last executing test programs:

32.758803804s ago: executing program 0 (id=694):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000580)=[@in={0x2, 0x4e21, @local}], 0x10)
sendmsg$inet_sctp(r0, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000380)='N', 0x1}], 0x1, 0x0, 0x0, 0x804c040}, 0x1)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r0, 0x84, 0x72, &(0x7f0000000240)={0x0, 0x1, 0x30}, 0xc)
r1 = dup(r0)
setsockopt$inet_sctp6_SCTP_DEFAULT_SNDINFO(r1, 0x84, 0x22, &(0x7f00000004c0)={0x4, 0x200, 0x7fffffff, 0x800}, 0x10)
write(r0, &(0x7f00000003c0)="c7", 0x1)

32.757147466s ago: executing program 0 (id=695):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$NFT_MSG_GETSETELEM(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000440)=ANY=[@ANYBLOB="200000000d0aac00000000000000000000000000090002"], 0x20}}, 0x0)
sendmsg$netlink(r0, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000400)=[{&(0x7f0000000440)=ANY=[@ANYBLOB="140100001400210200000000fcdbdf2502"], 0x114}], 0x1}, 0x0)

32.690729007s ago: executing program 0 (id=696):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x48)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_lsm={0x6, 0x6, &(0x7f0000000040)=@framed={{}, [@map_val={0x18, 0x0, 0x2, 0x0, r0}, @ldst={0x3, 0x0, 0x6}]}, &(0x7f0000000180)='syzkaller\x00', 0xb}, 0x94)

32.690364301s ago: executing program 0 (id=697):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001700)=ANY=[@ANYBLOB="1800000024000103000000000000000001008c000400ae"], 0x18}, 0x1, 0x0, 0x0, 0x8001}, 0x4000)
recvmmsg(r0, &(0x7f0000004d80)=[{{0x0, 0x0, &(0x7f0000000640)=[{&(0x7f0000000000)=""/60, 0x3c}, {&(0x7f0000000400)=""/104, 0x68}, {&(0x7f0000000080)=""/47, 0x2f}, {&(0x7f00000001c0)=""/129, 0x81}, {&(0x7f0000001740)=""/4109, 0x100d}], 0x5, &(0x7f00000006c0)=""/101, 0x65}, 0x2}], 0x63, 0x40012000, 0x0)

32.630648565s ago: executing program 0 (id=698):
r0 = syz_usb_connect(0x0, 0x1cb, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000122f0d4071040403dfe4000000010902b901010000003f0904"], 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000cc0)={0x44, &(0x7f0000000a00)={0x40, 0x10}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

32.128387785s ago: executing program 0 (id=703):
sync()
sync()

27.660712968s ago: executing program 1 (id=740):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
io_setup(0x1ff, &(0x7f0000001540)=<r1=>0x0)
io_submit(r1, 0x1, &(0x7f00000007c0)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x401, r0, 0x0}])

27.570690738s ago: executing program 1 (id=741):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000100), r0)
sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000200)={0x0, 0x9000000, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010000000000000000000100000008000100040000002c00048005000300010000000400030080ffffff05000300000000000500030080ffffff0500030080ffffff0800020003"], 0x50}}, 0x0)

27.570466344s ago: executing program 1 (id=742):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x15, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000edff0000000000000000850000000f"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='consume_skb\x00', r0}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='consume_skb\x00', r1}, 0x10)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$tipc(r2, &(0x7f0000004440)={&(0x7f0000000ec0)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x2}}, 0x10, &(0x7f0000004340)=[{&(0x7f0000000f00)="34cbf9c55466da0eadc249236ab3cbf316717306be4c08c8c7da1f1ee04ab4b4eac14995ebdf620ff778a4e3452587e42a3c6aa1bd35dfd99f23b525893bc3b5f9f3bed1986bf8d0dddd7c5cdada611f9bf641e421ed71a842d84fa289a542f941d6e06b2b14e2a706ce30acf7d82f224f3e30cadd9d15f3dddbb29dbeb9f68fb68bedb91e0b1ef48832778fe36699c7ebf101659a8f476c4a065eac71d6d1e7fafc6f25ec2c9a8f431fe347a2d30e912c5b2397613ce784637ec71e37566eb0548b461f71028459c6f137c18737d58b56949d022bf1eaf486692bb76836a233c7879d740ad0beaf5159d3380442824f536a41bb22d08fe53952b9c6fed2605d53311c71b455655f96ea6a87e41e9211e90170b0a2b1a2098175ebcd33d517085d224122264cddadd82a3d11bc4a33ce66108b22b1abc6243d306d8f6b8a2ddb5373c190d8f859a3174a200936b079f85edcac7fc03fb993ec0ff8b83f1fd3f1b888d192d99c7ede5d381784d25410cccf1b0bf26a54f065e1e3ec59cc5704fb658fc980a0ac4287ef884ee82007554be3f1e163c81468d0c26c95e3e12393776e32800bb4f086f19080c4fca3d72e8569a5627ce98f2ae0bdb3ec42c23847d47e10b1c58da7e9cea990da842d96e3a51ed7d892f7b28a10486424a69a9109ebd4d7d5a3768400ac000a6d7556ca192e5cd45efb82001ac7b53e03036b6019a07ffb545cd3853e077f08a015f6232488c1139a9409c95ed005261e36b307406ba5714ef395129345866109341feb6c7c458ce08c147a983b46375ddb3621cee0312ba1a434bcd6081e1a8ae8b6d518988b9965faf9aff86df8173b93342cceaec357a100e59b4d66553633626b0b12e9622b8f8fdfe26545b87c57f8ce8609fb8e19b0f6d1cd64e8de85c7327f543b2f38cf3086b57f85e1aaa4add723e4bc4e3ea2c27acec1e545ae3fc870bd42422f6eaf17a1f82699c9cadf224ea1e5d1705b49118d91cc3731aeed60e41bf15a9613aeda8e63a29bc7a95b2d993d23269a310b91f69d16a71243c0f4080d3359f5ddd63c7032bef14ab25eb7df4b28b2132bcbf94a281c8f5de79885a6d679f145fca292b599bb09a1864726d86b65d4781408320b968e2224c23ce7a56d8892970043737ae47f071aaeb219716bc21e3304e301eb5cd32aea951a70621eb870214a72e6c474c3a20f5bd8e089ba16326cc9a80a1a4f5f0e8f58629e20b1c73eb8af330744b187a5cfdb410466378313700ca44eb6dcbc8f3d70f58e134202546f0b1a3b61a298f2a1184b1533bdad308fa2f960087e0f239d2ccbaee3889ddc1a2bea2183b98854d255a6f708909134fab83f42f13e7604f602e264f4a3b2b2a08c673c7ce2813218159b472d3b20ecbf26dd2f7b3ba5298a4ff7444ea0936e098c126f590b05e7697ed8a3d52ba1abc7285de2f160b9b081cb775a5ab77aad1bb98d47e3da53fc4c11d4db47de1e4e6f56ad671f5d8389b33260cc546e4f0bf34fec9b2abd209e6b89e6e381367774676ed6e6eaffe42b07241c276f3c84f17a0762de83eb769bdf28991ddbc23758f01c9ecfba4ab2ca2118fcedd7adde9ff47f643c13e3ad2f13b576985128f233e329fe269d5745cd2b30e5762452a4ff58fdec30623175f8d575ced1c43411e2869aadbe6f1e79a010bca334cb08d545bc2808f359b7777d1bb5675ee210574b9f72cdeb071e07eeaa0988086213a37a972647cf21d3a3bcbd7359da327bacad41b93c5e0e494669109dddcec781774f248f5663e4fac187d42ffccf68335de2adac4f8d3e1bf04b95a9464960186ed019773ffeda18f9827a61edc5fc4088eb0965cb1bd8af1185aa3972b8f73839b4611e303bcbc1f84a330f60fa0a7795ea3cffe0e338406533e12c7deef0b5906c513eab4619a8f02fdd65dcfb7297ef971c4601ad079f7ad38278ae3ff455b37d5492af546975535450693fd4593c8157b3fdb16fd3a106d2f1509d1c06dabb8933269d790a1c5e5f7bdd4a57e1e670d7043cfed88c365b5f8eefe530ef7da5322df981723332c088fce89c2ceee23b420f64332243b9c606d67d538810a94e0ffbd37a119d8fc4d6caec0def40e62613873c74feabde63e12cb2016c1d35cf1bb95bf59e01a63be8825cb3118b74b106f21eef5ee2f41e5fb39fdde058050f780d98ced247c66fc3a03ba04edaf14d698859ba303d511cf0845dc5e269aef2287770a247fd5ae1299b45819ff41725f9da3e4dab7770eb83992b53ae9a9de69e764f6e3aee3e27cfb1bacf531a91605894ae209da6d25872fb54bf36b2ed450b51aa8ee4875b9bc7e55753f61e12a323d301faceb2ecff0686b1359343a94774a6a098dc2df440725cd8331f527d4e22f8090d8879ef4765849705b99465d7ebdf661b81c303d13b87270dc1f227d5954fcbc93bbce6fde2a1f8d573d9cd8130c173a14706f1e9dabc4d16a5b003dd3239faf91769e25cf007b0623141e4e57f11746cd62f20d73956fa84c6a12e1756b6671a64bd7a474ba425907e1a61ba6d2ffa1149165a713a141bfec0f1af51afebdb84d5f14eb51acc284403627d6ce48fd028dc04e00ed963de37f85d155c33e2b4ceb09044c4f1c7791348216b674a8831a232a638f8bfb396fabbe1f880944bc5dcac55df8abc78f804306c88617acfd4adfbb5a055d3d3e91abb763ad84e701cc5679498e04600570f4b2e57c70542043dc590ab363215e6ab3f0bd89383748783d01c9227229edac723d4e2eaa061a44f2630691f25ca6093775183fdf432e01322203dd654b336670116a6a52a27ff2032b1103a4e4be0cc2fb05b24352d72e374e90cc3db2a5a691c7f6b8d1058d7730433c742d8ce52074318b1bce9bb104cf90c8b7f65293c2b74434661444f38d94d977e03433440517f6155a3cad2621c5502dd6148b867a40e6a40be4c8265ec2164b5257f06da1784e98991f42003ced4ba67c23b8c654b542d2d31168fd853cf56cc2c464d7a8a9fbcd2715968788f8527c597ab5f917753c1f1708d2c19972373c5a22af71847de22b9f1e9d38a04ea4dd291da3099cb836a696350bf1263c3c275c27b8b82f604625451a24490b0b5367c2fd05e699546ddf17709d2e2c2710f4361d9dd6e2de2b4353b7f4f8141f6f989dc1a798a974565978e4f9ec0c59a7dbc04bcab072c8513b9ca782c22cdd31fb116c10081740fd8f7d0cbd5c54f1069297f20b45d79bb9ace8e851a655fedf47b2dc76fd30b9ba9f09c9b50d6910ffcdec7078c36fe1e9b19dbb110197496349560a43c0ab42b4ce286643e73a92246ecb71e95ce0d54114772f8477c7d5604c1a52d2f680c5868cf08a2688dd9fef492a01836112cec824483e77da93d104a9e18d06bddf9a4007740a0537ac1a5e09900acc65d52680212a15b68b0ef887228e06f533c1ca95b8f9d81b9fc6608cb5bacf4b867922999c69d46048ec3f408866789f49fcb176fc99ed9d3e6c357ed2e3ce2665925773e5d86c2ceaf8f18519a00d9d2e19e9a6b16af0a53fd7df6974f5db00494460e7f3de6ff6b642859335e020513bb525adddabf0d7d6ae85e7e56e32ca8acc07fe86b7b445358966ba3914c1dfa7b814d9e846ff02a6a8c8f5713a0f727024b5d1ea7e4ce7c64f9b24dd3337a3df33714c5404403b0304b25a66fe3ac85083965877117b3d721e7922f0ac7e278feeb8dc09f58cbcfbb81b11d4699737f37ac240a24b9c4b2b587e68974f7ca5561856f32e389d32056f7d58e4de24c11bd5c5afaa441120370d0c48341e1b8146a6bbca8c15f23c155d2533e97a8e6496bc00533ec83be8488d020708d97385a03bcbf57cadc2c1e575e1ac134cdb5047f3f88eae0230751626cea1c85da9b74ddace668afebb2dc66d302ddf3c5f8f21ac0c0535d00839457e7cac9282a8e49d018b077e38ea512cf28eacff5d98e880abfb5af2e7c039d2e1f1edaad2642963ef29d715f754e2715caa6af046a298b285e3582d903be726b608619332e1a82be48b0f5adf6838f41ff776e5290de8269794bce8fb971267d036bd6bd30e42df918125d573ced78263251bcae2b7b40f1ba855b4f2472312ea8752c4a0e09468bd25615a6c00a9b44c484c5507b8400537f20890e9499ec94ed2b6aeff21e57c6e8a93d80097f85ac9316b03a5f768721bf7d041bb9a6a03eabd615e3c4d74f56c429d53b8fec4b5e86c5b311a6cd4a86f03e04dab25ad65b68a8b8d9053993fd2440ff2b81768213084c831d31a0f8c646aff9090b5463cbee452abd6318340ec41b50f1deba7ffb60b326751de3f6dbf9b17714299233d5c43071367ece2e53212e7f4e084fea60850d4d16908d9bbbb531fbf72143fdb62d1b40afde3d0b2ac2c94c32e456bbef62f8d677e332aec8ccc8eedbac61e7b89b32d57157a39ad5c456258d9c36db0edc82c2baead990ee78007ed89c8f450e92d5e209cc25f7c13f5909ca404fddbdbeff89cc42350c91e9f1fdf9753c6e95f71257f8cbb97838684461cd1244c938b9939a4e9c7727902b6f1a5434e0a06d3fc221771dd87572ae801c5ce6886122f0c91dae57440ffc7ace4e8e0041a1d245103aaadbfc2ecff622228daed2b0cd30f7f59b2617f6f0571ee4403d84e652d78b8e64d5450b6483ef70582dcda9351f2dddd3a4ac84f514f708d3af6242501bd041beae78e6b29b517b534148ea91ef85653fec824d6ddb0c0fa2555ab2564ba29227b1046b48a11ee0e6aafda9d0b80b0f05a8d057cbeb16264cb579aea3ba2b2000052d03c77844ab7c", 0xd4d}], 0x1}, 0x0)

27.490226976s ago: executing program 1 (id=743):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc0ed000e, &(0x7f0000000200)={[{@jqfmt_vfsold}, {@max_batch_time={'max_batch_time', 0x3d, 0x1}}, {@debug}, {@noload}, {@nombcache}, {@noblock_validity}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x8000}}]}, 0xfe, 0x47c, &(0x7f0000000a80)="$eJzs3M1vFOUfAPDvTLulwI9fK+ILCFJFI/GlpeVFDl40mnDQxEQPGE+1LaRSqKE1EUK0esCjIfFu/C+MJ70Y9aKJV70bEmK4gHpZMzsztLS77ZZud4H9fJLZfZ6Z2X2e78w8O8/Ms7sBdK2h7CGJ+F9E/B4RA3n29hWG8qeb1y9N/H390kQS1epbfyW19W5cvzRRrlq+bnueqVaL/JY65V5+N2J8ZmbqfJEfmT/7wcjchYsvTJ8dPz11eurc2PHjRw7v6zs2drQlcWZx3djz8eze3SfeufLGxMkr7/2UpJHHHcviaJWhfOvW9XSrC+uwHUvSSW/22F/k9v+yuKTekUAn9UREtrsqtfY/ED2x9daygXjts45WDthU1Wq1usqn8kIVuI8l0ekaAJ1Rnuiz699yalPX465w7eX8AiiL+2Yx5Ut6I80T+yvLrm9baSgiTi7881U2xSbdhwAAWOq7rP/zfL3+XxoP54m+7OH/xRjKYEQ8EBE7I+LBiNgVEQ9F1NZ9JCIeXWf5y0dIVvZ/0qt3HFwTsv7fS8XY1u39v7RcZbCnyO2oxV9JTk3PTB0qtsnBqGw5NZ1Mja5Sxvev/vZFo2VL+3/ZlJVf9gWLelztXXaDbnJ8fnwjMS917dOIPb314k9q4wJRjOvtjog9d1jG9LO9DZetHf8qGr9t06pfRzyT7/+FWBZ/KWk4Pjn64rGxoyP9MTN1aKQ8Klb6+dfLbzYqf0Pxt0C2/7fVPf5vxT+Y9EfMXbh4pjZeO7f+Mi7/8XnDa5p1Hv8ndhTHf1/ydm1GX7Hgo/H5+fOjEX3J6yvnjy2+W5kv18/iP3igfvvfGYtb4rGI2BsR+yLi8eyisKj7ExHxZEQcWCX+H1956v31x9+esdIs/sm19n8s3f/rT/Sc+eHbtePvj4hG+/9ILXWwmNPM51+zFdzItgMAAIB7Rf4d+CQdXkwnw8P5d/h3xbZ0ZnZu/rlTsx+em8y/Kz8YlbS80zWw5H7oaHFvuMyPLcsfLu4bf9mztZYfnpidmex08NDltq9o/2matf/Mnz2drh2w6Vowjgbco7R/6F7aP3SnZM32X2lbXYD2c/6H7lWv/X/ScO3hbza1MkBbOf9D92qi/S/kT417BcC9yfkfupf2D12p4W/j0w395L/tiX+L/zO8W+pz/ycivSuqcf8nepv+M4tGicrKtlwdyNt/NmdL3Vd1+pMJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgNf4LAAD///R05PQ=")
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='devpts\x00', 0x0, 0x0)
mount$bpf(0x0, &(0x7f00000023c0)='./file0\x00', 0x0, 0x958028, &(0x7f00000001c0)={[{@gid}, {}]})
r0 = syz_open_procfs(0x0, &(0x7f0000000700)='mounts\x00')
read$FUSE(r0, &(0x7f0000000980)={0x2020}, 0x2020)

27.420251398s ago: executing program 1 (id=744):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f00000000c0)=@framed={{}, [@func={0x85, 0x0, 0x1, 0x0, 0x1}, @exit, @printk={@ld={0x18, 0x0}, {0x3, 0x3, 0x3, 0xa, 0x1, 0xfe00}, {0x5}, {}, {}, {}, {0x85, 0x0, 0x0, 0x76}}]}, &(0x7f0000000180)='GPL\x00', 0x9, 0x88, &(0x7f0000000000)=""/136}, 0x90)

27.169198613s ago: executing program 1 (id=745):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000000)={'bond0\x00', &(0x7f0000000040)=@ethtool_sfeatures={0x3b, 0x2, [{0x7ad8, 0x1}, {0xfffffffc, 0x80003}]}})

27.103592438s ago: executing program 32 (id=745):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000000)={'bond0\x00', &(0x7f0000000040)=@ethtool_sfeatures={0x3b, 0x2, [{0x7ad8, 0x1}, {0xfffffffc, 0x80003}]}})

17.126960601s ago: executing program 33 (id=703):
sync()
sync()

2.639097756s ago: executing program 3 (id=1001):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000800)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a7c000000060a0b04000000000000000002000000500004802800018007000100637400001c000280050003000100000008000140000000170800024000000010240001800a00010072656469720000001400028008000140000000170800024000ffff140900010073797a30000000000900020073797a32"], 0xa4}}, 0x0)

2.556500607s ago: executing program 3 (id=1004):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1018e58, &(0x7f0000000200)={[{@usrquota}, {@noblock_validity}, {@bh}, {@max_batch_time={'max_batch_time', 0x3d, 0x1}}, {@nodelalloc}, {@inlinecrypt}]}, 0x6, 0x5fc, &(0x7f0000000600)="$eJzs3c9rHGUfAPDvzCZ5kzavaUXEFsWAhxakaVKLVS+29WAPBQv2IOKhoUlq6PYHTQq2FkzBg4KCiFeRXvwHvEvv3kRQb56FKlJRUOnK7M62m2Q3XdPsTpr5fGCzz/PM7D7PdydP5pmZPDsBlNZ49iON2BVx51QSMdaybDQaC8fz9W7/du109kiiVnv91ySSvKy5fpI/b88zwxHx7dGIRyur6124cvXsdLXW8F7E/sVzF/cvXLm6b/7c9JnZM7Pnpw68cPDQ5ItTB6c2JM7t+fOx4689+fH7bz8/9111XxKH4+TguzOxIo6NMh7jcScPsbV8ICIOZYk2n8vDZguEUGqV/PdxMCIej7Go1HMNYzH/UaGNA3qqVomoASWV6P9QUs1xQPPYvrvj4JM9HpX0z60jjQOg1fEPNM6NxHD92Gjb7aTlyKhxbmPHBtSf1fHPtd2fZ49Ydh7iz7tbZ2AD6ulk6XpEPNEu/qTeth31SLP402XtSCJiMiKG8va98gBtSFrSvTgPs5b1xp9GxOH8OSs/us76x1fk+x0/AOV080i+I1/Kcvf2f9nYozn+iTbjn9E2+671KHr/13n819zfD9fPkacrxmHZmOVE+7ccXFnw04fHPu1Uf+v4L3tk9TfHgv1w63rE7hXxf5AFm49/sviTNts/W+XU4e7qePX7X451WlZ0/LUbEXvaHv/cG5VmqTWuT+6fm6/OTjZ+tq3j62/e+rJT/UXHn23/bR3ib9n+6crXZZ/JxS7r+OrEjXOdlo3eN/7056Gkcbw5lJe8M724eGkqYig5nq/SUn5g7bY012m+Rxb/3mfa9/9lv//Xl7/PSPNPZhcuvnH2dqdl69n+LReT79S6bEMnWfwz99/+q/p/VvZJl3X88eblpzotWyv+kQcJDAAAAAAAAEoorV+DTdKJu+k0nZhozJd9LLal1QsLi8/OXbh8fiZib/3/IQfT5pXusUY+yfJT+f/DNvMHVuSfi4idEfFZZaSenzh9oTpTdPAAAAAAAAAAAAAAAAAAAACwSWzP5/8371P9e6Ux/x8oiV7eYA7Y3PR/KK96/191iyegDOz/obz0fygv/R/KS/+H8tL/obz0fygv/R/KS/8HAAAAgC1p59M3f0wiYumlkfojM5QvMyMItrbBohsAFKZSdAOAwty99G+wD6XT1fj/r/zLAXvfHKAASbvC+uCgtnbnv9n2lQAAAAAAAAAAAABAD+zZ1Xn+v7nBsLWZ9gfl9QDz/311ADzkfPU/lJdjfOB+s/iHOy0w/x8AAAAAAAAAAAAA+ma0/kjSiXwu8Gik6cRExP8jYkcMJnPz1dnJiHgkIn6oDP4vy08V3WgAAAAAAAAAAAAAAAAAAADYYhauXD07Xa3OXmpN/L2qZGsnmndB7UNdL8d/fFUk/f9YRiKi8I3Ss8RAS0kSsZRt+U3RsEsLsTmaUU8U/IcJAAAAAAAAAAAAAAAAAABKqGXucXu7v+hziwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg/+7d/793iaJjBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeTv8GAAD//7V5QCw=")
lsetxattr$security_ima(&(0x7f0000000280)='.\x00', &(0x7f00000002c0), &(0x7f0000000300)=ANY=[], 0xc, 0x1)

