  445.199699][   T10] usb 6-1: config 0 has no interface number 0
[  445.207184][   T10] usb 6-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  445.210926][   T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  445.216428][   T10] usb 6-1: Product: syz
[  445.218229][   T10] usb 6-1: Manufacturer: syz
[  445.220177][   T10] usb 6-1: SerialNumber: syz
[  445.227982][   T10] usb 6-1: config 0 descriptor??
[  445.234894][   T10] quatech2 6-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  445.440223][   T10] usb 6-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  445.454090][   T10] usb 6-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  445.845401][    C0] usb 6-1: qt2_read_bulk_callback - non-zero urb status: -71
[  445.845543][   T47] usb 6-1: USB disconnect, device number 18
[  445.864746][   T47] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  445.873717][   T47] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  445.877722][   T47] quatech2 6-1:0.51: device disconnected
[  446.431220][   T47] usb 7-1: new high-speed USB device number 13 using dummy_hcd
[  446.525097][T18043] input: syz0 as /devices/virtual/input/input39
[  446.591169][   T47] usb 7-1: Using ep0 maxpacket: 16
[  446.596806][   T47] usb 7-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 2.00
[  446.601317][   T47] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  446.606737][   T47] usb 7-1: config 0 descriptor??
[  446.611097][   T47] ftdi_sio 7-1:0.0: FTDI USB Serial Device converter detected
[  446.814177][   T47] usb 7-1: Detected FT232B
[  446.830784][   T24] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  447.000642][   T24] usb 6-1: Using ep0 maxpacket: 32
[  447.004190][   T24] usb 6-1: config 0 has an invalid interface number: 146 but max is 0
[  447.006901][   T24] usb 6-1: config 0 has no interface number 0
[  447.008984][   T24] usb 6-1: config 0 interface 146 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  447.013667][   T24] usb 6-1: config 0 interface 146 altsetting 0 has an endpoint descriptor with address 0xE3, changing to 0x83
[  447.017710][   T24] usb 6-1: config 0 interface 146 altsetting 0 endpoint 0x83 has invalid maxpacket 33307, setting to 1024
[  447.021628][   T24] usb 6-1: config 0 interface 146 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 1024
[  447.025949][   T47] ftdi_sio ttyUSB0: Unable to read latency timer: -71
[  447.028860][   T24] usb 6-1: config 0 interface 146 altsetting 0 has an endpoint descriptor with address 0xF2, changing to 0x82
[  447.033562][   T47] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  447.036313][   T24] usb 6-1: config 0 interface 146 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  447.046957][   T24] usb 6-1: config 0 interface 146 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  447.051356][   T47] usb 7-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  447.054827][   T24] usb 6-1: config 0 interface 146 altsetting 0 endpoint 0x1 has invalid maxpacket 19968, setting to 1024
[  447.058865][   T47] usb 7-1: USB disconnect, device number 13
[  447.062125][   T24] usb 6-1: config 0 interface 146 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 1024
[  447.066246][   T47] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  447.069731][   T24] usb 6-1: config 0 interface 146 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[  447.074754][   T47] ftdi_sio 7-1:0.0: device disconnected
[  447.076915][T18047] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4719'.
[  447.082870][   T24] usb 6-1: New USB device found, idVendor=05da, idProduct=009a, bcdDevice=62.95
[  447.086235][   T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  447.089301][   T24] usb 6-1: Product: syz
[  447.093728][   T24] usb 6-1: Manufacturer: syz
[  447.095597][   T24] usb 6-1: SerialNumber: syz
[  447.099418][   T24] usb 6-1: config 0 descriptor??
[  447.106850][T18045] raw-gadget.2 gadget.5: fail, usb_ep_enable returned -22
[  447.109332][T18045] raw-gadget.2 gadget.5: fail, usb_ep_enable returned -22
[  447.115025][   T24] microtek usb (rev 0.4.3): will this work? Response EP is not usually 3
[  447.118414][   T24] microtek usb (rev 0.4.3): will this work? Image data EP is not usually 2
[  447.126302][   T24] scsi host6: microtekX6
[  447.333552][T18045] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  447.336783][T18045] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  447.364936][   T47] usb 6-1: USB disconnect, device number 19
[  448.057977][T18070] netlink: 20 bytes leftover after parsing attributes in process `syz.6.4729'.
[  448.062201][T18070] netlink: 20 bytes leftover after parsing attributes in process `syz.6.4729'.
[  448.448006][T18080] loop5: detected capacity change from 0 to 1024
[  448.526940][T18080] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  448.745901][T15017] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  449.015794][T18097] netlink: 'syz.0.4740': attribute type 2 has an invalid length.
[  449.039057][T18099] loop5: detected capacity change from 0 to 128
[  449.043456][T18099] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[  449.449214][T18099] UDF-fs: error (device loop5): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[  449.765731][T18107] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  449.871354][T18110] loop0: detected capacity change from 0 to 2048
[  449.882188][T18110] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  449.955093][T18112] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4746'.
[  449.981886][T18112] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4746'.
[  449.985321][ T5707] netdevsim netdevsim6 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  450.001225][ T5707] netdevsim netdevsim6 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  450.004503][ T5707] netdevsim netdevsim6 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  450.008690][ T5707] netdevsim netdevsim6 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  450.036869][T18117] netlink: 24 bytes leftover after parsing attributes in process `syz.0.4748'.
