last executing test programs:

2m3.348590995s ago: executing program 1 (id=75):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x11, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x41100, 0x2e, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000006c0)=[0x1], 0x0, 0x10, 0x8}, 0x94)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x12, 0x6, 0x4, 0x2, 0x0, 0xffffffffffffffff, 0x40}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000780)={{r1}, &(0x7f0000000700), &(0x7f0000000740)=r0}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000002c0)={r1, &(0x7f00000006c0), &(0x7f0000000000), 0x2}, 0x20)

2m3.261464349s ago: executing program 1 (id=77):
pipe2$watch_queue(&(0x7f0000002240)={<r0=>0xffffffffffffffff}, 0x80)
r1 = add_key$user(&(0x7f0000000100), &(0x7f0000000140)={'syz', 0x3}, &(0x7f0000000180)="8e", 0x1, 0xffffffffffffffff)
keyctl$KEYCTL_WATCH_KEY(0x20, r1, r0, 0x0)
pipe2$watch_queue(&(0x7f0000000040)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r1, r2, 0xffffffffffffffff)

2m3.157452494s ago: executing program 1 (id=78):
socket$rds(0x15, 0x5, 0x0)
r0 = socket(0x40000000015, 0x5, 0x0)
bind$inet(r0, &(0x7f0000000340)={0x2, 0x5e23, @loopback}, 0x10)
r1 = socket(0x15, 0x5, 0x0)
getsockopt(r1, 0x200000000114, 0x2716, &(0x7f0000c35fff)=""/1, &(0x7f0000000000)=0xf002)

2m3.06199602s ago: executing program 1 (id=80):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c6261636b67726f756e645f67633d6f6e2c6e6f757365725f78617474722c6e6f71756f74612c64697361626c655f726f6c6c5f666f72776172642c67635f6d657267652c6e6f757365725f78617474722c636865636b706f696e743d64697361626c652c757365725f78617474722c6673796e635f6d6f64653d7374726963742c646973636172645f756e69743d73656374696f6e2c636865636b706f696e743d64697361626c652c6e6f696e6c696e655f64656e7472792c00ec6da92d1c80a6c720380e3c2c55bf27596d2776ce408c4bb19b149757508e1c7e919c6c2047023baa412d14fa75c8cac6e5f103e13ea52708af0a7c5da8af4ecb6612"], 0x2, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
mkdir(&(0x7f0000000280)='./file0\x00', 0x324)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})

2m1.203941951s ago: executing program 1 (id=93):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000840)={0x24, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="00220f000000540b4550182195f51584b3"], 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f0000000540), 0x0, 0x0)
ioctl$HIDIOCGUSAGE(r1, 0xc018480b, &(0x7f00000000c0)={0x3, 0x200, 0x0, 0x200002, 0x7, 0x47})

1m59.575249512s ago: executing program 1 (id=100):
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x80)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@metacopy_on}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='mounts\x00')
read$FUSE(r0, &(0x7f00000029c0)={0x2020}, 0x2020)

1m59.330983704s ago: executing program 32 (id=100):
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x80)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@metacopy_on}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='mounts\x00')
read$FUSE(r0, &(0x7f00000029c0)={0x2020}, 0x2020)

1m50.798327505s ago: executing program 0 (id=161):
r0 = syz_init_net_socket$llc(0x1a, 0x2, 0x0)
bind$llc(r0, &(0x7f0000000140)={0x1a, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.bfq.io_queued\x00', 0x275a, 0x0)
write$cgroup_int(r1, &(0x7f0000000000), 0xffffff6a)
sendfile(r0, r1, 0x0, 0xffffffff000)

1m47.578519784s ago: executing program 0 (id=174):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)
madvise(&(0x7f0000000000/0x400000)=nil, 0x40001e, 0x15)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
mremap(&(0x7f0000006000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f0000c00000/0x400000)=nil)

1m46.204939532s ago: executing program 0 (id=182):
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
sendto$inet6(r0, 0x0, 0x0, 0x0, &(0x7f0000000240)={0xa, 0x4e20, 0x0, @mcast1, 0x2}, 0x1c)
setsockopt$sock_int(r0, 0x1, 0x2a, &(0x7f0000000000)=0x59cc, 0x4)
recvmmsg(r0, &(0x7f00000028c0)=[{{0x0, 0x0, 0x0}, 0x8201}], 0x1, 0x60, 0x0)

1m45.83732285s ago: executing program 0 (id=186):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x3000003, &(0x7f0000000780), 0x41, 0x4cd, &(0x7f0000000100)="$eJzs3VFrXFkdAPD/vcnspt2sk3V92F1wXdxKWrQzSWPb4ENbQfSpoNb3GJNJCJlkQjJpm1AkxQ8giKjgk0++CH4AQfoRRCjou2hRRFt98EEdmTt3aprMNClO5rrJ7wcn95x77uT/P4HcmTP3cG8AZ9YHEXErIkYi4lJElPP9aV7m2o29znHPnj5YaJckWq07f0kiyfd1f1eSb9/ovCTGIuLrX4n4VtIr8u7qfL1e28xb1ebaRnVrZ/fyytr8cm25tj4zM31t9vrs1dmp4w8m7d81ERE3vvTkB9/96Zdv/PJz934396eL326nNZ737x/HIHWGXsr+Fl2jEbF5EsEKMpqNEACAj4K3I+LjEfHp7PN/OUayT3MAAADAadK6OR7/TCJaAAAAwKmVZmtgk7SSL58djzStVDpreD8R59N6Y6v52aXG9vpip38iSunSSr02la8VnohS0m5P52tsu+0rB9ozEfFWRHy/fC5rVxYa9cWiv/wAAACAM+KNA/P/v5c78/8DNgpJDgAAABiciaITAAAAAE6c+T8AAACcfub/AAAAcKp99fbtdml1n3+9eHdne7Vx9/JibWu1sra9UFlobG5UlhuN5eyefWtH/b56o7Hx+Vjfvl9t1raa1a2d3bm1xvZ6c27lhUdgAwAAAEP01qce/TaJiL0vnMtK27tFJwUMRfoqB//h5PIAhm+k6ASAwowWnQBQmFLRCQCFS47o/1i/jl8NPhcAAOBkTL57+Pp/ueikgKF4pev/AMCp4Po/nF0lKwDhzOt7fT/X9+Ydh67/3+xzYKv1ykkBAAADNZ6VJK3k1wLHI00rlYg3s8cClJKllXptKp8f/KZcer3dns5emRy5ZhgAAAAAAAAAAAAAAAAAAAAAAAAA6Gi1kmgBAAAAp1pE+scku5t/xGT5wvjB7wdeS/5RzrYRce/Hd354f77Z3Jxu7//r8/3NH+X7rxTxDQYAAACcEU+O/yS+7jy9O48HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEF69vTBQrcMM+6fvxgRE73ij8ZYth2LUkSc/1sSo/tel0TEyADi7z2MiHd6xU/aacVEnkWv+OeGHj8ZQESg61H7/HOr1/9fGh9k297//6N5+V/1P/+lz89/I33OP28eM8Z7j39e7Rv/YcR7o73PP934SRbtcPwPjxn/m9/Y3d3XfH1/X+snEZM933+SF2JVm2sb1a2d3csra/PLteXa+szM9LXZ67NXZ6eqSyv1Wv6zZ/zvffIX/37Z+M/3iT/xfPy9//4Xjjn+fz2+//TtTrXUK/7FD3u//77TJ36av/d9Jq+3+ye79b1Ofb/3f/br9182/sU+4x87YvwXjzn+S1/7zu+PeSgAMARbO7ur8/V6bVNFpYDKa/F/kYbKoUrRZyYAAGDQ/vuhv+hMAAAAAAAAAAAAAAAAAAAA4Owaxu3EDsbcK2aoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAv9Z8AAAD///B70+s=")
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_writev(r0, &(0x7f0000000080)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000000000)=[{&(0x7f0000001cc0)=""/116, 0x74}], 0x1, 0x0)
madvise(&(0x7f0000000000/0x400000)=nil, 0x40001e, 0x15)

1m44.814119551s ago: executing program 0 (id=192):
syz_open_dev$media(&(0x7f00000012c0), 0x66, 0x180502)
r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='fd/3\x00')
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000040))
epoll_ctl$EPOLL_CTL_MOD(r1, 0x3, r0, &(0x7f0000000c40)={0x8000203d})

1m43.962505923s ago: executing program 0 (id=196):
syz_mount_image$udf(&(0x7f00000000c0), &(0x7f0000000c80)='./file0\x00', 0x810400, &(0x7f0000000200)=ANY=[@ANYBLOB='lastblock=00000000000000000226,mode=00000000000000000000000,session=00000000000000000000,noadinicb,nostrict,uid=', @ANYRESDEC=0x0, @ANYBLOB="2c73686f727461642c7569643d69676e6f72652c73686f727461642c757466382c00c686dcc61a339255aaa76420c8c424db3c1339e528df2219ac3c0bc1e29d4d297bd457b47f230ae905dcc992ea60d614d13525d6b39ed99cc32fb16f7bbc6d4109d7db08e9355cd3d2d31136bd458b41cc1f965abd948802718f125b7c394c53eafdf096e17380b4bc297c66e70145e2e44274e41cfaf97f93268479be0eca9244b04384665d20cb8cdbc5c5d74600f04aa994741ec3770324330d4b2146b45f974feb9b1f7b641fe77a90d3c90126fb747bd60269db11c6ee269b6de27cf8ae875a392e9180803219389350fcfee3ed285b2b4a02056201c499d1bdeb8ee008a58ef356649d6c"], 0x4, 0xc24, &(0x7f0000000d00)="$eJzs3V9oXOl5B+D3myOtJW/TzG42zh/nYmAD2Xqzi2R51yregBwrIgvGa1ZWLhYKGluyO6w0kiW5eEMJLiSUkLa45CKXNWwCvauvWggNuFfbEgKiV6UXxW03Zns3CaQtvViVM/ONNNLalrK2JXn9PMb+nTnznpnvzOrVnDN7zpwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACK+/o2TQ8Npr0cBAOymM5NvDo14/weAJ8o5+/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGwvRRHfjRTv/qCVptu3OwZON5pXrk6NT9x9scEUKSpRtOvLvwPDR0eOvfLq8dFu3n/5h+0L8cbkuZO1Uwvzi0uzy8uzM7WpZuPCwszsjh/hQZff6kj7BajNv31l5uLF5drRl0c23X21eufA04eqJ0YPj7zVrZ0an5iY7Knp6//Yz/4R6eE9FJ8gT0UR34wU7730QapHRCUevBe2+d3xqA1GX9l/7ZWYGp9or8hco95cKe9MlVzVF1HtWWis2yO70IsPZCziWvnfqRzwkXL1JhfrS/Xzc7O1s/WllcZKY6GZKp3RlutTjUqMpojFiGgVez149pv+KOJYpLjz61Y6HxFFtw9ePDP55tDI9g/QtwuDvMfTVouI1XgMehb2qQNRxF9Gih9OD8WF3Ffttnk/4itlvhZxucxbKa7n26n8BTEa8SvvJ/BY64sifhEpFlIrzXR7v71defpbtdebFxd6arvblY/9/sFusm3CPjYQRZxvb/G30sf/sAsAAAAAAAAAAAAA2B1F/DRS3Jx/IS1G7zmljeal2rn6+bnOUcHdY/9ream1tbW1aupkLedQzrGcZ3NO51zMeS3n9Zw3ct7MeSvnas7bOVs5o5KfP2ct51DOsZxnc07nXMx5Lef1nDdy3sx5K+dqzts5WznDeU8AAAAAAAAAAAAAAAAAAAA8ZINRxESkuPHuH7WvKx3t69J/+sTomfHneq8Z/7ltHqesfTkifho7uyZvf77WeKqUfx7+egHbG4givpOv//cnez0YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgX6hEEd+NFD/6TStFioixiOno5O1ir0cHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJQGUhGnIsV/fWOgfXs1Ir4YER+ulX8i/ndtq70eMQAAAAAAAAAAAAAAAAAAAHwCpSIuR4ofv9dK1Yi4Wr1z4OlD1ROjh0feKqKIVJb01r8xee5k7dTC/OLS7PLy7Extqtm4sDAzu9OnGzjdaF65OjU+8UhWZluDj3j8gwOnFhbfWWpc+sOVu95/cODk+eWVpfqFu98dg9EXMdQ750h7wFPjE+1BzzXqzfaiqXKPAfZF1Ha6MgAAAAAAAAAAAAAAAAAAAOwbB1MR45Hi+Z8dS93zxvs65/x/qnOrWK/9yR9vfBfA3Jbs6v3+gJ1Mp50O9Ej7xPva1PjExGTP7L7+j5aWY0qpiM9GisN///n2+fApDt713Piy7s8ixej/Hct11cNl3dimqoEjU+MTtTMLzZdOzs0tXKiv1M/PzdYmF+sXdvzFAQAAAAAAAAAAAAAAAAAAAHAfB1MRfx4pjr2+mrrXnc/n//d1bvWc//9aRPey8wNpc65rn9v/u+1z+zvTnz4x+vrR5+81/1Gc/1+OKaUiPowUz/zV59vX0++e/z+0pbas+3Gk+MX3vpTrKk+VdcPd1ek84sXG3OxQWftipPj+2W5ttGtfzbWf2agdLmv/IVI8+weba4/n2uc2ao+WtXcixcSZu9d+dqN2pKwdjBRf/dNat/ZgWfv1XHtoo/blCwtzMzt9eXkylf3/b5Hiy8PfTN2f+Xv2f8/3f1zbkus+0vP3n35Y/V/tmXct9/Va7v/hbfr/cqT4i+tfynWd3jua73+m/e9G/38/UvzepzbXvpJrn92oHd7pasFeKvv/nyLF6u1/Wf+Zz/2fO2ujQ3v7/4t9m7O7XbBX/f9Mz7xqHtfIb/lawJNm+Z1vv12fm5tdMmHChIn1ib3+zQQ8auX2/39Hiq9dLlJ3PzZv//9O59bG/v//fGdj+//Elly3R9v/z/bMO5H3Wvr7IgZW5hf7PxcxsPzOt19qzNcvzV6abY6MjB7//WPDR48P9z/V3bnfmNrxawePu7L/344UP/mbf17/HHvz/v/dP/87uCXX7VH/f6Z3nTbt1+z4pYAnTtn/fx0p/vXGB+v/v+l+n/91P+d74fnNOdgt2qP+f65nXi3/M9oz74Ui4uROnwsAAAAAAAAAAB4TB1MRP4sUf9v6x/Vr3m8+/ie+3K3tPf7vXvbD9f8BgPsr3/8nI8XPD341db9DZifH/89syXV7dPzvoZ55M7t0XvOOX2QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiYUhRxIFK8+4NWul2UtzsGTjeaV65OjU/cfbHBFCkqUbTry78Dw0dHjr3y6vHRbt5/+YftC/HG5LmTtVML84tLs8vLszO1qWbjwsLM7I4f4UGX3+pI+wWozb99ZebixeXa0ZdHNt19tXrnwNOHqidGD4+81a2dGp+YmOyp6ev/2M/+EenhPRSfIE9FET+PFO+99EH69yKiEg/eC9v87njUBqOv7L/2SkyNT7RXZK5Rb66Ud6ZKruqLqPYsNNbtkV3oxQcyFnEtIirlgI+Uqze5WF+qn5+brZ2tL600VhoLzVTpjLZcn2pUYjRFLEZEq9jrwbPf9EcRfxcp7vy6lf6jiCi6ffDimck3h0a2f4C+XRjkPZ62WkSsxmPQs7BPHYginosUP5weiv8sOn3Vbpv3I75S5msRl8u8leJ6vp3KXxCjEb/yfgKPtb4o4mykWEit9H6Re7+9XXn6W7XXmxcXemq725WP/f7BbrJtwj42EEX8sr3F30q/9H4OAAAAAAAAAAAAAPtcEV+LFDfnX0jt80PXzyltNC/VztXPz3UO6+8e+1/LS62tra1VUydrOYdyjuU8m3M652LOazmv57yR82bOWzlXc97O2coZlfz8OWs5h3KO5TybczrnYs5rOa/nvJHzZs5bOVdz3s7ZyhmOkwYAAAAAAAAAAAAAAAAA4BGpRBHfixQ/+k0rrRWd68tORydvO88VPtH+PwAA//9mFkcG")
mount(0x0, &(0x7f0000000240)='.\x00', 0x0, 0x2390024, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x64042, 0x12e)
openat(0xffffffffffffff9c, 0x0, 0x105042, 0x0)
write$cgroup_subtree(r0, 0x0, 0x32600)