2.47963917s ago: executing program 2 (id=1007):
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_udp(0x2, 0x2, 0x0)
r0 = syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0xbd84, 0x0, 0x1, 0x12d}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000640)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2f, 0x8, 0x0, 0x4}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_TEE={0x21, 0xda1a0b6210925d15, 0x0, @fd, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r0, 0x22d2, 0x20, 0x0, 0x0, 0x0)

2.416368753s ago: executing program 2 (id=1008):
syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000100)='./file1\x00', 0x4, &(0x7f0000000340)={[{@uid}, {@type={'type', 0x3d, "0142bc05"}}, {@barrier}, {@barrier}, {@part={'part', 0x3d, 0x7}}, {@force}, {@gid}, {@nls={'nls', 0x3d, 'koi8-ru'}}, {@nobarrier}, {@creator={'creator', 0x3d, "ef6a7415"}}]}, 0xfc, 0x6e0, &(0x7f0000000580)="$eJzs3c1vHGcdB/Dv7K7fUtE4bdIWVImoEQURkfhFKQQJJSCEfKhQBAckbiZxGiubtLJdcCME4f3aQ/+A9pAbJyTuQeUMFwRHi1MlRC+cfFs0s7Prje111nESx/D5VLPzzDzvv52Z3dnUmgD/txbOpnU/RRbOvrlebm/cm29v3JufqLPbScp0I2l1VyluJ8XHyeV0l3y23FmXL4b188Hyxe/9/T8bn3S3WvVSlW/srPfzTpIvjD6Lu/WS00ma9XqnsW3bE8nkw9u7OrS9fit9u8+/6OeUATvTCxwcts4Od/dTfej5DhwdRb7xmd32TyfH0v2YrD7n6qtD4+mO7vHb11UOAAAADtnCv0/N7af8VL0+vpnNrB/523gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4qoqk2V1VS6OXPp2i9/z/8Xpf6vSRdv+wBwAAAAAAAAAAO4w9sDWeZKK3cWn3Gp/fzGbW83xvu1NU/+b/WrVxsnp9Lu9mNUtZybmsZzFrWctKZpNMD3a2vri2tjI7Qs25XWvOPTiu5mgTnhytGAAAAAAAAAD8z/tlFrb+/R8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ4FRdLsrqrlZC89nUYryWSS8bLc3eSvvfQRUey28/7THwcAAAAcyOQj1Dm+mc2s5/nedqeo7vlfqu6XJ/Nubmcty1lLO0u5Vt9Dl3f9jY178+2Ne/O3yuXAQ69aTPe3h917fqUqMZXrWa72nMvVajDX0qhqlv6Z5FZvTDvH9YtPy7Yvdf1kxJFdq9dlZ+/3fkWYOPCEH4PppNXIWD8iM9XYugfBicEo7IzENz8d1ujl7qq1vacM9jSbRv+Xn5PdHsrkQ2N+acSZHavX5Xx+O+yXm8dtcqvTu0ML9SPRSBWJuYGj76W9Y5588Y+/f/9G+/bNG9dXzz6VKT1J24+J+YFIvDxCJH7wzEaitXd2Y/uOmWrnqd7mR88l+X7O5nSuZCXL+XEWs5alFPVMF+vjuXyd3jtSlx/YujJkAH3j9fvSrMv1x5SFfGfXMZ3Ot6vUYl6r6j6f5RR5O9eylDeq/+Yym6/mQi7k4sA7fGrouKu5VWd9Y39n/Zkv1YmpJL+r14ete1Eo43piIK6D19zpKm9rz9hAlF7Y+93deW18+JRbn6sTZR+/2vNoeNq2R2J2IBIv7h2Jjzrl62r79s2VG4vv7PLp2inGqvXfziSdTnff63VeecT95uFff/500Pk9xMB1rDxeXshkfSU5kbHu0Jq9vBf7V5kqXuOD9U728x78xB3PZHk+N7o9dc/U7w49U8fr73A7W5qr8l7eNW++yntlIG/w+1bydtr970MAPMOOffnY+NS/pv4y9eHUr6duTL05+a2Jr028Op6xP499vTXTfL3xavGHfJifbd3/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAj271vTs3F9vtpZXdE43m0KwhiXTu3FzsPcln1FpZLeon6eyrr8NK9B/584yM54kkih17yhk/ni56Tz7aX62ZnUfU5cMM1D/2WyuTA1NuDi18rE50jnejtK8uprcfmcmQwhPdYDaHnKf1W/QoDxcFjoTza7feOb/63p2vLN9afGvpraXbYxcuXJy5eOGN+fPXl9tLM93Xwx4l8CRsfW8HAAAAAAAAAAAAjooR/67gyg9/VP0fgo/09xKHPUcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgaFs4m9b9FJmdOTdTbm/cm2+XSy+9VbKVpNFIip8mxcfJ5XSXTA80Vwzr54Pli80kn2y11eqVb+xRrzMx0izu1ktOJ2nW6wN4oL2rB26v6M+wDNiZXuDgsP03AAD//9ev6fg=")
openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0x1ff)
truncate(&(0x7f00000001c0)='./file1\x00', 0x3)

2.329452322s ago: executing program 3 (id=1009):
r0 = syz_open_dev$amidi(&(0x7f0000000100), 0x2, 0x181)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000000), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r0}})

2.270712826s ago: executing program 2 (id=1010):
socket$inet6_tcp(0xa, 0x1, 0x0)
r0 = syz_open_dev$radio(&(0x7f00000000c0), 0x0, 0x2)
ioctl$VIDIOC_S_EXT_CTRLS(r0, 0xc0205647, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000240)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_io_uring_setup(0x8d2, &(0x7f00000000c0)={0x0, 0x0, 0x400, 0x0, 0x379}, &(0x7f0000000040)=<r4=>0x0, &(0x7f0000000080)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f0000000240)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0})
io_uring_enter(r3, 0x47ba, 0x3e82, 0x60, 0x0, 0x0)

2.27047994s ago: executing program 3 (id=1011):
syz_mount_image$udf(&(0x7f0000000080), &(0x7f0000000180)='./file1\x00', 0x4000, &(0x7f00000001c0)=ANY=[@ANYBLOB='lastblock=00000000000000000000,umask=00000000000000000000102,dmode=00000000000000000077777,novrs,shortad,shortad,undelete,iocharset=cp437,shortad,umask=00000000000000000000006,dmode=00000000000000000000011,fileset=00000000000000000011,uid=', @ANYBLOB="d6d84c0df937ed4a0cd30000f2e9ea9568eab74a46c525dc386983eade0b0ce5f1dd911706cf7d32d7d508d1823b8871e001000000eb4ce0a008f5cdea622fc6675e5486860a752ed0298a948efa72b2c8d8525181644a3124f3544a50f192b98f055ad125fd4674534413c6044136ea5aefac5267e43739626ea9391d8f346c4694f70400000000000000cee1f628d1cec3462830606bb612bfed91181cdc107bb91a2e86de2ad56b98aed28fe8f2b139515559df2ca22b6f1c7f7a8d6ef1d19c00f5ac7014bf4baf53419280a8d592a0e5faeb31776c3b8fb7a6b0ceb16c16ea6a070806bc3e99eaf7e67097520a13dd3946fd8bcdbe9357c18d8a09e6316d4a5b6ad4dd40c7eca744d53cb98cc2725d9b4bdb64fe53ff91945fc19d3db64cc9dd6340813055e5", @ANYRESDEC=0x0], 0x12, 0xc38, &(0x7f0000001080)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThq3m6ZIZcVy9S+mYhXuqqbZBpBlIRRzC8CVSKkLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNiOSEml9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSoWwEAPExXRr5y+qz7PwA8Vq75/38AAAAAAAAAAAAAANjvUhTxZKSYubKSxqr3HfXL7b47d0eHhjevdiRVNQ9V5cuf+pmz585/8YXBC9283J76gPq77dPx2si1S42Xp2/PzE7MzU2MN0an2jemxye2vYed1t/oZHUCGrdfvzN+8+Zc4+zz59Z9fHfg/f4njg9cHHz21DPdsqNDw8Mja0XqveVrD9yQjq1meByOIk5Fiue++5PUiogidn4u6g937Dc6UnXiZNWJ0aHhqiOT7dbUfPnh1e6JKCIaPZWa3XO0+VhEre+h9mFrzYiFsvllg0+W3RuZac22rk9ONK62Zufb8+3pqaup09qyP40o4kKKWIyI5f77d9cXRdQixbePraTrEXGoex6+UE0M3rodxR72cRvKdjb6IhaLAzBm+1h/FPFqpPjpOyfiRr7OVNeaz0e8Wub3I94q86WIVH4xzke8t8n3iIOpFkX8ZTn+F1fSeHU96F5XLn+18eWpm9M9ZbvXlV/y/nDfleIR3R+ObMiHY59fm+pRRKu64q+kB//NDgAAAAAAAAAAAAAAAAC77UgU8alI8cp//Ek1rziqeenHLg7+4cCv9s4Zf/pD9lOWfT4iFortzck9nCcGXk1XU3rEc4kfZ/Uo4k/z/L9vPurGAAAAAAAAAAAAAAAAAAAAPNaK+HGkePHdE2kxetcUb0/dalxrXZ/srArbXfu3u2b66urqaiN1splzLOdCzsWcSzmXc0aR6+ds5hzLuZBzMedSzuWccSjXz9nMOZZzIedizqWcyzmjluvnbOYcy7mQczEvur+U3y/njH2ydi8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwEdJEUX8PFJ86+srKVJENCPGopNL/Y+6dQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAqT8V8b1I0fij5r1ttYhI1b8dJ8pfzkfzcJkfj+ZgmS9F81LOVpW15jcfQfvZmb5UxI8iRX/97XsDnse/r/Pu3tcg3vrG2rtP1zp5qPvhwPv9Txw/dnFw+Dee3up12qwBJy+3p+7cbYwODQ+P9Gyu5aN/vGfbQD5usTtdJyLm3njz9dbk5MTsg78ovwI7qH6AXqTa49LTg/3iN3drh1HbD915NC8e9ZWJh6G8/78XKX733f/s3vA79/96/Ern3b07fPzsz9bu/y9u3NE27/+1jfXy/b+8p292/3+yZ9uL+XcjfbWI+vztmb7jEfW5N9481b7dujVxa2Lq/OnTXxoc/NK5032HI+o325MTPa925XQBAAAAAAAAAAAAAAAAPDypiN+PFK0fraRGRNyt5msNXBx89tQzh+JQNd9q3bzt10auXWq8PH17ZnZibm5ivDE61b4xPT6x3cPVq+leo0PDe9KZD3Vkj9t/pP7y9Mwbs+1bfzy/6edH65euz83Ptm5s/nEciSKi2bvlZNXg0aHhqtGT7dZUVfXqppPpf3l9qYj/ihQ3zjfSZ/O2PP9/4wz/dfP/FzbuaI/m/3+sZ1t5zJSK+Fmk+J2/ejo+W7XzaNx3znK5v4sUJy98JpeLw2W5bhs6zxXozAwsy/5fpPinn68v250P+eRa2TPbPrEHRDn+xyLF9/7iO/Fbedv65z9sPv5HN+5oj8b/qZ5tR9c9r2DHXSeP/6lI8dKTb8fn8rYPev5H99kbJ3Lhe8/n2KPx/0TPtoF83N/ena4DAAAAAAAAAAAcaH2piL+PFD8YrqUX8rbt/P2/8Y072qO///XJnm3ju7Ne0Ye+2PFJBQAAAIB9oi8V8eNIcWv+7XtzqNfP/+6Z//l7a/M/h9KGT6s/5/u16rkBu/nnf70G8nHHdt5tAAAAAAAAAAAAAAAAAAAA2FdSKuKFvJ76WDWff3zL9dSXIsUr//NcLpeOl+W668APVL/Wr0xPnbo0OTl9ozXfuj450RiZad2YKOs+FSlW/vYzuW5Rra/eXW++s8b72lrss5Fi+B+6ZTtrsXfXJn9qreyZsuzHIsV//+P6sp/L5T6xVvZsWfZvIsXX/uX+sqXja2XPlWW/Eyl++LVGt+zRsmz3+aifXCv7/I3pYo9GBgAAAAAAAAAAAAAAAAAAgMdJXyrizyPF/95evDeXP6//39fztvLWN3rW+9/gbrXO/0C1/v9Wrx9k/f/quQILWx0VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+mlIU8WakmLmykpb6y/cd9cvtqTt3R4eGN692JFU1D1Xly5/6mbPnzn/xhcEL3fzg+rvtU/HayLVLjZenb8/MTszNTYw3RqfaN6bHJ7a9h53W3+hkdQIat1+/M37z5lzj7PPn1n18d+D9/ieOD1wcfPbUM92yo0PDwyM9ZWp9D3z0+6Qtth+OIv46Ujz33Z+kH/RHFLHzc/Eh3529dqTqxMmqE6NDw1VHJtutqfnyw6vdE1FENHoqNbvn6CGMxY40IxbK5pcNPll2b2SmNdu6PjnRuNqanW/Pt6enrqZOa8v+NKKICyliMSKW++/fXV8U8Xqk+PaxlfSv/RGHuufhC1dGvnL67NbtKPawj9tQtrPRF7FYHIAx28f6o4h/jhQ/fedE/Ft/RC06P/H5iFfL/H7EW9EZ71R+Mc5HvLfJ94iDqRZF/H85/hdX0jv95fWge125/NXGl6duTveU7V5XDvz94WHa59emehTxw+qKv5L+3X/XAAAAAAAAAAAAAAAAAPtIEb8eKV5890Sq5gffm1PcnrrVuNa6PtmZ1ted+9edM726urraSJ1s5hzLuZBzMedSzuWcUeT6OZtl1ldXx/L7hZyLOZdyLueMQ7l+zmbOsZwLORdzLuVczhm1XD9nM+dYzoWcizmXci7njH0ydw8AAAAAAAAAAAAAAAAAAPhoKap/Unzr6ytptb+zvvRYdHLJeqAfeb8IAAD//1qT9HY=")
r0 = openat$incfs(0xffffffffffffff9c, &(0x7f0000000140)='.pending_reads\x00', 0x1a10c1, 0x9c37611dc13d0d83)
setreuid(0xffffffffffffffff, 0xee00)
fchown(r0, 0xffffffffffffffff, 0x0)

2.110843245s ago: executing program 3 (id=1012):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000000c0)=0xa)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
seccomp$SECCOMP_GET_ACTION_AVAIL(0x2, 0x0, 0x0)
r1 = syz_mount_image$f2fs(&(0x7f0000000200), &(0x7f00000000c0)='./bus\x00', 0x1018084, &(0x7f000000cfc0)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c6e6f696e6c696e655f646174612c6261636b67726f756e645f67633d6f6e2c6661756c745f747970653d30303030303030303030303030303030303030362c64697361626c655f726f6c6c5f666f72776172642c6261636b67726f756e645f67633d6f6e2c6e6f757365725f78617474722c636865636b706f696e743d64697361626c652c757365725f78617474722c6673796e635f6d6f64653d7374726963742c6e6f696e6c696e655f78617474722c6a71666d743d7666736f6c642c6e6f61636c2c00a1a75ac439087a5b11ab7891dd39dd9bc0d7"], 0x1, 0x5509, &(0x7f00000079c0)="$eJzs3E1rY+UXAPCTdjrv//kXceFuLgxCC5PQ9GXQXdUZfMEOZdSFK02TNGQmyS1NmtauXLgUF34TUXDl0s/gwrU7caG4E5Tce6NTX0Bs2kynvx/cnPs8eXLuecIwcO4tCeDcmk9+/rEUN+JKRMxGxPWI7LxUHJn1PDwXETcjYuaxYzz/+8TFiLgaETdGyfOcpeKtT28Pb6398MZPX31z6cK1z778djo7Bp4Ez0dEdyc/3+/mMW3l8WExXxu2s9hdHRYxf6P7qBinedxvbmUZ9mvjdbUsrrTy9enOXn8Utzu1+ii22tvZ/E4vv2B/2BrnyT7wsLabjRvNrSy2+2kWW4d5XQeH+f9th/1BnqdR5PsgSx+DwTjm882DZr6fnUdZrPcGxXyeN200D0ZxWMTiclFPO42sjq3jfNNPtjfbvb2DZNjc7bfTXrJWqb5Qqd4pV3fTRnPQXC3Xuo07q8lCqzNaVh40a931Vpq2Os1KPe0uJguter1crSYLd5tb7VovqVYrK5Wl8tpicXY7efX+O0mnkSyM4svt3t6g3ekn2+lukn9iMVmurLy4mNyqJm9tbCabD+7d29h8+727795/aeP1V4pFfykrWVheWl4uV5fKy9XFc7T/j4qiJ7h/OJbStAsAOHuO2/+X9P/Af3By/f/ug4iT7/9D/z8RZ6r/Pe/9/wnsH45F/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcG59N/f5a9nJfD6+Vsz/r5h6phiXImImIn79G7Nx8UjO2SLP3D+sn/tTDV+XIsswusal4rgaEevF8cv/T/pbAAAAgKfXFx/e/CTv1vOX+WkXxGnKb9rMXH9/QvlKETE3//2Ess2MXp6dULLs3/eFOJhQtuwG1uUJJctvuV2YVLZ/ZfZIuPxYKOVh5lTLAQAATsXRTuB0uxAAAABO08fTLoDpKMX4Ueb4WXD2l/d/PBC8cmQEAAAAnEGlaRcAAAAAnLis//f7fwAAAPB0y3//DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgN/YuZ/bxIEoDsDPBi/sPy1a7X1b2RuUsSXscY8RBaQJCsiBtJAGqIHcUkIEER6HQMQhkse2En2f5EzGMj/eIDjMjDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABduq/Wi9ur39dtc3b7dvKMBgAAALhkW60X9T+z1P/a3P/e3PrZ9IuIKCPi0tx9FJ/OMkdNTvXy/M3p89WrGu4i6oTDe0ya60tE/Gmuxx9dfwoAAADwcW2Wq3marac/s6ELok9p0ab89jdTXhER1ewhU1p5yPuVKaz+fo/jf6a0egFrmiksLbmNc6W9Sf1zP67aTU+aIjXlxZcdi8w2dgAAoEejs6bfWQgAAAB9+jd0AQyjiOetzONW4CQ1zfbe57MeAAAA8A4VQxcAAAAAdK6e//d0/t/e+X8AAAAwjHT+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF3aVuvFZrmat83Z7dvJMxoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACe2J93FAiBMAiDves7k7n/YaVBU1OTKhA+/sZgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAN7/7y/+JqXEmmXttLD2PJGunxtapsXduHP1hfP0aAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBif15SIASCIArmjP+d9P0PKwl6BhEioOFRRS0aAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCLfvfL/4mpcSaZO20sHY8ka1eNravG3oPG0YPx9m8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBi535e46jiAIC/mdnZ2qq4RtlDRBQ86MVut7W1N/GgBA/+CUJItzV26482B1uKmIs3ybkX0aOIoMRb/4ecE8gl3nLYQwTPyszOZCc/wPXXzCb5fODN++4wzPu+WQj5znsJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAlEZvT+IkO3TGcVyc29x7uJT1W4f6zOO17fmsZXFUZ9Inw4vVD1G3uUQAAAA4O5Kyvg8h7KTrC1kfd/L6Py2vyWr+b58ex2U9f7juL/uy9s/aLz/vPr8/UGc8TnbTm8vDwaWjqbT+v1nOtmf+8opW/uTzdy9J/oXE760+N0rz5xl9vbHxTjsPz9WRLQDwT1ws+yIofx/K+n6TiQFwZrQqhXdZ/yedZnMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAqMNoNTxZxlEIYb41iTNbew+Xjusfr23Pl+3ao0dr4cvJPbNbpCGEm8vDwaVaZzPb7t1/cHtxOBzcrT94KYTQ1OhvFdO//cEUF4fQyPMR/EdBXHzZs5LPyQga/KEEAMCplBYtq+t30vWF7Fw0F8If3x2s/1+txGHK+n/3w2ub1bGq9X+/thnOvt7KnU979+4/eH35zuKtwa3Bx29c7r/Zv3L96tXrvfxdSc8bEwAAAP6ddtGq9X88d3T9/0IlDlPW/5990/+iOlai/j/WZNGv6UwAAADOtmdf/v236JjzUbsdPl9cWbnbHx/3P18eHxtI9W87V7Rq/Z/MNZ0VAAAAUIfRanRg/f9GJQ5Trv8/9f0LP1bvmYQQzhfr/xeXPhneqG86M62OPydueo4AAAA063zRquv/ab7/P97f8hCHEF57ZRwX/wZwqvo/eferH6pjVff/X6lvijMp7o6fR953Q2h1m84IAACA0+yJomXF/q/p+sJHP114v23/PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDd/gwAAP//lKU+kQ==")
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
setrlimit(0x8, 0x0)
shmget$private(0x0, 0x9000, 0x0, &(0x7f0000ff7000/0x9000)=nil)
open_tree(r1, &(0x7f0000000000)='./file1\x00', 0x80001)

618.136708ms ago: executing program 2 (id=1014):
syz_emit_ethernet(0x3e, &(0x7f0000000040)={@local, @empty, @void, {@ipv4={0x800, @dccp={{0x8, 0x4, 0x0, 0x1, 0x30, 0x65, 0x0, 0x4, 0x21, 0x0, @private=0xa010101, @dev={0xac, 0x14, 0x14, 0x37}, {[@lsrr={0x83, 0x3, 0x78}, @cipso={0x86, 0x6, 0x2}]}}, {{0x4e21, 0x4e22, 0x4, 0x1, 0x5, 0x0, 0x0, 0x4, 0x0, "9cc7e8", 0x3, "94125f"}}}}}}, 0x0)