[  450.043189][T18118] netlink: 256 bytes leftover after parsing attributes in process `syz.6.4749'.
[  450.066815][T18108] loop5: detected capacity change from 0 to 32768
[  450.071839][T18108] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.4743 (18108)
[  450.081985][T18108] BTRFS info (device loop5): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  450.086500][T18108] BTRFS info (device loop5): using crc32c (crc32c-lib) checksum algorithm
[  450.096481][T18108] BTRFS info (device loop5): disk space caching is enabled
[  450.099979][T18108] BTRFS warning (device loop5): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  450.137961][T18108] BTRFS info (device loop5): rebuilding free space tree
[  450.156278][T18108] BTRFS info (device loop5): disabling free space tree
[  450.159520][T18108] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  450.163305][T18108] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  450.247887][T15017] BTRFS info (device loop5): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  450.445783][T18156] loop0: detected capacity change from 0 to 64
[  450.449043][T18156] BFS-fs: bfs_fill_super(): loop0 is unclean, continuing
[  450.702896][T18174] loop6: detected capacity change from 0 to 128
[  450.713039][T18174] affs: Invalid blocksize (512, 1024, 2048, 4096 allowed)
[  450.757132][ T5854] Bluetooth: hci3: sending frame failed (-49)
[  450.765741][ T5847] Bluetooth: hci3: Opcode 0x1003 failed: -49
[  450.804801][T18180] loop6: detected capacity change from 0 to 256
[  450.884033][T18181] fuse: Bad value for 'fd'
[  450.892132][T18181] loop5: detected capacity change from 0 to 16
[  450.904384][T18181] erofs (device loop5): mounted with root inode @ nid 36.
[  450.926708][T18181] erofs (device loop5): readahead error at folio 87 @ nid 36
[  450.929415][T18181] erofs (device loop5): readahead error at folio 86 @ nid 36
[  450.932677][T18181] erofs (device loop5): bogus lookback distance 363 @ lcn 82 of nid 36
[  450.935647][T18181] erofs (device loop5): readahead error at folio 83 @ nid 36
[  450.938706][T18181] erofs (device loop5): bogus lookback distance 363 @ lcn 82 of nid 36
[  450.942603][T18181] erofs (device loop5): readahead error at folio 82 @ nid 36
[  450.945788][T18181] erofs (device loop5): readahead error at folio 79 @ nid 36
[  450.948536][T18181] erofs (device loop5): readahead error at folio 78 @ nid 36
[  450.951468][T18181] erofs (device loop5): bogus lookback distance 1485 @ lcn 75 of nid 36
[  450.954187][T18181] erofs (device loop5): readahead error at folio 76 @ nid 36
[  450.956707][T18181] erofs (device loop5): bogus lookback distance 1485 @ lcn 75 of nid 36
[  450.960586][T18181] erofs (device loop5): readahead error at folio 75 @ nid 36
[  450.964173][T18181] erofs (device loop5): readahead error at folio 74 @ nid 36
[  450.967605][T18181] erofs (device loop5): readahead error at folio 72 @ nid 36
[  450.970602][T18181] erofs (device loop5): readahead error at folio 71 @ nid 36
[  450.973426][T18181] erofs (device loop5): readahead error at folio 70 @ nid 36
[  450.977606][T18181] erofs (device loop5): readahead error at folio 63 @ nid 36
[  450.980607][T18181] erofs (device loop5): readahead error at folio 61 @ nid 36
[  450.983066][T18181] erofs (device loop5): bogus lookback distance 1024 @ lcn 58 of nid 36
[  450.985743][T18181] erofs (device loop5): readahead error at folio 59 @ nid 36
[  450.988521][T18181] erofs (device loop5): bogus lookback distance 1024 @ lcn 58 of nid 36
[  450.991600][T18181] erofs (device loop5): readahead error at folio 58 @ nid 36
[  450.994367][T18181] erofs (device loop5): readahead error at folio 56 @ nid 36
[  450.997165][T18181] erofs (device loop5): bogus lookback distance 1586 @ lcn 46 of nid 36
[  450.999983][T18181] erofs (device loop5): readahead error at folio 47 @ nid 36
[  451.002326][T18181] erofs (device loop5): bogus lookback distance 1586 @ lcn 46 of nid 36
[  451.005014][T18181] erofs (device loop5): readahead error at folio 46 @ nid 36
[  451.007394][T18181] erofs (device loop5): readahead error at folio 45 @ nid 36
[  451.010179][T18181] erofs (device loop5): bogus lookback distance 1388 @ lcn 42 of nid 36
[  451.013122][T18181] erofs (device loop5): readahead error at folio 43 @ nid 36