1m43.761114033s ago: executing program 33 (id=196):
syz_mount_image$udf(&(0x7f00000000c0), &(0x7f0000000c80)='./file0\x00', 0x810400, &(0x7f0000000200)=ANY=[@ANYBLOB='lastblock=00000000000000000226,mode=00000000000000000000000,session=00000000000000000000,noadinicb,nostrict,uid=', @ANYRESDEC=0x0, @ANYBLOB="2c73686f727461642c7569643d69676e6f72652c73686f727461642c757466382c00c686dcc61a339255aaa76420c8c424db3c1339e528df2219ac3c0bc1e29d4d297bd457b47f230ae905dcc992ea60d614d13525d6b39ed99cc32fb16f7bbc6d4109d7db08e9355cd3d2d31136bd458b41cc1f965abd948802718f125b7c394c53eafdf096e17380b4bc297c66e70145e2e44274e41cfaf97f93268479be0eca9244b04384665d20cb8cdbc5c5d74600f04aa994741ec3770324330d4b2146b45f974feb9b1f7b641fe77a90d3c90126fb747bd60269db11c6ee269b6de27cf8ae875a392e9180803219389350fcfee3ed285b2b4a02056201c499d1bdeb8ee008a58ef356649d6c"], 0x4, 0xc24, &(0x7f0000000d00)="$eJzs3V9oXOl5B+D3myOtJW/TzG42zh/nYmAD2Xqzi2R51yregBwrIgvGa1ZWLhYKGluyO6w0kiW5eEMJLiSUkLa45CKXNWwCvauvWggNuFfbEgKiV6UXxW03Zns3CaQtvViVM/ONNNLalrK2JXn9PMb+nTnznpnvzOrVnDN7zpwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACK+/o2TQ8Npr0cBAOymM5NvDo14/weAJ8o5+/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGwvRRHfjRTv/qCVptu3OwZON5pXrk6NT9x9scEUKSpRtOvLvwPDR0eOvfLq8dFu3n/5h+0L8cbkuZO1Uwvzi0uzy8uzM7WpZuPCwszsjh/hQZff6kj7BajNv31l5uLF5drRl0c23X21eufA04eqJ0YPj7zVrZ0an5iY7Knp6//Yz/4R6eE9FJ8gT0UR34wU7730QapHRCUevBe2+d3xqA1GX9l/7ZWYGp9or8hco95cKe9MlVzVF1HtWWis2yO70IsPZCziWvnfqRzwkXL1JhfrS/Xzc7O1s/WllcZKY6GZKp3RlutTjUqMpojFiGgVez149pv+KOJYpLjz61Y6HxFFtw9ePDP55tDI9g/QtwuDvMfTVouI1XgMehb2qQNRxF9Gih9OD8WF3Ffttnk/4itlvhZxucxbKa7n26n8BTEa8SvvJ/BY64sifhEpFlIrzXR7v71defpbtdebFxd6arvblY/9/sFusm3CPjYQRZxvb/G30sf/sAsAAAAAAAAAAAAA2B1F/DRS3Jx/IS1G7zmljeal2rn6+bnOUcHdY/9ream1tbW1aupkLedQzrGcZ3NO51zMeS3n9Zw3ct7MeSvnas7bOVs5o5KfP2ct51DOsZxnc07nXMx5Lef1nDdy3sx5K+dqzts5WznDeU8AAAAAAAAAAAAAAAAAAAA8ZINRxESkuPHuH7WvKx3t69J/+sTomfHneq8Z/7ltHqesfTkifho7uyZvf77WeKqUfx7+egHbG4givpOv//cnez0YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgX6hEEd+NFD/6TStFioixiOno5O1ir0cHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJQGUhGnIsV/fWOgfXs1Ir4YER+ulX8i/ndtq70eMQAAAAAAAAAAAAAAAAAAAHwCpSIuR4ofv9dK1Yi4Wr1z4OlD1ROjh0feKqKIVJb01r8xee5k7dTC/OLS7PLy7Extqtm4sDAzu9OnGzjdaF65OjU+8UhWZluDj3j8gwOnFhbfWWpc+sOVu95/cODk+eWVpfqFu98dg9EXMdQ750h7wFPjE+1BzzXqzfaiqXKPAfZF1Ha6MgAAAAAAAAAAAAAAAAAAAOwbB1MR45Hi+Z8dS93zxvs65/x/qnOrWK/9yR9vfBfA3Jbs6v3+gJ1Mp50O9Ej7xPva1PjExGTP7L7+j5aWY0qpiM9GisN///n2+fApDt713Piy7s8ixej/Hct11cNl3dimqoEjU+MTtTMLzZdOzs0tXKiv1M/PzdYmF+sXdvzFAQAAAAAAAAAAAAAAAAAAAHAfB1MRfx4pjr2+mrrXnc/n//d1bvWc//9aRPey8wNpc65rn9v/u+1z+zvTnz4x+vrR5+81/1Gc/1+OKaUiPowUz/zV59vX0++e/z+0pbas+3Gk+MX3vpTrKk+VdcPd1ek84sXG3OxQWftipPj+2W5ttGtfzbWf2agdLmv/IVI8+weba4/n2uc2ao+WtXcixcSZu9d+dqN2pKwdjBRf/dNat/ZgWfv1XHtoo/blCwtzMzt9eXkylf3/b5Hiy8PfTN2f+Xv2f8/3f1zbkus+0vP3n35Y/V/tmXct9/Va7v/hbfr/cqT4i+tfynWd3jua73+m/e9G/38/UvzepzbXvpJrn92oHd7pasFeKvv/nyLF6u1/Wf+Zz/2fO2ujQ3v7/4t9m7O7XbBX/f9Mz7xqHtfIb/lawJNm+Z1vv12fm5tdMmHChIn1ib3+zQQ8auX2/39Hiq9dLlJ3PzZv//9O59bG/v//fGdj+//Elly3R9v/z/bMO5H3Wvr7IgZW5hf7PxcxsPzOt19qzNcvzV6abY6MjB7//WPDR48P9z/V3bnfmNrxawePu7L/344UP/mbf17/HHvz/v/dP/87uCXX7VH/f6Z3nTbt1+z4pYAnTtn/fx0p/vXGB+v/v+l+n/91P+d74fnNOdgt2qP+f65nXi3/M9oz74Ui4uROnwsAAAAAAAAAAB4TB1MRP4sUf9v6x/Vr3m8+/ie+3K3tPf7vXvbD9f8BgPsr3/8nI8XPD341db9DZifH/89syXV7dPzvoZ55M7t0XvOOX2QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiYUhRxIFK8+4NWul2UtzsGTjeaV65OjU/cfbHBFCkqUbTry78Dw0dHjr3y6vHRbt5/+YftC/HG5LmTtVML84tLs8vLszO1qWbjwsLM7I4f4UGX3+pI+wWozb99ZebixeXa0ZdHNt19tXrnwNOHqidGD4+81a2dGp+YmOyp6ev/2M/+EenhPRSfIE9FET+PFO+99EH69yKiEg/eC9v87njUBqOv7L/2SkyNT7RXZK5Rb66Ud6ZKruqLqPYsNNbtkV3oxQcyFnEtIirlgI+Uqze5WF+qn5+brZ2tL600VhoLzVTpjLZcn2pUYjRFLEZEq9jrwbPf9EcRfxcp7vy6lf6jiCi6ffDimck3h0a2f4C+XRjkPZ62WkSsxmPQs7BPHYginosUP5weiv8sOn3Vbpv3I75S5msRl8u8leJ6vp3KXxCjEb/yfgKPtb4o4mykWEit9H6Re7+9XXn6W7XXmxcXemq725WP/f7BbrJtwj42EEX8sr3F30q/9H4OAAAAAAAAAAAAAPtcEV+LFDfnX0jt80PXzyltNC/VztXPz3UO6+8e+1/LS62tra1VUydrOYdyjuU8m3M652LOazmv57yR82bOWzlXc97O2coZlfz8OWs5h3KO5TybczrnYs5rOa/nvJHzZs5bOVdz3s7ZyhmOkwYAAAAAAAAAAAAAAAAA4BGpRBHfixQ/+k0rrRWd68tORydvO88VPtH+PwAA//9mFkcG")
mount(0x0, &(0x7f0000000240)='.\x00', 0x0, 0x2390024, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file2\x00', 0x64042, 0x12e)
openat(0xffffffffffffff9c, 0x0, 0x105042, 0x0)
write$cgroup_subtree(r0, 0x0, 0x32600)

2.790949712s ago: executing program 6 (id=1036):
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000000)='./bus\x00', 0x30040a9, 0x0, 0xf, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000240)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@nfs_export_on}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@uuid_off}]})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x0, 0x1)
open_by_handle_at(r0, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000f800000000000000fb"], 0x200000)

2.62580965s ago: executing program 6 (id=1040):
r0 = socket$can_bcm(0x1d, 0x2, 0x2)
connect$can_bcm(r0, &(0x7f00000000c0), 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f00000001c0)={'vcan0\x00', <r1=>0x0})
clock_gettime(0x0, &(0x7f0000000000)={<r2=>0x0, <r3=>0x0})
sendmsg$can_bcm(r0, &(0x7f00000004c0)={&(0x7f0000000100)={0x1d, r1}, 0x10, &(0x7f0000000280)={&(0x7f0000000540)={0x1, 0x8d, 0x5, {r2, r3/1000+60000}, {0x0, 0xea60}, {0x0, 0x0, 0x0, 0x1}, 0x1, @can={{0x1, 0x0, 0x0, 0x1}, 0x8, 0x3, 0x0, 0x0, "c75c85e8b0e3eb49"}}, 0x48}, 0x1, 0x0, 0x0, 0x20044404}, 0x20000800)

2.448970419s ago: executing program 6 (id=1043):
symlink(&(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000000)='./file0\x00')
prctl$PR_SET_NO_NEW_PRIVS(0x26, 0x1)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1d, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x3, 0x49, 0x7fff0000}]})
symlinkat(&(0x7f0000000000)='.\x00', 0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00')
renameat2(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000140)='./file1/../file0\x00', 0x4)

2.269978898s ago: executing program 6 (id=1045):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1700000007"], 0x50)
sendto$packet(0xffffffffffffffff, &(0x7f0000000000)='O', 0x1, 0x0, 0x0, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r0, &(0x7f0000000000), 0xd)

2.259047238s ago: executing program 5 (id=1046):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
close(r0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff})
sendmmsg$inet(r1, &(0x7f0000001540)=[{{0x0, 0xfffffffffffffda1, 0x0}}], 0x40001b6, 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000300), 0x84, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})

2.149193594s ago: executing program 6 (id=1048):
setresgid(0xee00, 0x0, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r0=>0xffffffffffffffff})
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000caaffb)={0x0, <r1=>0x0}, &(0x7f0000cab000)=0xc)
setresuid(0x0, 0x0, r1)
sendmmsg$unix(r0, &(0x7f0000000440)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)=[@cred={{0x1c, 0x1, 0x2, {0x0, r1}}}], 0x20}}], 0x2, 0x0)

2.080976727s ago: executing program 6 (id=1050):
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0xc000)
r0 = syz_usb_connect$hid(0x3, 0x36, &(0x7f0000000800)=ANY=[@ANYBLOB="12010000000000406d04267f000000000001090224000100000000090400000103000000092100000001220b000905810300"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000040)={0x24, 0x0, 0x0, &(0x7f00000002c0)={0x0, 0x22, 0xf, {[@local=@item_4={0x3, 0x2, 0xa, "d3381b8b"}, @local=@item_4={0x3, 0x2, 0xa}, @global=@item_4={0x3, 0x1, 0x1, "88aff65d"}]}}, 0x0}, 0x0)
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x14, 0x0, 0x0)