540.818417ms ago: executing program 2 (id=1015):
syz_mount_image$ocfs2(&(0x7f00000002c0), &(0x7f0000000240)='./file0\x00', 0x8c0, &(0x7f0000000040)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6572726f72733d72656d6f756e742d726f2c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c696e74722c6e6f61636c2c001967b9b8a6cdd636d75428f2c5e8054d01858eef552755576e749526b36860cf2511040d1ce5a743ffd83d29d1ba3a54a59d8c7aa249f08d3c8c6d04ac105d67934db6190d59f2323b55a5a4"], 0x1, 0x4453, &(0x7f0000004480)="$eJzs3b9PHNkdAPA3A47Bv4IdF46UKCvFUn4KgaskWArG2Bhs4shJXKRZL7C2SRbWgiVK4YJ0llJFShGlsBLpOioL6ZprfH/CNVf6akt3xTUnnWQdp52dBWbYPfa4XTisz6fYYd68H1/47rx9gzQ7car2eHG1sLhaKC0XqvMPV68U/latrC2VQ3xIWo5/4vDGpzO9eJ98VZ/vdi1yWrl7/eYf7l8J4f2FD19vbW1thbr+0NLorp8/+/Tp/O5tU5xrU++3RVcnWo9wEH8OIVzcE1ddXwhhIIQQhRCupWUT6XYwhHA2PXb/6T8fFLoUzYtX5avFN7PPNscuz2w832z1uzdEIfy38v1fPlr6+Md9Yx/9vH2P753uUmgAAAAAAAAAAAAAAAAAABwDU/fu/un3I6PhZRT6N6K99+tOpdt298dudc2P2oyQ3Iz8s3Nd/a0BAAAAAAAAAAAAAAAAAADg22Xn/v9CdKHF/f+T6Xa8Tfut3/Y+Rnpn+nd3J2+MjKbPf4/2HP9VWvTJtb5wvsVz3/PPf7+Wa9/6+e97xzmoZnzNcYdCFA9n9uN4eDiE/6cPfr8UnYor1dXaLx5W15YXuhbGsZXNf+Pp/ZnspA/07zD/8USu/zbP/++i7+15N9X3H3TvLfZWy+a/r229d/4RdXT+X8+1O4z8c3DZ/CfftRMGd1cYb0wA9fz/q3///E/m+u9V/s+FEApRPdZCZgaor2Hq5e3WK2Rl838iKctMnekfst35/3ku/zdy/R/V/L+e/yCipWz+v5OUDWRqnExek/zH+5//N3P9H0X+6/GvNwq3ejv28ZfNfyPXja9c25b8JTud/6dy/bfN/8lvEPQPT+3EeS7KvAM2okZ5u++rIyub/4E9x3eu/+KO1n+3cu0P6/qvOW7z+q85/f80alz/0Vo2/4Nt63V6/k/n2vV6/h9P1n8cVDb/jXk1u3YeSl47zf9Mrv9e5T+5Khlo5n9nPvniZKP8f9Z/Hcnm/3SjMN5dYz15TdZ/0f7r/9u5/o9i/VePfz3u7ahvi2z+z7StV8//Bx18/t/Jtet9/kMY8b++A8vm/2zbesn5P7B//mdz7Xqd/5/0snMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAY2Ai3Q6FKB7O7Mfx8HAI19P9S+FUNFdaKM5VqvN/XQ1hMi0vhAvRo0p1rlQpLi5XF8rFUqVSnQ/hRnr8YhiIVivVWnGp9OTmdl+D0eNyaaU2Vy7VQghTafkPwtlmX3OLtaXSkxDCre1j342rK08el5aLC4srvxkZGRkJ09sxnI/Kf6+Vl2uN0RtHQ5jZbjsU7QouOXx7O5Yz0V+qayvLpUpSfmdXm0p1vlTZ1WY2PfbvcD6qrawtz5dq5WKl+qg53lEaT7eT0/f+eO/O6J7jD6LGduJwwwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADga3o59uv/hBD6G3txCGG8+UPUqv6LV+WrxTezzzbHLs9sPN98ndSLDzdmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC+ZAcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgq7dI+TQBRFAfi+Z6F2LsNqop3tGBOjhWNMXIEug8XAUtgEe6CgoKUgJDAE5i+hgYJ8X3OLk5l7k3cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgGvy/lP9fj89R6S4W99GTP9n8+P8s57j1/7vby5wI+fz8VW9Hd4wdfKXvJuLMm/T1XL0Fz1zb9LqSbtPzT33g3cN9a1zX2rufYiUi4go6/wx5VwUp/0LAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANuzAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhB44FAAAAAIT5W0fRtwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvwIAAP//bvkdHA==")
socket$inet6(0xa, 0x1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x62)

239.942061ms ago: executing program 3 (id=1016):
r0 = socket$inet6_sctp(0xa, 0x801, 0x84)
sendmmsg$inet6(r0, &(0x7f0000000380)=[{{&(0x7f0000000300)={0xa, 0x4e21, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x6}, 0x1c, &(0x7f0000000cc0)=[{&(0x7f00000000c0)='O', 0x1}], 0x1}}, {{&(0x7f0000000280)={0xa, 0x4e24, 0x5, @local, 0x6}, 0x1c, &(0x7f00000002c0)=[{&(0x7f0000000d00)='\t', 0x1}], 0x1}}], 0x2, 0x0)
pselect6(0x40, &(0x7f0000001400)={0x8, 0x1, 0x3, 0x7fffffff, 0x4, 0x83f, 0x4, 0x7}, 0x0, 0x0, 0x0, 0x0)
shutdown(r0, 0x1)

180.232236ms ago: executing program 4 (id=1017):
r0 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x0)
ioctl$SG_IO(r0, 0x2285, &(0x7f0000000240)={0x53, 0xfffffffffffffffe, 0x6, 0x0, @buffer={0x0, 0x0, 0x0}, &(0x7f00000000c0)='\b\x00\fj\bH', 0x0, 0x7, 0x8000, 0x1, 0x0})

179.997761ms ago: executing program 4 (id=1018):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000740)="d800000019008111e0020f060d8107040a60000000010000001e55a12a00090008000699e3ffffff14000500fe80817806000567b8b7b94002000009080016060000000000000000d67f6f9400f7d1d9bbe94fa27100a007a2f7457f01896034277ce06bbace8017cb39b62ee5a7cef4090000001fb791643a5e83d42365f003724a237e09000000b2a10000000014d6d930dfe1d9c322fe040000005025acca262f3d40fad95667e006dcdf634c1f215ce3bb9ad809d50b7b4338c9f1ac76efb42a9ecbee5de6ccd44242f4d643f6fd0f26187b51980dd6", 0xd8}], 0x1}, 0x80)

120.335163ms ago: executing program 4 (id=1019):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x9}, [@NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}, @NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x28, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @socket={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_SOCKET_KEY={0x8}, @NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0x17}]}}}]}]}], {0x14}}, 0xc4}, 0x1, 0x0, 0x0, 0x50}, 0x4000040)

90.495873ms ago: executing program 4 (id=1020):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
ioctl$sock_SIOCETHTOOL(r0, 0x89f1, &(0x7f00000002c0)={'ip6gre0\x00', &(0x7f0000000300)=@ethtool_rxnfc={0xbd96cd2651d13efc, 0xc, 0x6, {0xe, @usr_ip6_spec={@empty, @dev={0xfe, 0x80, '\x00', 0x24}, 0xfffffff8, 0x3d, 0xe}, {0x0, @remote, 0xe, 0x6, [0x9, 0x6]}, @ah_ip4_spec={@remote, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x5}, {0x0, @multicast, 0x8, 0x4, [0xf, 0x9]}, 0xff, 0x3}}})

88.888053ms ago: executing program 2 (id=1021):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x3, 0xb, &(0x7f00000009c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7}, [@printk={@llx, {0x3, 0x3, 0x3, 0xa, 0x0}, {0x5}, {0x7, 0x0, 0x5}, {}, {}, {0x85, 0x0, 0x0, 0x19}}]}, &(0x7f00000004c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @sched_cls=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94)

239.845µs ago: executing program 4 (id=1022):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
mincore(&(0x7f0000bfd000/0x400000)=nil, 0x400000, &(0x7f0000000140)=""/145)

0s ago: executing program 4 (id=1023):
lsm_set_self_attr(0x68, &(0x7f0000000000)={0x6d, 0x3, 0x20}, 0x20, 0x0)

kernel console output (not intermixed with test programs):