[  451.015782][T18181] erofs (device loop5): bogus lookback distance 1388 @ lcn 42 of nid 36
[  451.018541][T18181] erofs (device loop5): readahead error at folio 42 @ nid 36
[  451.021038][T18181] erofs (device loop5): bogus lookback distance 774 @ lcn 40 of nid 36
[  451.023742][T18181] erofs (device loop5): readahead error at folio 41 @ nid 36
[  451.026116][T18181] erofs (device loop5): bogus lookback distance 774 @ lcn 40 of nid 36
[  451.029541][T18181] erofs (device loop5): readahead error at folio 40 @ nid 36
[  451.033070][T18181] erofs (device loop5): readahead error at folio 39 @ nid 36
[  451.035531][T18181] erofs (device loop5): readahead error at folio 38 @ nid 36
[  451.038264][T18181] erofs (device loop5): readahead error at folio 36 @ nid 36
[  451.041353][T18181] erofs (device loop5): bogus lookback distance 1468 @ lcn 31 of nid 36
[  451.044301][T18181] erofs (device loop5): readahead error at folio 31 @ nid 36
[  451.047479][T18181] erofs (device loop5): readahead error at folio 25 @ nid 36
[  451.050024][T18181] erofs (device loop5): readahead error at folio 24 @ nid 36
[  451.052853][T18181] erofs (device loop5): readahead error at folio 19 @ nid 36
[  451.056137][T18181] bio_check_eod: 47 callbacks suppressed
[  451.056186][T18181] syz.5.4767: attempt to access beyond end of device
[  451.056186][T18181] loop5: rw=524288, sector=784, nr_sectors = 64 limit=16
[  451.062909][T18181] syz.5.4767: attempt to access beyond end of device
[  451.062909][T18181] loop5: rw=524288, sector=13478624080, nr_sectors = 24 limit=16
[  451.068202][T18181] syz.5.4767: attempt to access beyond end of device
[  451.068202][T18181] loop5: rw=524288, sector=13478624032, nr_sectors = 48 limit=16
[  451.073557][T18181] syz.5.4767: attempt to access beyond end of device
[  451.073557][T18181] loop5: rw=524288, sector=32, nr_sectors = 64 limit=16
[  451.078818][T18181] syz.5.4767: attempt to access beyond end of device
[  451.078818][T18181] loop5: rw=524288, sector=8, nr_sectors = 24 limit=16
[  451.083895][T18181] syz.5.4767: attempt to access beyond end of device
[  451.083895][T18181] loop5: rw=524288, sector=14425508768, nr_sectors = 8 limit=16
[  451.166930][T18180] FAT-fs (loop6): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000005)
[  451.182096][T18180] FAT-fs (loop6): Filesystem has been set read-only
[  451.378098][T15182] FAT-fs (loop6): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000005)
[  451.488233][T18191] loop5: detected capacity change from 0 to 1024
[  451.522934][T18193] loop0: detected capacity change from 0 to 4096
[  451.527139][T18191] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  451.544255][T18193] NILFS (loop0): invalid segment: Checksum error in segment payload
[  451.556794][T18193] NILFS (loop0): trying rollback from an earlier position
[  451.569128][T15017] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  451.575543][T18193] NILFS (loop0): recovery complete
[  451.598575][T18200] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  451.749659][T18199] loop6: detected capacity change from 0 to 32768
[  451.755132][T18199] ocfs2: Slot 0 on device (7,6) was already allocated to this node!
[  451.770908][T18199] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  451.822098][T15182] ocfs2: Unmounting device (7,6) on (node local)
[  451.932197][T18213] syz.5.4784(18213): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored.
[  452.307760][T18231] netlink: 12 bytes leftover after parsing attributes in process `syz.6.4792'.
[  452.370770][ T5897] usb 6-1: new full-speed USB device number 20 using dummy_hcd
[  452.520692][ T5897] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  452.546125][ T5897] usb 6-1: New USB device found, idVendor=15f4, idProduct=0015, bcdDevice=74.72
[  452.553113][ T5897] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  452.556700][ T5897] usb 6-1: Product: syz
[  452.568666][ T5897] usb 6-1: Manufacturer: syz
[  452.570672][ T5897] usb 6-1: SerialNumber: syz
[  452.595785][T18239] loop6: detected capacity change from 0 to 512
[  452.603411][ T5897] usb 6-1: config 0 descriptor??
[  452.614591][ T5897] dvb-usb: found a 'Hanftek UMT-010 DVB-T USB2.0' in warm state.