1.296699126s ago: executing program 5 (id=1066):
syz_mount_image$vfat(&(0x7f0000000400), &(0x7f0000000000)='./file1\x00', 0x20014b0, &(0x7f0000000440)=ANY=[@ANYBLOB="6e6f6e756d7461696c2c6e66732c73686f72746e616d653d6c6f7765722c757466383d312c64656275672c696f636861727365743d757466382c73686f72746e616d653d6d697865642c757466383d312c00484516000000000037c015c57600912233eefc80e89be5a1ef2c27ebf5171169dcfa4805d89c7e1f70d73d649ba4afab8b2194a9e8b537ad2ed68f8319883b84237da3bf9213365872b3f3"], 0x1, 0x2bc, &(0x7f00000000c0)="$eJzs3N9LU2Ecx/GvTuec6BZEUFB9qZu6Gbr+gBqhEA0Kc1JdBMc8q7HTJucMYxG5m+i2v0O67C6o/oC8iW66706CoBsvohOes6ObTptzv9T3C+R5dp7nw/N1TvlOOFu///ZZPuskskZJBiMqgyIV2RCJb86qBqrjoDcPS62KXB37/f38vQcPb6fS6elZ1ZnU3LWkqk5c/Pj85btLn0tj8+8nPozIWvzR+q/kj7Uza2fX/849zTnD4mihWFJDF4rFkrFgmbqYc/IJ1buWaTim5gqOadetZ63i0lJZjcLieHTJNh1HjUJZ82ZZS0Ut2WU1nhi5giYSCR2Pysk21MSezOrsrJHac9kNtbUidNxoo4u2nao0XsysdqEmAADQZ/bv//1ef+/+Pz3vjy31/5rbq/8XOXT//yXc/efyKKjUPfpP/x+INbwaaVtR6CjbThnR6u9vPfp/AAAAAAAAAAAAAAAAAAAAAACOgg3XjbmuGwvG4GukeoNH8LjXdaIzWvz5X+9RuWizmhv3IiLWm+XMcsYf/fVUVnJiiSmTEpM/3uuhyp/P3EpPT6onLp+slWp+ZTkTks3XUCosua3D4kF+wLsNzc9fODXl57U+PyzR2vOTEpPTjc9PNsyH5crlmnxCYvL1sRTFkkXv7O38qynVm3fSO/Kj3j4AAAAAAI6DhG7Z9f7dW/c2RGT3up8/wP8Hdry/HpJzzXxEJQAAAAAAODSn/CJvWJZptzAZEZFDxI/rJCR9UcaOyQ0R6YMyujWJiIh/RVuJ/9yKN5Vym9gzJCI9f1oOMOn1XyYAAAAA7bbd9B8g9O11BysCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODkafbzwIL9u5aChX3iNceFuv4NAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH3kXwAAAP//Q0EcXw==")
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x0)
sendmsg$key(r0, &(0x7f00000001c0)={0x500, 0x0, &(0x7f0000000040)={&(0x7f00000002c0)=ANY=[@ANYBLOB="020100030e000000fcffffff0400000005000600000000000a00000000000000fc01ff80000000000000000000000000000000000000000005000500000000000a0000002efcb098950a0ec00000000000000000000000aa00000000000000000200"], 0x70}}, 0x0)
sendmmsg(r0, &(0x7f0000000180), 0x400008a, 0x0)

1.288504466s ago: executing program 2 (id=1067):
r0 = openat$pidfd(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
fchdir(r0)
syz_open_procfs(0x0, &(0x7f0000000380)='fdinfo/3\x00')
r1 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
getdents(r1, &(0x7f0000000e80)=""/4072, 0xfe8)

1.2023504s ago: executing program 4 (id=1069):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000004c80)={@val={0x0, 0x86dd}, @val={0x0, 0x0, 0x11, 0x800}, @mpls={[], @ipv6=@dccp_packet={0x6, 0x6, "6c22db", 0xf98, 0x21, 0x0, @private1={0xfc, 0x1, '\x00', 0x1}, @loopback, {[], {{0x4e24, 0x4e21, 0x4, 0x1, 0x8, 0x0, 0x0, 0x7, 0x1, "78b7f1", 0xf, "21b516"}, "9e2a03fb3e8c8b52a1a44c37be278107d096255c9cd75bd394e5b466d828958c03186b01480439a8d1b01e8086549ed5b23a025f6bdd75b59f71ce13b91dd50f01ad87bd731067bdb76828d8eb2ab8bcea80f9ce4b0f9f07ca01251778670f429f7b62ec7cd67dcff8e72983919fa0e24c0e7c6ca216d389c140b42956cac7f6362c51d81d98fe8afbd59cfbff6f4db3f92deefd8db9e82a0039c2ead12d1630e2c7f1a2dd04e85fbc9d224c99f8306ed1738a4220bf0a3b2c9908bd346e644ef0981c36c6ec51b27b2ec9dae1580601f18c8c85464ed32d49603c61e6b764d64d3ebb4cf46937f649ae050a2deeba5cdd0ffe8cca953dfc978ab056d987a92e78f0faa4561475a86ff153e8829ecae0c132e88570178ac058e36c430a89263ac6f65d93b0fb332c5393fe320f0820e448d925f0eae45fd63fe5148a8d89d68088032c44a5fccba9208cf637f5811c90a55a3376377a9a1c15f9e021deb08af110ac53c8702ca4f9471e614f3118b88229da08baafa4ef8a9ce3489fa13f4dbbd39ec224dd0bb9d6413b503bd0fc5ccee14180c9c931f6be9627d38dd44ddee6806da00f47680b7b0b395b045e02d4c8554d6ce1c2ac14bbcdedd3a83fd3eda1d9dafb641ac39a77f736fc2de540e55b4d3d14fa891068e6e8c1cc83a77206829e9c0ca1db97669a293bc66bcfa383f99a86f5cfdbf32369e71209e014415d836683dc436c8f24e458b9112e4513a43b713a55ab51b9935c5f992fb52f3a38b1beb0d23f70e3cfe6b9308011c49ad22137ffdb2b7756db98721f72dff0f08a6356b6389852ebd15f5c5511d056ce028e7220457a3801a7ed6a80aeac4e79e3babba8557102c3cc3cc061319e495fb85b883508ef9fcbff38defb853a77c6a4bb9b95db50bfe84dc13aba63cef33f1500f5d5fd2e0152c158480f4f0a58a60b5d7b68fff4d931efae26be00bfb78c09c867793ceb1ee670d67d3050d46b6d457343b73ae9b83f7c0da2f7706448e0b639b055469d7aee4c5bb7ab6052f8ad361b889f163292889a63bc84bdccf2f425ffb08d999a5ac4c266d4ec259899e6d465c18c28d3d4c353df070a5fa3d844af2ef6f1c5fc0377cb507e6077469daa6195d48e701b98a36c0f8a2874110d363c293d4b35188d43101846f59166c82870205ff24bcf94af4c2446772a9fcdab4d68725442022e90e869e90cacea57fffd7a7e6cc59b8faea916dfbe68304a1859a5eca32dc6898d83241f2ca53c27709a7f51e5c9b9ebd3f853cbdc2e954398abed95c185c6351fbf8ca64e45f058c9bf9e04221aa32accfce1e53e46458b7536b1b8aedf376e744d04a707e0df70427e1975ba41ac18c2e0b7f5de7f82ec24f06f4d4c72e98da7c918f0eb9611a4969b89d8737923a834c58d9708e6314e547c175d0968e0648947308b9012911ad1dba56d509ce1026640cd9f30f0839b6dae29b32d6eea80e87f20ccdab29e77c6e68909f155e0bf9defc2877a8e5c878206aed2e888fa2b008954d057ac1c8314b8dbc649ec11aff3de3a530d61600a4c220ba655c127c3b718343750583ee12a2eb4eb4e98af9253744123fb3bf2fdfb3b6fb5d4171655230a08b00f73986b82c91855bee29da958733c549f3e69d6fa91d17e2c10400fc66b6a733ebc1f86cdfb02a4cd5ad8b1077e1be2b71e9bbf5a5831be499d52a4d2ba666293ea94bf6e2ff1590e20e2fa3ab00e66d9a6293f299d064f7da9e17818fbbeb27a19f64991df8b04299c32d2db6904d353b98a51b996915ed6a17b76698c0d9ce7123fd75ab2f7805dfd421153386eef8c4fc91d249a421ea93cbac7733dbdfdef045cf1e0e1f2e1ed17262afcf621173c3ffb7e2dff96de508fd0ce0bf9a76de7cc860abd9e8e4de81a1b82c66446d98d249f10a814696860e447d6725ab32678a6fb47deb2e497cf2996ea1696203e96f43183905925a5b04b9b265da4f3a19a41d89c5f900ffd25f0afb9c2329531252081cea8ac07638ad770e1ba70ba32e6060792471bf1c4cafba5ef5bebb2e19dde89cad3366d57e6d089689a7168288fa2759bbcd4d69e83e52c004de89925cac434ac19131c9587d4a9707e5fd03a0b15ce99d9a9efec193794b5716bc79be1105d8ef57e754d8aefd25191670f531844125411579ab37979cb47724b724be32d9eb40e0b6aa660946bb65f58e075d06bc00c9c3e0ffc6056557da72a329c7c72f180e2502e3e54d7a5cef415e60dae4ee3911ab7d70958733804939990af54181bdb86d5fc97b6c87fa5c9f7f0d6eb1e3e70ec4d81ba0441e7ae163ff9e417fc4169f608661106baa97f693663fbf1346bf769196217fb900a3916202b6d30f7c85ba20e63f886201baf431602ecdd41a396878372504f9c8664c0f4c4c893461053b553c24685f1bf5c0890220239dbbfb3f98821bcef9562dcdddb94636381a071d62b89abb59a3b4f0b5699a898632fb7763168db77257d02e4bab46f7874ecc82baa281bfd59465b21dbde065700962b8af72342a763a1dad0ac4ac771b4046cac4316e450cb1d9d02d9ae063677ec0ce3006578c7428fa6676dbeb91bfaaae9aaa38e8da641cf6d7966ddadb573bb82606e5458db86a98037f9e83ac6389f9d28ab16aeaad3eaa291a03678c293f0758d7e565a95f8dad2dd38e67c26b53c620b2e6c2bf6bf095aebd33de9e973ee224ae8ea53292ce4a6758b4ea03aedb399f700f8b2a7cb5f1632bd8e123ab70186fa305b4c13a1a2e21489ef8f107c524babf0ebd3359672f8be741b3d6e8f8def0599eb916f1cdcd5f329cfb8f76a5e500d1f2dd2078bbcc080d07d2ea53c1dff02e629af9b6453fd81a087bec91a31d7647d94f3b2e70738739eed9a767f0733e41c6ef217a249a246d3bc7be4e0cb6a61f84e091230cb3b4b39d5d969e74fc04182e19aca7dcc6b869bfe79ca6a2405200095ed4c71b20e0537a7c9cee9938492998fa7c43af640d94001bebd1302b001d5bbdf47aed83be8474c017ed88cb1f5c35e8f27761a5cee03ec19a56048fe81f725b6ef00af3a2bbdadb7e8e6c2d8a11a2bcc814c3cb1841d70ba5bdaf4d07279273e2bcefbd9bb5b98fdee1e7ecd51cf095026e0d0f3b0c36de22b5592875cf6c8121592466cd90460dbae4fed3e992daaef141c448938b758333aaff883f86babf14b189b460c5724c0ed6261c86a7036296312c4d3e0ab3ead266e98bf0d65dfafcfb7149713848c65ff6cb1b85ad6cee48f394cc82d376681e187d2bc86a662f4e4d6ff523268d6f657a494c4f283b43e9f740ca916df9c385a0a5926eccb2e963405cdd7c2204497dcf9229a3789db0d13ca7396c8baa7203ebab2bf2ebab48c000a95171bb74758bf543e8ca724186242e988a9e8320ebdb5824538f40ba7af5a45141d369c0a2290926d2cfee76fecf87ea616a7e976c9b193d06c7b2fa8d10e50b9b51762cb252d165d553fc6d103c5d44e33d2a4955f358ebba778677db42310836194e63b2f761bcb1f06b2515d0aef6524a4c0808691eab1f86d0558a1ae1d77305d75a141a728d1436ce2bfd41e30bf10d25bf75fada1fc58c86222def5c229f7906ebe786527f592f069b1f2517299292103149de251b85ca945aa037b02320a3c4975d5106f76d8557138d210c1acf27b0121cd61b6f4a2e32055bcca5c358d7a930e427578095b0d167bc9fb88024f7749df0db20dd08618cc7c8df41b02e635b5551d9f45ee97db9dadcc2f4aacdcebd8332b398abe9f84f62e2a930e24d4e2bd0c78a5054386bbd5a5712d27b09bb93515d48db5978e2c94d4bc5dab8cac4d4fb345b3451762050bd66c0b049092f61921893830c75e2afaa619b29d10377a1ea61438c240b06ad7f6a42b3e6d71658000e190be194c172b68405eb92a90e15277686c53c3531398d2d9edebcffc4ecd2ffc1c9bf943bc9421eaa219097b6b6b58e67d2c6f4d27d1b249bec5b5d9bbfd50e9cdf8af5189b97bc68597df732d81dfc2eccf90528a5335be20c08b6ac2957caf8409f36f44016384ebac08b949a0c20f30c27e5e121a49b8cf8e2f1538b84134b10e3717c0ecc54a80101f16d304afde7a64c52b5de6b00cc741e32f1e9c3636a47202753d3e9292a32e9cdf45c2ce8bcfce4fb0223935ce9f9fb73bb47ef66682fe2c3051e96cd977fafe72bcfdcdf1ceb04fce1707a1e886d1415566f56ff1006604451dba98d777a11cac4a3e72e0dd77bd6f83425de8023b46f86989dc5c967dfb34bc118751e9405ba40e6fa39173feea1834871761bf04d0d27a571b29fb3dbf3f82bb6ae02aa7a1e65e19f25d1379f0390a8e98e6bff14ddb2001cb8e7539d3e7b4a486d65a41264ac0f72dc7059917b504db1686b6eabb8433ae0770ac9ec8fd58e2f5e3dc97f0e8e063d723d8564c5f5103d581b4aabcda1541ff70b02d1b46c135f93e7bf886c083f730a75ca6a0288072de16bd1939401ae7a1913032c06e7007ea2b0ff94b2078947147a51b4b57e67610a3534f2117e0668f2f41c47032d078f6ff2ad42d31cfc2c16cdf8c593946ccb368627a4975bc9b0b7ffe9f36689a9495960389b8760bbb120f37eefde0e3cb86c721247d08847e69ab6b9b164165b16df0f6270f28b676028162da04b70a6183b4789adb14d9234431460b8d17ac0943750c4cb11e212d9dcf6e129fc54a592876e5ba3a98ff7fa22b8ddad71b33b0a74a84cf28c7fac6150451b5e93dbfab49b115c8b38ccac0d8bd851ee62fe16d1b7540e17b9dd6ab1774c36ff1db962abce3ceab933eb60f60f3bfd29a08f473ee789abe2628466e277d9c1f7a4318747eb70331d241bdd4e0fe9f0cf82ae1fc3963ae9d8c67c1f9a98d60c1854bc2a6c60bec9b630eb6f543f650998a8f5849fafc4f5c096bb8a376c0f2bf23824d1931c58e5aea65e910f7727a16a41a250c17337882901c7a6b7a86e3c4ca944f4ba15cd7e7b9d71342f2b78239633b1f765d29f6be03c2ca5209397aba4b397b9a7f0d90ae62c3a7acdd85808e0a55a0773bfbae760c9812a61512e196d9a41f4df1ca474ea21713911f9d357358bd7fe3309f17026784d671607fa34a495b5e9199a985cbc89251d623ab824ceaa64f46fd32f1706cc1fb6e514bbc70371ab6f8ceda7a10b3f6f5f2d412b183af7497000ae68a6f92f257a96c736cb00ba4968c59ad6ae89a462911fd9cb670072fe89e4ad9f92a7b9238ea9ce597b7c2fc05f882f04e6a21c015c96a562c29bedd2db889a3a2dc8443728d191c4c9cf9dc922ecbafa70c361facb71326ed0e05e4b84658adbe141a6d5c1ab754181b3e258c0322d54db2c2ab041bfdabb8a4333b9c3977b1562308326b848a98d2cd914ab13019b17917d5e4295a824afdebed1cb1729aaae1bddf31866818bc12dac7502254e09e75f8ecc9331e2614b118fe7439b4e4f554ffc5add326a1568c32533c8805aa52c3950aeb023f1dcc1ab98caf0ccc818fd095f47e08545885858603f507d3fb76cccd8546e53f9f97574987e423fa6edb272b2fd42392c142255148f9cdbf77efa1c4079271fad4fa4e44cc3f553ed7de7d92af940d3e154e52a0aec7db32505fa1adb6465211a8"}}}}}, 0xfce)