_1
[   74.190056][   T12] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   74.194703][   T12] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   74.198509][   T12] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   74.203020][   T12] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   74.219272][   T12] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   74.222802][   T12] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   74.238632][   T12] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   74.242239][   T12] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   74.258901][ T5932] veth0_macvtap: entered promiscuous mode
[   74.279692][ T5932] veth1_macvtap: entered promiscuous mode
[   74.317605][ T5932] batman_adv: batadv0: Interface activated: batadv_slave_0
[   74.343083][ T5932] batman_adv: batadv0: Interface activated: batadv_slave_1
[   74.353901][  T981] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.357137][  T981] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   74.377318][ T5964] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   74.381035][ T5964] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   74.397185][  T981] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.399858][ T5964] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   74.400715][  T981] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   74.407009][ T5964] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   74.476263][  T981] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.482105][  T981] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   74.489069][  T981] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.492458][  T981] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   74.507760][   T40] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.511061][   T40] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   74.539426][ T5933] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   74.550590][   T27] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.556362][   T27] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   74.747077][ T6016] netlink: 202368 bytes leftover after parsing attributes in process `syz.2.76'.
[   74.800126][ T6020] loop1: detected capacity change from 0 to 512
[   74.806164][ T6020] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   74.880839][ T6024] sctp: [Deprecated]: syz.2.81 (pid 6024) Use of struct sctp_assoc_value in delayed_ack socket option.
[   74.880839][ T6024] Use struct sctp_sack_info instead
[   74.942879][ T6029] netlink: 39 bytes leftover after parsing attributes in process `syz.2.84'.
[   75.187577][ T6042] loop2: detected capacity change from 0 to 512
[   75.212614][ T6042] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   75.218522][ T6042] ext4 filesystem being mounted at /10/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   75.251646][ T5941] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   75.843129][ T6053] input: syz1 as /devices/virtual/input/input5
[   75.851877][ T6055] capability: warning: `syz.1.94' uses deprecated v2 capabilities in a way that may be insecure
[   75.954095][ T5939] Bluetooth: hci1: command tx timeout
[   75.956319][ T5939] Bluetooth: hci0: command tx timeout
[   75.958765][   T55] Bluetooth: hci2: command tx timeout
[   75.990383][ T6064] netlink: 'syz.1.99': attribute type 4 has an invalid length.
[   76.042933][ T6067] netlink: 32 bytes leftover after parsing attributes in process `syz.1.100'.
[   76.054861][ T6067] netlink: 152 bytes leftover after parsing attributes in process `syz.1.100'.
[   76.058333][ T6069] Bluetooth: MGMT ver 1.23
[   76.111064][ T6073] netlink: 'syz.1.103': attribute type 1 has an invalid length.
[   76.354265][ T5972] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   76.517347][ T5972] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x86 has an invalid bInterval 0, changing to 7
[   76.523873][ T5972] usb 1-1: New USB device found, idVendor=2040, idProduct=5530, bcdDevice=a8.82
[   76.527545][ T5972] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   76.540294][ T5972] usb 1-1: config 0 descriptor??
[   76.555856][ T5972] smsusb:smsusb_probe: board id=8, interface number 0
[   76.559745][ T5972] smsusb:smsusb_probe: Device initialized with return code -19
[   76.685504][  T975] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   76.761593][ T5972] usb 1-1: USB disconnect, device number 2
[   76.834243][  T975] usb 2-1: Using ep0 maxpacket: 8
[   76.848173][  T975] usb 2-1: unable to get BOS descriptor or descriptor too short
[   76.851987][  T975] usb 2-1: config 5 has an invalid interface number: 215 but max is 0
[   76.861672][  T975] usb 2-1: config 5 has no interface number 0
[   76.868403][  T975] usb 2-1: config 5 interface 215 has no altsetting 0
[   76.888612][  T975] usb 2-1: New USB device found, idVendor=1163, idProduct=0100, bcdDevice=dc.ba
[   76.892391][  T975] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   76.895758][  T975] usb 2-1: Product: syz
[   76.897192][  T975] usb 2-1: Manufacturer: syz
[   76.899199][  T975] usb 2-1: SerialNumber: syz
[   77.124159][  T975] cypress_m8 2-1:5.215: DeLorme Earthmate USB converter detected
[   77.141634][  T975] usb 2-1: DeLorme Earthmate USB converter now attached to ttyUSB0
[   77.163860][  T975] usb 2-1: USB disconnect, device number 2
[   77.180511][  T975] earthmate ttyUSB0: DeLorme Earthmate USB converter now disconnected from ttyUSB0
[   77.191758][  T975] cypress_m8 2-1:5.215: device disconnected
[   77.438406][ T6142] loop2: detected capacity change from 0 to 1024
[   77.452921][ T6140] IPVS: lblc: UDP 224.0.0.2:0 - no destination available
[   77.460902][  T975] IPVS: starting estimator thread 0...
[   77.478500][ T6142] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   77.506737][ T6142] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2848: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   77.519140][ T6142] EXT4-fs error (device loop2): ext4_xattr_inode_iget:437: inode #11: comm syz.2.135: missing EA_INODE flag
[   77.524433][ T6142] EXT4-fs (loop2): Remounting filesystem read-only
[   77.526694][ T6142] EXT4-fs warning (device loop2): ext4_xattr_inode_dec_ref_all:1221: inode #18: comm syz.2.135: ea_inode dec ref err=-30
[   77.540895][ T6142] EXT4-fs warning (device loop2): ext4_evict_inode:274: xattr delete (err -30)
[   77.563374][ T6144] IPVS: using max 78 ests per chain, 187200 per kthread
[   77.570075][ T5941] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.680850][ T6159] tap0: tun_chr_ioctl cmd 1074025680
[   77.769308][ T6168] loop2: detected capacity change from 0 to 512
[   77.784568][ T6168] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[   77.805343][ T6169] loop1: detected capacity change from 0 to 1024
[   77.814075][ T6168] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #17: comm syz.2.146: iget: bad i_size value: -6917529027641081756
[   77.839847][ T6168] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.146: couldn't read orphan inode 17 (err -117)
[   77.851332][ T6168] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   77.921747][ T5941] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   77.934572][ T6174] RDS: rds_bind could not find a transport for fe80::bb, load rds_tcp or rds_rdma?
[   77.955507][   T33] audit: type=1800 audit(1755105522.856:2): pid=6174 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.145" name="file1" dev="loop1" ino=20 res=0 errno=0
[   78.033634][ T5939] Bluetooth: hci1: command tx timeout
[   78.044591][   T55] Bluetooth: hci2: command tx timeout
[   78.047050][ T5939] Bluetooth: hci0: command tx timeout
[   78.473531][ T5965] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[   78.644765][ T5965] usb 1-1: Using ep0 maxpacket: 16
[   78.705658][ T5965] usb 1-1: config 0 has an invalid interface number: 251 but max is 0
[   78.730474][ T5965] usb 1-1: config 0 has no interface number 0
[   78.751405][ T5965] usb 1-1: config 0 interface 251 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 16
[   78.780047][ T5965] usb 1-1: config 0 interface 251 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64
[   78.822883][ T5965] usb 1-1: New USB device found, idVendor=0b95, idProduct=172a, bcdDevice=f7.f4
[   78.843887][ T5965] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   78.850768][ T5965] usb 1-1: Product: syz
[   78.852789][ T5965] usb 1-1: Manufacturer: syz
[   78.867064][ T5965] usb 1-1: SerialNumber: syz
[   78.956728][ T5965] usb 1-1: config 0 descriptor??
[   78.961709][ T6183] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[   78.965607][ T6183] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[   79.179527][ T6183] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[   79.183893][ T6183] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[   79.416351][ T6190] netlink: 72 bytes leftover after parsing attributes in process `syz.2.154'.
[   79.422131][ T6190] netlink: 'syz.2.154': attribute type 1 has an invalid length.
[   79.548042][ T6192] loop2: detected capacity change from 0 to 512
[   79.594485][ T5965] asix 1-1:0.251 (unnamed net_device) (uninitialized): Interface mode not supported by driver
[   79.596181][ T6192] EXT4-fs error (device loop2): ext4_iget_extra_inode:5104: inode #15: comm syz.2.155: corrupted in-inode xattr: invalid ea_ino
[   79.604246][ T5965] asix 1-1:0.251: probe with driver asix failed with error -524
[   79.625608][ T6192] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.155: couldn't read orphan inode 15 (err -117)
[   79.640633][ T6192] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   79.801330][  T975] usb 1-1: USB disconnect, device number 3
[   79.849186][ T5941] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   80.113394][   T55] Bluetooth: hci2: command tx timeout
[   80.114360][ T5944] Bluetooth: hci1: command tx timeout
[   80.115591][ T5939] Bluetooth: hci0: command tx timeout
[   80.233352][ T5965] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   80.379546][ T6207] netlink: 16 bytes leftover after parsing attributes in process `syz.0.161'.
[   80.389331][ T5965] usb 3-1: unable to get BOS descriptor or descriptor too short
[   80.400313][ T5965] usb 3-1: config 250 has an invalid interface number: 222 but max is 1
[   80.413344][ T5965] usb 3-1: config 250 has an invalid descriptor of length 0, skipping remainder of the config
[   80.417471][ T5965] usb 3-1: config 250 has no interface number 1
[   80.420056][ T5965] usb 3-1: config 250 interface 222 altsetting 22 has an invalid descriptor for endpoint zero, skipping
[   80.425054][ T5965] usb 3-1: config 250 interface 222 altsetting 22 endpoint 0xC has invalid maxpacket 1024, setting to 64
[   80.429636][ T5965] usb 3-1: config 250 interface 222 altsetting 22 endpoint 0x8 has invalid maxpacket 983, setting to 64
[   80.442015][ T5965] usb 3-1: config 250 interface 222 altsetting 22 has an invalid descriptor for endpoint zero, skipping
[   80.463362][ T5965] usb 3-1: config 250 interface 222 altsetting 22 has a duplicate endpoint with address 0x6, skipping
[   80.467965][ T5965] usb 3-1: config 250 interface 222 has no altsetting 0
[   80.473114][ T5965] usb 3-1: New USB device found, idVendor=0b49, idProduct=064f, bcdDevice=d4.fd
[   80.477495][ T5965] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   80.480852][ T5965] usb 3-1: Product: syz
[   80.482666][ T5965] usb 3-1: Manufacturer: syz
[   80.493609][ T5965] usb 3-1: SerialNumber: syz
[   80.505525][ T6205] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[   80.771746][ T5965] usb 3-1: USB disconnect, device number 2
[   81.798798][ T6226] loop1: detected capacity change from 0 to 2048
[   81.814169][ T6226] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   81.823768][   T33] audit: type=1800 audit(1755105526.716:3): pid=6226 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.167" name="file1" dev="loop1" ino=1415 res=0 errno=0
[   82.410156][ T6247] loop0: detected capacity change from 0 to 256
[   82.584557][ T6253] veth0: entered promiscuous mode
[   82.622490][ T6252] veth0: left promiscuous mode
[   82.845105][ T6259] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   83.324036][ T5965] usb 3-1: new full-speed USB device number 3 using dummy_hcd
[   83.476414][ T5965] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x3 has invalid maxpacket 512, setting to 64
[   83.480892][ T5965] usb 3-1: config 0 interface 0 has no altsetting 0
[   83.484410][ T5965] usb 3-1: New USB device found, idVendor=0471, idProduct=2088, bcdDevice=c6.66
[   83.488274][ T5965] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   83.494260][ T5965] usb 3-1: config 0 descriptor??
[   83.497188][ T6273] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[   83.504906][   T10] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[   83.653431][   T10] usb 2-1: Using ep0 maxpacket: 32
[   83.657508][   T10] usb 2-1: config 0 interface 0 altsetting 128 endpoint 0x2 has an invalid bInterval 0, changing to 7
[   83.662080][   T10] usb 2-1: config 0 interface 0 has no altsetting 0
[   83.664952][   T10] usb 2-1: New USB device found, idVendor=1b1c, idProduct=0c10, bcdDevice= 0.00
[   83.668790][   T10] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   83.674549][   T10] usb 2-1: config 0 descriptor??
[   83.706017][ T5965] usb 3-1: string descriptor 0 read error: -71
[   83.720138][ T5965] usb 3-1: USB disconnect, device number 3
[   84.340726][ T6303] loop2: detected capacity change from 0 to 4096
[   84.451705][   T10] corsair-cpro 0003:1B1C:0C10.0001: unknown main item tag 0x0
[   84.456968][   T10] corsair-cpro 0003:1B1C:0C10.0001: unknown main item tag 0x0
[   84.460684][   T10] corsair-cpro 0003:1B1C:0C10.0001: unknown main item tag 0x0
[   84.464134][   T10] corsair-cpro 0003:1B1C:0C10.0001: unknown main item tag 0x0
[   84.467361][   T10] corsair-cpro 0003:1B1C:0C10.0001: unknown main item tag 0x0
[   84.493070][   T10] corsair-cpro 0003:1B1C:0C10.0001: hidraw0: USB HID v4.06 Device [HID 1b1c:0c10] on usb-dummy_hcd.1-1/input0
[   84.891841][   T10] corsair-cpro 0003:1B1C:0C10.0001: probe with driver corsair-cpro failed with error -110
[   84.911899][   T10] usb 2-1: USB disconnect, device number 3
[   85.123556][ T6333] netlink: 32 bytes leftover after parsing attributes in process `syz.0.211'.
[   85.643391][   T24] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[   85.800428][   T24] usb 2-1: config 0 has an invalid interface number: 156 but max is 0
[   85.804613][   T24] usb 2-1: config 0 has no interface number 0
[   85.812130][   T24] usb 2-1: config 0 interface 156 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[   85.825505][   T24] usb 2-1: config 0 interface 156 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[   85.830743][   T24] usb 2-1: config 0 interface 156 altsetting 0 endpoint 0xE has invalid wMaxPacketSize 0
[   85.842541][   T24] usb 2-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[   85.854318][   T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   85.870724][   T24] usb 2-1: config 0 descriptor??
[   85.899772][   T24] gspca_main: spca561-2.14.0 probing abcd:cdee
[   86.101076][   T24] spca561 2-1:0.156: probe with driver spca561 failed with error -22
[   86.112625][   T24] usb 2-1: Quirk or no altset; falling back to MIDI 1.0
[   86.116028][   T24] usb 2-1: MIDIStreaming interface descriptor not found
[   86.334649][   T24] usb 2-1: USB disconnect, device number 4
[   86.768727][   T47] cfg80211: failed to load regulatory.db
[   87.262187][ T6378] netlink: 892 bytes leftover after parsing attributes in process `syz.0.229'.
[   87.346405][ T6383] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   87.363571][ T5972] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[   87.543613][ T5972] usb 2-1: Using ep0 maxpacket: 32
[   87.550233][ T5972] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11
[   87.556101][ T5972] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024
[   87.561129][ T5972] usb 2-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[   87.566240][ T5972] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   87.582218][ T5972] usb 2-1: config 0 descriptor??
[   87.590584][ T6368] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[   87.609755][ T5972] hub 2-1:0.0: USB hub found
[   87.801106][ T5972] hub 2-1:0.0: 1 port detected
[   89.214651][ T6203] usb 2-1: USB disconnect, device number 5
[   90.799602][ T6433] loop2: detected capacity change from 0 to 256
[   90.810692][ T6433] =======================================================
[   90.810692][ T6433] WARNING: The mand mount option has been deprecated and
[   90.810692][ T6433]          and is ignored by this kernel. Remove the mand
[   90.810692][ T6433]          option from the mount to silence this warning.
[   90.810692][ T6433] =======================================================
[   90.843671][ T6433] exFAT-fs (loop2): error, invalid access to FAT bad cluster (entry 0x00000005)
[   90.850476][ T6433] exFAT-fs (loop2): Filesystem has been set read-only
[   90.856863][ T6433] exFAT-fs (loop2): failed to count the number of clusters in root
[   90.860420][ T6433] exFAT-fs (loop2): failed to recognize exfat type
[   90.913776][ T6203] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[   91.063435][ T6203] usb 2-1: Using ep0 maxpacket: 16
[   91.069514][ T6203] usb 2-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[   91.074186][ T6203] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   91.077669][ T6203] usb 2-1: Product: syz
[   91.079522][ T6203] usb 2-1: Manufacturer: syz
[   91.081641][ T6203] usb 2-1: SerialNumber: syz
[   91.182549][ T6203] usb 2-1: config 0 descriptor??
[   91.286903][ T6203] ftdi_sio 2-1:0.0: FTDI USB Serial Device converter detected
[   91.292645][ T6203] usb 2-1: Detected FT232H
[   91.469914][ T6203] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[   91.899854][ T6203] usb 2-1: FTDI USB Serial Device converter now attached to ttyUSB0
[   91.930741][ T6469] loop2: detected capacity change from 0 to 1024
[   92.001496][   T40] hfsplus: b-tree write err: -5, ino 3
[   92.011777][ T5941] hfsplus: node 4:3 still has 3 user(s)!
[   92.057513][ T6471] loop2: detected capacity change from 0 to 128
[   92.077248][ T6471] affs: No valid root block on device loop2
[   92.105662][ T6203] usb 2-1: USB disconnect, device number 6
[   92.143685][ T6203] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[   92.163927][ T6203] ftdi_sio 2-1:0.0: device disconnected
[   92.472194][ T6479] loop2: detected capacity change from 0 to 32768
[   92.483843][ T6479] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.274 (6479)
[   92.504282][ T6479] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   92.508403][ T6479] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm
[   92.511780][ T6479] BTRFS info (device loop2): using free-space-tree
[   92.763314][ T5941] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   92.951657][ T6523] loop1: detected capacity change from 0 to 128
[   93.161110][ T6532] fuse: Bad value for 'fd'
[   93.227340][   T33] audit: type=1326 audit(1755105538.116:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6533 comm="syz.1.292" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd15f38ebe9 code=0x0
[   93.321518][ T6538] loop1: detected capacity change from 0 to 2048
[   93.345659][ T6538] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[   93.386699][ T6541] loop2: detected capacity change from 0 to 1024
[   93.433532][ T6541] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   93.442411][ T6541] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1289: group 0, block bitmap and bg descriptor inconsistent: 25 vs 1305 free clusters
[   93.453507][ T6541] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 63 with max blocks 65 with error 28
[   93.459728][ T6541] EXT4-fs (loop2): This should not happen!! Data will be lost
[   93.459728][ T6541] 
[   93.466070][ T6541] EXT4-fs (loop2): Total free blocks count 0
[   93.469883][ T6541] EXT4-fs (loop2): Free/Dirty block details
[   93.472990][ T6541] EXT4-fs (loop2): free_blocks=20480
[   93.476599][ T6541] EXT4-fs (loop2): dirty_blocks=96
[   93.478654][ T6541] EXT4-fs (loop2): Block reservation details
[   93.481239][ T6541] EXT4-fs (loop2): i_reserved_data_blocks=6
[   93.509801][   T32] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[   93.607470][ T6556] loop1: detected capacity change from 0 to 1024
[   93.610199][ T6556] EXT4-fs: Ignoring removed orlov option
[   93.612164][ T6556] EXT4-fs: Ignoring removed bh option
[   93.616528][ T6556] EXT4-fs: Ignoring removed bh option
[   93.638661][ T6556] EXT4-fs (loop1): mounted filesystem 05000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   93.679495][ T5933] EXT4-fs (loop1): unmounting filesystem 05000000-0000-0000-0000-000000000000.
[   93.807635][ T5972] usb 3-1: new full-speed USB device number 4 using dummy_hcd
[   93.886222][ T6567] netlink: 'syz.1.304': attribute type 29 has an invalid length.
[   93.955203][ T5972] usb 3-1: config 0 has an invalid interface number: 176 but max is 2
[   93.963429][ T5972] usb 3-1: config 0 has no interface number 1
[   93.965629][ T5972] usb 3-1: New USB device found, idVendor=05c6, idProduct=9205, bcdDevice=29.ac
[   93.969222][ T5972] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   93.975110][ T5972] usb 3-1: config 0 descriptor??
[   94.120126][ T6577] tmpfs: Bad value for 'mpol'
[   94.170821][ T6579] loop1: detected capacity change from 0 to 512
[   94.183054][ T5972] qcserial 3-1:0.2: Qualcomm USB modem converter detected
[   94.206804][ T6579] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[   94.213689][ T6579] ext4 filesystem being mounted at /64/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   94.275471][ T5933] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   94.386654][ T6203] usb 3-1: USB disconnect, device number 4
[   94.394705][ T6203] qcserial 3-1:0.2: device disconnected
[   94.413513][ T6589] nbd0: detected capacity change from 0 to 127
[   94.421518][   T56] block nbd0: Receive control failed (result -104)
[   94.549743][ T6597] syz.0.317 uses obsolete (PF_INET,SOCK_PACKET)
[   94.555889][ T6597] netlink: 16 bytes leftover after parsing attributes in process `syz.0.317'.
[   94.646904][ T6599] overlayfs: conflicting options: nfs_export=on,index=off
[   94.785421][ T6609] usb usb6: usbfs: process 6609 (syz.1.323) did not claim interface 63 before use
[   95.233584][   T10] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[   95.383476][   T10] usb 3-1: Using ep0 maxpacket: 8
[   95.390677][   T10] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[   95.399071][   T10] usb 3-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=37.a3
[   95.403094][   T10] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   95.408204][   T10] usb 3-1: Product: syz
[   95.410532][   T10] usb 3-1: Manufacturer: syz
[   95.412619][   T10] usb 3-1: SerialNumber: syz
[   95.418588][   T10] usb 3-1: config 0 descriptor??
[   95.644503][ T5972] usb 3-1: USB disconnect, device number 5
[   96.643183][ T6643] loop2: detected capacity change from 0 to 32768
[   96.657141][ T6643] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.336 (6643)
[   97.291744][ T6643] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   97.306872][ T6643] BTRFS info (device loop2): using sha256 (sha256-lib) checksum algorithm
[   97.320206][ T6643] BTRFS info (device loop2): using free-space-tree
[   97.630703][ T6677] loop1: detected capacity change from 0 to 1024
[   97.680639][ T5941] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   97.701977][ T1091] hfsplus: b-tree write err: -5, ino 4
[   98.223487][   T47] usb 2-1: new full-speed USB device number 7 using dummy_hcd
[   98.515928][   T47] usb 2-1: config 1 interface 0 altsetting 2 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[   98.522072][   T47] usb 2-1: config 1 interface 0 has no altsetting 0
[   98.528159][   T47] usb 2-1: New USB device found, idVendor=05ac, idProduct=0225, bcdDevice= 0.40
[   98.531911][   T47] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   98.534919][   T47] usb 2-1: Product: syz
[   98.536415][   T47] usb 2-1: Manufacturer: syz
[   98.538236][   T47] usb 2-1: SerialNumber: syz
[   98.696016][ T6696] veth3: entered promiscuous mode
[   98.756066][   T47] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/input/input6
[   98.766048][ T5279] bcm5974 2-1:1.0: could not read from device
[   98.769863][ T5279] bcm5974 2-1:1.0: could not read from device
[   98.781562][ T5279] bcm5974 2-1:1.0: could not read from device
[   98.786721][   T47] usb 2-1: USB disconnect, device number 7
[   98.790732][ T5279] bcm5974 2-1:1.0: could not read from device
[   99.011644][ T6698] netlink: 'syz.2.350': attribute type 153 has an invalid length.
[   99.377065][ T6712] loop1: detected capacity change from 0 to 1024
[   99.381890][ T6712] EXT4-fs (loop1): stripe (3) is not aligned with cluster size (16), stripe is disabled
[   99.393449][    T9] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[   99.414698][ T6712] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   99.425888][ T6712] EXT4-fs error (device loop1): ext4_xattr_inode_iget:437: inode #11: comm syz.1.357: missing EA_INODE flag
[   99.433788][ T6712] EXT4-fs (loop1): Remounting filesystem read-only
[   99.457436][ T5933] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   99.514340][ T6719] loop1: detected capacity change from 0 to 256
[   99.554564][    T9] usb 3-1: Using ep0 maxpacket: 8
[   99.565093][    T9] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   99.578313][    T9] usb 3-1: New USB device found, idVendor=0421, idProduct=798f, bcdDevice=86.54
[   99.584350][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   99.588025][    T9] usb 3-1: Product: syz
[   99.591121][    T9] usb 3-1: Manufacturer: syz
[   99.593147][    T9] usb 3-1: SerialNumber: syz
[   99.604063][    T9] usb 3-1: config 0 descriptor??
[   99.607915][    T9] cdc_phonet 3-1:0.0: probe with driver cdc_phonet failed with error -22
[   99.813771][   T47] usb 3-1: USB disconnect, device number 6
[   99.935726][ T6735] loop1: detected capacity change from 0 to 32768
[   99.946462][ T6735] (syz.1.365,6735,1):ocfs2_verify_volume:2303 ERROR: found superblock with bad version: found 9.0, should be 0.90
[   99.952285][ T6735] (syz.1.365,6735,1):ocfs2_verify_volume:2331 ERROR: status = -22
[   99.955796][ T6735] (syz.1.365,6735,1):ocfs2_fill_super:989 ERROR: superblock probe failed!
[   99.959378][ T6735] (syz.1.365,6735,1):ocfs2_fill_super:1177 ERROR: status = -22
[  100.180381][ T6755] netlink: 'syz.0.375': attribute type 1 has an invalid length.
[  100.354786][ T6771] loop2: detected capacity change from 0 to 256
[  100.370294][   T33] audit: type=1800 audit(1755105545.266:5): pid=6771 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.384" name=93FDD4787ADAD4209069 dev="loop2" ino=1048618 res=0 errno=0
[  100.582388][ T6790] bond_slave_0: entered promiscuous mode
[  100.584516][ T6790] bond_slave_1: entered promiscuous mode
[  100.589734][ T6790] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  100.595601][ T6790] bond_slave_0: left promiscuous mode
[  100.597766][ T6790] bond_slave_1: left promiscuous mode
[  100.713507][   T47] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  100.903368][   T47] usb 2-1: Using ep0 maxpacket: 16
[  100.907274][   T47] usb 2-1: config 0 has an invalid interface number: 105 but max is 0
[  100.910628][   T47] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  100.914856][   T47] usb 2-1: config 0 has no interface number 0
[  100.924175][   T47] usb 2-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[  100.928015][   T47] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  100.931275][   T47] usb 2-1: Product: syz
[  100.932938][   T47] usb 2-1: Manufacturer: syz
[  100.943885][   T47] usb 2-1: SerialNumber: syz
[  100.946844][   T47] usb 2-1: config 0 descriptor??
[  100.960747][   T47] usb 2-1: Found UVC 0.00 device syz (046d:08f3)
[  100.963475][   T47] usb 2-1: No valid video chain found.
[  101.169903][    T9] usb 2-1: USB disconnect, device number 8
[  101.350804][ T6821] IPVS: sync thread started: state = MASTER, mcast_ifn = veth0_virt_wifi, syncid = 33554432, id = 0
[  101.356565][ T6820] IPVS: stopping master sync thread 6821 ...
[  101.666923][ T6831] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  101.791430][ T6843] loop2: detected capacity change from 0 to 128
[  101.814078][ T6843] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  101.819127][ T6843] ext4 filesystem being mounted at /108/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  101.848589][ T5941] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  102.302123][ T6876] loop2: detected capacity change from 0 to 1024
[  102.481997][ T6881] loop2: detected capacity change from 0 to 32768
[  102.641288][ T6900] loop2: detected capacity change from 0 to 256
[  102.646100][ T6900] exfat: Deprecated parameter 'namecase'
[  102.651480][ T6900] exfat: Deprecated parameter 'namecase'
[  102.659763][ T6900] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  102.988609][ T6925] loop2: detected capacity change from 0 to 8
[  103.223143][ T6927] SQUASHFS error: Failed to read block 0x2fc: -5
[  103.225716][ T6927] SQUASHFS error: Unable to read metadata cache entry [2fa]
[  103.228196][ T6927] SQUASHFS error: Unable to read directory block [247:26]
[  103.234148][ T6927] SQUASHFS error: Unable to read metadata cache entry [2fa]
[  103.237131][ T6927] SQUASHFS error: Unable to read directory block [247:26]
[  103.241693][ T6927] SQUASHFS error: Unable to read metadata cache entry [2fa]
[  103.244631][ T6927] SQUASHFS error: Unable to read directory block [247:26]
[  103.704929][ T6941] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  103.729125][ T6941] ubi31: attaching mtd0
[  103.743005][ T6941] ubi31: scanning is finished
[  103.744876][ T6941] ubi31: empty MTD device detected
[  104.040995][ T6941] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[  104.044410][ T6941] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[  104.047551][ T6941] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[  104.050520][ T6941] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[  104.053842][ T6941] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[  104.056771][ T6941] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[  104.060154][ T6941] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 4159790842
[  104.064293][ T6941] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[  104.079924][ T6946] ubi31: background thread "ubi_bgt31d" started, PID 6946
[  104.416269][ T6967] loop2: detected capacity change from 0 to 128
[  104.763634][ T5939] Bluetooth: hci1: command tx timeout
[  104.795678][ T7001] loop2: detected capacity change from 0 to 4096
[  104.800497][ T7001] EXT4-fs (loop2): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  104.809044][ T7001] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  104.923373][    T9] usb 2-1: new low-speed USB device number 9 using dummy_hcd
[  105.687083][ T5941] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  105.691020][ T7015] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  105.694348][ T7015] overlayfs: missing 'lowerdir'
[  105.757653][ T7022] netlink: 'syz.0.488': attribute type 3 has an invalid length.
[  105.793638][ T7024] bridge1: entered allmulticast mode
[  105.797154][    T9] usb 2-1: config 179 has an invalid interface number: 65 but max is 0
[  105.800739][    T9] usb 2-1: config 179 has no interface number 0
[  105.805667][    T9] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 10
[  105.810405][    T9] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[  105.815088][    T9] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 10
[  105.819945][    T9] usb 2-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 58368, setting to 8
[  105.825163][    T9] usb 2-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  105.830899][    T9] usb 2-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  105.835274][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  105.845420][ T6996] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  105.850380][    T9] xpad 2-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -90
[  105.865418][    T9] xpad 2-1:179.65: probe with driver xpad failed with error -90
[  106.066282][  T792] usb 2-1: USB disconnect, device number 9
[  106.685222][ T7048] Driver unsupported XDP return value 0 on prog  (id 38) dev N/A, expect packet loss!
[  107.463182][ T7054] loop1: detected capacity change from 0 to 4096