[  452.623982][ T5897] dvb-usb: bulk message failed: -22 (3/0)
[  452.653767][ T5897] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  452.667948][ T5897] dvb-usb: Hanftek UMT-010 DVB-T USB2.0 error while loading driver (-19)
[  452.681488][ T5897] dvb_usb_umt_010 6-1:0.0: probe with driver dvb_usb_umt_010 failed with error -22
[  452.840269][ T5897] usb 6-1: USB disconnect, device number 20
[  453.425975][T18248] syzkaller1: entered promiscuous mode
[  453.428662][T18248] syzkaller1: entered allmulticast mode
[  453.696383][T18254] could not open pipe file descriptor
[  453.734265][T18258] loop5: detected capacity change from 0 to 512
[  453.743139][T18258] EXT4-fs (loop5): 1 truncate cleaned up
[  453.746549][T18258] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  453.784694][T15017] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  453.801636][T18266] loop6: detected capacity change from 0 to 8
[  453.814046][T18266] SQUASHFS error: zlib decompression failed, data probably corrupt
[  453.817311][T18266] SQUASHFS error: Failed to read block 0x4e8: -5
[  453.820608][   T33] kauditd_printk_skb: 2893 callbacks suppressed
[  453.820615][   T33] audit: type=1800 audit(1221.883:14432): pid=18266 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.4808" name="file1" dev="loop6" ino=5 res=0 errno=0
[  453.833670][T18266] SQUASHFS error: Failed to read block 0x6e6: -5
[  453.836727][T18266] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  453.839827][T18266] SQUASHFS error: read_indexes: reading block [6e4:0]
[  453.842673][T18266] SQUASHFS error: Failed to read block 0x0: -5
[  453.844750][T18266] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  453.847278][T18266] SQUASHFS error: read_indexes: reading block [6e4:0]
[  453.850215][T18266] SQUASHFS error: Failed to read block 0x0: -5
[  453.852264][T18266] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  453.854980][T18266] SQUASHFS error: read_indexes: reading block [6e4:0]
[  453.857794][T18266] SQUASHFS error: Failed to read block 0x0: -5
[  453.860537][T18266] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  453.863545][T18266] SQUASHFS error: read_indexes: reading block [6e4:0]
[  453.866750][T18266] SQUASHFS error: Failed to read block 0x0: -5
[  453.869553][T18266] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  453.872407][T18266] SQUASHFS error: read_indexes: reading block [6e4:0]
[  453.874890][T18266] SQUASHFS error: Failed to read block 0x0: -5
[  453.877479][T18266] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  453.880217][T18266] SQUASHFS error: read_indexes: reading block [6e4:0]
[  453.882665][T18266] SQUASHFS error: Failed to read block 0x0: -5
[  453.885224][T18266] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  453.888220][T18266] SQUASHFS error: read_indexes: reading block [6e4:0]
[  453.890454][T18266] SQUASHFS error: Failed to read block 0x0: -5
[  453.892529][T18266] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  453.894954][T18266] SQUASHFS error: read_indexes: reading block [6e4:0]
[  453.897368][T18266] SQUASHFS error: Failed to read block 0x0: -5
[  453.900247][T18266] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  453.902650][T18266] SQUASHFS error: read_indexes: reading block [6e4:0]
[  453.904889][T18266] SQUASHFS error: Failed to read block 0x0: -5
[  453.906976][T18266] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  453.909501][T18266] SQUASHFS error: read_indexes: reading block [6e4:0]
[  453.913619][T18266] SQUASHFS error: Failed to read block 0x0: -5
[  453.915725][T18266] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  453.918344][T18266] SQUASHFS error: read_indexes: reading block [6e4:0]
[  453.920568][T18266] SQUASHFS error: Failed to read block 0x0: -5
[  453.922640][T18266] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  453.925032][T18266] SQUASHFS error: read_indexes: reading block [6e4:0]
[  453.927364][T18266] SQUASHFS error: Failed to read block 0x0: -5
[  453.929503][T18266] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  453.931954][T18266] SQUASHFS error: read_indexes: reading block [6e4:0]
[  453.934848][T18266] SQUASHFS error: Failed to read block 0x0: -5
[  453.937363][T18266] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  453.940506][T18266] SQUASHFS error: read_indexes: reading block [6e4:0]
[  453.943231][T18266] SQUASHFS error: Failed to read block 0x0: -5
[  453.945707][T18266] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  453.948808][T18266] SQUASHFS error: read_indexes: reading block [6e4:0]
[  453.951523][T18266] SQUASHFS error: Failed to read block 0x0: -5
[  453.954038][T18266] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  453.956902][T18266] SQUASHFS error: read_indexes: reading block [6e4:0]
[  453.959871][T18266] SQUASHFS error: Failed to read block 0x0: -5
[  453.962274][T18266] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  453.965101][T18266] SQUASHFS error: read_indexes: reading block [6e4:0]
[  453.967866][T18266] SQUASHFS error: Failed to read block 0x0: -5
[  453.971273][T18266] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  453.974730][T18266] SQUASHFS error: read_indexes: reading block [6e4:0]
[  453.975163][T18270] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  453.977389][T18266] SQUASHFS error: Failed to read block 0x0: -5
[  453.977446][T18266] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  453.981326][T18270] SQUASHFS error: read_indexes: reading block [6e4:0]