1.118154204s ago: executing program 2 (id=1071):
ioctl$IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, &(0x7f0000000100)={@host, 0x2})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=ANY=[], 0x38}, 0x1, 0x0, 0x0, 0x240080d5}, 0x24044040)
io_setup(0x8, &(0x7f0000000540)=<r0=>0x0)
r1 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
io_submit(r0, 0x1, &(0x7f0000000340)=[&(0x7f0000000040)={0x0, 0x0, 0x0, 0x8, 0x4, r1, &(0x7f0000000080)="01fd0000fe", 0x5, 0x2a25}])

1.098429706s ago: executing program 3 (id=1072):
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000080)={0xaa, 0x501})
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4})

1.071515757s ago: executing program 5 (id=1073):
bind$unix(0xffffffffffffffff, &(0x7f00000002c0)=@file={0x1, './file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa'}, 0x6e)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x207, 0x4)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'bridge0\x00', <r1=>0x0})
sendto$packet(r0, &(0x7f00000002c0)="05031600d3fc140000004788031c09102c28", 0xfce0, 0x4, &(0x7f0000000140)={0x11, 0x86dd, r1, 0x1, 0x0, 0x6, @multicast}, 0x14)

982.157181ms ago: executing program 2 (id=1074):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000600)={0x3c, r3, 0x1, 0x70bd2a, 0x25dfdbfd, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0x8, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x20, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'bridge_slave_0\x00'}]}]}, 0x3c}, 0x1, 0x0, 0x0, 0x80}, 0x10)

981.995141ms ago: executing program 3 (id=1075):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000140)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@volatile}]})
umount2(&(0x7f00000002c0)='./file0\x00', 0x9)
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000040)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

981.879001ms ago: executing program 4 (id=1076):
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000000)={0x4000000, {0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}, {0x2, 0x0, @remote}, {0x2, 0x4e23, @loopback}, 0x1d7, 0x0, 0x0, 0x0, 0xfff8, 0x0, 0x4, 0x8})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1400000007"], 0x50)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r0, &(0x7f0000000000), 0xd)

915.413324ms ago: executing program 5 (id=1077):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'crct10dif-generic\x00'}, 0x58)
r1 = accept4$alg(r0, 0x0, 0x0, 0x80000)
io_setup(0x42, &(0x7f0000000100)=<r2=>0x0)
io_submit(r2, 0x1, &(0x7f0000000580)=[&(0x7f0000000200)={0x1000000, 0x0, 0x700000000000000, 0x0, 0x0, r1, &(0x7f00000005c0)="a5", 0x1, 0x0, 0x0, 0x2}])

867.478927ms ago: executing program 4 (id=1078):
r0 = openat$full(0xffffffffffffff9c, &(0x7f0000000080), 0x800, 0x0)
r1 = syz_io_uring_setup(0xbd9, &(0x7f0000000640)={0x0, 0xe826, 0x800, 0x1, 0x3c3}, &(0x7f0000000dc0)=<r2=>0x0, &(0x7f0000000100)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, &(0x7f0000000000)=[{0x0}, {0x0}, {&(0x7f00000002c0)=""/167, 0xa7}], 0x3})
io_uring_enter(r1, 0x847ba, 0x0, 0xe, 0x0, 0x0)

843.943788ms ago: executing program 2 (id=1079):
r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x2)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r0, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
ioctl$DRM_IOCTL_MODE_GETPLANERESOURCES(r0, 0xc01064b5, &(0x7f0000000080)={&(0x7f0000000100)=[<r1=>0x0], 0x1})
ioctl$DRM_IOCTL_MODE_GETPLANE(r0, 0xc02064b6, &(0x7f00000001c0)={r1, 0x0, <r2=>0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$DRM_IOCTL_MODE_OBJ_GETPROPERTIES(r0, 0xc02064b9, &(0x7f00000002c0)={0x0, 0x0, 0x0, r2})

804.73554ms ago: executing program 3 (id=1080):
r0 = io_uring_setup(0x61da, &(0x7f0000000380)={0x0, 0x17479, 0x40, 0x0, 0x17})
pipe(&(0x7f0000000180)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
splice(r2, 0x0, r1, 0x0, 0xf3a, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

758.153242ms ago: executing program 5 (id=1081):
syz_mount_image$bfs(&(0x7f0000000100), &(0x7f0000000400)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x4, &(0x7f00000002c0)=ANY=[@ANYRESDEC, @ANYRESDEC, @ANYRESHEX, @ANYRESOCT, @ANYRESDEC, @ANYRES32, @ANYRES16, @ANYRES32], 0x8, 0xa8, &(0x7f0000000140)="$eJzs0b9pw0AYBfAnKeRPkwyQHbJD2vSZQGXKVAmBuPI2XsUjaAMXat2cEbrCuDIGYxt+P7i7V9wHD771dvWa56T8J6WUcp/kKXP+/vn9+vyY7i7Vw8HLjWvreZx2/jLnzXuWi70/w/jXD036YSzVBQsDAAAna/NWU3P80F2S7lyNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAK7LLgAA//9yWCG1")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
getdents(r1, 0x0, 0x0)
getdents(r0, 0xfffffffffffffffd, 0x58)

757.979842ms ago: executing program 4 (id=1082):
keyctl$join(0x1, &(0x7f0000000280)={'syz', 0x1})
r0 = request_key(&(0x7f0000000040)='keyring\x00', &(0x7f0000000100)={'syz', 0x1}, 0x0, 0xfffffffffffffffe)
keyctl$setperm(0x5, r0, 0x202000)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/keys\x00', 0x0, 0x0)
lseek(r1, 0x40000007, 0x0)

749.634273ms ago: executing program 2 (id=1083):
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x7c8})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000200)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
readv(r0, &(0x7f0000000100)=[{&(0x7f0000000040)=""/121, 0x79}], 0x1)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)

690.109085ms ago: executing program 4 (id=1084):
openat$dir(0xffffffffffffff9c, &(0x7f0000000280)='./file1\x00', 0x221c0, 0xac)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000005c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}, {@nfs_export_on}]})
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000000)='./file0/file1\x00', &(0x7f00000003c0), 0x0, 0x1400)

569.509171ms ago: executing program 5 (id=1085):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000000), 0x143040, 0x0)
r1 = io_uring_setup(0x775e, &(0x7f0000000080)={0x0, 0xfd34, 0x0, 0x2, 0x86})
close(r1)
preadv(r0, &(0x7f0000002e80)=[{&(0x7f0000002dc0)=""/127, 0x7f}], 0x1, 0x1ff, 0x9)

569.228211ms ago: executing program 3 (id=1086):
r0 = socket$pptp(0x18, 0x1, 0x2)
r1 = socket$pptp(0x18, 0x1, 0x2)
bind$pptp(r1, &(0x7f0000000000)={0x18, 0x2, {0xffff, @local}}, 0x1e)
bind$pptp(r0, &(0x7f0000000000)={0x18, 0x2, {0x0, @dev={0xac, 0x14, 0x14, 0x10}}}, 0x1e)
connect$pptp(r0, &(0x7f0000000700)={0x18, 0x2, {0x0, @multicast1}}, 0x1e)