[  107.509155][ T7054] ntfs3(loop1): ino=18, mi_enum_attr
[  107.511165][ T7054] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  107.517620][ T7054] ntfs3(loop1): ino=1a, mi_enum_attr
[  107.861076][ T7060] loop2: detected capacity change from 0 to 4096
[  107.865337][ T7060] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512).
[  107.890153][ T7060] ntfs3(loop2): Failed to initialize $Extend/$Reparse.
[  107.890496][ T7064] loop1: detected capacity change from 0 to 1024
[  107.900837][ T7064] EXT4-fs (loop1): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  107.905080][ T7064] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (49802!=20869)
[  107.909146][ T7064] EXT4-fs (loop1): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  107.916107][ T7064] EXT4-fs error (device loop1): ext4_get_journal_inode:5796: inode #5: comm syz.1.506: unexpected bad inode w/o EXT4_IGET_BAD
[  107.922919][ T7064] EXT4-fs (loop1): no journal found
[  107.926317][ T7064] EXT4-fs (loop1): can't get journal size
[  107.931101][ T7064] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  107.972364][ T5933] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.976737][ T7069] openvswitch: netlink: IPv4 tun info is not correct
[  108.006150][ T7071] loop1: detected capacity change from 0 to 512
[  108.010009][ T7071] EXT4-fs: Ignoring removed nomblk_io_submit option
[  108.016321][ T7071] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  108.024143][ T7071] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  108.041640][ T7071] EXT4-fs (loop1): 1 truncate cleaned up
[  108.046463][ T7071] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  108.230467][   T33] audit: type=1326 audit(1755105553.126:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7080 comm="syz.2.512" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b62f8ebe9 code=0x7ffc0000
[  108.242992][   T33] audit: type=1326 audit(1755105553.126:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7080 comm="syz.2.512" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b62f8ebe9 code=0x7ffc0000
[  108.252414][   T33] audit: type=1326 audit(1755105553.126:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7080 comm="syz.2.512" exe="/syz-executor" sig=0 arch=c000003e syscall=250 compat=0 ip=0x7f7b62f8ebe9 code=0x7ffc0000
[  108.261806][   T33] audit: type=1326 audit(1755105553.126:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7080 comm="syz.2.512" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b62f8ebe9 code=0x7ffc0000
[  108.272593][   T33] audit: type=1326 audit(1755105553.126:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7080 comm="syz.2.512" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b62f8ebe9 code=0x7ffc0000
[  108.281926][   T33] audit: type=1326 audit(1755105553.126:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7080 comm="syz.2.512" exe="/syz-executor" sig=0 arch=c000003e syscall=249 compat=0 ip=0x7f7b62f8ebe9 code=0x7ffc0000
[  108.291499][   T33] audit: type=1326 audit(1755105553.126:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7080 comm="syz.2.512" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b62f8ebe9 code=0x7ffc0000
[  108.303756][   T33] audit: type=1326 audit(1755105553.126:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7080 comm="syz.2.512" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b62f8ebe9 code=0x7ffc0000
[  108.330734][ T7083] random: crng reseeded on system resumption
[  108.351265][ T5933] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.388944][ T7088] loop1: detected capacity change from 0 to 512
[  108.394048][ T7088] journal_path: Lookup failure for './file0/../file0'
[  108.397982][ T7088] EXT4-fs: error: could not find journal device path
[  108.459328][ T7090] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci2/hci2:200/input7
[  108.713457][  T975] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  108.812550][ T7099] netlink: 384 bytes leftover after parsing attributes in process `syz.0.518'.
[  108.913908][  T975] usb 3-1: Using ep0 maxpacket: 32
[  108.955281][  T975] usb 3-1: config 0 has an invalid interface number: 146 but max is 0
[  108.968353][  T975] usb 3-1: config 0 has no interface number 0
[  108.979954][  T975] usb 3-1: config 0 interface 146 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  109.001098][  T975] usb 3-1: config 0 interface 146 altsetting 0 has an endpoint descriptor with address 0xE3, changing to 0x83
[  109.026285][  T975] usb 3-1: config 0 interface 146 altsetting 0 endpoint 0x83 has invalid maxpacket 33307, setting to 1024
[  109.031506][  T975] usb 3-1: config 0 interface 146 altsetting 0 bulk endpoint 0x83 has invalid maxpacket 1024
[  109.049718][  T975] usb 3-1: config 0 interface 146 altsetting 0 has an endpoint descriptor with address 0xF2, changing to 0x82
[  109.057342][   T47] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  109.083078][  T975] usb 3-1: config 0 interface 146 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  109.087731][  T975] usb 3-1: config 0 interface 146 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 0
[  109.092073][  T975] usb 3-1: config 0 interface 146 altsetting 0 endpoint 0x1 has invalid maxpacket 19968, setting to 1024
[  109.096986][  T975] usb 3-1: config 0 interface 146 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 1024
[  109.101440][  T975] usb 3-1: config 0 interface 146 altsetting 0 has 4 endpoint descriptors, different from the interface descriptor's value: 3
[  109.109991][  T975] usb 3-1: New USB device found, idVendor=05da, idProduct=009a, bcdDevice=62.95
[  109.114949][  T975] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  109.118392][  T975] usb 3-1: Product: syz
[  109.120294][  T975] usb 3-1: Manufacturer: syz
[  109.122399][  T975] usb 3-1: SerialNumber: syz
[  109.127406][  T975] usb 3-1: config 0 descriptor??
[  109.130421][ T7083] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  109.132887][ T7083] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  109.137213][  T975] microtek usb (rev 0.4.3): will this work? Response EP is not usually 3
[  109.141021][  T975] microtek usb (rev 0.4.3): will this work? Image data EP is not usually 2
[  109.150931][  T975] scsi host6: microtekX6
[  109.203450][   T47] usb 2-1: Using ep0 maxpacket: 32
[  109.210532][   T47] usb 2-1: config 0 interface 0 altsetting 4 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  109.216501][   T47] usb 2-1: config 0 interface 0 has no altsetting 0
[  109.219758][   T47] usb 2-1: New USB device found, idVendor=5543, idProduct=0781, bcdDevice= 0.00
[  109.223749][   T47] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  109.229280][   T47] usb 2-1: config 0 descriptor??
[  109.481088][ T7104] overlayfs: failed to clone upperpath
[  109.488123][ T7104] 9pnet_fd: Insufficient options for proto=fd
[  109.669461][   T47] uclogic 0003:5543:0781.0002: ignoring exceeding usage max
[  109.675201][   T47] uclogic 0003:5543:0781.0002: unbalanced collection at end of report description
[  109.679832][   T47] uclogic 0003:5543:0781.0002: parse failed
[  109.682496][   T47] uclogic 0003:5543:0781.0002: probe with driver uclogic failed with error -22
[  109.695550][  T975] usb 3-1: USB disconnect, device number 7
[  109.890888][   T10] usb 2-1: USB disconnect, device number 10
[  110.508709][ T7125] loop2: detected capacity change from 0 to 40427
[  110.524166][ T7125] F2FS-fs (loop2): invalid crc value
[  110.591252][ T7125] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  110.625085][ T7125] F2FS-fs (loop2): Start checkpoint disabled!
[  110.636655][ T7125] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  110.841234][ T7159] loop1: detected capacity change from 0 to 2048
[  110.866006][ T7159] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  110.910981][ T5933] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.968381][ T7197] loop2: detected capacity change from 0 to 40427
[  111.974371][ T7197] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  111.977587][ T7197] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  111.985659][ T7197] F2FS-fs (loop2): invalid crc value
[  112.054244][ T7197] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  112.062097][ T7197] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  112.065515][ T7197] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  112.513666][ T7216] fuse: Bad value for 'fd'
[  112.774777][   T33] audit: type=1800 audit(1755105557.666:14): pid=7217 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.560" name="file1" dev="loop2" ino=10 res=0 errno=0
[  112.997649][ T7221] pim6reg: entered allmulticast mode
[  113.223086][ T7226] random: crng reseeded on system resumption
[  113.564692][ T7247] Invalid ELF header magic: != ELF
[  113.665598][ T7256] IPVS: Error joining to the multicast group
[  114.328387][ T7265] loop1: detected capacity change from 0 to 512
[  114.339118][ T7265] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.585: iget: bad i_size value: 38620345925642
[  114.345975][ T7265] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.585: couldn't read orphan inode 15 (err -117)
[  114.352704][ T7265] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  114.370158][ T7265] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.585: bg 0: block 5: invalid block bitmap
[  114.378301][ T7265] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 5 with error 28
[  114.384637][ T7265] EXT4-fs (loop1): This should not happen!! Data will be lost
[  114.384637][ T7265] 
[  114.388734][ T7265] EXT4-fs (loop1): Total free blocks count 0
[  114.391332][ T7265] EXT4-fs (loop1): Free/Dirty block details
[  114.394184][ T7265] EXT4-fs (loop1): free_blocks=0
[  114.396364][ T7265] EXT4-fs (loop1): dirty_blocks=5
[  114.398591][ T7265] EXT4-fs (loop1): Block reservation details
[  114.401307][ T7265] EXT4-fs (loop1): i_reserved_data_blocks=5
[  114.440573][ T5933] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  114.495844][ T7271] loop1: detected capacity change from 0 to 256
[  114.507736][ T7271] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011d5f, chksum : 0x09863542, utbl_chksum : 0x000cd30d)
[  114.508285][ T7273] netlink: 'syz.2.588': attribute type 2 has an invalid length.
[  114.517809][ T7273] netlink: 'syz.2.588': attribute type 1 has an invalid length.
[  114.641405][ T7275] loop1: detected capacity change from 0 to 8192
[  114.686235][ T7275] Dev loop1: RDB in block 1 has bad checksum
[  114.724849][ T7284] loop2: detected capacity change from 0 to 1024
[  114.731394][ T7284] EXT4-fs (loop2): first meta block group too large: 33024 (group descriptor block count 1)
[  114.830133][ T7286] loop1: detected capacity change from 0 to 4096
[  114.835407][ T7286] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512).
[  114.890705][ T7286] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  114.955953][ T7286] ntfs3(loop1): ino=1e, mi_enum_attr
[  114.958026][ T7286] ntfs3(loop1): ino=1e, mi_enum_attr
[  115.042225][ T7291] usb usb8: usbfs: process 7291 (syz.1.595) did not claim interface 0 before use
[  116.053473][   T33] audit: type=1326 audit(1755105560.876:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7304 comm="syz.0.601" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1ae18ebe9 code=0x7ffc0000
[  116.068348][   T33] audit: type=1326 audit(1755105560.876:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7304 comm="syz.0.601" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1ae18ebe9 code=0x7ffc0000
[  116.094260][   T33] audit: type=1326 audit(1755105560.886:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7304 comm="syz.0.601" exe="/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7ff1ae18ebe9 code=0x7ffc0000
[  116.129374][   T33] audit: type=1326 audit(1755105560.886:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7304 comm="syz.0.601" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff1ae18ebe9 code=0x0
[  116.429928][ T7312] loop2: detected capacity change from 0 to 256
[  117.153306][   T33] audit: type=1326 audit(1755105562.046:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7342 comm="syz.2.617" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b62f8ebe9 code=0x7ffc0000
[  117.162579][   T33] audit: type=1326 audit(1755105562.056:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7342 comm="syz.2.617" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b62f8ebe9 code=0x7ffc0000
[  117.178690][   T33] audit: type=1326 audit(1755105562.056:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7342 comm="syz.2.617" exe="/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7f7b62f8ebe9 code=0x7ffc0000
[  117.195546][   T33] audit: type=1326 audit(1755105562.056:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7342 comm="syz.2.617" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b62f8ebe9 code=0x7ffc0000
[  117.217572][   T33] audit: type=1326 audit(1755105562.056:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7342 comm="syz.2.617" exe="/syz-executor" sig=0 arch=c000003e syscall=226 compat=0 ip=0x7f7b62f8ebe9 code=0x7ffc0000
[  117.240560][   T33] audit: type=1326 audit(1755105562.056:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7342 comm="syz.2.617" exe="/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7b62f8ebe9 code=0x7ffc0000
[  117.618517][ T7346] tmpfs: Bad value for 'mpol'
[  117.660786][ T7351] program syz.1.620 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  117.662063][ T7352] loop2: detected capacity change from 0 to 512
[  117.696189][ T7352] EXT4-fs warning (device loop2): dx_probe:801: inode #2: comm syz.2.621: Unrecognised inode hash code 255
[  117.701920][ T7352] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.621: Corrupt directory, running e2fsck is recommended
[  117.716684][ T7352] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117
[  117.721571][ T7352] EXT4-fs error (device loop2): ext4_iget_extra_inode:5104: inode #15: comm syz.2.621: corrupted in-inode xattr: invalid ea_ino
[  117.731630][ T7352] EXT4-fs (loop2): Remounting filesystem read-only
[  117.741207][ T7352] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  117.787434][ T5941] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  118.103452][ T7364] netlink: 176 bytes leftover after parsing attributes in process `syz.0.625'.
[  118.113772][    T9] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  118.203371][   T47] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  118.322985][    T9] usb 2-1: New USB device found, idVendor=045e, idProduct=0284, bcdDevice=3f.cb
[  118.328268][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  118.334705][    T9] usb 2-1: Product: syz
[  118.336815][    T9] usb 2-1: Manufacturer: syz
[  118.339344][    T9] usb 2-1: SerialNumber: syz
[  118.348428][    T9] usb 2-1: config 0 descriptor??
[  118.365460][   T47] usb 3-1: Using ep0 maxpacket: 8
[  118.370319][   T47] usb 3-1: config index 0 descriptor too short (expected 5924, got 36)
[  118.373318][   T47] usb 3-1: config 250 has an invalid interface number: 228 but max is -1
[  118.376603][   T47] usb 3-1: config 250 has 1 interface, different from the descriptor's value: 0
[  118.379929][   T47] usb 3-1: config 250 has no interface number 0
[  118.382715][   T47] usb 3-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024
[  118.387702][   T47] usb 3-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024
[  118.392396][   T47] usb 3-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0
[  118.396609][   T47] usb 3-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0
[  118.400763][   T47] usb 3-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17
[  118.406607][   T47] usb 3-1: config 250 interface 228 has no altsetting 0
[  118.411782][   T47] usb 3-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07
[  118.415583][   T47] usb 3-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59
[  118.418756][   T47] usb 3-1: Product: syz
[  118.420383][   T47] usb 3-1: SerialNumber: syz
[  118.433772][   T47] hub 3-1:250.228: bad descriptor, ignoring hub
[  118.436596][   T47] hub 3-1:250.228: probe with driver hub failed with error -5
[  118.660865][   T47] usblp 3-1:250.228: usblp0: USB Bidirectional printer dev 8 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292
[  118.705838][   T47] usb 3-1: USB disconnect, device number 8
[  118.720066][   T47] usblp0: removed
[  119.107777][ T7368] netlink: 8 bytes leftover after parsing attributes in process `syz.0.627'.
[  119.242929][   T47] usb 2-1: USB disconnect, device number 11
[  119.341132][ T7372] netlink: 48 bytes leftover after parsing attributes in process `syz.0.629'.
[  119.431504][ T7375] warning: `syz.0.630' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  119.895230][ T7386] loop1: detected capacity change from 0 to 128
[  119.899454][ T7386] EXT4-fs (loop1): Test dummy encryption mode enabled
[  119.908377][ T7386] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  119.915704][ T7386] ext4 filesystem being mounted at /155/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  119.988970][ T7386] fscrypt: AES-256-CBC-CTS using implementation "cts(cbc(ecb(aes-fixed-time)))"
[  120.032175][ T5933] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  120.305118][ T7405] loop1: detected capacity change from 0 to 1024
[  120.330017][ T7405] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  120.362926][ T5933] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  120.396798][ T7411] loop1: detected capacity change from 0 to 1024
[  120.408197][ T7411] EXT4-fs (loop1): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  120.412768][ T7411] ext4 filesystem being mounted at /159/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  120.436433][ T5933] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  120.770866][ T7421] loop1: detected capacity change from 0 to 32768
[  120.801244][ T7421] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  120.825231][ T7421] (syz.1.647,7421,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #65: rec_len is smaller than minimal - offset=16, inode=65, rec_len=12, name_len=0
[  120.832821][ T7421] (syz.1.647,7421,1):ocfs2_prepare_dir_for_insert:4302 ERROR: status = -2
[  120.839077][ T7421] (syz.1.647,7421,1):ocfs2_link:764 ERROR: status = -2
[  120.841998][ T7421] (syz.1.647,7421,1):ocfs2_link:842 ERROR: status = -2
[  120.907963][ T5933] ocfs2: Unmounting device (7,1) on (node local)
[  121.185870][ T7451] netlink: 12 bytes leftover after parsing attributes in process `syz.0.661'.
[  121.494355][ T7478] loop2: detected capacity change from 0 to 256
[  121.498488][ T7478] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  121.502970][ T7478] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[  121.513224][ T7478] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  121.553134][ T7482] loop1: detected capacity change from 0 to 1024
[  121.559312][ T7482] EXT4-fs (loop1): stripe (3) is not aligned with cluster size (16), stripe is disabled
[  121.590024][ T7482] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  121.601268][ T7482] EXT4-fs error (device loop1): ext4_xattr_inode_iget:437: inode #11: comm syz.1.676: missing EA_INODE flag
[  121.609574][ T7482] EXT4-fs (loop1): Remounting filesystem read-only
[  121.628895][ T5933] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  121.656031][ T7488] loop1: detected capacity change from 0 to 256
[  121.665595][ T7488] FAT-fs (loop1): Directory bread(block 64) failed
[  121.668294][ T7488] FAT-fs (loop1): Directory bread(block 65) failed
[  121.671083][ T7488] FAT-fs (loop1): Directory bread(block 66) failed
[  121.676737][ T7488] FAT-fs (loop1): Directory bread(block 67) failed
[  121.679521][ T7488] FAT-fs (loop1): Directory bread(block 68) failed
[  121.682896][ T7488] FAT-fs (loop1): Directory bread(block 69) failed
[  121.685898][ T7488] FAT-fs (loop1): Directory bread(block 70) failed
[  121.688099][ T7488] FAT-fs (loop1): Directory bread(block 71) failed
[  121.690315][ T7488] FAT-fs (loop1): Directory bread(block 72) failed
[  121.692697][ T7488] FAT-fs (loop1): Directory bread(block 73) failed
[  121.785930][ T7492] 9pnet_fd: p9_fd_create_tcp (7492): problem connecting socket to 127.0.0.1
[  121.835084][    T9] usb 3-1: new full-speed USB device number 9 using dummy_hcd
[  121.868011][ T7496] netlink: 24 bytes leftover after parsing attributes in process `syz.1.682'.
[  121.935631][ T7498] loop1: detected capacity change from 0 to 2048
[  121.940165][ T7498] UDF-fs: warning (device loop1): udf_fill_super: No fileset found
[  121.989677][    T9] usb 3-1: config 0 interface 0 has no altsetting 0
[  121.992627][    T9] usb 3-1: New USB device found, idVendor=056e, idProduct=00fc, bcdDevice= 0.00
[  122.005337][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  122.018424][    T9] usb 3-1: config 0 descriptor??
[  122.413378][   T47] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  122.432723][    T9] elecom 0003:056E:00FC.0003: unknown main item tag 0x0
[  122.443816][    T9] elecom 0003:056E:00FC.0003: unknown main item tag 0x0
[  122.446837][    T9] elecom 0003:056E:00FC.0003: unknown main item tag 0x0
[  122.449807][    T9] elecom 0003:056E:00FC.0003: unknown main item tag 0x0
[  122.452726][    T9] elecom 0003:056E:00FC.0003: unknown main item tag 0x0
[  122.466273][    T9] elecom 0003:056E:00FC.0003: unknown main item tag 0x0
[  122.469404][    T9] elecom 0003:056E:00FC.0003: unknown main item tag 0x0
[  122.477381][    T9] elecom 0003:056E:00FC.0003: hidraw0: USB HID v0.06 Device [HID 056e:00fc] on usb-dummy_hcd.2-1/input0
[  122.574975][   T47] usb 2-1: Using ep0 maxpacket: 8
[  122.580961][   T47] usb 2-1: config 0 has an invalid interface number: 52 but max is 0
[  122.587837][   T47] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  122.591866][   T47] usb 2-1: config 0 has no interface number 0
[  122.595252][   T47] usb 2-1: config 0 interface 52 altsetting 1 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  122.599933][   T47] usb 2-1: config 0 interface 52 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  122.607074][   T47] usb 2-1: config 0 interface 52 has no altsetting 0
[  122.611073][   T47] usb 2-1: New USB device found, idVendor=06cb, idProduct=0003, bcdDevice=e8.00
[  122.615257][   T47] usb 2-1: New USB device strings: Mfr=22, Product=0, SerialNumber=0
[  122.618632][   T47] usb 2-1: Manufacturer: syz
[  122.622890][   T47] usb 2-1: config 0 descriptor??
[  122.634644][   T47] hub 2-1:0.52: bad descriptor, ignoring hub
[  122.636831][   T47] hub 2-1:0.52: probe with driver hub failed with error -5
[  122.640978][  T792] usb 3-1: USB disconnect, device number 9
[  122.841315][   T47] input: syz as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.52/input/input8
[  123.159954][    T9] usb 2-1: USB disconnect, device number 12
[  123.305060][ T7537] snd_dummy snd_dummy.0: control 2:16:0:syz0:-3 is already present
[  123.352213][ T7541] CIFS: VFS: Malformed UNC in devname
[  123.721652][ T7553] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(3)
[  123.724011][ T7553] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  123.729016][ T7553] vhci_hcd vhci_hcd.0: Device attached
[  123.983381][  T792] usb 35-1: new low-speed USB device number 2 using vhci_hcd
[  123.986748][   T47] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  124.133426][   T47] usb 2-1: Using ep0 maxpacket: 16
[  124.137571][   T47] usb 2-1: config 0 has no interfaces?
[  124.140081][   T47] usb 2-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  124.145055][   T47] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  124.151577][   T47] usb 2-1: config 0 descriptor??
[  124.358990][ T7554] usb 35-1: recv xbuf, 0
[  124.363488][ T5921] vhci_hcd: stop threads
[  124.364656][    T9] usb 2-1: USB disconnect, device number 13
[  124.365321][ T5921] vhci_hcd: release socket
[  124.369276][ T5921] vhci_hcd: disconnect device
[  124.433521][  T792] vhci_hcd: vhci_device speed not set
[  124.477878][ T7561] process 'syz.2.711' launched './file1' with NULL argv: empty string added
[  124.674379][ T7567] loop2: detected capacity change from 0 to 32768
[  124.678762][ T7567] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.714 (7567)
[  124.685072][ T7567] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  124.688487][ T7567] BTRFS info (device loop2): using crc32c (crc32c-lib) checksum algorithm
[  124.691362][ T7567] BTRFS info (device loop2): using free-space-tree
[  124.722235][ T5941] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  124.836031][   T25] block nbd0: Possible stuck request ffff8880223a0000: control (read@0,1024B). Runtime 30 seconds
[  124.839841][   T25] block nbd0: Possible stuck request ffff8880223a0200: control (read@1024,1024B). Runtime 30 seconds
[  124.843713][   T25] block nbd0: Possible stuck request ffff8880223a0400: control (read@2048,1024B). Runtime 30 seconds
[  124.848884][   T25] block nbd0: Possible stuck request ffff8880223a0600: control (read@3072,1024B). Runtime 30 seconds
[  125.260464][ T7608] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  125.405903][ T7615] loop2: detected capacity change from 0 to 4096
[  125.409965][ T7615] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512).
[  125.428137][ T7615] ntfs3(loop2): ino=3, ntfs_set_state failed, -22.
[  125.448768][   T32] ntfs3(loop2): ino=3, ntfs3_write_inode failed, -22.
[  125.451828][ T5941] ntfs3(loop2): ino=3, ntfs_set_state failed, -22.
[  125.456813][ T5941] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  125.460809][ T5941] ntfs3(loop2): ino=3, ntfs_set_state failed, -22.
[  125.465645][   T27] ntfs3(loop2): ino=3, ntfs3_write_inode failed, -22.
[  125.627221][ T7617] loop2: detected capacity change from 0 to 32768
[  125.638483][ T7617] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  126.221855][ T5941] ocfs2: Unmounting device (7,2) on (node local)
[  126.783434][   T47] usb 2-1: new full-speed USB device number 14 using dummy_hcd
[  126.945555][   T47] usb 2-1: unable to get BOS descriptor or descriptor too short
[  126.949591][   T47] usb 2-1: not running at top speed; connect to a high speed hub
[  126.955590][   T47] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  126.960111][   T47] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  126.967329][   T47] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  126.971359][   T47] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  126.975163][   T47] usb 2-1: Product: syz
[  126.977094][   T47] usb 2-1: Manufacturer: syz
[  126.979276][   T47] usb 2-1: SerialNumber: syz
[  127.198700][   T47] usb 2-1: 0:2 : does not exist
[  127.215773][   T47] usb 2-1: USB disconnect, device number 14
[  127.483504][    T9] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  127.635369][    T9] usb 3-1: config 0 has an invalid interface number: 186 but max is 1
[  127.638655][    T9] usb 3-1: config 0 has no interface number 1
[  127.643718][    T9] usb 3-1: New USB device found, idVendor=0582, idProduct=0005, bcdDevice=e5.83
[  127.647353][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  127.651075][    T9] usb 3-1: Product: syz
[  127.652726][    T9] usb 3-1: Manufacturer: syz
[  127.654826][    T9] usb 3-1: SerialNumber: syz
[  127.658592][    T9] usb 3-1: config 0 descriptor??
[  127.867941][ T7642] netlink: 'syz.1.741': attribute type 3 has an invalid length.
[  127.871620][   T47] usb 3-1: USB disconnect, device number 10
[  127.946144][ T7646] loop1: detected capacity change from 0 to 512
[  127.950514][ T7646] EXT4-fs (loop1): mounting ext3 file system using the ext4 subsystem
[  127.957837][ T7646] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002]
[  127.962518][ T7646] EXT4-fs error (device loop1): ext4_iget_extra_inode:5104: inode #15: comm syz.1.743: corrupted in-inode xattr: e_value size too large
[  127.969445][ T7646] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.743: couldn't read orphan inode 15 (err -117)
[  127.976525][ T7646] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  128.003837][ T5933] EXT4-fs error (device loop1): ext4_lookup:1787: inode #14: comm syz-executor: invalid fast symlink length 39
[  128.012596][ T5933] EXT4-fs error (device loop1): ext4_lookup:1787: inode #14: comm syz-executor: invalid fast symlink length 39
[  128.235449][ T5933] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  128.567434][ T5944] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  128.573626][ T5944] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  128.577508][ T5944] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  128.581381][ T5944] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  128.585084][ T5944] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  128.643014][   T10] hid-generic 0000:0000:0000.0004: unknown main item tag 0x0
[  128.658524][   T10] hid-generic 0000:0000:0000.0004: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  128.770581][ T7656] chnl_net:caif_netlink_parms(): no params data found
[  128.810769][ T7663] hid-generic 0000:0000:0000.0004: pid 7663 passed too short report
[  128.868328][ T7656] bridge0: port 1(bridge_slave_0) entered blocking state
[  128.871398][ T7656] bridge0: port 1(bridge_slave_0) entered disabled state
[  128.877354][ T7656] bridge_slave_0: entered allmulticast mode
[  128.881301][ T7656] bridge_slave_0: entered promiscuous mode
[  128.887521][ T7656] bridge0: port 2(bridge_slave_1) entered blocking state
[  128.890537][ T7656] bridge0: port 2(bridge_slave_1) entered disabled state
[  128.894242][ T7656] bridge_slave_1: entered allmulticast mode
[  128.898349][ T7656] bridge_slave_1: entered promiscuous mode
[  128.945128][ T7656] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  128.951637][ T7656] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  128.990122][ T7656] team0: Port device team_slave_0 added
[  128.995582][ T7656] team0: Port device team_slave_1 added
[  129.031510][ T7656] batman_adv: batadv0: Adding interface: batadv_slave_0
[  129.034603][ T7656] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  129.045046][ T7656] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  129.051061][ T7656] batman_adv: batadv0: Adding interface: batadv_slave_1
[  129.054063][ T7656] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  129.065249][ T7656] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  129.105132][ T7656] hsr_slave_0: entered promiscuous mode
[  129.107804][ T7656] hsr_slave_1: entered promiscuous mode
[  129.110694][ T7656] debugfs: 'hsr0' already exists in 'hsr'
[  129.113031][ T7656] Cannot create hsr debugfs directory
[  129.245352][ T7656] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  129.250443][ T7656] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  129.256823][ T7656] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  129.261094][ T7656] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  129.311691][ T7656] 8021q: adding VLAN 0 to HW filter on device bond0
[  129.326440][ T7656] 8021q: adding VLAN 0 to HW filter on device team0
[  129.331544][   T65] bridge0: port 1(bridge_slave_0) entered blocking state
[  129.334020][   T65] bridge0: port 1(bridge_slave_0) entered forwarding state
[  129.344342][   T65] bridge0: port 2(bridge_slave_1) entered blocking state
[  129.347043][   T65] bridge0: port 2(bridge_slave_1) entered forwarding state
[  129.393871][    T9] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  129.475637][ T7656] 8021q: adding VLAN 0 to HW filter on device batadv0
[  129.517449][ T7656] veth0_vlan: entered promiscuous mode
[  129.527855][ T7656] veth1_vlan: entered promiscuous mode
[  129.557844][    T9] usb 3-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.02
[  129.558565][ T7656] veth0_macvtap: entered promiscuous mode
[  129.561650][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  129.567536][    T9] usb 3-1: Product: syz
[  129.569317][    T9] usb 3-1: Manufacturer: syz
[  129.570956][    T9] usb 3-1: SerialNumber: syz
[  129.576356][ T7656] veth1_macvtap: entered promiscuous mode
[  129.576383][    T9] usb 3-1: config 0 descriptor??
[  129.591996][ T7656] batman_adv: batadv0: Interface activated: batadv_slave_0
[  129.604647][ T7656] batman_adv: batadv0: Interface activated: batadv_slave_1
[  129.611470][   T13] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  129.616450][   T13] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  129.629584][   T13] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  129.648641][   T13] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  129.669032][   T27] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  129.671590][   T27] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  129.692155][   T65] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  129.695343][   T65] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  129.788683][    T9] hso 3-1:0.0: Failed to find BULK IN ep