[  453.983200][T18266] SQUASHFS error: read_indexes: reading block [6e4:0]
[  453.983252][T18266] SQUASHFS error: Failed to read block 0x0: -5
[  453.983305][T18266] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  453.987374][T18270] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  453.989012][T18266] SQUASHFS error: read_indexes: reading block [6e4:0]
[  453.989056][T18266] SQUASHFS error: Failed to read block 0x0: -5
[  453.989106][T18266] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  453.989114][T18266] SQUASHFS error: read_indexes: reading block [6e4:0]
[  453.989152][T18266] SQUASHFS error: Failed to read block 0x0: -5
[  453.989202][T18266] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  453.989209][T18266] SQUASHFS error: read_indexes: reading block [6e4:0]
[  453.989247][T18266] SQUASHFS error: Failed to read block 0x0: -5
[  453.989294][T18266] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  453.997985][T18270] SQUASHFS error: read_indexes: reading block [6e4:0]
[  454.000832][T18266] SQUASHFS error: read_indexes: reading block [6e4:0]
[  454.006315][T18270] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  454.009170][T18266] SQUASHFS error: Failed to read block 0x0: -5
[  454.009228][T18266] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  454.009236][T18266] SQUASHFS error: read_indexes: reading block [6e4:0]
[  454.009274][T18266] SQUASHFS error: Failed to read block 0x0: -5
[  454.009320][T18266] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  454.009333][T18266] SQUASHFS error: read_indexes: reading block [6e4:0]
[  454.009371][T18266] SQUASHFS error: Failed to read block 0x0: -5
[  454.009419][T18266] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  454.009425][T18266] SQUASHFS error: read_indexes: reading block [6e4:0]
[  454.009462][T18266] SQUASHFS error: Failed to read block 0x0: -5
[  454.017920][T18270] SQUASHFS error: read_indexes: reading block [6e4:0]
[  454.018114][T18266] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  454.065875][T18266] SQUASHFS error: read_indexes: reading block [6e4:0]
[  454.068808][T18266] SQUASHFS error: Failed to read block 0x0: -5
[  454.071330][T18266] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  454.074273][T18266] SQUASHFS error: read_indexes: reading block [6e4:0]
[  454.077018][T18266] SQUASHFS error: Failed to read block 0x0: -5
[  454.079657][T18266] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  454.082563][T18266] SQUASHFS error: read_indexes: reading block [6e4:0]
[  454.085211][T18266] SQUASHFS error: Failed to read block 0x0: -5
[  454.087962][T18266] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  454.090897][T18266] SQUASHFS error: read_indexes: reading block [6e4:0]
[  454.093614][T18266] SQUASHFS error: Failed to read block 0x0: -5
[  454.096094][T18266] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  454.099192][T18266] SQUASHFS error: read_indexes: reading block [6e4:0]
[  454.101906][T18266] SQUASHFS error: Failed to read block 0x0: -5
[  454.104705][T18266] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  454.107607][T18266] SQUASHFS error: read_indexes: reading block [6e4:0]
[  454.110448][T18266] SQUASHFS error: Failed to read block 0x0: -5
[  454.112984][T18266] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  454.115856][T18266] SQUASHFS error: read_indexes: reading block [6e4:0]
[  454.118749][T18266] SQUASHFS error: Failed to read block 0x0: -5
[  454.121257][T18266] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  454.124106][T18266] SQUASHFS error: read_indexes: reading block [6e4:0]
[  454.128864][T18266] SQUASHFS error: Unable to read metadata cache entry [6e4]
[  454.131768][T18266] SQUASHFS error: read_indexes: reading block [6e4:0]
[  454.485796][T18277] loop6: detected capacity change from 0 to 512
[  454.493902][T18277] EXT4-fs (loop6): feature flags set on rev 0 fs, running e2fsck is recommended
[  454.498067][T18277] EXT4-fs (loop6): mounting ext2 file system using the ext4 subsystem
[  454.511021][T18277] EXT4-fs (loop6): warning: mounting unchecked fs, running e2fsck is recommended
[  454.516200][T18277] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=a002e01c, mo2=0006]
[  454.520105][T18277] System zones: 0-2, 18-18, 34-35
[  454.524065][T18277] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  454.570282][T15182] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  454.831701][T18282] loop6: detected capacity change from 0 to 16
[  454.834798][T18282] MTD: Attempt to mount non-MTD device "/dev/loop6"
[  455.416526][T18296] loop6: detected capacity change from 0 to 40427
[  455.423649][T18296] F2FS-fs (loop6): build fault injection rate: 14
[  455.426326][T18296] F2FS-fs (loop6): build fault injection type: 0xe
[  455.469467][T18296] F2FS-fs (loop6): invalid crc value
[  455.473356][T18296] F2FS-fs (loop6): inject page alloc in f2fs_grab_cache_folio of f2fs_ra_meta_pages+0x615/0x970
[  455.479690][T18296] F2FS-fs (loop6): inject kvmalloc in f2fs_kvmalloc of f2fs_fill_super+0x4462/0x6ff0
[  455.483494][T18296] F2FS-fs (loop6): Failed to initialize F2FS node manager (-12)
[  456.029373][T18314] netlink: 'syz.5.4825': attribute type 2 has an invalid length.
[  456.102405][T18312] loop6: detected capacity change from 0 to 32768
[  456.127235][T18312] ERROR: (device loop6): diAllocAG: error reading iag
[  456.127235][T18312] 
[  456.134759][T18312] ialloc: diAlloc returned -5!