568.816361ms ago: executing program 4 (id=1087):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0201, 0x0)
writev(r1, &(0x7f00000014c0)=[{&(0x7f0000001500)="e43838c9b5123926c70ea501b643f56e5cf42958ac77d51157e81c4bda1ccb578350b45a33a88ac6834bd9c4afb3ec3575c44ab9ec23b5466e441414cb67eeb5f447198f144b8c0982088a31fc8cdbc481d0fc2e4d3d2531a1ba36bdfd457aa367d1caf35f4958bb1fb7550054d42942b40acb9df8a7c29bc3842c5fe79b0b619d9a", 0x82}, {&(0x7f00000015c0)="47233c0d41faacf48636d5bf0766080bba8147f2fcf75061590dc44f012934392c8919208b0cd2a685501f71288bb584879aad8f3a019343bc560f4ddfad2a21026a46a903cedfac577d3871b4345b4e2f646e05f659644f39b527a6e92d942660d80bc3ce3f20f766efb729444e35cb6519bb6560ac777368d6c3805eaa895272c8a7ecfbd5fce664194acc077d9add356cd199a6e26d61328416ef25ab53ac2a7cc55a95e412677dfcbfbe82c4f5cc8bc1f2da3e4ba666c234e7674915159dbb1b3faa26b309e3cb2d1633e4e8fa49a14d92628764371b53ee5f720d181272c8739981807208088ac271107e54ac1d2b61e7f2e22a41ce73f47cba54b5cc5b50ad7ee316357e041364d5f1073d915acd2770076a45c8b00896586e84e5aa3956ceff3eb0182293f3beb53a550eb10b0aca2ba3031c490495d327f099ae05fe7489b6bf18055efcf21adffd5cb7562ccc13e0a78be8917981741c69fb33388436e214f70d8af4d45316fb7f2028ba60a2b10753e74266ffd3fbd72dd452292fbf71d82ebdd9668eaf213334c2133534beb1ad3ec4ac7f8defe7fd236e032c7f15093717fe297cd6f45d7bb97942cbaac89f437196f47eb8a82ff9dc684df93f59ed65d455e469c1faddaeb1284637b9d6c057712e71ae9828d998cf5375058406186b8778257329c3e98a77f19e4ba82498a163b59bdf97685385dab5beca59ad6e4f0240b0e74ef1921fdc2512879535e9b894462b4d7b9df5bd97a67d0642db30f4a93f692c624b39187d35f8912eeec45b29af1e14fdc38b14243f81efdec614b5d0be55fa50b0a6cf079e3ddb3d454f29f460b3f2237f3e3d2f2642169d4f082122a237dc18b0563324d0043ff3067dd510ef5dec4ee11865fda85561e6e9bbd1935fb9e8eb4ff26dffb889d6b1ca6d001330511d22e5bf6e12e1ed35389e055bb10ca458d70a2858b158c9525be3830f2d706279b58c1b0465e60d682c82d36211b0b7ebe5a760593d2a9e185e581453c580cd58d297be5e0d5bb198a9817dac52472b5712b272a69f4dee533af0d7b1126ae687a5add9d9b022444b7624e9f33747c7025c942711079eaa8a561ba0498e4de617aa83d9f968f13bb042b17593df474f0e18a9b329a180a1c6a7906d937c0d76847f50aaac2596486b5aa18746db9cb8279fbf349c9278eb9e1a3fad0698fbff236e442d6124bc6a992cebc4333f2adeb806885530446cb79de3c5c0108c686be8e5ae09c5b80a7a3e95c105bb852912f1df0c9752bb0b5a606cb1155fd4afa8be7ebf77e306aebe884a3b802c18198e4d0f3dc4bccbca381a024c7face6999e1dd94b279154e4904e883df77b1cb86537cccc879a258ea06e0add8926495316b6bee17e8d2d8f54cdd8cf3143119fe75b08f3cbf2212191e5565a2fbb70ffc6b947faaf9514a3796d694427efb03ce6bd7b03299352f2eeee1315685a8a2bc680aa8c8d037a5597eae44380749e72b6a81288318b22ae28f4860308e7c250f6e836f242827c178526ccbffcf50ca280a04769db229dc4e2f18ff342ebfb767b5090f3440e515143454c898faf4649e34e1500630986374300cf15a358796a775a55fb46ecd7c173fa7814ba6950f594cd341ec686fbb09ba82c5a1c2f6ba43d0fb56b20bb913cfb38268067e61e2aaaf86f248f7e814489fccd9964758dcb0bb2cd4e7af3e20de0d56a0b6da14f1e76b6ce307f4b62582383540513086b7aa4b419e43284437af08758c6af1c86033c0205b14e7e46b765059846d0447362bc0941c762ddd40e56c9845bb5e0c814579dc46f5360eedef5d451ed53556013b59b4997078e79605b1b70e777790b4116ab280ae6ca2e186df643f99745f56ccb8940d0e63ee6d447d17503af5b2eeda8099aa999e1cf6b6ac016a4710e5ff229254e21428b45e110581678e67933c378d8e5b7044cadfcdb9960ecd21dfd2d608ed1effaccfac1e786b244a983a0c87990040925e86d79881a8be6a73676c779141edfcaec1c431bf64ab4a0f8cb24ccddcee907b3347ddb1678d486ffe21d4d183c9c85b33aecdeb5e791cca39f6c83123b227ebe609aaac49a2a1cf90aba065c64d7f63755dc96b94559c198317d6b84c0b037ed909ddb5c396e2684cc2fc1bac27d94542c0440b0401973e85d02afcc4605832ea80c29591504089b7a663231e9eb00a7457e2c7e124968700ec54b8267d0312c1c1ace66f8fa0ec1cd22f7d58da698145a83e646c6743ca8e5dcc8d37d0bc2075f77ba9e2ba5bf205af5a6ef03493ead8449d9d4043e93224a45afa52877b4957e34d0246d7ed370a5f944236572bb7fa244e6c0dde0607190b3d67217027a1d7b22b56d89ba2b6cd396b1b083468ca2fff29f55da87dcb3d8f667c17ef90168b1fe35abea8c9f9c6f47745cd013f8590477c3279f0884cd49c56c6319a0a60cea7dedadcb8be9460e16c7d90d810f5680d39523d855936cee9e873b7a2b5df1e8f185c21362882c3d6f8c21efe16cc9298bd602dca05444ae762730df51fb1699b6000d4aa48e01b469b47d1ac0f9663b88e1936583a658b9f11d0162683763ff690280842652d4eab27964679a5575a70ca1272da81795c40a24fd87db25decbbf897f8d96b9af0aa2e5099adfe99616b6413efae0868835b2936b5e56aa2d8b7a1e2ac15894f336ffe1f93c30062ef5d94f410ce5f8dfb1bba56c2e4b3dea970f3b29b9742655dd5b3d1642fd4161f1c2f32b7138165a5a7ca04b591c275c0d6ab3b6f94c953ba5021cb6e2c184474ac1564b24d006d25fe71f5914d560a555df112314712581fba9533d52136ca0cdd1049ff2750e8a0f87a7cbe333697ccf09ee20097f8b093368b3a61a45187a3504e8cf76b45a5450094d5b0af794a14605a14ed663a03662fb8e64cd65043603776ce89f17482e6d387bf09f997f5a00e64c7cbd817cb012c04d82d858a08c3f962348da45be845156373a159e87e5138269db95532ce3c486c4e67a1c3052e30b6fc998007e17b2ba6e2c0f1d0d91a23f105642037c00ee68e47c565ffdf0abb8f831742ac9a2b9818249ca6e5d2348c43f483c1aa7c501a9913213c65f976e7e56019ef51c0b31a52eba220505a0d8ab601fd03159714f016ba39597c9aca5e63eb8f48d6fdf8155a8452e9756037b1be5c4caf740accca30b84ccd05402ea3ca0ee0474e3b635d11c6a40cc31e7c3833f8d5a1ee1e220c0372a116fd5686f6f5ec8a7e53364ff9b29319f1baec9786aafd25c1650c99bc5651d6f03509818092c40565b30e9fcce5fa8047371efb3f0253873895d564534128971aef0002d950925d150ed6b4f9afbc8ad3649887ec55836aa6372fcf4de77261b8267b171e985457bea98da59ecb7a4387632c908e419ba6e27013381673789ed0883491a83d375d9e85b35f20b6946e58dc2fd5aae387c57c7feb35533e5e9e31fe4052feaeb6df053af6ccf25a6180e38a52a57f7fde39757a527ae17afc89a0b9b1c571aea5aff56b98e23e26cc9fa40c55526c311ff118881a5df624ee57574c54bdcca5cf1aac2d6f267720f39cf0abaeb12266559622acac01172e75f68822d22a9b6aeb1c671783b5ec00c904638cce3d3222558153c21d8671c510cf22463f88bcfb6d3a363e9afb1bb1e7af2cfa9a578292d40b27cdc2b93500cb1bc71143fc1b89018ad826965dda41d136cdeec00f5bcda2bbf091cb613a45d5921d40240150ec5b07e8d6795cfea05b7c306413a821db023aeb612385ba81b20fad6e85085093dac364175ccb9d1b7556f6cfd57d6236d62842f670090f656996ef63f8d429e861a02937df613c2164b500a8c6efb886b05f88799c580c01d3774f2940c21343e8a8836c7c095e4166f57e11c44bee6a89d3d5c67702d5e7b57a8f7085fc228f831710d1ff4862ada2b3b2600000000000000001c13990c5188d89bf9a422002fa2286a6927034e7f36fc66402d09646e2306cd0ad67ee220e2c83cc964a22810e571c911db1ae5841ca22e0f617fa34827de13709480cbe40fb553bc3feb4a46d294e1181831b5953311fcafbb4d7eed58d7c20045eb368e64342c1617116592439a2f67e45df8d7c159bcfd33e031bc8f29e93c3af2e63bcf53886c5ea9866e483bb7e3538fb6d9051dc9359055f87a2c6027670e9aa47e86c885136d901a398cd1e1e4c2e808f1083b78e80f99c7ecb4a17634123f2e82b2897def1d76e20dde416a58f79160aa3845976708936d50812fbde54af0be18a631c66af2b8c12fdc4a15b9b149b3604e4550eaf58c1f469b4c4d288e806e0c4b8f3838d887f8fb8903ecbcbe57fe4211b35ba659f91f674cbf5bf4a6e5131509c815ff8b7a21b765d5d59bae06aba8935ee3ed660c35db11eca36629fc047df5d7b4689404a970623e43a2d6772863f60ff50532e4ba47727a5c7f564484e40e24cfac0f028e70b20c5cafcac3f539a75d4a317517bd54bff99a1ab028760e0a260494b51af99f0fdd56cfea800ea7e651782f14c165e524060b9304986dd5e74cc60dbaed18b77f5ac2569aec87a47443a3b1d376acd04c312e3a0596ea4907160129679c005dbc9fa62ef718806904d03aa09dd3891a68875c8b53ce79b02f4182439d49083a0953e61255b6ed16efc99e29ee2220c1bfd2a1af27a78941a3edcb6aed890a165a5e629979980cdd07d4fa3e316020bd7b4a202430b1ec0a6345f1e62f90c1e0fd31d5cb4c880157d3f071b33de7e192e4c3512c43a50e0a6bbb56145e742b2a623cc6cea24f5fb09649aa0b76a420bd096f90cb7a7270cd85f73e972d9d4de24bc0fa937bbc85b2ee7392f2b3dd0d64ef942c3f78078d59dbcf6d2fa23f29986ea57eb7bcdf38d78ead6f2c73c88b8d20dac166853e3d4e9230984bc3f5da7d16da9c3ea501472823653a1ee47cee5ea2b6e9278bc7039eb5d9d6e74c02de912e4409f094c2941e2a38d3905350d83a50a2da75828084df128a3e82dc55b7ddaa1f6061a81c040a0628bcafa3c4b1b67a4c81f5adf93574de75dd0bba095bad93a0b764973099917d1bd5da04b576beb7d19274d8a71bbe6784c317b5136dfffee6a318b5905b244ffaadf9799ce04310ba171fbb0ba1a8899a5a636cfe17bedcfa7d0376f7065d50bba64ca17ebac776af64554e115baa3fcf8282936e9faac0f62c4f2378b58280e19d98904d049aa1a7b5a1788fd28f7b04721e6dd494733ac52fdb4523b020b8bebdd43bd81b3b85120ca7b4c15c2dae421503301d39eecc637d97ddada1335e8735ca2f7e3d4cf8735af28329e6564cf312492172eda16aff65b4eb8000aafbff0b4bfe0a579e8bc85eba190ad09e442ecd88ab4cf0e817a672c5f691286b308bba5244423adce4b6b265f915f2ec57cc35769cbc7c30113da31ce2349daab88226b08266d9a7dfc2dbbcfb817aa0a87f453d760412325e5dff8a8d59101f8ea12561eb3e2ed6865b71f7e72e418b66d23e4a4382d6ea96f7cd6cd6a921907227c449858cc0d6917ea9a4abff39a94a1b2693d6ab941525d848ddee5aee637e3a0db3e2b42c1bf5e11a5c000f8318c871c7cc29522e02cb", 0xf7f}], 0x2)

434.122318ms ago: executing program 3 (id=1088):
r0 = openat$ashmem(0xffffffffffffff9c, &(0x7f0000000500), 0x16b042, 0x0)
ioctl$ASHMEM_SET_SIZE(r0, 0x40087703, 0xfffffff3)
mmap(&(0x7f0000701000/0x1000)=nil, 0x1000, 0x0, 0x12, r0, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
read(r0, &(0x7f0000000000)=""/183, 0xb7)

418.193469ms ago: executing program 3 (id=1089):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000600)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6469725f726573765f6c6576656c3d30303030303030303030303030303030303030332c726573765f6c6576656c3d30303030303030303030303030303030303030362c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c636f686572656e63793d66756c6c2c6e6f61636c2c004c98065b85e5b137d63b2211c62c402045083da9bddc3b0d88d44ecd24ba5288d428197284f332858b83349af2c7646f1e07e91120d7f23ce20389bbc031d81d654f1ca08f61c92d90e6ea478843c1ad942c7c257f9ff5348dd038e947775991ad90f8861dada21d5fa2de7042b5e2cbbcd1ada2b568e375812eb0bc448e68eda4c70cf1d5adf566142ed45924fe72a1eb1a914faf754b9d94bf0fdc1f98c708bd89940b5ef96e328240c39559b35bc83c15c15104f3b3fe1945f0278c34e2399dadcd9776ac659afcbb239569140ab408ad87f15b353941"], 0x1, 0x442a, &(0x7f0000004480)="$eJzs3c9vVNUeAPBzb/seLQ94LY8FLzFxEkk0apqWlVoSSymUFioGhRg3w7QdoDrtkHZqXLCoOxJXJi6MC6KJu65IF27xT3DjEtckunBjQkKsmZk7be/tTDrWTivk80nonXt+z3znnjl3cTlxonJ7bik3t5QrLOTKMzeXTuc+KZeW54sh3icH3T/t6UScxP7gXDl34b3rp0P4Yfanx+vr6+uhqjs0NbTl9e+/3Z3ZemyIM3Wq7TZvba98GEI4sW1cVV0hhA++DyEKIZxN0kaTY28I4Vio512/+/mN3B6N5sGj4pn806l7a8OnJlfvr7V+71EIX5f+//qt+V9e6hr++dU96h4AAAAAAAAAAAAAAAAAgGfc+NUr194dHAoPo9C9Gm1/Xnc8ObZ6PnZ9z7zY1nifJKX/7vsGAAAAAAAAAAAAAAAAAACAf5LN5/9z0fEmz/+PJceRFvXX3+78GOmciXeujJ0fHEr2f4+25b+RJP16tiv0N9n3Pbv/+9lM/eb7v2/vZ7ca42v02xeieCB1HscDAyF8m2z8fjI6HJfKS5XXbpaXF2b3bBjPrHT867v3p6KTbOjfbvxHM+13fv///237NlXPb+zdV+y5lo5/V8ty330WtRX/c5l6+xF/di8d/+5aWu/WAiP1CaAa/y+6d47/WKb9TsX/WAghF1XHmkvNANU1TDW91XqFtHT8/1VLS02dyQfZ6vp/kon/+Uz7BzX/r2R/iGgqHf9/19J6UiU2r//+eOfr/0Km/YOIf3X8K37/25KO/6F6YneqSO2TbHf+H8+036n4X4uTcR6LUt+A1aie3ur/qyMtHf+ebfmb939xW+u/i5n6+3X/1+i3cf/XmP5fier3fzSXjn9vy3LtXv8TmXqdnv9Haus/disd/8O1tPTaua/2t934T2ba71T8a6uSnkb8N+eTPw7V07+x/mtLOv7/qSfGW0us1P7W1n/Rzuv/S5n2D2L9Vx3/StzZXp8X6fgfaVmuGv8f2/j9v5yp1/n4hzBorb9r6fgfbVmudv337Bz/qUy9Tsf/5U42DgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAMGE2OfSGKB1LncTwwEMK55PxkOBxNF2bz06XyzMdLIYwl6blwPLpVKk8XSvm5hfJsMV8olcozIZxP8k+EnmipVK7k5wt3Lmy01RvdLhYWK9PFQiWEMJ6kvxCONtqanqvMF+6EEC5u5P03Li/euV1YyM/OLb41ODg4GCY2xtAfFT+tFBcq9d7ruSFMbtTti7YMrpZ9aWMsR6KPysuLC4VSLf3yljql8kyhtKXOVJL3ZeiPKovLCzOFSjFfKt9q9HeQRpLj2MTV969eHtqWfyOqH0f3d1gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/EUPh9/8KoTQXT+LQwi5KHkRJf9SHjwqnsk/nbq3NnxqcvX+2uNmZQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiTHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzSP0oDQRQH4DdjoaXHsFp2O9sVRbRwRfAEegwPo0fxEt7BIkXaFCGQzELYP7BNUn1f82B+zLwH8wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACWe3zr3l/rJiLF1fYy4vfz7/84fy71+276/sUZZuR0nl66+4e6Kf+eRvltOVq1eZ9u1l8fMVF7P4M9Ge7TwbjP0Ny+zc3X972OlKuIaEt+k3KuqmVvAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOzYgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwg4cCwAAAAAI87eOom8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4FcAAAD//0OnJ0Q=")
syz_mount_image$fuse(0x0, &(0x7f0000000a40)='./file0\x00', 0x80, 0x0, 0x1, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000300)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
mkdirat(0xffffffffffffff9c, 0x0, 0x1c0)

0s ago: executing program 2 (id=1090):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
write$dsp(r0, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x0)
unshare(0x400)
ioctl$SNDCTL_DSP_CHANNELS(r0, 0xc0045006, &(0x7f00000002c0)=0x6)

kernel console output (not intermixed with test programs):