[  129.808454][ T7695] loop3: detected capacity change from 0 to 8192
[  129.814702][ T7695] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512).
[  129.827353][ T7695] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  129.832743][ T7695] ntfs3(loop3): Failed to load root (-22).
[  130.148385][ T7701] loop3: detected capacity change from 0 to 65536
[  130.159772][ T7701] XFS (loop3): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  130.187817][ T7701] XFS (loop3): Ending clean mount
[  130.213177][ T7701] XFS (loop3): Metadata CRC error detected at xfs_agf_read_verify+0x12f/0x1f0, xfs_agf block 0x1 
[  130.217510][ T7701] XFS (loop3): Unmount and run xfs_repair
[  130.219766][ T7701] XFS (loop3): First 128 bytes of corrupted metadata buffer:
[  130.222757][ T7701] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  130.226178][ T7701] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  130.229173][ T7701] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  130.232152][ T7701] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  130.235198][ T7701] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  130.238187][ T7701] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  130.241206][ T7701] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  130.244292][ T7701] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  130.247345][ T7701] XFS (loop3): metadata I/O error in "xfs_read_agf+0x281/0x5c0" at daddr 0x1 len 1 error 74
[  130.251015][ T7701] XFS (loop3): page discard on page ffffea0004620180, inode 0x26, pos 1024.
[  130.254444][ T7701] XFS (loop3): Metadata CRC error detected at xfs_agf_read_verify+0x12f/0x1f0, xfs_agf block 0x1 
[  130.258124][ T7701] XFS (loop3): Unmount and run xfs_repair
[  130.260138][ T7701] XFS (loop3): First 128 bytes of corrupted metadata buffer:
[  130.262583][ T7701] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  130.265840][ T7701] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  130.268959][ T7701] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  130.272371][ T7701] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  130.275541][ T7701] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  130.278338][ T7701] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  130.281166][ T7701] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  130.284126][ T7701] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  130.286957][ T7701] XFS (loop3): metadata I/O error in "xfs_read_agf+0x281/0x5c0" at daddr 0x1 len 1 error 74
[  130.290216][ T7701] XFS (loop3): page discard on page ffffea000460df00, inode 0x26, pos 4096.
[  130.294439][ T7701] XFS (loop3): Metadata CRC error detected at xfs_agf_read_verify+0x12f/0x1f0, xfs_agf block 0x1 
[  130.298138][ T7701] XFS (loop3): Unmount and run xfs_repair
[  130.299982][ T7701] XFS (loop3): First 128 bytes of corrupted metadata buffer:
[  130.302328][ T7701] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  130.305258][ T7701] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  130.308285][ T7701] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  130.311971][ T7701] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  130.314951][ T7701] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  130.318015][ T7701] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  130.321091][ T7701] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  130.324858][ T7701] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  130.328366][ T7701] XFS (loop3): metadata I/O error in "xfs_read_agf+0x281/0x5c0" at daddr 0x1 len 1 error 74
[  130.332395][ T7701] XFS (loop3): page discard on page ffffea00047d6e80, inode 0x26, pos 8192.
[  130.336034][ T7701] XFS (loop3): Metadata CRC error detected at xfs_agf_read_verify+0x12f/0x1f0, xfs_agf block 0x1 
[  130.340077][ T7701] XFS (loop3): Unmount and run xfs_repair
[  130.342307][ T7701] XFS (loop3): First 128 bytes of corrupted metadata buffer:
[  130.345180][ T7701] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  130.348446][ T7701] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  130.351783][ T7701] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  130.355139][ T7701] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  130.358223][ T7701] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  130.361175][ T7701] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  130.364331][ T7701] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  130.367765][ T7701] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  130.371233][ T7701] XFS (loop3): metadata I/O error in "xfs_read_agf+0x281/0x5c0" at daddr 0x1 len 1 error 74
[  130.375554][ T7701] XFS (loop3): page discard on page ffffea00047d6000, inode 0x26, pos 16384.
[  130.381386][ T5965] loop3: writeback error on inode 38, offset 0, sector 22
[  130.409019][   T32] XFS (loop3): Metadata CRC error detected at xfs_agf_read_verify+0x12f/0x1f0, xfs_agf block 0x1 
[  130.420521][   T32] XFS (loop3): Unmount and run xfs_repair
[  130.425329][   T32] XFS (loop3): First 128 bytes of corrupted metadata buffer:
[  130.428647][   T32] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  130.432547][   T32] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  130.442199][   T32] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  130.448188][   T32] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  130.452010][   T32] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  130.457479][   T32] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  130.461256][   T32] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  130.469602][   T32] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  130.475006][   T32] XFS (loop3): metadata I/O error in "xfs_read_agf+0x281/0x5c0" at daddr 0x1 len 1 error 74
[  130.479770][   T32] XFS (loop3): page discard on page ffffea00047d5200, inode 0x29, pos 0.
[  130.485893][   T32] XFS (loop3): Metadata CRC error detected at xfs_agf_read_verify+0x12f/0x1f0, xfs_agf block 0x1 
[  130.489846][   T32] XFS (loop3): Unmount and run xfs_repair
[  130.492405][   T32] XFS (loop3): First 128 bytes of corrupted metadata buffer:
[  130.496153][   T32] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  130.500176][   T32] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  130.504705][   T32] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  130.508315][   T32] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  130.512196][   T32] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  130.518003][   T32] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  130.521681][   T32] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  130.525719][   T32] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  130.529635][   T32] XFS (loop3): metadata I/O error in "xfs_read_agf+0x281/0x5c0" at daddr 0x1 len 1 error 74
[  130.534563][   T32] XFS (loop3): page discard on page ffffea00047d6100, inode 0x26, pos 32768.
[  130.540903][   T32] XFS (loop3): Metadata CRC error detected at xfs_agf_read_verify+0x12f/0x1f0, xfs_agf block 0x1 
[  130.545630][   T32] XFS (loop3): Unmount and run xfs_repair
[  130.547996][   T32] XFS (loop3): First 128 bytes of corrupted metadata buffer:
[  130.551295][   T32] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  130.555420][   T32] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  130.559221][   T32] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  130.563123][   T32] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  130.566925][   T32] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  130.570672][   T32] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  130.574884][   T32] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  130.578386][   T32] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  130.581580][   T32] XFS (loop3): metadata I/O error in "xfs_read_agf+0x281/0x5c0" at daddr 0x1 len 1 error 74
[  130.586865][   T32] XFS (loop3): page discard on page ffffea00047d5100, inode 0x29, pos 32768.
[  130.591231][   T32] XFS (loop3): Metadata CRC error detected at xfs_agf_read_verify+0x12f/0x1f0, xfs_agf block 0x1 
[  130.596193][ T5944] Bluetooth: hci0: command tx timeout
[  130.599506][   T32] XFS (loop3): Unmount and run xfs_repair
[  130.601935][   T32] XFS (loop3): First 128 bytes of corrupted metadata buffer:
[  130.605124][   T32] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  130.608429][   T32] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  130.611414][   T32] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  130.614990][   T32] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  130.618346][   T32] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  130.621183][   T32] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  130.624249][   T32] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  130.627129][   T32] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  130.630018][   T32] XFS (loop3): metadata I/O error in "xfs_read_agf+0x281/0x5c0" at daddr 0x1 len 1 error 74
[  130.633564][   T32] XFS (loop3): page discard on page ffffea00047d6e00, inode 0x29, pos 49152.
[  130.636774][   T32] XFS (loop3): Metadata CRC error detected at xfs_agf_read_verify+0x12f/0x1f0, xfs_agf block 0x1 
[  130.640533][   T32] XFS (loop3): Unmount and run xfs_repair
[  130.642447][   T32] XFS (loop3): First 128 bytes of corrupted metadata buffer:
[  130.645110][   T32] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  130.648468][   T32] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  130.651431][   T32] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  130.654467][   T32] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  130.657315][   T32] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  130.660136][   T32] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  130.662935][   T32] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  130.665788][   T32] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  130.668701][   T32] XFS (loop3): metadata I/O error in "xfs_read_agf+0x281/0x5c0" at daddr 0x1 len 1 error 74
[  130.672104][   T32] XFS (loop3): page discard on page ffffea0004627a00, inode 0x29, pos 57344.
[  130.675754][   T32] XFS (loop3): Metadata CRC error detected at xfs_agf_read_verify+0x12f/0x1f0, xfs_agf block 0x1 
[  130.679335][   T32] XFS (loop3): Unmount and run xfs_repair
[  130.681246][   T32] XFS (loop3): First 128 bytes of corrupted metadata buffer:
[  130.683759][   T32] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  130.686671][   T32] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  130.689435][   T32] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  130.692332][   T32] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  130.696060][   T32] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  130.699757][   T32] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  130.703148][   T32] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  130.706787][   T32] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  130.709829][   T32] XFS (loop3): metadata I/O error in "xfs_read_agf+0x281/0x5c0" at daddr 0x1 len 1 error 74
[  130.713224][   T32] XFS (loop3): page discard on page ffffea000466cbc0, inode 0x29, pos 61440.
[  130.716534][   T32] XFS (loop3): Metadata CRC error detected at xfs_agf_read_verify+0x12f/0x1f0, xfs_agf block 0x1 
[  130.720682][   T32] XFS (loop3): Unmount and run xfs_repair
[  130.722579][   T32] XFS (loop3): First 128 bytes of corrupted metadata buffer:
[  130.725219][   T32] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  130.728098][   T32] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  130.730990][   T32] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  130.733989][   T32] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  130.736911][   T32] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  130.739841][   T32] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  130.742950][   T32] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  130.746156][   T32] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  130.749954][   T32] XFS (loop3): Metadata CRC error detected at xfs_agf_read_verify+0x12f/0x1f0, xfs_agf block 0x1 
[  130.755618][   T32] XFS (loop3): Unmount and run xfs_repair
[  130.757898][   T32] XFS (loop3): First 128 bytes of corrupted metadata buffer:
[  130.760532][   T32] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  130.763726][   T32] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  130.766675][   T32] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  130.769583][   T32] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  130.772511][   T32] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  130.775527][   T32] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  130.778399][   T32] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  130.781362][   T32] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  130.784796][   T32] XFS (loop3): Metadata CRC error detected at xfs_agf_read_verify+0x12f/0x1f0, xfs_agf block 0x1 
[  130.788295][   T32] XFS (loop3): Unmount and run xfs_repair
[  130.790229][   T32] XFS (loop3): First 128 bytes of corrupted metadata buffer:
[  130.792683][   T32] 00000000: 58 41 47 46 00 00 00 01 00 00 00 00 00 00 40 00  XAGF..........@.
[  130.796075][   T32] 00000010: 00 00 00 02 00 00 00 03 00 00 00 00 00 00 00 01  ................
[  130.799793][   T32] 00000020: 00 00 00 01 00 00 00 00 00 00 00 01 00 00 00 04  ................
[  130.803528][   T32] 00000030: 00 00 00 04 00 00 3f ca 00 00 3f c7 00 00 00 00  ......?...?.....
[  130.807166][   T32] 00000040: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  130.810753][   T32] 00000050: 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 00  ................
[  130.814588][   T32] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  130.817700][   T32] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  130.828700][ T7656] XFS (loop3): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  130.836133][ T7656] XFS (loop3): Uncorrected metadata errors detected; please run xfs_repair.
[  131.101609][ T7719] loop3: detected capacity change from 0 to 16
[  131.110493][ T7719] erofs (device loop3): mounted with root inode @ nid 36.
[  131.393601][    T9] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  131.543511][    T9] usb 4-1: Using ep0 maxpacket: 32
[  131.547522][    T9] usb 4-1: config 0 has an invalid interface number: 61 but max is 1
[  131.551092][    T9] usb 4-1: config 0 has no interface number 1
[  131.557334][    T9] usb 4-1: New USB device found, idVendor=2058, idProduct=1005, bcdDevice=b5.f6
[  131.561274][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  131.566968][    T9] usb 4-1: Product: syz
[  131.568787][    T9] usb 4-1: Manufacturer: syz
[  131.570766][    T9] usb 4-1: SerialNumber: syz
[  131.575186][    T9] usb 4-1: config 0 descriptor??
[  131.694666][    T9] viperboard 4-1:0.61: version 0.00 found at bus 004 address 002
[  131.703196][    T9] viperboard-i2c viperboard-i2c.3.auto: error -EIO: failure setting i2c_bus_freq to 100
[  131.708286][    T9] viperboard-i2c viperboard-i2c.3.auto: probe with driver viperboard-i2c failed with error -5
[  131.719785][    T9] viperboard 4-1:0.0: version 0.00 found at bus 004 address 002
[  131.729440][    T9] viperboard-i2c viperboard-i2c.6.auto: error -EIO: failure setting i2c_bus_freq to 100
[  131.733525][    T9] viperboard-i2c viperboard-i2c.6.auto: probe with driver viperboard-i2c failed with error -5
[  131.782823][  T792] usb 4-1: USB disconnect, device number 2
[  132.036951][    T9] usb 3-1: USB disconnect, device number 11
[  132.415355][    T9] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  132.516066][ T1363] ieee802154 phy0 wpan0: encryption failed: -22
[  132.518787][ T1363] ieee802154 phy1 wpan1: encryption failed: -22
[  132.563865][    T9] usb 3-1: Using ep0 maxpacket: 16
[  132.574993][    T9] usb 3-1: config 0 has an invalid interface number: 49 but max is 0
[  132.578290][    T9] usb 3-1: config 0 has no interface number 0
[  132.580806][    T9] usb 3-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8A has invalid maxpacket 16
[  132.586118][    T9] usb 3-1: config 0 interface 49 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  132.590729][    T9] usb 3-1: config 0 interface 49 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  132.594445][    T9] usb 3-1: config 0 interface 49 altsetting 0 bulk endpoint 0x8F has invalid maxpacket 0
[  132.600489][    T9] usb 3-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=76.b7
[  132.603607][    T9] usb 3-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[  132.606222][    T9] usb 3-1: Product: syz
[  132.607695][    T9] usb 3-1: Manufacturer: syz
[  132.609449][    T9] usb 3-1: SerialNumber: syz
[  132.612597][    T9] usb 3-1: config 0 descriptor??
[  132.615434][ T7725] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  132.684888][ T5944] Bluetooth: hci0: command tx timeout
[  132.828817][    T9] usb 3-1: USB disconnect, device number 12
[  133.073464][  T792] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  133.245215][  T792] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  133.249779][  T792] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2
[  133.254135][  T792] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  133.262167][  T792] usb 4-1: New USB device found, idVendor=8086, idProduct=0b5b, bcdDevice=e1.c5
[  133.266388][  T792] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  133.269862][  T792] usb 4-1: Product: syz
[  133.271781][  T792] usb 4-1: Manufacturer: syz
[  133.273848][  T792] usb 4-1: SerialNumber: syz
[  133.278078][  T792] usb 4-1: config 0 descriptor??
[  133.376296][ T7747] loop2: detected capacity change from 0 to 256
[  133.386293][ T7747] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xf6dff195, utbl_chksum : 0xe619d30d)
[  133.493413][  T792] usb 4-1: Found UVC 34.00 device syz (8086:0b5b)
[  133.500420][  T792] usb 4-1: No valid video chain found.
[  133.507612][  T792] usb 4-1: USB disconnect, device number 3
[  133.537862][ T7753] Bluetooth: MGMT ver 1.23
[  134.246981][ T7767] GUP no longer grows the stack in syz.3.787 (7767): 200000005000-200000008000 (200000004000)
[  134.251386][ T7767] CPU: 1 UID: 0 PID: 7767 Comm: syz.3.787 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  134.251403][ T7767] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  134.251410][ T7767] Call Trace:
[  134.251415][ T7767]  <TASK>
[  134.251422][ T7767]  dump_stack_lvl+0x189/0x250
[  134.251441][ T7767]  ? __pfx_dump_stack_lvl+0x10/0x10
[  134.251454][ T7767]  ? __pfx__printk+0x10/0x10
[  134.251468][ T7767]  ? find_vma+0xe7/0x160
[  134.251491][ T7767]  fixup_user_fault+0x661/0x720
[  134.251509][ T7767]  fault_in_user_writeable+0x72/0xe0
[  134.251523][ T7767]  futex_lock_pi+0x773/0xa90
[  134.251543][ T7767]  ? __pfx_futex_lock_pi+0x10/0x10
[  134.251571][ T7767]  ? futex_private_hash_put+0x4b/0x280
[  134.251586][ T7767]  ? __pfx_futex_wake_mark+0x10/0x10
[  134.251604][ T7767]  ? __pfx_futex_wake+0x10/0x10
[  134.251617][ T7767]  ? userfaultfd_unmap_complete+0x278/0x2d0
[  134.251664][ T7767]  ? __pfx_userfaultfd_unmap_complete+0x10/0x10
[  134.251685][ T7767]  do_futex+0x292/0x420
[  134.251702][ T7767]  ? __pfx_do_futex+0x10/0x10
[  134.251717][ T7767]  ? __vm_munmap+0x301/0x3d0
[  134.251735][ T7767]  __se_sys_futex+0x36f/0x400
[  134.251753][ T7767]  ? __pfx___se_sys_futex+0x10/0x10
[  134.251768][ T7767]  ? rcu_is_watching+0x15/0xb0
[  134.251783][ T7767]  ? __x64_sys_futex+0x21/0xf0
[  134.251799][ T7767]  do_syscall_64+0xfa/0x3b0
[  134.251812][ T7767]  ? lockdep_hardirqs_on+0x9c/0x150
[  134.251824][ T7767]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  134.251834][ T7767]  ? exc_page_fault+0x9f/0xf0
[  134.251848][ T7767]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  134.251857][ T7767] RIP: 0033:0x7fed0178ebe9
[  134.251867][ T7767] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  134.251876][ T7767] RSP: 002b:00007fed025ed038 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  134.251889][ T7767] RAX: ffffffffffffffda RBX: 00007fed019b5fa0 RCX: 00007fed0178ebe9
[  134.251897][ T7767] RDX: 00000000fffffffd RSI: 000000000000008d RDI: 0000200000004000
[  134.251903][ T7767] RBP: 00007fed01811e19 R08: 0000000000000000 R09: 0000000000000000
[  134.251910][ T7767] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  134.251916][ T7767] R13: 00007fed019b6038 R14: 00007fed019b5fa0 R15: 00007fff633d9568
[  134.251933][ T7767]  </TASK>
[  134.590178][ T7774] loop2: detected capacity change from 0 to 2048
[  134.701204][ T7774]  loop2: p1 < > p3
[  134.703415][ T7774] loop2: partition table partially beyond EOD, truncated
[  134.773430][ T5944] Bluetooth: hci0: command tx timeout
[  134.781573][ T7774] loop2: p3 start 4278190081 is beyond EOD, truncated
[  135.203440][ T6203] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  135.312484][ T7780] loop3: detected capacity change from 0 to 256
[  135.322020][ T7780] MINIX-fs: mounting file system with errors, running fsck is recommended
[  135.373542][ T6203] usb 3-1: Using ep0 maxpacket: 16
[  135.377432][ T6203] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  135.381479][ T6203] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  135.391846][ T6203] usb 3-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  135.399028][ T6203] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  135.402264][ T6203] usb 3-1: Product: syz
[  135.408026][ T6203] usb 3-1: Manufacturer: syz
[  135.409914][ T6203] usb 3-1: SerialNumber: syz
[  135.414471][ T6203] usb 3-1: config 0 descriptor??
[  135.641001][ T5965] usb 3-1: USB disconnect, device number 13
[  136.843774][ T5944] Bluetooth: hci0: command tx timeout
[  136.892137][ T7807] loop3: detected capacity change from 0 to 32768
[  136.962898][ T7807] XFS (loop3): DAX unsupported by block device. Turning off DAX.
[  136.969595][ T7807] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  137.020763][ T7807] XFS (loop3): Ending clean mount
[  137.047411][ T7807] XFS (loop3): Quotacheck needed: Please wait.
[  137.109580][ T7807] XFS (loop3): Quotacheck: Done.
[  137.245254][ T7656] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  138.379552][ T7848] netlink: 108 bytes leftover after parsing attributes in process `syz.2.819'.
[  138.386884][ T7848] netlink: 108 bytes leftover after parsing attributes in process `syz.2.819'.
[  138.390988][ T7848] netlink: 48 bytes leftover after parsing attributes in process `syz.2.819'.
[  138.400782][ T7848] netlink: 108 bytes leftover after parsing attributes in process `syz.2.819'.
[  138.405069][ T7848] netlink: 108 bytes leftover after parsing attributes in process `syz.2.819'.
[  138.408952][ T7848] netlink: 48 bytes leftover after parsing attributes in process `syz.2.819'.
[  138.413119][ T7848] Zero length message leads to an empty skb
[  138.416439][ T7847] loop3: detected capacity change from 0 to 2048
[  138.445070][ T7847] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  138.460904][ T7847] EXT4-fs (loop3): shut down requested (2)
[  138.465591][ T7853] netlink: 4 bytes leftover after parsing attributes in process `syz.2.820'.
[  138.507599][ T7656] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.633642][ T7861] loop3: detected capacity change from 0 to 2048
[  138.639516][ T7861] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  138.646984][ T7861] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4
[  138.655924][ T7861] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  138.668543][ T5939] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  138.674852][ T5939] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  138.678855][ T5939] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  138.689531][ T5939] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  138.695053][ T5939] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  138.869365][ T7862] chnl_net:caif_netlink_parms(): no params data found
[  138.886491][ T7876] loop3: detected capacity change from 0 to 512
[  138.895064][ T7876] EXT4-fs (loop3): orphan cleanup on readonly fs
[  138.899300][ T7876] EXT4-fs error (device loop3): ext4_iget_extra_inode:5104: inode #15: comm syz.3.829: corrupted in-inode xattr: overlapping e_value 
[  138.908317][ T7876] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.829: couldn't read orphan inode 15 (err -117)
[  138.916841][ T7876] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  138.936955][ T7862] bridge0: port 1(bridge_slave_0) entered blocking state
[  138.939420][ T7862] bridge0: port 1(bridge_slave_0) entered disabled state
[  138.942178][ T7862] bridge_slave_0: entered allmulticast mode
[  138.943845][ T7656] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  138.946879][ T7862] bridge_slave_0: entered promiscuous mode
[  138.959640][ T7862] bridge0: port 2(bridge_slave_1) entered blocking state
[  138.962026][ T7862] bridge0: port 2(bridge_slave_1) entered disabled state
[  138.968210][ T7862] bridge_slave_1: entered allmulticast mode
[  138.971105][ T7862] bridge_slave_1: entered promiscuous mode
[  138.995220][ T7862] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  139.000056][ T7862] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  139.028555][ T7862] team0: Port device team_slave_0 added
[  139.032149][ T7862] team0: Port device team_slave_1 added
[  139.057698][ T7862] batman_adv: batadv0: Adding interface: batadv_slave_0
[  139.060007][ T7862] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  139.070287][ T7862] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  139.078949][ T7862] batman_adv: batadv0: Adding interface: batadv_slave_1
[  139.081860][ T7862] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  139.094259][ T7862] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  139.129684][ T7862] hsr_slave_0: entered promiscuous mode
[  139.132076][ T7862] hsr_slave_1: entered promiscuous mode
[  139.135713][ T7862] debugfs: 'hsr0' already exists in 'hsr'
[  139.137853][ T7862] Cannot create hsr debugfs directory
[  139.468450][ T7862] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  139.485834][ T7862] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  139.494429][ T7862] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  139.506362][ T7862] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  139.518443][ T7889] loop2: detected capacity change from 0 to 2048
[  139.551367][ T7862] bridge0: port 2(bridge_slave_1) entered blocking state
[  139.554579][ T7889] NILFS (loop2): ifile inode (checkpoint number=2) corrupted
[  139.555475][ T7862] bridge0: port 2(bridge_slave_1) entered forwarding state
[  139.559924][ T7889] NILFS (loop2): error -5 while loading last checkpoint (checkpoint number=2)
[  139.562412][ T7862] bridge0: port 1(bridge_slave_0) entered blocking state
[  139.568159][ T7862] bridge0: port 1(bridge_slave_0) entered forwarding state
[  139.623109][ T7862] 8021q: adding VLAN 0 to HW filter on device bond0
[  139.637083][   T27] bridge0: port 1(bridge_slave_0) entered disabled state
[  139.640336][   T27] bridge0: port 2(bridge_slave_1) entered disabled state
[  139.652923][ T7862] 8021q: adding VLAN 0 to HW filter on device team0
[  139.662087][   T27] bridge0: port 1(bridge_slave_0) entered blocking state
[  139.664790][   T27] bridge0: port 1(bridge_slave_0) entered forwarding state
[  139.673838][   T27] bridge0: port 2(bridge_slave_1) entered blocking state
[  139.676451][   T27] bridge0: port 2(bridge_slave_1) entered forwarding state
[  139.848848][ T7862] 8021q: adding VLAN 0 to HW filter on device batadv0
[  140.095690][ T7862] veth0_vlan: entered promiscuous mode
[  140.108517][ T7862] veth1_vlan: entered promiscuous mode
[  140.111438][ T7919] netlink: 4 bytes leftover after parsing attributes in process `syz.3.837'.
[  140.116658][ T7919] veth1_macvtap: left promiscuous mode
[  140.150207][ T7862] veth0_macvtap: entered promiscuous mode
[  140.159142][ T7862] veth1_macvtap: entered promiscuous mode
[  140.169190][ T7862] batman_adv: batadv0: Interface activated: batadv_slave_0
[  140.182470][ T7862] batman_adv: batadv0: Interface activated: batadv_slave_1
[  140.199846][ T5964] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  140.210483][ T5964] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  140.233218][ T5964] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  140.257468][ T5964] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  140.310551][ T1091] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  140.319330][ T1091] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  140.350103][   T32] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  140.356434][   T32] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  140.409325][ T7930] loop3: detected capacity change from 0 to 1024
[  140.420716][ T7930] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  140.462637][ T7656] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.633811][ T7943] block nbd1: server does not support multiple connections per device.
[  140.645997][ T7943] block nbd1: shutting down sockets
[  140.754812][ T5939] Bluetooth: hci3: command tx timeout
[  140.820683][ T7948] netlink: 52 bytes leftover after parsing attributes in process `syz.2.848'.
[  140.849871][ T7948] unsupported nlmsg_type 40
[  140.980322][ T7955] loop2: detected capacity change from 0 to 764
[  140.998996][ T7955] rock: directory entry would overflow storage
[  141.001981][ T7955] rock: sig=0x4654, size=5, remaining=4
[  141.970460][ T7976] netlink: 28 bytes leftover after parsing attributes in process `syz.4.860'.
[  142.190383][ T7992] loop2: detected capacity change from 0 to 4096
[  142.210941][ T7992] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  142.267321][ T5941] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  142.683183][ T7996] loop4: detected capacity change from 0 to 32768
[  142.722080][ T7996] ocfs2: Mounting device (7,4) on (node local, slot 0) with writeback data mode.
[  142.833821][ T5939] Bluetooth: hci3: command tx timeout
[  142.975566][ T7862] ocfs2: Unmounting device (7,4) on (node local)
[  143.764840][ T8025] __nla_validate_parse: 4 callbacks suppressed
[  143.764857][ T8025] netlink: 72 bytes leftover after parsing attributes in process `syz.4.880'.
[  143.769826][ T8025] netlink: 20 bytes leftover after parsing attributes in process `syz.4.880'.
[  144.483568][  T792] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  144.593036][ T8033] loop2: detected capacity change from 0 to 32768
[  144.622504][ T8033] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  144.663702][  T792] usb 4-1: Using ep0 maxpacket: 16
[  144.684450][  T792] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  144.689005][  T792] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  144.691605][ T8033] XFS (loop2): Ending clean mount
[  144.696609][  T792] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  144.700889][  T792] usb 4-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  144.705895][  T792] usb 4-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  144.707268][ T8033] XFS (loop2): Quotacheck needed: Please wait.
[  144.712842][  T792] usb 4-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  144.718213][  T792] usb 4-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  144.721787][  T792] usb 4-1: Manufacturer: syz
[  144.745137][ T8033] XFS (loop2): Quotacheck: Done.
[  144.745789][  T792] usb 4-1: config 0 descriptor??
[  144.866491][ T5941] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  144.913616][ T5939] Bluetooth: hci3: command tx timeout
[  145.124441][  T792] rc_core: IR keymap rc-hauppauge not found
[  145.127660][  T792] Registered IR keymap rc-empty
[  145.136364][  T792] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  145.153824][  T792] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  145.186226][  T792] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0
[  145.200831][  T792] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input9
[  145.230844][  T792] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  145.284711][  T792] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  145.310655][  T792] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  145.325323][  T792] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  145.358766][  T792] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  145.360344][ T8057] loop4: detected capacity change from 0 to 4096