[  456.215693][   T47] hid-generic 0000:0000:0000.0022: unknown main item tag 0x0
[  456.223941][T18322] loop5: detected capacity change from 0 to 1024
[  456.226623][   T47] hid-generic 0000:0000:0000.0022: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  456.361629][T18333] loop5: detected capacity change from 0 to 512
[  456.366082][T18333] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  456.372446][T18333] EXT4-fs (loop5): invalid journal inode
[  456.374569][T18333] EXT4-fs (loop5): can't get journal size
[  456.379546][T18333] EXT4-fs (loop5): 1 truncate cleaned up
[  456.382790][T18333] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  456.422445][T15017] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  456.442432][T18330] loop6: detected capacity change from 0 to 32768
[  456.445865][T18330] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.4832 (18330)
[  456.451756][T18330] BTRFS info (device loop6): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  456.455044][T18330] BTRFS info (device loop6): using crc32c (crc32c-lib) checksum algorithm
[  456.459286][T18330] BTRFS info (device loop6): using free-space-tree
[  456.470718][T18348] ieee802154 phy0 wpan0: encryption failed: -22
[  456.475631][T18330] BTRFS info (device loop6): rebuilding free space tree
[  456.499136][   T33] audit: type=1800 audit(1224.564:14433): pid=18330 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.4832" name="bus" dev="loop6" ino=263 res=0 errno=0
[  456.549282][T15182] BTRFS info (device loop6): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  456.710514][T18355] loop6: detected capacity change from 0 to 512
[  456.714723][T18355] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  456.722479][T18355] EXT4-fs (loop6): 1 truncate cleaned up
[  456.726288][T18355] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  456.736258][T18355] EXT4-fs error (device loop6): htree_dirblock_to_tree:1080: inode #2: block 13: comm syz.6.4837: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  456.747450][   T47] usb 6-1: new high-speed USB device number 21 using dummy_hcd
[  456.751227][T18355] EXT4-fs (loop6): Remounting filesystem read-only
[  456.772299][T15182] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  456.906971][   T47] usb 6-1: Using ep0 maxpacket: 32
[  456.922149][   T47] usb 6-1: config 24 has an invalid descriptor of length 0, skipping remainder of the config
[  456.926168][   T47] usb 6-1: New USB device found, idVendor=061d, idProduct=c140, bcdDevice=c1.1d
[  456.930216][   T47] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  456.941815][   T47] quatech2 6-1:24.0: Quatech 2nd gen USB to Serial Driver converter detected
[  456.973091][T18365] loop6: detected capacity change from 0 to 4096
[  456.979836][T18365] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  456.989190][T18365] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  457.005223][T18365] EXT4-fs (loop6): shut down requested (2)
[  457.033213][T15182] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  457.142192][   T47] usb 6-1: qt2_attach - failed to power on unit: -71
[  457.145077][   T47] quatech2 6-1:24.0: probe with driver quatech2 failed with error -71
[  457.154824][   T47] usb 6-1: USB disconnect, device number 21
[  457.759133][T18378] loop5: detected capacity change from 0 to 128
[  458.017931][   T33] audit: type=1326 audit(1226.084:14434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18392 comm="syz.0.4854" exe="/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa87bb8ebe9 code=0x0
[  458.100659][   T33] audit: type=1326 audit(1226.164:14435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18397 comm="syz.5.4856" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f754418ebe9 code=0x7ffc0000
[  458.109448][   T33] audit: type=1326 audit(1226.164:14436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18397 comm="syz.5.4856" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f754418ebe9 code=0x7ffc0000
[  458.121393][   T33] audit: type=1326 audit(1226.174:14437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18397 comm="syz.5.4856" exe="/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7f754418ebe9 code=0x7ffc0000
[  458.132724][   T33] audit: type=1326 audit(1226.174:14438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18397 comm="syz.5.4856" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f754418ebe9 code=0x7ffc0000
[  458.144786][   T33] audit: type=1326 audit(1226.174:14439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=18397 comm="syz.5.4856" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f754418ebe9 code=0x7ffc0000