22828][ T4232] zeroplus 0003:0C12:0030.0002: unknown main item tag 0x0
[  126.739472][ T5717] netlink: 4 bytes leftover after parsing attributes in process `syz.3.379'.
[  126.751914][ T4232] zeroplus 0003:0C12:0030.0002: unknown main item tag 0x0
[  126.773699][ T4232] zeroplus 0003:0C12:0030.0002: unknown main item tag 0x0
[  126.788562][ T4232] zeroplus 0003:0C12:0030.0002: unknown main item tag 0x0
[  126.796104][ T4232] zeroplus 0003:0C12:0030.0002: unknown main item tag 0x0
[  126.803885][ T4232] zeroplus 0003:0C12:0030.0002: unknown main item tag 0x0
[  126.812123][ T4232] zeroplus 0003:0C12:0030.0002: unknown main item tag 0x3
[  126.820009][ T4232] zeroplus 0003:0C12:0030.0002: unknown main item tag 0x2
[  126.827444][ T4232] zeroplus 0003:0C12:0030.0002: unbalanced collection at end of report description
[  126.837762][ T4232] zeroplus 0003:0C12:0030.0002: parse failed
[  126.845381][ T4232] zeroplus: probe of 0003:0C12:0030.0002 failed with error -22
[  126.970645][ T4232] usb 6-1: USB disconnect, device number 3
[  127.926947][ T5732] loop3: detected capacity change from 0 to 32768
[  128.012544][ T5732] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop3 scanned by syz.3.383 (5732)
[  128.089853][ T5732] BTRFS info (device loop3): using blake2b (blake2b-256-generic) checksum algorithm
[  128.139655][ T5732] BTRFS info (device loop3): using free space tree
[  128.166468][ T5732] BTRFS info (device loop3): has skinny extents
[  128.185190][ T5764] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  128.927437][ T5802] loop2: detected capacity change from 0 to 8192
[  129.090434][ T5802] syz.2.398 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  129.671084][ T5776] loop6: detected capacity change from 0 to 32768
[  129.735239][ T5832] Bluetooth: hci0: command 0x0401 tx timeout
[  129.832233][ T5776] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop6 scanned by syz.6.395 (5776)
[  129.898621][ T4867] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  129.904933][ T5776] BTRFS info (device loop6): using crc32c (crc32c-intel) checksum algorithm
[  129.948317][ T5776] BTRFS info (device loop6): setting nodatasum
[  129.975894][ T5776] BTRFS info (device loop6): force zlib compression, level 3
[  130.036666][ T5776] BTRFS info (device loop6): setting incompat feature flag for COMPRESS_LZO (0x8)
[  130.060991][ T5844] loop2: detected capacity change from 0 to 512
[  130.078538][ T4306] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  130.117265][ T5776] BTRFS info (device loop6): use lzo compression, level 0
[  130.162795][ T4867] usb 6-1: Using ep0 maxpacket: 32
[  130.168319][ T5776] BTRFS info (device loop6): turning on flush-on-commit
[  130.221895][ T5776] BTRFS info (device loop6): enabling auto defrag
[  130.248940][ T5776] BTRFS info (device loop6): max_inline at 4096
[  130.278518][ T5776] BTRFS info (device loop6): using free space tree
[  130.289141][ T4867] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  130.321680][ T5776] BTRFS info (device loop6): has skinny extents
[  130.331282][ T4867] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  130.397485][ T4867] usb 6-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  130.435839][ T4867] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  130.483130][ T4867] usb 6-1: config 0 descriptor??
[  130.498685][ T4306] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  130.514346][ T4306] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  130.524319][ T4306] usb 4-1: New USB device found, idVendor=2006, idProduct=0118, bcdDevice= 0.00
[  130.533590][ T4306] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  130.543720][ T4306] usb 4-1: config 0 descriptor??
[  130.772242][ T5776] BTRFS info (device loop6): enabling ssd optimizations
[  131.013027][ T4306] hkems 0003:2006:0118.0003: hidraw0: USB HID v0.00 Device [HID 2006:0118] on usb-dummy_hcd.3-1/input0
[  131.031276][ T4867] ft260 0003:0403:6030.0004: unknown main item tag 0x0
[  131.048522][ T4867] ft260 0003:0403:6030.0004: unknown main item tag 0x0
[  131.055349][ T4306] hkems 0003:2006:0118.0003: no inputs found
[  131.097543][ T4306] hkems 0003:2006:0118.0003: force feedback init failed
[  131.127154][ T4867] ft260 0003:0403:6030.0004: hidraw1: USB HID v0.00 Device [HID 0403:6030] on usb-dummy_hcd.5-1/input0
[  131.235817][ T4306] usb 4-1: USB disconnect, device number 9
[  131.287813][ T4867] ft260 0003:0403:6030.0004: chip code: 0000 0000
[  131.374842][ T5890] fido_id[5890]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[  131.508873][ T4867] ft260 0003:0403:6030.0004: failed to retrieve system status
[  131.545342][ T4867] ft260: probe of 0003:0403:6030.0004 failed with error -71
[  131.567279][ T5896] ALSA: mixer_oss: invalid OSS volume ''
[  131.593636][ T4867] usb 6-1: USB disconnect, device number 4
[  131.713376][ T5898] fido_id[5898]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/report_descriptor': No such file or directory
[  132.229238][ T5878] loop4: detected capacity change from 0 to 40427
[  132.275958][ T5878] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  132.342300][ T5878] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  132.386667][ T5878] F2FS-fs (loop4): invalid crc value
[  132.438002][ T5878] F2FS-fs (loop4): Found nat_bits in checkpoint
[  132.578683][   T26] audit: type=1326 audit(1774072929.414:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5936 comm="syz.5.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0be5cf4799 code=0x7ffc0000
[  132.616307][ T5878] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  132.639797][ T5878] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  132.646198][   T26] audit: type=1326 audit(1774072929.434:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5936 comm="syz.5.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0be5cf4799 code=0x7ffc0000
[  132.769294][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  132.788703][   T26] audit: type=1326 audit(1774072929.434:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5936 comm="syz.5.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0be5cf4799 code=0x7ffc0000
[  132.815066][   T26] audit: type=1326 audit(1774072929.434:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5936 comm="syz.5.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f0be5cf4799 code=0x7ffc0000
[  132.838514][   T26] audit: type=1326 audit(1774072929.454:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5936 comm="syz.5.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0be5cf4799 code=0x7ffc0000
[  132.862111][   T26] audit: type=1326 audit(1774072929.454:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5936 comm="syz.5.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0be5cf4799 code=0x7ffc0000
[  132.900370][   T26] audit: type=1326 audit(1774072929.454:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5936 comm="syz.5.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0be5cf4799 code=0x7ffc0000
[  133.004452][   T26] audit: type=1326 audit(1774072929.454:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5936 comm="syz.5.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f0be5cf4799 code=0x7ffc0000
[  133.034449][ T5907] loop2: detected capacity change from 0 to 32768
[  133.081614][   T26] audit: type=1326 audit(1774072929.504:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5936 comm="syz.5.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0be5cf4799 code=0x7ffc0000
[  133.180232][   T26] audit: type=1326 audit(1774072929.504:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5936 comm="syz.5.429" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0be5cf4799 code=0x7ffc0000
[  133.217232][ T5907] XFS (loop2): Mounting V5 Filesystem
[  133.310909][ T5907] XFS (loop2): Ending clean mount
[  133.369492][ T5907] XFS (loop2): User initiated shutdown received.
[  133.389923][ T5907] XFS (loop2): Log I/O Error (0x6) detected at xfs_fs_goingdown+0x6d/0x150 (fs/xfs/xfs_fsops.c:495).  Shutting down filesystem.
[  133.409586][ T5907] XFS (loop2): Please unmount the filesystem and rectify the problem(s)
[  133.428511][ T4867] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  133.511359][ T5228] XFS (loop2): Unmounting Filesystem
[  133.595417][ T5958] loop5: detected capacity change from 0 to 16
[  133.747334][ T5958] erofs: (device loop5): mounted with root inode @ nid 36.
[  133.798888][ T4867] usb 4-1: config index 0 descriptor too short (expected 8292, got 100)
[  133.807291][ T4867] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  133.809473][ T5958] erofs: (device loop5): z_erofs_lz4_decompress: failed to decompress 1929 in[58, 4038] out[2639]
[  133.838745][ T4867] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2
[  133.847736][ T4867] usb 4-1: config 1 has no interface number 0
[  133.874109][ T4867] usb 4-1: too many endpoints for config 1 interface 1 altsetting 0: 222, using maximum allowed: 30
[  133.914176][ T4867] usb 4-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  133.932948][ T5958] erofs: (device loop5): z_erofs_readpage: failed to read, err [-117]
[  133.958280][ T4867] usb 4-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 222
[  133.991987][ T4867] usb 4-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping
[  134.020676][ T4867] usb 4-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  134.238857][ T4867] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice=17.40
[  134.268404][ T4867] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  134.276537][ T4867] usb 4-1: Product: syz
[  134.333534][ T4867] usb 4-1: Manufacturer: syz
[  134.338188][ T4867] usb 4-1: SerialNumber: syz
[  134.612060][ T5975] netlink: 3 bytes leftover after parsing attributes in process `syz.4.442'.
[  134.638363][ T5975] 0�X���: renamed from caif0
[  134.655458][ T5975] A link change request failed with some changes committed already. Interface 
60�X��� may have been left with an inconsistent configuration, please check.
[  134.716458][ T5977] mkiss: ax0: crc mode is auto.
[  135.299694][ T4867] cdc_ncm 4-1:1.1: bind() failure
[  135.509332][ T5820] usb 4-1: USB disconnect, device number 10
[  135.683322][ T5997] loop5: detected capacity change from 0 to 32768
[  135.834620][ T5997] 
[  135.834620][ T5997]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  135.834620][ T5997] 
[  135.862193][ T5997] 
[  135.862193][ T5997]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  135.862193][ T5997] 
[  135.873192][ T5997] 
[  135.873192][ T5997]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  135.873192][ T5997] 
[  135.883802][ T5997] 
[  135.883802][ T5997]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  135.883802][ T5997] 
[  135.894342][ T5997] 
[  135.894342][ T5997]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  135.894342][ T5997] 
[  135.907423][ T5997] 
[  135.907423][ T5997]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  135.907423][ T5997] 
[  135.918040][ T5997] 
[  135.918040][ T5997]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  135.918040][ T5997] 
[  135.933489][  T277] 
[  135.933489][  T277]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  135.933489][  T277] 
[  136.013063][ T5997] 
[  136.013063][ T5997]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  136.013063][ T5997] 
[  136.024941][ T5997] 
[  136.024941][ T5997]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  136.024941][ T5997] 
[  136.035477][ T5997] 
[  136.035477][ T5997]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  136.035477][ T5997] 
[  136.046015][ T5997] 
[  136.046015][ T5997]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  136.046015][ T5997] 
[  136.076556][  T277] 
[  136.076556][  T277]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  136.076556][  T277] 
[  136.135492][ T5988] loop4: detected capacity change from 0 to 32768
[  136.199635][ T4546] 
[  136.199635][ T4546]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  136.199635][ T4546] 
[  136.273697][ T4546] 
[  136.273697][ T4546]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  136.273697][ T4546] 
[  136.333945][ T6013] loop3: detected capacity change from 0 to 512
[  136.358797][ T5988] XFS (loop4): Mounting V5 Filesystem
[  136.412798][ T6013] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  136.439332][ T6013] EXT4-fs (loop3): couldn't mount RDWR because of unsupported optional features (6000000)
[  136.478742][ T5988] XFS (loop4): Ending clean mount
[  136.533647][ T6013] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities
[  136.591241][ T5988] XFS (loop4): Quotacheck needed: Please wait.
[  136.664919][ T5988] XFS (loop4): Quotacheck: Done.
[  136.667372][ T6029] loop5: detected capacity change from 0 to 256
[  136.836332][ T4186] XFS (loop4): Unmounting Filesystem
[  136.870444][ T6032] loop3: detected capacity change from 0 to 512
[  136.918832][ T5820] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  137.044211][ T6032] EXT4-fs error (device loop3): ext4_orphan_get:1400: inode #15: comm syz.3.458: iget: bad i_size value: 38620345925642
[  137.060657][ T6032] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.458: couldn't read orphan inode 15 (err -117)
[  137.148771][ T6032] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=continue,delalloc,data_err=ignore,journal_ioprio=0x0000000000000002,data_err=ignore,nojournal_checksum,,errors=continue. Quota mode: writeback.
[  137.181581][ T5820] usb 7-1: Using ep0 maxpacket: 16
[  137.327095][ T5820] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  137.368481][ T5820] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  137.437757][ T5820] usb 7-1: New USB device found, idVendor=0c12, idProduct=0030, bcdDevice= 0.00
[  137.479047][ T5820] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  137.525169][ T5820] usb 7-1: config 0 descriptor??
[  137.736574][ T6063] loop5: detected capacity change from 0 to 512
[  137.826940][ T6063] EXT4-fs warning (device loop5): dx_probe:878: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  137.862635][ T6063] EXT4-fs warning (device loop5): dx_probe:881: Enable large directory feature to access it
[  137.882584][ T6063] EXT4-fs warning (device loop5): dx_probe:966: inode #2: comm syz.5.466: Corrupt directory, running e2fsck is recommended
[  137.983447][ T6063] EXT4-fs (loop5): Cannot turn on journaled quota: type 1: error -117
[  138.016651][ T6063] EXT4-fs error (device loop5): ext4_iget_extra_inode:4566: inode #15: comm syz.5.466: corrupted in-inode xattr
[  138.019162][ T5820] zeroplus 0003:0C12:0030.0005: unknown main item tag 0x0
[  138.062508][ T5820] zeroplus 0003:0C12:0030.0005: unknown main item tag 0x0