[  145.373558][  T792] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  145.381709][ T8057] NILFS (loop4): invalid segment: Checksum error in segment payload
[  145.385606][ T8057] NILFS (loop4): trying rollback from an earlier position
[  145.394046][  T792] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  145.409255][ T8057] NILFS (loop4): recovery complete
[  145.416543][ T8060] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  145.423549][  T792] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  145.446069][  T792] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  145.464927][  T792] mceusb 4-1:0.0: Error: mce write submit urb error = -90
[  145.504360][  T792] mceusb 4-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  145.510542][  T792] mceusb 4-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  145.519646][  T792] usb 4-1: USB disconnect, device number 4
[  145.811930][ T8076] loop4: detected capacity change from 0 to 256
[  146.106911][    T9] IPVS: starting estimator thread 0...
[  146.214958][ T8079] IPVS: using max 79 ests per chain, 189600 per kthread
[  146.473396][ T5965] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  146.644956][ T5965] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 253, changing to 11
[  146.649732][ T5965] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  146.660902][ T5965] usb 4-1: New USB device found, idVendor=145f, idProduct=0212, bcdDevice= 0.00
[  146.673493][ T5965] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  146.686791][ T5965] usb 4-1: config 0 descriptor??
[  146.993479][ T5944] Bluetooth: hci3: command tx timeout
[  147.105822][ T5965] uclogic 0003:145F:0212.0005: interface is invalid, ignoring
[  147.228464][ T8100] netlink: 'syz.2.909': attribute type 322 has an invalid length.
[  147.309002][   T24] usb 4-1: USB disconnect, device number 5
[  147.386621][ T8108] x_tables: (null)_tables: SNAT target: only valid in nat table, not syz0
[  147.847469][ T8117] loop3: detected capacity change from 0 to 256
[  147.855670][ T8117] exFAT-fs (loop3): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  147.866377][ T8117] exFAT-fs (loop3): error, data size is invalid(10)
[  147.869369][ T8117] exFAT-fs (loop3): Filesystem has been set read-only
[  147.872412][ T8117] exFAT-fs (loop3): error, data size is invalid(10)
[  147.932301][ T8121] loop3: detected capacity change from 0 to 16
[  147.938343][ T8121] erofs (device loop3): mounted with root inode @ nid 36.
[  148.616569][ T8139] loop2: detected capacity change from 0 to 4096
[  148.619744][ T8139] ntfs3(loop2): Different NTFS sector size (4096) and media sector size (512).
[  148.638989][ T8139] ntfs3(loop2): ino=19, mi_enum_attr
[  148.642980][ T8139] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  148.758026][ T8145] openvswitch: netlink: Geneve opt len 62 is not a multiple of 4.
[  148.935327][ T8159] loop3: detected capacity change from 0 to 2048
[  148.949876][   T33] audit: type=1800 audit(1755105593.846:25): pid=8159 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.937" name="file1" dev="loop3" ino=1346 res=0 errno=0
[  148.968286][   T33] audit: type=1800 audit(1755105593.846:26): pid=8159 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.937" name="file1" dev="loop3" ino=1346 res=0 errno=0
[  149.057687][ T8166] loop2: detected capacity change from 0 to 1024
[  149.073736][ T5944] Bluetooth: hci3: command 0x0405 tx timeout
[  149.128477][  T981] hfsplus: b-tree write err: -5, ino 4
[  149.166080][ T8153] loop4: detected capacity change from 0 to 32768
[  149.194853][ T8153] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  149.260372][ T8180] loop2: detected capacity change from 0 to 512
[  149.264939][ T8153] XFS (loop4): Ending clean mount
[  149.277683][ T8180] EXT4-fs error (device loop2): ext4_get_branch:178: inode #11: block 4294967295: comm syz.2.943: invalid block
[  149.285645][ T8153] XFS (loop4): Quotacheck needed: Please wait.
[  149.287404][ T8180] EXT4-fs (loop2): Remounting filesystem read-only
[  149.291949][ T8180] EXT4-fs (loop2): 2 truncates cleaned up
[  149.297255][ T8180] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  149.341213][ T8153] XFS (loop4): Quotacheck: Done.
[  149.388442][ T5941] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  149.462208][ T7862] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  149.680588][ T8202] loop4: detected capacity change from 0 to 1024
[  149.699264][ T8205] loop3: detected capacity change from 0 to 128
[  149.712392][ T8202] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  149.712733][ T8205] FAT-fs (loop3): Directory bread(block 32) failed
[  149.720451][ T8205] FAT-fs (loop3): Directory bread(block 33) failed
[  149.722495][ T8202] ext4 filesystem being mounted at /27/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  149.726728][ T8205] FAT-fs (loop3): Directory bread(block 34) failed
[  149.726758][ T8205] FAT-fs (loop3): Directory bread(block 35) failed
[  149.726835][ T8205] FAT-fs (loop3): Directory bread(block 36) failed
[  149.742151][ T8202] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.952: bg 0: block 480: padding at end of block bitmap is not set
[  149.743519][ T8205] FAT-fs (loop3): Directory bread(block 37) failed
[  149.750804][ T8205] FAT-fs (loop3): Directory bread(block 38) failed
[  149.753025][ T8202] EXT4-fs (loop4): Remounting filesystem read-only
[  149.753925][ T8205] FAT-fs (loop3): Directory bread(block 39) failed
[  149.757800][   T36] EXT4-fs warning (device loop4): ext4_convert_unwritten_extents:4984: inode #15: block 1: len 3: ext4_ext_map_blocks returned -30
[  149.758729][ T8205] FAT-fs (loop3): Directory bread(block 40) failed
[  149.774904][ T8205] FAT-fs (loop3): Directory bread(block 41) failed
[  149.782579][ T7862] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  149.782691][ T8210] netlink: 'syz.2.955': attribute type 10 has an invalid length.
[  149.829892][ T8210] team0: Port device syz_tun added
[  149.833882][ T8205] syz.3.953: attempt to access beyond end of device
[  149.833882][ T8205] loop3: rw=0, sector=4108, nr_sectors = 4 limit=128
[  149.844525][ T8205] FAT-fs (loop3): Filesystem has been set read-only
[  149.851424][ T8205] FAT-fs (loop3): error, fat_free_clusters: deleting FAT entry beyond EOF
[  149.873938][ T8205] FAT-fs (loop3): error, corrupted directory (invalid entries)
[  149.978627][ T8218] loop2: detected capacity change from 0 to 512
[  149.996220][ T8218] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  150.000599][ T8218] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  150.005999][ T8218] EXT4-fs (loop2): group descriptors corrupted!
[  150.208751][ T8222] loop4: detected capacity change from 0 to 32768
[  150.211894][ T8222] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.961 (8222)
[  150.262873][ T8222] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  150.266623][ T8222] BTRFS info (device loop4): using crc32c (crc32c-lib) checksum algorithm
[  150.269669][ T8222] BTRFS info (device loop4): disk space caching is enabled
[  150.273057][ T8222] BTRFS warning (device loop4): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  150.665502][ T8222] BTRFS info (device loop4): rebuilding free space tree
[  150.711255][ T8222] BTRFS info (device loop4): disabling free space tree
[  150.714591][ T8222] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  150.719191][ T8222] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  150.840410][ T7862] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  150.897724][ T8253] netlink: 20 bytes leftover after parsing attributes in process `syz.2.969'.
[  151.108918][ T8258] loop4: detected capacity change from 0 to 1024
[  151.113378][ T8258] EXT4-fs: inline encryption not supported
[  151.115996][ T8258] EXT4-fs: Ignoring removed i_version option
[  151.120285][ T8258] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  151.140229][ T8258] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 2: comm syz.4.968: lblock 2 mapped to illegal pblock 2 (length 1)
[  151.148074][ T8258] Quota error (device loop4): qtree_write_dquot: dquota write failed
[  151.151638][ T8258] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 48: comm syz.4.968: lblock 0 mapped to illegal pblock 48 (length 1)
[  151.157844][ T8258] Quota error (device loop4): v2_write_file_info: Can't write info structure
[  151.163566][ T8258] EXT4-fs error (device loop4): ext4_acquire_dquot:6933: comm syz.4.968: Failed to acquire dquot type 0
[  151.168827][ T8258] EXT4-fs error (device loop4) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  151.176322][ T8258] EXT4-fs error (device loop4): ext4_evict_inode:254: inode #11: comm syz.4.968: mark_inode_dirty error
[  151.182392][ T8258] EXT4-fs warning (device loop4): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  151.189652][ T8258] EXT4-fs (loop4): 1 orphan inode deleted
[  151.193811][ T8258] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  151.203575][   T32] EXT4-fs error (device loop4): ext4_map_blocks:778: inode #3: block 1: comm kworker/u9:1: lblock 1 mapped to illegal pblock 1 (length 1)
[  151.214692][ T8258] EXT4-fs (loop4): shut down requested (1)
[  151.217028][   T32] Quota error (device loop4): remove_tree: Can't read quota data block 1
[  151.249439][ T7862] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  151.400901][ T8271] loop3: detected capacity change from 0 to 64
[  151.406832][ T8271] MINIX-fs: bad superblock
[  151.474831][ T8275] netlink: 'syz.3.977': attribute type 4 has an invalid length.
[  151.490837][ T8275] netlink: 'syz.3.977': attribute type 4 has an invalid length.
[  151.575990][ T8281] loop4: detected capacity change from 0 to 1024
[  151.588528][ T8281] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  151.639993][ T8285] loop3: detected capacity change from 0 to 512
[  151.656698][   T33] audit: type=1804 audit(1755105596.556:27): pid=8286 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.979" name="/newroot/36/file0/bus" dev="loop4" ino=840 res=1 errno=0
[  151.672621][ T8285] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  151.678612][ T8285] ext4 filesystem being mounted at /97/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  151.732872][ T7656] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  151.910416][ T8303] bridge_slave_1: left promiscuous mode
[  151.913006][ T8303] bridge0: port 2(bridge_slave_1) entered disabled state
[  152.131621][   T33] audit: type=1326 audit(1755105597.026:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8291 comm="syz.4.985" exe="/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f13f038ebe9 code=0x0
[  152.210860][ T8303] A link change request failed with some changes committed already. Interface bridge_slave_1 may have been left with an inconsistent configuration, please check.
[  152.334836][ T8309] loop3: detected capacity change from 0 to 8
[  152.349676][ T8309] SQUASHFS error: zlib decompression failed, data probably corrupt
[  152.360616][ T8309] SQUASHFS error: Failed to read block 0x9b: -5
[  152.364173][ T8309] SQUASHFS error: Unable to read metadata cache entry [99]
[  152.367432][ T8309] SQUASHFS error: Unable to read inode 0x127
[  152.402739][ T8311] TCP: request_sock_TCPv6: Possible SYN flooding on port [::]:20002. Sending cookies.
[  152.469472][ T8315] loop3: detected capacity change from 0 to 512
[  152.488587][ T8315] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  152.492671][ T8315] ext4 filesystem being mounted at /106/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  152.501589][ T8315] EXT4-fs error (device loop3): ext4_xattr_block_find:1869: inode #15: comm syz.3.994: corrupted xattr block 19: overlapping e_value 
[  152.506360][ T8315] EXT4-fs (loop3): Remounting filesystem read-only
[  152.521062][ T7656] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  152.882628][ T8325] loop4: detected capacity change from 0 to 32768
[  152.902285][ T8340] loop3: detected capacity change from 0 to 1024
[  152.916095][ T8340] EXT4-fs: Ignoring removed bh option
[  152.918052][ T8340] EXT4-fs: inline encryption not supported
[  152.920704][ T8340] EXT4-fs (loop3): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  152.947111][ T8340] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 2: comm syz.3.1004: lblock 2 mapped to illegal pblock 2 (length 1)
[  152.954676][ T8340] Quota error (device loop3): qtree_write_dquot: dquota write failed
[  152.958399][ T8340] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 48: comm syz.3.1004: lblock 0 mapped to illegal pblock 48 (length 1)
[  152.967520][ T8340] Quota error (device loop3): v2_write_file_info: Can't write info structure
[  152.971461][ T8340] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.1004: Failed to acquire dquot type 0
[  152.977413][ T8340] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  152.987399][ T8340] EXT4-fs error (device loop3): ext4_evict_inode:254: inode #11: comm syz.3.1004: mark_inode_dirty error
[  152.992755][ T8340] EXT4-fs warning (device loop3): ext4_evict_inode:257: couldn't mark inode dirty (err -117)
[  153.000199][ T8340] EXT4-fs (loop3): 1 orphan inode deleted
[  153.006197][ T8340] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  153.014340][   T27] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 1: comm kworker/u10:0: lblock 1 mapped to illegal pblock 1 (length 1)
[  153.026149][ T8325] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,str_hash=crc32c,noacl,usrquota,grpquota,nojournal_transaction_names,allocator_stuck_timeout=256
[  153.026163][ T8325]   allowing incompatible features above 0.0: (unknown version)
[  153.026168][ T8325]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  153.027947][   T27] Quota error (device loop3): remove_tree: Can't read quota data block 1
[  153.051402][ T8340] EXT4-fs error (device loop3): __ext4_get_inode_loc:4861: comm syz.3.1004: Invalid inode table block 1 in block_group 0
[  153.057757][   T27] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u10:0: Failed to release dquot type 0
[  153.064030][ T8354] loop2: detected capacity change from 0 to 1024
[  153.067448][ T8340] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  153.078514][ T8325] bcachefs (loop4): Using encoding defined by superblock: utf8-12.1.0
[  153.082057][ T8325] bcachefs (loop4): initializing new filesystem
[  153.092161][ T7656] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  153.104598][ T1091] EXT4-fs error (device loop3): ext4_map_blocks:778: inode #3: block 1: comm kworker/u9:5: lblock 1 mapped to illegal pblock 1 (length 1)
[  153.111382][ T1091] EXT4-fs error (device loop3): ext4_release_dquot:6969: comm kworker/u9:5: Failed to release dquot type 0
[  153.114217][ T8325] bcachefs (loop4): going read-write
[  153.121337][ T7656] EXT4-fs error (device loop3): __ext4_get_inode_loc:4861: comm syz-executor: Invalid inode table block 1 in block_group 0
[  153.129811][ T7656] EXT4-fs error (device loop3) in ext4_reserve_inode_write:6334: Corrupt filesystem
[  153.138665][ T7656] EXT4-fs error (device loop3): ext4_quota_off:7217: inode #3: comm syz-executor: mark_inode_dirty error
[  153.143801][ T8325] bcachefs (loop4): marking superblocks
[  153.171003][  T792] kernel write not supported for file /amidi2 (pid: 792 comm: kworker/1:2)
[  153.208552][ T8325] bcachefs (loop4): initializing freespace
[  153.217561][ T8362] loop3: detected capacity change from 0 to 2048
[  153.220470][ T8325] bcachefs (loop4): done initializing freespace
[  153.222707][ T8362] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  153.227992][ T8325] bcachefs (loop4): reading snapshots table
[  153.230550][ T8325] bcachefs (loop4): reading snapshots done
[  153.273627][ T8325] bcachefs (loop4): done starting filesystem
[  153.334874][ T8325] syz.4.998 (8325) used greatest stack depth: 16584 bytes left
[  153.364989][ T7862] bcachefs (loop4): shutting down
[  153.367440][ T7862] bcachefs (loop4): going read-only
[  153.370173][ T7862] bcachefs (loop4): finished waiting for writes to stop
[  153.449181][ T7862] bcachefs (loop4): flushing journal and stopping allocators, journal seq 2
[  153.706365][ T8368] loop3: detected capacity change from 0 to 40427
[  153.711717][ T8368] F2FS-fs (loop3): Wrong SSA boundary, start(3584) end(4096) blocks(0)
[  153.715808][ T8368] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  153.719717][ T8368] F2FS-fs (loop3): build fault injection type: 0x6
[  153.725506][ T8368] F2FS-fs (loop3): invalid crc value
[  153.734366][ T7862] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 3
[  153.740823][ T7862] bcachefs (loop4): clean shutdown complete, journal seq 4
[  153.744695][ T7862] bcachefs (loop4): marking filesystem clean
[  153.767670][ T7862] bcachefs (loop4): shutdown complete
[  153.786821][ T8368] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  153.791242][ T8368] F2FS-fs (loop3): Start checkpoint disabled!
[  153.796089][ T8368] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  153.799119][ T8368] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  154.927475][   T25] block nbd0: Possible stuck request ffff8880223a0000: control (read@0,1024B). Runtime 60 seconds
[  154.932213][   T25] block nbd0: Possible stuck request ffff8880223a0200: control (read@1024,1024B). Runtime 60 seconds
[  154.937212][   T25] block nbd0: Possible stuck request ffff8880223a0400: control (read@2048,1024B). Runtime 60 seconds
[  154.941776][   T25] block nbd0: Possible stuck request ffff8880223a0600: control (read@3072,1024B). Runtime 60 seconds
[  155.275486][ T8382] netlink: 144 bytes leftover after parsing attributes in process `syz.4.1018'.
[  155.296774][ T8376] loop2: detected capacity change from 0 to 32768
[  155.305028][ T8376] ocfs2: Slot 0 on device (7,2) was already allocated to this node!
[  155.315883][ T8376] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  155.391072][ T5941] ocfs2: Unmounting device (7,2) on (node local)
[  155.511128][ T8400] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1025'.
[  155.515840][ T8400] ==================================================================
[  155.519095][ T8400] BUG: KASAN: slab-use-after-free in xfrm_alloc_spi+0x570/0xf30
[  155.522411][ T8400] Read of size 4 at addr ffff888024320544 by task syz.2.1025/8400
[  155.526251][ T8400] 
[  155.527363][ T8400] CPU: 0 UID: 0 PID: 8400 Comm: syz.2.1025 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  155.527382][ T8400] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  155.527390][ T8400] Call Trace:
[  155.527397][ T8400]  <TASK>
[  155.527403][ T8400]  dump_stack_lvl+0x189/0x250
[  155.527425][ T8400]  ? __kasan_check_byte+0x12/0x40
[  155.527447][ T8400]  ? __pfx_dump_stack_lvl+0x10/0x10
[  155.527461][ T8400]  ? lock_release+0x4b/0x3e0
[  155.527480][ T8400]  ? __virt_addr_valid+0x4a5/0x5c0
[  155.527495][ T8400]  print_report+0xca/0x240
[  155.527538][ T8400]  ? xfrm_alloc_spi+0x570/0xf30
[  155.527560][ T8400]  kasan_report+0x118/0x150
[  155.527577][ T8400]  ? xfrm_alloc_spi+0x570/0xf30
[  155.527595][ T8400]  xfrm_alloc_spi+0x570/0xf30
[  155.527611][ T8400]  ? xfrm_alloc_spi+0x2a0/0xf30
[  155.527631][ T8400]  ? __pfx_xfrm_alloc_spi+0x10/0x10
[  155.527645][ T8400]  ? xfrm_find_acq+0x87/0xa0
[  155.527659][ T8400]  xfrm_alloc_userspi+0x70b/0xc90
[  155.527674][ T8400]  ? apparmor_capable+0x137/0x1b0
[  155.527688][ T8400]  ? __pfx_xfrm_alloc_userspi+0x10/0x10
[  155.527700][ T8400]  ? __nla_parse+0x40/0x60
[  155.527717][ T8400]  xfrm_user_rcv_msg+0x7a3/0xab0
[  155.527729][ T8400]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  155.527750][ T8400]  ? __pfx___mutex_trylock_common+0x10/0x10
[  155.527766][ T8400]  ? rcu_is_watching+0x15/0xb0
[  155.527778][ T8400]  ? trace_contention_end+0x39/0x120
[  155.527792][ T8400]  ? __mutex_lock+0x335/0x1360
[  155.527809][ T8400]  netlink_rcv_skb+0x208/0x470
[  155.527824][ T8400]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  155.527834][ T8400]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  155.527853][ T8400]  ? netlink_deliver_tap+0x2e/0x1b0
[  155.527866][ T8400]  ? netlink_deliver_tap+0x2e/0x1b0
[  155.527879][ T8400]  xfrm_netlink_rcv+0x79/0x90
[  155.527889][ T8400]  netlink_unicast+0x82f/0x9e0
[  155.527902][ T8400]  ? __pfx_netlink_unicast+0x10/0x10
[  155.527915][ T8400]  ? netlink_sendmsg+0x642/0xb30
[  155.527927][ T8400]  ? skb_put+0x11b/0x210
[  155.527942][ T8400]  netlink_sendmsg+0x805/0xb30
[  155.527956][ T8400]  ? __pfx_netlink_sendmsg+0x10/0x10
[  155.527970][ T8400]  ? aa_sock_msg_perm+0xf1/0x1d0
[  155.527986][ T8400]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  155.528000][ T8400]  ? __pfx_netlink_sendmsg+0x10/0x10
[  155.528016][ T8400]  __sock_sendmsg+0x21c/0x270
[  155.528030][ T8400]  ____sys_sendmsg+0x505/0x830
[  155.528047][ T8400]  ? __pfx_____sys_sendmsg+0x10/0x10
[  155.528064][ T8400]  ? import_iovec+0x74/0xa0
[  155.528078][ T8400]  ___sys_sendmsg+0x21f/0x2a0
[  155.528097][ T8400]  ? __pfx____sys_sendmsg+0x10/0x10
[  155.528122][ T8400]  ? __fget_files+0x2a/0x420
[  155.528137][ T8400]  ? __fget_files+0x3a0/0x420
[  155.528157][ T8400]  __x64_sys_sendmsg+0x19b/0x260
[  155.528172][ T8400]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  155.528191][ T8400]  ? rcu_is_watching+0x15/0xb0
[  155.528204][ T8400]  ? do_syscall_64+0xbe/0x3b0
[  155.528219][ T8400]  do_syscall_64+0xfa/0x3b0
[  155.528233][ T8400]  ? lockdep_hardirqs_on+0x9c/0x150
[  155.528246][ T8400]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.528259][ T8400]  ? exc_page_fault+0x9f/0xf0
[  155.528273][ T8400]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.528283][ T8400] RIP: 0033:0x7f7b62f8ebe9
[  155.528295][ T8400] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  155.528306][ T8400] RSP: 002b:00007f7b63e49038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  155.528321][ T8400] RAX: ffffffffffffffda RBX: 00007f7b631b5fa0 RCX: 00007f7b62f8ebe9
[  155.528331][ T8400] RDX: 0000000020004808 RSI: 0000200000001580 RDI: 0000000000000003
[  155.528341][ T8400] RBP: 00007f7b63011e19 R08: 0000000000000000 R09: 0000000000000000
[  155.528358][ T8400] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  155.528367][ T8400] R13: 00007f7b631b6038 R14: 00007f7b631b5fa0 R15: 00007ffd3e88bc68
[  155.528381][ T8400]  </TASK>
[  155.528387][ T8400] 
[  155.668551][ T8400] Allocated by task 6872:
[  155.670468][ T8400]  kasan_save_track+0x3e/0x80
[  155.672564][ T8400]  __kasan_slab_alloc+0x6c/0x80
[  155.674683][ T8400]  kmem_cache_alloc_noprof+0x1c1/0x3c0
[  155.677109][ T8400]  xfrm_state_alloc+0x24/0x2f0
[  155.679195][ T8400]  __find_acq_core+0x8a7/0x1c00
[  155.681307][ T8400]  xfrm_find_acq+0x78/0xa0
[  155.683257][ T8400]  xfrm_alloc_userspi+0x6b3/0xc90
[  155.685481][ T8400]  xfrm_user_rcv_msg+0x7a3/0xab0
[  155.687647][ T8400]  netlink_rcv_skb+0x208/0x470
[  155.689731][ T8400]  xfrm_netlink_rcv+0x79/0x90
[  155.691692][ T8400]  netlink_unicast+0x82f/0x9e0
[  155.693758][ T8400]  netlink_sendmsg+0x805/0xb30
[  155.695782][ T8400]  __sock_sendmsg+0x21c/0x270
[  155.697803][ T8400]  ____sys_sendmsg+0x505/0x830
[  155.699808][ T8400]  ___sys_sendmsg+0x21f/0x2a0
[  155.701787][ T8400]  __x64_sys_sendmsg+0x19b/0x260
[  155.703872][ T8400]  do_syscall_64+0xfa/0x3b0
[  155.705434][ T8400]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  155.707588][ T8400] 
[  155.708649][ T8400] Freed by task 7691:
[  155.710395][ T8400]  kasan_save_track+0x3e/0x80
[  155.712411][ T8400]  kasan_save_free_info+0x46/0x50
[  155.714477][ T8400]  __kasan_slab_free+0x5b/0x80
[  155.716232][ T8400]  kmem_cache_free+0x18f/0x400
[  155.718208][ T8400]  xfrm_state_gc_task+0x52d/0x6b0
[  155.720451][ T8400]  process_scheduled_works+0xae1/0x17b0
[  155.722852][ T8400]  worker_thread+0x8a0/0xda0
[  155.724820][ T8400]  kthread+0x711/0x8a0
[  155.726594][ T8400]  ret_from_fork+0x3fc/0x770
[  155.728622][ T8400]  ret_from_fork_asm+0x1a/0x30
[  155.730650][ T8400] 
[  155.731693][ T8400] The buggy address belongs to the object at ffff888024320480
[  155.731693][ T8400]  which belongs to the cache xfrm_state of size 928
[  155.737345][ T8400] The buggy address is located 196 bytes inside of
[  155.737345][ T8400]  freed 928-byte region [ffff888024320480, ffff888024320820)
[  155.743190][ T8400] 
[  155.744213][ T8400] The buggy address belongs to the physical page:
[  155.746916][ T8400] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888024320000 pfn:0x24320
[  155.751149][ T8400] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  155.754626][ T8400] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  155.757692][ T8400] page_type: f5(slab)
[  155.759426][ T8400] raw: 00fff00000000040 ffff88801afb6780 dead000000000122 0000000000000000
[  155.763019][ T8400] raw: ffff888024320000 00000000800e000d 00000000f5000000 0000000000000000
[  155.766488][ T8400] head: 00fff00000000040 ffff88801afb6780 dead000000000122 0000000000000000
[  155.770163][ T8400] head: ffff888024320000 00000000800e000d 00000000f5000000 0000000000000000
[  155.773857][ T8400] head: 00fff00000000002 ffffea000090c801 00000000ffffffff 00000000ffffffff
[  155.777615][ T8400] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  155.781266][ T8400] page dumped because: kasan: bad access detected
[  155.784065][ T8400] page_owner tracks the page as allocated
[  155.786541][ T8400] page last allocated via order 2, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 6630, tgid 6629 (syz.1.331), ts 95112313657, free_ts 94964538015
[  155.794539][ T8400]  post_alloc_hook+0x240/0x2a0
[  155.796655][ T8400]  get_page_from_freelist+0x21e4/0x22c0
[  155.799047][ T8400]  __alloc_frozen_pages_noprof+0x181/0x370
[  155.801583][ T8400]  alloc_pages_mpol+0x232/0x4a0
[  155.803649][ T8400]  allocate_slab+0x8a/0x370
[  155.805596][ T8400]  ___slab_alloc+0xbeb/0x1410
[  155.807574][ T8400]  kmem_cache_alloc_noprof+0x283/0x3c0
[  155.809848][ T8400]  xfrm_state_alloc+0x24/0x2f0
[  155.811920][ T8400]  __find_acq_core+0x8a7/0x1c00
[  155.814008][ T8400]  xfrm_find_acq+0x78/0xa0
[  155.815968][ T8400]  xfrm_alloc_userspi+0x6b3/0xc90
[  155.818099][ T8400]  xfrm_user_rcv_msg+0x7a3/0xab0
[  155.820257][ T8400]  netlink_rcv_skb+0x208/0x470
[  155.822440][ T8400]  xfrm_netlink_rcv+0x79/0x90
[  155.824536][ T8400]  netlink_unicast+0x82f/0x9e0
[  155.826556][ T8400]  netlink_sendmsg+0x805/0xb30
[  155.828616][ T8400] page last free pid 5921 tgid 5921 stack trace:
[  155.831278][ T8400]  __free_frozen_pages+0xbc4/0xd30
[  155.833584][ T8400]  stack_depot_save_flags+0x436/0x860
[  155.835841][ T8400]  ref_tracker_free+0xfe/0x7d0
[  155.837900][ T8400]  __sk_destruct+0x3c3/0x660
[  155.839846][ T8400]  rcu_core+0xcab/0x1770
[  155.841693][ T8400]  handle_softirqs+0x286/0x870
[  155.843808][ T8400]  do_softirq+0xec/0x180
[  155.845683][ T8400]  __local_bh_enable_ip+0x17d/0x1c0
[  155.847798][ T8400]  batadv_nc_purge_paths+0x318/0x3b0
[  155.850002][ T8400]  batadv_nc_worker+0x369/0x610
[  155.852046][ T8400]  process_scheduled_works+0xae1/0x17b0
[  155.854430][ T8400]  worker_thread+0x8a0/0xda0
[  155.856494][ T8400]  kthread+0x711/0x8a0
[  155.858030][ T8400]  ret_from_fork+0x3fc/0x770
[  155.859660][ T8400]  ret_from_fork_asm+0x1a/0x30
[  155.861277][ T8400] 
[  155.862130][ T8400] Memory state around the buggy address:
[  155.864083][ T8400]  ffff888024320400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  155.866753][ T8400]  ffff888024320480: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  155.869994][ T8400] >ffff888024320500: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  155.873274][ T8400]                                            ^
[  155.875823][ T8400]  ffff888024320580: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  155.879140][ T8400]  ffff888024320600: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  155.882409][ T8400] ==================================================================
SYZFAIL: failed to recv rpc
[  155.885982][ T8400] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  155.888884][ T8400] CPU: 0 UID: 0 PID: 8400 Comm: syz.2.1025 Not tainted 6.16.0-syzkaller-11895-gcca7a0aae895-dirty #0 PREEMPT(full) 
[  155.893118][ T8400] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.2-debian-1.16.2-1 04/01/2014
[  155.896880][ T8400] Call Trace:
[  155.898141][ T8400]  <TASK>
[  155.899130][ T8400]  dump_stack_lvl+0x99/0x250
[  155.900578][ T8400]  ? __asan_memcpy+0x40/0x70
[  155.902201][ T8400]  ? __pfx_dump_stack_lvl+0x10/0x10
[  155.904084][ T8400]  ? __pfx__printk+0x10/0x10
[  155.905904][ T8400]  vpanic+0x281/0x750
[  155.907484][ T8400]  ? __pfx_vpanic+0x10/0x10
[  155.909238][ T8400]  ? irqentry_exit+0x74/0x90
[  155.910956][ T8400]  panic+0xb9/0xc0
[  155.912547][ T8400]  ? __pfx_panic+0x10/0x10
[  155.914302][ T8400]  ? _raw_spin_unlock_irqrestore+0xa8/0x110
[  155.916247][ T8400]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  155.918486][ T8400]  ? xfrm_alloc_spi+0x570/0xf30
[  155.920309][ T8400]  check_panic_on_warn+0x89/0xb0
[  155.922260][ T8400]  ? xfrm_alloc_spi+0x570/0xf30
[  155.924295][ T8400]  end_report+0x78/0x160
[  155.926083][ T8400]  kasan_report+0x129/0x150
[  155.927993][ T8400]  ? xfrm_alloc_spi+0x570/0xf30
[  155.930121][ T8400]  xfrm_alloc_spi+0x570/0xf30
[  155.932116][ T8400]  ? xfrm_alloc_spi+0x2a0/0xf30
[  155.934183][ T8400]  ? __pfx_xfrm_alloc_spi+0x10/0x10
[  155.936349][ T8400]  ? xfrm_find_acq+0x87/0xa0
[  155.938351][ T8400]  xfrm_alloc_userspi+0x70b/0xc90
[  155.940222][ T8400]  ? apparmor_capable+0x137/0x1b0
[  155.941962][ T8400]  ? __pfx_xfrm_alloc_userspi+0x10/0x10
[  155.943836][ T8400]  ? __nla_parse+0x40/0x60
[  155.945349][ T8400]  xfrm_user_rcv_msg+0x7a3/0xab0
[  155.947114][ T8400]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  155.949382][ T8400]  ? __pfx___mutex_trylock_common+0x10/0x10
[  155.951899][ T8400]  ? rcu_is_watching+0x15/0xb0
[  155.953897][ T8400]  ? trace_contention_end+0x39/0x120
[  155.956061][ T8400]  ? __mutex_lock+0x335/0x1360
[  155.957770][ T8400]  netlink_rcv_skb+0x208/0x470
[  155.959704][ T8400]  ? __pfx_xfrm_user_rcv_msg+0x10/0x10
[  155.961741][ T8400]  ? __pfx_netlink_rcv_skb+0x10/0x10
[  155.963838][ T8400]  ? netlink_deliver_tap+0x2e/0x1b0
[  155.965993][ T8400]  ? netlink_deliver_tap+0x2e/0x1b0
[  155.968019][ T8400]  xfrm_netlink_rcv+0x79/0x90
[  155.969922][ T8400]  netlink_unicast+0x82f/0x9e0
[  155.971938][ T8400]  ? __pfx_netlink_unicast+0x10/0x10
[  155.973872][ T8400]  ? netlink_sendmsg+0x642/0xb30
[  155.975671][ T8400]  ? skb_put+0x11b/0x210
[  155.977206][ T8400]  netlink_sendmsg+0x805/0xb30
[  155.979098][ T8400]  ? __pfx_netlink_sendmsg+0x10/0x10
[  155.981354][ T8400]  ? aa_sock_msg_perm+0xf1/0x1d0
[  155.983340][ T8400]  ? bpf_lsm_socket_sendmsg+0x9/0x20
[  155.985570][ T8400]  ? __pfx_netlink_sendmsg+0x10/0x10
[  155.987624][ T8400]  __sock_sendmsg+0x21c/0x270
[  155.989621][ T8400]  ____sys_sendmsg+0x505/0x830
[  155.991389][ T8400]  ? __pfx_____sys_sendmsg+0x10/0x10
[  155.993149][ T8400]  ? import_iovec+0x74/0xa0
[  155.994840][ T8400]  ___sys_sendmsg+0x21f/0x2a0
[  155.996809][ T8400]  ? __pfx____sys_sendmsg+0x10/0x10
[  155.999014][ T8400]  ? __fget_files+0x2a/0x420
[  156.000684][ T8400]  ? __fget_files+0x3a0/0x420
[  156.002293][ T8400]  __x64_sys_sendmsg+0x19b/0x260
[  156.003927][ T8400]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  156.005744][ T8400]  ? rcu_is_watching+0x15/0xb0
[  156.007411][ T8400]  ? do_syscall_64+0xbe/0x3b0
[  156.009012][ T8400]  do_syscall_64+0xfa/0x3b0
[  156.010583][ T8400]  ? lockdep_hardirqs_on+0x9c/0x150
[  156.012623][ T8400]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.015150][ T8400]  ? exc_page_fault+0x9f/0xf0
[  156.017307][ T8400]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  156.019342][ T8400] RIP: 0033:0x7f7b62f8ebe9
[  156.020915][ T8400] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  156.027456][ T8400] RSP: 002b:00007f7b63e49038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  156.030818][ T8400] RAX: ffffffffffffffda RBX: 00007f7b631b5fa0 RCX: 00007f7b62f8ebe9
[  156.033965][ T8400] RDX: 0000000020004808 RSI: 0000200000001580 RDI: 0000000000000003
[  156.037241][ T8400] RBP: 00007f7b63011e19 R08: 0000000000000000 R09: 0000000000000000
[  156.040315][ T8400] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  156.043385][ T8400] R13: 00007f7b631b6038 R14: 00007f7b631b5fa0 R15: 00007ffd3e88bc68
[  156.046374][ T8400]  </TASK>
[  156.048424][ T8400] Kernel Offset: disabled
[  156.050136][ T8400] Rebooting in 86400 seconds..