[  458.182640][T18402] loop5: detected capacity change from 0 to 256
[  458.197260][T18402] FAT-fs (loop5): Directory bread(block 64) failed
[  458.199601][T18402] FAT-fs (loop5): Directory bread(block 65) failed
[  458.201820][T18402] FAT-fs (loop5): Directory bread(block 66) failed
[  458.203975][T18402] FAT-fs (loop5): Directory bread(block 67) failed
[  458.206142][T18402] FAT-fs (loop5): Directory bread(block 68) failed
[  458.208301][T18402] FAT-fs (loop5): Directory bread(block 69) failed
[  458.210562][T18402] FAT-fs (loop5): Directory bread(block 70) failed
[  458.212891][T18402] FAT-fs (loop5): Directory bread(block 71) failed
[  458.215184][T18402] FAT-fs (loop5): Directory bread(block 72) failed
[  458.220160][T18402] FAT-fs (loop5): Directory bread(block 73) failed
[  458.416660][ T3599] ------------[ cut here ]------------
[  458.419633][ T3599] WARNING: CPU: 1 PID: 3599 at io_uring/io_uring.c:2981 io_ring_exit_work+0x4ed/0x930
[  458.423552][ T3599] Modules linked in:
[  458.427848][ T3599] CPU: 1 UID: 0 PID: 3599 Comm: kworker/u10:4 Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  458.433092][ T3599] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  458.437605][ T3599] Workqueue: iou_exit io_ring_exit_work
[  458.440033][ T3599] RIP: 0010:io_ring_exit_work+0x4ed/0x930
[  458.442426][ T3599] Code: c6 05 f8 e1 61 0e 01 48 c7 c7 20 5e e2 8b be 24 00 00 00 48 c7 c2 c0 5d e2 8b e8 1e 1d 72 00 e9 7b fe ff ff e8 a4 42 94 00 90 <0f> 0b 90 b8 70 17 00 00 48 89 44 24 38 e9 5f ff ff ff 89 d9 80 e1
[  458.450420][ T3599] RSP: 0018:ffffc900075178e0 EFLAGS: 00010293
[  458.453055][ T3599] RAX: ffffffff812b68ec RBX: 0000000100003d6c RCX: ffff888108870000
[  458.456690][ T3599] RDX: 0000000000000000 RSI: fffffffffffffffa RDI: 0000000000000000
[  458.460098][ T3599] RBP: ffffc90007517a70 R08: ffffc90007517867 R09: 1ffff92000ea2f0c
[  458.463368][ T3599] R10: dffffc0000000000 R11: fffff52000ea2f0d R12: 0000000100003d66
[  458.466817][ T3599] R13: ffff88811bea4310 R14: ffff88811bea4480 R15: dffffc0000000000
[  458.470095][ T3599] FS:  0000000000000000(0000) GS:ffff8881a3c1c000(0000) knlGS:0000000000000000
[  458.473700][ T3599] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  458.476920][ T3599] CR2: 00007f75441733e0 CR3: 0000000039cd8000 CR4: 00000000000006f0
[  458.480235][ T3599] Call Trace:
[  458.481621][ T3599]  <TASK>
[  458.482829][ T3599]  ? __pfx_io_ring_exit_work+0x10/0x10
[  458.485074][ T3599]  ? _raw_spin_unlock_irq+0x23/0x50
[  458.487790][ T3599]  ? process_scheduled_works+0x9ef/0x17b0
[  458.490281][ T3599]  ? process_scheduled_works+0x9ef/0x17b0
[  458.492654][ T3599]  process_scheduled_works+0xae1/0x17b0
[  458.494990][ T3599]  ? __pfx_process_scheduled_works+0x10/0x10
[  458.497553][ T3599]  worker_thread+0x8a0/0xda0
[  458.499516][ T3599]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  458.502137][ T3599]  ? __kthread_parkme+0x7b/0x200
[  458.504356][ T3599]  kthread+0x711/0x8a0
[  458.506041][ T3599]  ? __pfx_worker_thread+0x10/0x10
[  458.508486][ T3599]  ? __pfx_kthread+0x10/0x10
[  458.510428][ T3599]  ? _raw_spin_unlock_irq+0x23/0x50
[  458.512664][ T3599]  ? lockdep_hardirqs_on+0x9c/0x150
[  458.514851][ T3599]  ? __pfx_kthread+0x10/0x10
[  458.517075][ T3599]  ret_from_fork+0x3fc/0x770
[  458.519039][ T3599]  ? __pfx_ret_from_fork+0x10/0x10
[  458.521144][ T3599]  ? __switch_to_asm+0x39/0x70
[  458.523133][ T3599]  ? __switch_to_asm+0x33/0x70
[  458.525102][ T3599]  ? __pfx_kthread+0x10/0x10
[  458.527122][ T3599]  ret_from_fork_asm+0x1a/0x30
[  458.529208][ T3599]  </TASK>
[  458.530581][ T3599] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  458.533707][ T3599] CPU: 1 UID: 0 PID: 3599 Comm: kworker/u10:4 Not tainted 6.17.0-rc1-syzkaller-00036-gdfc0f6373094-dirty #0 PREEMPT(full) 
[  458.539151][ T3599] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  458.543437][ T3599] Workqueue: iou_exit io_ring_exit_work
[  458.545764][ T3599] Call Trace:
[  458.547210][ T3599]  <TASK>
[  458.548615][ T3599]  dump_stack_lvl+0x99/0x250
[  458.550671][ T3599]  ? __asan_memcpy+0x40/0x70
[  458.552692][ T3599]  ? __pfx_dump_stack_lvl+0x10/0x10
[  458.554922][ T3599]  ? __pfx__printk+0x10/0x10
[  458.556852][ T3599]  vpanic+0x281/0x750
[  458.558598][ T3599]  ? __pfx__printk+0x10/0x10
[  458.560613][ T3599]  ? __pfx_vpanic+0x10/0x10
[  458.562606][ T3599]  ? is_bpf_text_address+0x26/0x2b0
[  458.564878][ T3599]  panic+0xb9/0xc0
[  458.566547][ T3599]  ? __pfx_panic+0x10/0x10
[  458.568499][ T3599]  __warn+0x31b/0x4b0