[  138.078634][ T5903] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  138.088666][ T6063] EXT4-fs error (device loop5): ext4_orphan_get:1405: comm syz.5.466: couldn't read orphan inode 15 (err -117)
[  138.088818][ T5820] zeroplus 0003:0C12:0030.0005: unknown main item tag 0x0
[  138.121482][ T6063] EXT4-fs (loop5): mounted filesystem without journal. Opts: dioread_lock,noblock_validity,auto_da_alloc=0x0000000000000004,jqfmt=vfsold,nolazytime,grpjquota=.nouid32,resuid=0x0000000000000000,barrier=0x0000000000001000,grpid,,,errors=continue. Quota mode: writeback.
[  138.136578][ T5820] zeroplus 0003:0C12:0030.0005: unknown main item tag 0x0
[  138.180561][ T5820] zeroplus 0003:0C12:0030.0005: unknown main item tag 0x0
[  138.201145][ T5820] zeroplus 0003:0C12:0030.0005: unknown main item tag 0x0
[  138.219169][ T5820] zeroplus 0003:0C12:0030.0005: unknown main item tag 0x3
[  138.254366][ T5820] zeroplus 0003:0C12:0030.0005: unknown main item tag 0x2
[  138.269292][ T6063] EXT4-fs (loop5): shut down requested (2)
[  138.272163][ T5820] zeroplus 0003:0C12:0030.0005: unbalanced collection at end of report description
[  138.277954][ T6063] EXT4-fs warning (device loop5): ext4_empty_dir:3147: inode #2: comm syz.5.466: directory missing '.'
[  138.306633][ T5820] zeroplus 0003:0C12:0030.0005: parse failed
[  138.314237][ T5820] zeroplus: probe of 0003:0C12:0030.0005 failed with error -22
[  138.336179][ T5820] usb 7-1: USB disconnect, device number 2
[  138.488707][ T5903] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  138.497815][ T5903] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  138.543750][ T5903] usb 5-1: config 0 descriptor??
[  138.589703][ T5903] cp210x 5-1:0.0: cp210x converter detected
[  138.633399][ T6090] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci3/hci3:200/input7
[  138.758367][ T6098] loop5: detected capacity change from 0 to 512
[  138.814085][ T6102] 9pnet: p9_errstr2errno: server reported unknown error 0x0000000000000004
[  138.843645][ T6098] EXT4-fs (loop5): 1 truncate cleaned up
[  138.908710][ T6098] EXT4-fs (loop5): mounted filesystem without journal. Opts: init_itable,,errors=continue. Quota mode: none.
[  139.187434][ T6118] loop2: detected capacity change from 0 to 128
[  139.244167][ T5903] cp210x 5-1:0.0: failed to get vendor val 0x000e size 678: -71
[  139.276692][ T5903] cp210x 5-1:0.0: GPIO initialisation failed: -71
[  139.283633][ T6121] loop3: detected capacity change from 0 to 512
[  139.327920][ T5903] usb 5-1: cp210x converter now attached to ttyUSB0
[  139.386201][ T6118] netlink: 16 bytes leftover after parsing attributes in process `syz.2.481'.
[  139.418020][ T6128] loop5: detected capacity change from 0 to 47
[  139.445682][ T6121] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,usrquota,minixdf,nombcache,. Quota mode: writeback.
[  139.460399][ T5903] usb 5-1: USB disconnect, device number 2
[  139.479474][ T5903] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  139.489590][ T6121] ext4 filesystem being mounted at /107/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  139.506415][ T5903] cp210x 5-1:0.0: device disconnected
[  139.520836][ T6128] MINIX-fs: bad superblock
[  139.678083][ T6136] loop2: detected capacity change from 0 to 128
[  139.788905][ T6136] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  139.871215][ T6136] hpfs: filesystem error: improperly stopped
[  139.877262][ T6136] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  139.895014][ T6136] hpfs: You really don't want any checks? You are crazy...
[  139.907930][ T6136] hpfs: hpfs_map_sector(): read error
[  139.920886][ T6136] hpfs: code page support is disabled
[  139.945942][ T6136] hpfs: hpfs_map_4sectors(): unaligned read
[  139.975861][ T6136] hpfs: hpfs_map_4sectors(): unaligned read
[  139.988681][ T6136] hpfs: filesystem error: unable to find root dir
[  140.050115][ T6136] hpfs: hpfs_map_4sectors(): unaligned read
[  140.236586][ T6156] loop4: detected capacity change from 0 to 64
[  140.291705][ T6161] loop2: detected capacity change from 0 to 2048
[  140.326204][ T6159] loop6: detected capacity change from 0 to 4096
[  140.384605][ T6161] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  140.428742][ T6161] ext4 filesystem being mounted at /41/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  140.648681][ T5826] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  140.811751][ T4954] ntfs3: loop6: ntfs_evict_inode r=5 failed, -22.
[  140.818330][ T4954] ntfs3: loop6: Mark volume as dirty due to NTFS errors
[  140.898618][ T5826] usb 6-1: Using ep0 maxpacket: 8
[  141.013676][ T6179] loop3: detected capacity change from 0 to 512
[  141.038916][ T5826] usb 6-1: config 179 has an invalid interface number: 65 but max is 0
[  141.057735][ T5826] usb 6-1: config 179 has no interface number 0
[  141.074503][ T5826] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  141.106476][ T5826] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  141.124679][ T6183] input: syz1 as /devices/virtual/input/input9
[  141.131441][ T5826] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  141.164705][ T5826] usb 6-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  141.181453][ T5826] usb 6-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  141.204612][ T6179] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  141.218101][ T5826] usb 6-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  141.258203][ T5826] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  141.270785][ T6179] EXT4-fs (loop3): 1 truncate cleaned up
[  141.276473][ T6179] EXT4-fs (loop3): mounted filesystem without journal. Opts: debug_want_extra_isize=0x000000000000002e,min_batch_time=0x0000000000000fff,inode_readahead_blks=0x0000000000000080,stripe=0x0000000000004000,errors=remount-ro,max_batch_time=0x0000000000000004,. Quota mode: none.
[  141.369294][ T6188] loop6: detected capacity change from 0 to 1024
[  141.386751][   T26] kauditd_printk_skb: 164 callbacks suppressed
[  141.386767][   T26] audit: type=1800 audit(1774072938.214:183): pid=6179 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.506" name="file1" dev="loop3" ino=15 res=0 errno=0
[  141.389432][ T6163] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  141.427074][ T6188] hfsplus: failed to load root directory
[  141.744396][ T6194] EXT4-fs (loop2): Journaled quota options ignored when QUOTA feature is enabled
[  141.779465][ T6194] EXT4-fs (loop2): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  141.802805][ T6194] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (53380!=20869)
[  141.817790][ T5826] input: Generic X-Box pad as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:179.65/input/input10
[  141.833715][ T6194] EXT4-fs error (device loop2): ext4_get_journal_inode:5185: comm syz.2.512: inode #1: comm syz.2.512: iget: illegal inode #
[  141.888537][ T6194] EXT4-fs (loop2): no journal found
[  142.056964][ T5903] usb 6-1: USB disconnect, device number 5
[  142.068540][    C1] xpad 6-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  142.076876][    C1] xpad 6-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  142.086769][ T5903] xpad 6-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  142.682092][ T6205] XFS (loop4): Mounting V5 Filesystem
[  142.738623][ T5820] usb 7-1: new full-speed USB device number 3 using dummy_hcd
[  142.811810][ T6205] XFS (loop4): Ending clean mount
[  142.938666][ T5903] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  143.033015][ T4186] XFS (loop4): Unmounting Filesystem
[  143.178754][ T5820] usb 7-1: config 0 has an invalid interface number: 41 but max is 0
[  143.186893][ T5820] usb 7-1: config 0 has no interface number 0
[  143.188612][ T5903] usb 6-1: Using ep0 maxpacket: 16
[  143.210553][ T5820] usb 7-1: config 0 interface 41 has no altsetting 0
[  143.338665][ T5903] usb 6-1: config 0 has an invalid interface number: 105 but max is 0
[  143.359005][ T5903] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  143.398788][ T5903] usb 6-1: config 0 has no interface number 0
[  143.431419][ T5820] usb 7-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[  143.458507][ T5820] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  143.474373][ T5820] usb 7-1: Product: syz
[  143.499096][ T5820] usb 7-1: Manufacturer: syz
[  143.503798][ T5820] usb 7-1: SerialNumber: syz
[  143.522523][ T5820] usb 7-1: config 0 descriptor??
[  143.578726][ T5903] usb 6-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[  143.592464][ T5903] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  143.623394][ T5903] usb 6-1: Product: syz
[  143.632938][ T5903] usb 6-1: Manufacturer: syz
[  143.642045][ T5903] usb 6-1: SerialNumber: syz
[  143.667974][ T5903] usb 6-1: config 0 descriptor??
[  143.730946][ T5903] usb 6-1: Found UVC 0.00 device syz (046d:08f3)
[  143.737355][ T5903] usb 6-1: No valid video chain found.
[  143.961680][ T5902] usb 6-1: USB disconnect, device number 6
[  144.098494][ T4867] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  144.348541][ T4867] usb 4-1: Using ep0 maxpacket: 32
[  144.468610][ T4867] usb 4-1: config 0 has an invalid interface number: 51 but max is 0
[  144.484930][ T4867] usb 4-1: config 0 has no interface number 0
[  144.558654][ T5903] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  144.616441][ T5820] CoreChips: probe of 7-1:0.41 failed with error -71
[  144.632545][ T5820] usb 7-1: USB disconnect, device number 3
[  144.664458][ T4867] usb 4-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  144.676844][ T4867] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  144.685704][ T4867] usb 4-1: Product: syz
[  144.691122][ T4867] usb 4-1: Manufacturer: syz
[  144.695891][ T4867] usb 4-1: SerialNumber: syz
[  144.727082][ T4867] usb 4-1: config 0 descriptor??
[  144.790213][ T4867] quatech2 4-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  144.809961][ T5903] usb 5-1: Using ep0 maxpacket: 16
[  144.880924][ T6304] set_capacity_and_notify: 2 callbacks suppressed
[  144.880941][ T6304] loop2: detected capacity change from 0 to 40427
[  144.948570][ T6304] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  144.956397][ T6304] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  144.993695][ T6304] F2FS-fs (loop2): invalid crc value
[  145.007122][ T6304] F2FS-fs (loop2): Found nat_bits in checkpoint
[  145.016318][ T4867] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  145.036681][ T4867] usb 4-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  145.088726][ T5903] usb 5-1: New USB device found, idVendor=0d49, idProduct=7010, bcdDevice= c.90
[  145.137941][ T5903] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  145.173503][ T5903] usb 5-1: Product: syz
[  145.198121][ T5903] usb 5-1: Manufacturer: syz
[  145.214781][ T5903] usb 5-1: SerialNumber: syz
[  145.235098][ T6286] udc-core: couldn't find an available UDC or it's busy
[  145.264539][ T5903] usb 5-1: config 0 descriptor??
[  145.271149][ T6304] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  145.278233][ T6304] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  145.318490][ T6286] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  145.329855][ T5903] ums-onetouch 5-1:0.0: USB Mass Storage device detected
[  145.379079][   T26] audit: type=1800 audit(1774072942.214:184): pid=6304 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.540" name="file1" dev="loop2" ino=10 res=0 errno=0
[  145.408823][ T4306] Bluetooth: hci3: command 0x0405 tx timeout
[  145.480381][ T6351] loop6: detected capacity change from 0 to 512
[  145.486884][   T26] audit: type=1800 audit(1774072942.284:185): pid=6304 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.540" name="file1" dev="loop2" ino=10 res=0 errno=0
[  145.547861][ T4867] usb 5-1: USB disconnect, device number 3
[  145.575901][ T6351] EXT4-fs (loop6): 1 truncate cleaned up
[  145.609070][ T5820] usb 4-1: USB disconnect, device number 11
[  145.618561][    C0] usb 4-1: qt2_read_bulk_callback - non-zero urb status: -108
[  145.633582][ T5820] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  145.648682][ T5820] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  145.661243][ T5820] quatech2 4-1:0.51: device disconnected
[  145.670392][ T6351] EXT4-fs (loop6): mounted filesystem without journal. Opts: init_itable,,errors=continue. Quota mode: none.
[  146.298184][ T6369] TCP: request_sock_TCP: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  146.366154][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #140!!!
[  146.375798][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #40!!!
[  146.771315][ T6386] loop4: detected capacity change from 0 to 128
[  147.162831][ T6362] loop6: detected capacity change from 0 to 32768
[  147.177707][ T6399] loop2: detected capacity change from 0 to 1024
[  147.215199][ T6404] netlink: 12 bytes leftover after parsing attributes in process `syz.4.563'.
[  147.335025][ T6399] hfsplus: bad catalog entry type
[  147.374860][ T6410] loop3: detected capacity change from 0 to 256
[  147.454330][ T6362] XFS (loop6): Mounting V5 Filesystem
[  147.498752][ T6410] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  147.560556][  T144] hfsplus: b-tree write err: -5, ino 25
[  147.566351][  T144] hfsplus: b-tree write err: -5, ino 4
[  147.659761][ T6362] XFS (loop6): Ending clean mount
[  147.678094][ T6362] XFS (loop6): Quotacheck needed: Please wait.
[  147.704755][  T144] hfsplus: b-tree write err: -5, ino 2
[  147.857809][ T6362] XFS (loop6): Quotacheck: Done.
[  147.954146][ T6435] loop2: detected capacity change from 0 to 512
[  148.075314][ T4954] XFS (loop6): Unmounting Filesystem
[  148.107682][ T6435] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 0, start 22000003)
[  148.188520][ T6435] FAT-fs (loop2): Filesystem has been set read-only
[  148.212317][ T6440] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 0, start 22000003)
[  148.228371][ T6435] FAT-fs (loop2): error, fat_get_cluster: invalid start cluster (i_pos 0, start 22000003)
[  148.667738][ T6447] loop6: detected capacity change from 0 to 2048
[  148.697478][ T6447] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  148.726583][ T6438] loop3: detected capacity change from 0 to 32768
[  148.727497][ T6449] loop2: detected capacity change from 0 to 1024
[  148.875147][ T6449] EXT4-fs (loop2): mounted filesystem without journal. Opts: usrquota,usrjquota=,bsddf,journal_ioprio=0x0000000000000001,,errors=continue. Quota mode: writeback.
[  148.906913][ T6438] XFS (loop3): Mounting V5 Filesystem
[  148.939092][ T6449] ext4 filesystem being mounted at /58/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  149.040482][ T6449] EXT4-fs error (device loop2): ext4_map_blocks:739: inode #15: block 3: comm syz.2.576: lblock 3 mapped to illegal pblock 3 (length 3)
[  149.078449][ T6449] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  149.096487][ T6438] XFS (loop3): Ending clean mount