VM DIAGNOSIS:
17:20:00  Registers:
info registers vcpu 0

CPU#0
RAX=0000000000000020 RBX=0000000000000020 RCX=0000000000000000 RDX=00000000000003f8
RSI=000000000000186c RDI=000000000000186d RBP=00000000000003f8 RSP=ffffc90004c3e9f0
R8 =ffff8881070a0237 R9 =1ffff11020e14046 R10=dffffc0000000000 R11=ffffffff854e72a0
R12=dffffc0000000000 R13=ffffffff99af1902 R14=ffffffff99de64e0 R15=0000000000000000
RIP=ffffffff854e731c RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00007f7b63e496c0 ffffffff 00c00000
GS =0000 ffff8880b8624000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000001000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000200000000280 CR3=000000001f5e8000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=0000000000000000 0000000000000000
XMM02=0000000000000000 0000000000000000 XMM03=0000000000000000 0000000000000000
XMM04=0000000019000000 0000000000000000 XMM05=001b0004fffffffd 0000000800000000
XMM06=000000d000000000 00000000fffffffe XMM07=0000000300000000 0000000000000000
XMM08=1900000000000000 0000000000000000 XMM09=0000000000000000 00007f7b63012fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
info registers vcpu 1

CPU#1
RAX=1ffff11026cc65f3 RBX=ffff888136632f98 RCX=c2c71bfc916ffb00 RDX=0000000000000000
RSI=ffffffff8be325e0 RDI=ffffffff8be325a0 RBP=ffffffff8172c195 RSP=ffffc90004eb72f8
R8 =0000000000000000 R9 =0000000000000000 R10=ffffc90004eb74d8 R11=ffffffff81ac3890
R12=0000000000000002 R13=ffffffff8e139ee0 R14=ffffffff8dbdbd18 R15=dffffc0000000000
RIP=ffffffff81a65dd5 RFL=00000a06 [-O---P-] CPL=0 II=0 A20=1 SMM=0 HLT=0
ES =0000 0000000000000000 ffffffff 00c00000
CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA]
SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS   [-WA]
DS =0000 0000000000000000 ffffffff 00c00000
FS =0000 00005555868a5500 ffffffff 00c00000
GS =0000 ffff8881a3c24000 ffffffff 00c00000
LDT=0000 0000000000000000 ffffffff 00c00000
TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy
GDT=     fffffe0000048000 0000007f
IDT=     fffffe0000000000 00000fff
CR0=80050033 CR2=0000001b2f622ff8 CR3=000000003e042000 CR4=000006f0
DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 
DR6=00000000ffff0ff0 DR7=0000000000000400
EFER=0000000000000d01
FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80
FPR0=0000000000000000 0000 FPR1=0000000000000000 0000
FPR2=0000000000000000 0000 FPR3=0000000000000000 0000
FPR4=0000000000000000 0000 FPR5=0000000000000000 0000
FPR6=0000000000000000 0000 FPR7=0000000000000000 0000
XMM00=0000000000000000 0000000000000000 XMM01=ffffffff8168893f ffffffff8167983b
XMM02=00007fed01987498 ffffffff8167983b XMM03=00007fed019874a8 00007fed019874a0
XMM04=00007fed024ed100 00007fed01987460 XMM05=00007fed01987478 00007fed019874c0
XMM06=00007fed019874b8 00007fed019874b0 XMM07=00007fed019874a8 00007fed019874a0
XMM08=0000000000000000 00007fed01812ee7 XMM09=0000000000000000 00007fed01812fc5
XMM10=0000000000000000 0000000000000000 XMM11=0000000000000000 0000000000000000
XMM12=0000000000000000 0000000000000000 XMM13=0000000000000000 0000000000000000
XMM14=0000000000000000 0000000000000000 XMM15=0000000000000000 0000000000000000