[  458.570197][ T3599]  ? io_ring_exit_work+0x4ed/0x930
[  458.572407][ T3599]  ? io_ring_exit_work+0x4ed/0x930
[  458.574662][ T3599]  report_bug+0x2be/0x4f0
[  458.576560][ T3599]  ? io_ring_exit_work+0x4ed/0x930
[  458.578698][ T3599]  ? io_ring_exit_work+0x4ed/0x930
[  458.580903][ T3599]  ? io_ring_exit_work+0x4ef/0x930
[  458.583107][ T3599]  handle_bug+0x84/0x160
[  458.584960][ T3599]  exc_invalid_op+0x1a/0x50
[  458.586956][ T3599]  asm_exc_invalid_op+0x1a/0x20
[  458.589112][ T3599] RIP: 0010:io_ring_exit_work+0x4ed/0x930
[  458.591583][ T3599] Code: c6 05 f8 e1 61 0e 01 48 c7 c7 20 5e e2 8b be 24 00 00 00 48 c7 c2 c0 5d e2 8b e8 1e 1d 72 00 e9 7b fe ff ff e8 a4 42 94 00 90 <0f> 0b 90 b8 70 17 00 00 48 89 44 24 38 e9 5f ff ff ff 89 d9 80 e1
[  458.599506][ T3599] RSP: 0018:ffffc900075178e0 EFLAGS: 00010293
[  458.602129][ T3599] RAX: ffffffff812b68ec RBX: 0000000100003d6c RCX: ffff888108870000
[  458.605488][ T3599] RDX: 0000000000000000 RSI: fffffffffffffffa RDI: 0000000000000000
[  458.608890][ T3599] RBP: ffffc90007517a70 R08: ffffc90007517867 R09: 1ffff92000ea2f0c
[  458.612290][ T3599] R10: dffffc0000000000 R11: fffff52000ea2f0d R12: 0000000100003d66
[  458.615698][ T3599] R13: ffff88811bea4310 R14: ffff88811bea4480 R15: dffffc0000000000
[  458.619108][ T3599]  ? io_ring_exit_work+0x4ec/0x930
[  458.621350][ T3599]  ? __pfx_io_ring_exit_work+0x10/0x10
[  458.623731][ T3599]  ? _raw_spin_unlock_irq+0x23/0x50
[  458.625991][ T3599]  ? process_scheduled_works+0x9ef/0x17b0
[  458.628435][ T3599]  ? process_scheduled_works+0x9ef/0x17b0
[  458.630899][ T3599]  process_scheduled_works+0xae1/0x17b0
[  458.633319][ T3599]  ? __pfx_process_scheduled_works+0x10/0x10
[  458.636050][ T3599]  worker_thread+0x8a0/0xda0
[  458.638073][ T3599]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  458.640760][ T3599]  ? __kthread_parkme+0x7b/0x200
[  458.642826][ T3599]  kthread+0x711/0x8a0
[  458.644488][ T3599]  ? __pfx_worker_thread+0x10/0x10
[  458.646610][ T3599]  ? __pfx_kthread+0x10/0x10
[  458.648547][ T3599]  ? _raw_spin_unlock_irq+0x23/0x50
[  458.650768][ T3599]  ? lockdep_hardirqs_on+0x9c/0x150
[  458.653016][ T3599]  ? __pfx_kthread+0x10/0x10
[  458.655028][ T3599]  ret_from_fork+0x3fc/0x770
[  458.657049][ T3599]  ? __pfx_ret_from_fork+0x10/0x10
[  458.659265][ T3599]  ? __switch_to_asm+0x39/0x70
[  458.661335][ T3599]  ? __switch_to_asm+0x33/0x70
[  458.663329][ T3599]  ? __pfx_kthread+0x10/0x10
[  458.665285][ T3599]  ret_from_fork_asm+0x1a/0x30
[  458.667279][ T3599]  </TASK>
[  458.669375][ T3599] Kernel Offset: disabled
[  458.671198][ T3599] Rebooting in 86400 seconds..

VM DIAGNOSIS:
11:52:50  Registers:
info registers vcpu 0

CPU#0
RAX=57a427332b467e00 RBX=ffffffff81968308 RCX=57a427332b467e00 RDX=0000000000000001
RSI=ffffffff8d9b6dc6 RDI=ffffffff8be33400 RBP=ffffffff8de07eb8 RSP=ffffffff8de07d80
R8 =ffff88804b032f9b R9 =1ffff110096065f3 R10=dffffc0000000000 R11=ffffed10096065f4
R12=ffffffff8fa37e30 R13=0000000000000000 R14=0000000000000000 R15=1ffffffff1bd2a20
RIP=ffffffff8b7943f3 RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8880b861c000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=000055f1b90557e8 CR3=0000000129da8000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=00007fa87bd87498 00007fa87bd87470 XMM03=00007fa87bd874a8 00007fa87bd874a0
XMM04=00007fa87c8ed100 00007fa87bd87460 XMM05=00007fa87bd87478 00007fa87bd874c0
XMM06=00007fa87bd874b8 00007fa87bd874b0 XMM07=00007fa87bd874a8 00007fa87bd874a0
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007fa87bc12fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=0000000000000001 RBX=ffffffffa0000887 RCX=0000000000000105 RDX=ffff888108870000
RSI=ffffffff8be333e0 RDI=ffffffff8be333a0 RBP=0000000000000001 RSP=ffffc900001e0650
R8 =0000000000000000 R9 =ffffffff81cea1d6 R10=ffffc900001e07f0 R11=fffff5200003c100
R12=ffffc900001e07a0 R13=ffffc900001e0a00 R14=ffffffffa0000887 R15=1ffff9200003c0fd
RIP=ffffffff8b79617d RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 0000000000000000 ffffffff 00c00000
GS =0000 ffff8881a3c1c000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=00007f75441733e0 CR3=0000000039cd8000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=2525252525252525 2525252525252525
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000000000000 00000000000000ff XMM05=6161616161616161 6161616161616161
XMM06=6161616161616161 6161616161616161 XMM07=6161616161616161 6161616161616161
XMM08=6161616161616161 6161616161616161 XMM09=0000000000000000 00007f7544212fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