[  149.103893][ T6449] EXT4-fs (loop2): This should not happen!! Data will be lost
[  149.103893][ T6449] 
[  149.121300][ T6438] XFS (loop3): Quotacheck needed: Please wait.
[  149.128298][ T6449] EXT4-fs error (device loop2): ext4_map_blocks:739: inode #15: block 8: comm syz.2.576: lblock 8 mapped to illegal pblock 8 (length 8)
[  149.154138][ T6449] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[  149.167756][ T6449] EXT4-fs (loop2): This should not happen!! Data will be lost
[  149.167756][ T6449] 
[  149.220044][  T483] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm kworker/u4:3: bg 0: block 112: padding at end of block bitmap is not set
[  149.236369][ T6438] XFS (loop3): Quotacheck: Done.
[  149.245434][  T483] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 64 with max blocks 4 with error 117
[  149.272028][  T483] EXT4-fs (loop2): This should not happen!! Data will be lost
[  149.272028][  T483] 
[  149.338636][ T5825] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  149.398131][ T6438] XFS (loop3): User initiated shutdown received.
[  149.419288][ T6438] XFS (loop3): Metadata I/O Error (0x4) detected at xfs_fs_goingdown+0x101/0x150 (fs/xfs/xfs_fsops.c:485).  Shutting down filesystem.
[  149.434493][ T6438] XFS (loop3): Please unmount the filesystem and rectify the problem(s)
[  149.462547][ T4177]  loop8: [POWERTEC] p1 p2 p3 p4 p5 p6 p7 p8 p9 p10 p11
[  149.474717][ T4177] loop8: p1 start 912119244 is beyond EOD, truncated
[  149.481856][ T4177] loop8: p2 start 2949906769 is beyond EOD, truncated
[  149.491406][ T4177] loop8: p3 start 3740906666 is beyond EOD, truncated
[  149.498353][ T4177] loop8: p4 start 2974154542 is beyond EOD, truncated
[  149.505910][ T4177] loop8: p5 start 2946449176 is beyond EOD, truncated
[  149.513079][ T4177] loop8: p6 start 1287082477 is beyond EOD, truncated
[  149.520122][ T4177] loop8: p7 start 3756907806 is beyond EOD, truncated
[  149.532608][ T4177] loop8: p8 start 974053343 is beyond EOD, truncated
[  149.542796][ T4177] loop8: p9 start 175385606 is beyond EOD, truncated
[  149.556038][ T4198] XFS (loop3): Unmounting Filesystem
[  149.563473][ T4177] loop8: p10 start 1987014430 is beyond EOD, truncated
[  149.575892][ T4177] loop8: p11 start 1637589159 is beyond EOD, truncated
[  149.629864][ T6475]  loop8: [POWERTEC] p1 p2 p3 p4 p5 p6 p7 p8 p9 p10 p11
[  149.653324][ T6475] loop8: p1 start 912119244 is beyond EOD, truncated
[  149.660717][ T6475] loop8: p2 start 2949906769 is beyond EOD, truncated
[  149.730645][ T6475] loop8: p3 start 3740906666 is beyond EOD, truncated
[  149.732771][ T5825] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  149.748536][ T6475] loop8: p4 start 2974154542 is beyond EOD, truncated
[  149.778275][ T5825] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  149.784582][ T6475] loop8: p5 start 2946449176 is beyond EOD, 
[  149.788648][ T5228] ntfs3: loop2: ntfs_evict_inode r=5 failed, -22.
[  149.798737][ T5825] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  149.817700][ T5825] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  149.826876][ T5825] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  149.835453][ T6475] truncated
[  149.839468][ T6475] loop8: p6 start 1287082477 is beyond EOD, truncated
[  149.855382][ T5825] usb 7-1: config 0 descriptor??
[  149.860738][ T6475] loop8: p7 start 3756907806 is beyond EOD, truncated
[  149.872364][ T6475] loop8: p8 start 974053343 is beyond EOD, truncated
[  149.880252][ T6475] loop8: p9 start 175385606 is beyond EOD, truncated
[  149.887123][ T6475] loop8: p10 start 1987014430 is beyond EOD, truncated
[  149.894401][ T5228] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  149.918756][ T6475] loop8: p11 start 1637589159 is beyond EOD, truncated
[  150.069007][ T6478] set_capacity_and_notify: 2 callbacks suppressed
[  150.069023][ T6478] loop5: detected capacity change from 0 to 32768
[  150.151849][ T6478] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 scanned by syz.5.585 (6478)
[  150.169927][ T6478] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm
[  150.178657][ T6478] BTRFS info (device loop5): using free space tree
[  150.185199][ T6478] BTRFS info (device loop5): has skinny extents
[  150.194485][    C1] vkms_vblank_simulate: vblank timer overrun
[  150.330837][ T5825] plantronics 0003:047F:FFFF.0006: unknown main item tag 0xe
[  150.346997][ T5825] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  150.355313][ T5825] plantronics 0003:047F:FFFF.0006: No inputs registered, leaving
[  150.358910][ T6478] BTRFS info (device loop5): enabling ssd optimizations
[  150.381062][ T5825] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.6-1/input0
[  150.388770][ T5903] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  150.663433][ T5902] usb 7-1: USB disconnect, device number 4
[  150.688833][ T5903] usb 5-1: Using ep0 maxpacket: 8
[  150.809292][ T5903] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  150.841023][ T5903] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  150.863887][ T5903] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  150.876698][ T5903] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  150.893168][ T5903] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  150.906690][ T5903] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  150.922695][ T5903] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  151.040642][ T6510] loop3: detected capacity change from 0 to 32768
[  151.147174][ T6510] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  151.155935][ T6510] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  151.172538][ T6510] gfs2: fsid=syz:syz.s: journal 0 mapped with 5 extents in 0ms
[  151.208604][ T5903] usb 5-1: usb_control_msg returned -32
[  151.214370][ T5903] usbtmc 5-1:16.0: can't read capabilities
[  151.251845][ T6510] gfs2: fsid=syz:syz.s: first mount done, others may mount
[  151.394773][ T6516] netlink: 4 bytes leftover after parsing attributes in process `syz.6.592'.
[  151.633691][ T6525] usbtmc 5-1:16.0: control status returned 0
[  151.835609][ T5825] usb 5-1: USB disconnect, device number 4
[  151.983804][ T6518] loop5: detected capacity change from 0 to 32768
[  152.001845][ T6543] loop3: detected capacity change from 0 to 512
[  152.044430][ T6543] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  152.083775][ T6518] XFS (loop5): Mounting V5 Filesystem
[  152.098055][ T6543] EXT4-fs error (device loop3): ext4_orphan_get:1426: comm syz.3.602: bad orphan inode 131083
[  152.122947][ T6543] EXT4-fs (loop3): mounted filesystem without journal. Opts: stripe=0x0000000000000004,init_itable,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: none.
[  152.173270][ T6518] XFS (loop5): Ending clean mount
[  152.183689][ T5903] XFS (loop5): Metadata CRC error detected at xfs_inobt_read_verify+0x3a/0xd0, xfs_finobt block 0x10 
[  152.252290][ T5903] XFS (loop5): Unmount and run xfs_repair
[  152.267529][ T6543] EXT4-fs warning (device loop3): ext4_resize_begin:83: There are errors in the filesystem, so online resizing is not allowed
[  152.285436][ T5903] XFS (loop5): First 128 bytes of corrupted metadata buffer:
[  152.297374][ T5903] 00000000: 46 49 42 33 00 00 00 01 ff ff ff ff ff ff ff ff  FIB3............
[  152.320381][ T5903] 00000010: 00 00 00 00 00 00 00 10 00 00 00 01 00 00 00 10  ................
[  152.343491][ T5903] 00000020: d7 dc 42 4e 79 90 42 cb 9f 91 9c b7 20 0a 10 1d  ..BNy.B..... ...
[  152.367508][ T5903] 00000030: 00 00 00 00 0f 8d d2 a2 00 00 18 00 00 00 40 37  ..............@7
[  152.389036][ T5903] 00000040: ff ff ff ff ff ff fe 00 00 00 00 00 00 00 00 00  ................
[  152.406942][ T5903] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  152.417905][ T5903] 00000060: 00 00 00 00 00 f0 00 00 00 00 00 00 00 00 00 00  ................
[  152.434329][ T5903] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  152.444233][ T6518] XFS (loop5): metadata I/O error in "xfs_btree_read_buf_block+0x1db/0x2d0" at daddr 0x10 len 4 error 74
[  152.464638][ T6518] XFS (loop5): Failed to initialize disk quotas.
[  152.674685][ T4546] XFS (loop5): Unmounting Filesystem
[  152.886388][ T6578] loop6: detected capacity change from 0 to 1024
[  152.970358][ T6578] EXT4-fs error (device loop6): ext4_map_blocks:629: inode #3: block 2: comm syz.6.613: lblock 2 mapped to illegal pblock 2 (length 1)
[  153.014969][ T6578] Quota error (device loop6): qtree_write_dquot: dquota write failed
[  153.024635][ T6578] EXT4-fs error (device loop6): ext4_map_blocks:629: inode #3: block 48: comm syz.6.613: lblock 0 mapped to illegal pblock 48 (length 1)
[  153.043310][ T6578] Quota error (device loop6): v2_write_file_info: Can't write info structure
[  153.053173][ T6578] EXT4-fs error (device loop6): ext4_acquire_dquot:6234: comm syz.6.613: Failed to acquire dquot type 0
[  153.065775][ T6578] EXT4-fs error (device loop6) in ext4_reserve_inode_write:5854: Corrupt filesystem
[  153.088652][ T6578] EXT4-fs error (device loop6): ext4_evict_inode:282: inode #11: comm syz.6.613: mark_inode_dirty error
[  153.102812][ T6578] EXT4-fs warning (device loop6): ext4_evict_inode:285: couldn't mark inode dirty (err -117)
[  153.113293][ T6578] EXT4-fs (loop6): 1 orphan inode deleted
[  153.119129][ T6578] EXT4-fs (loop6): mounted filesystem without journal. Opts: nodioread_nolock,noblock_validity,data_err=ignore,max_batch_time=0x00000000000008c9,nodiscard,stripe=0x0000000000000004,noauto_da_alloc,,errors=continue. Quota mode: none.
[  153.143582][  T154] EXT4-fs error (device loop6): ext4_map_blocks:629: inode #3: block 1: comm kworker/u4:2: lblock 1 mapped to illegal pblock 1 (length 1)
[  153.180260][  T154] Quota error (device loop6): remove_tree: Can't read quota data block 1
[  153.210628][  T154] EXT4-fs error (device loop6): ext4_release_dquot:6270: comm kworker/u4:2: Failed to release dquot type 0
[  153.374462][ T4954] EXT4-fs error (device loop6): __ext4_get_inode_loc:4327: comm syz-executor: Invalid inode table block 1 in block_group 0
[  153.445346][ T4954] EXT4-fs error (device loop6) in ext4_reserve_inode_write:5854: Corrupt filesystem
[  153.482157][ T4954] EXT4-fs error (device loop6): ext4_quota_off:6540: inode #3: comm syz-executor: mark_inode_dirty error
[  153.706268][ T6601] loop5: detected capacity change from 0 to 4096
[  153.749038][ T6608] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  153.898505][ T4867] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  153.970549][ T6617] netlink: 8 bytes leftover after parsing attributes in process `syz.5.630'.
[  154.138571][ T4867] usb 4-1: Using ep0 maxpacket: 8
[  154.247267][ T6619] loop5: detected capacity change from 0 to 32768
[  154.258705][ T4867] usb 4-1: config 179 has an invalid interface number: 65 but max is 0
[  154.267049][ T4867] usb 4-1: config 179 has no interface number 0
[  154.301987][ T4867] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  154.313279][ T6619] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 scanned by syz.5.631 (6619)
[  154.331178][ T4867] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  154.346662][ T4867] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  154.366955][ T4867] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  154.380391][ T4867] usb 4-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  154.428513][ T4867] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  154.437781][ T4867] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  154.472558][ T6619] BTRFS info (device loop5): using sha256 (sha256-avx2) checksum algorithm
[  154.488839][ T6603] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  154.496719][ T6619] BTRFS info (device loop5): using free space tree
[  154.538294][ T6619] BTRFS info (device loop5): has skinny extents
[  154.718545][ T6619] BTRFS info (device loop5): enabling ssd optimizations
[  154.774838][ T4867] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:179.65/input/input11
[  155.034797][ T4177] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 10 /dev/loop5 scanned by udevd (4177)
[  155.242207][ T6621] loop2: detected capacity change from 0 to 32768
[  155.267089][ T6621] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.632 (6621)
[  155.407550][ T6647] loop4: detected capacity change from 0 to 2048
[  155.446817][ T6626] loop6: detected capacity change from 0 to 32768
[  155.458818][ T4227] usb 4-1: USB disconnect, device number 12
[  155.468574][    C0] xpad 4-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  155.476911][    C0] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  155.495376][ T4227] xpad 4-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  155.517547][ T6647] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  155.569317][ T6621] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  155.643286][ T6621] BTRFS info (device loop2): setting nodatasum
[  155.669575][ T6626] XFS (loop6): Mounting V5 Filesystem
[  155.738522][ T6621] BTRFS info (device loop2): force zlib compression, level 3
[  155.757747][ T6621] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_LZO (0x8)
[  155.798791][ T6621] BTRFS info (device loop2): use lzo compression, level 0
[  155.805966][ T6621] BTRFS info (device loop2): turning on flush-on-commit
[  155.849536][ T6626] XFS (loop6): Ending clean mount
[  155.860639][ T6621] BTRFS info (device loop2): enabling auto defrag
[  155.867254][ T6621] BTRFS info (device loop2): max_inline at 4096
[  155.904133][ T6621] BTRFS info (device loop2): using free space tree
[  155.918569][ T6621] BTRFS info (device loop2): has skinny extents
[  156.163651][ T4954] XFS (loop6): Unmounting Filesystem
[  156.272069][ T6692] loop4: detected capacity change from 0 to 128
[  156.396875][ T6621] BTRFS info (device loop2): enabling ssd optimizations
[  156.411544][ T6692] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  156.425232][ T6692] ext4 filesystem being mounted at /154/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  156.478549][ T4191] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  156.513462][ T6703] device syzkaller1 entered promiscuous mode
[  156.739084][ T4191] usb 4-1: Using ep0 maxpacket: 32
[  156.889491][ T4191] usb 4-1: config 0 interface 0 altsetting 128 endpoint 0x2 has an invalid bInterval 0, changing to 7
[  156.926502][ T4191] usb 4-1: config 0 interface 0 has no altsetting 0
[  156.947443][ T4191] usb 4-1: New USB device found, idVendor=1b1c, idProduct=1c09, bcdDevice= 0.00
[  156.982398][ T4191] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  157.000048][ T4191] usb 4-1: config 0 descriptor??
[  157.009058][ T6716] loop5: detected capacity change from 0 to 16
[  157.123841][ T6726] loop4: detected capacity change from 0 to 2048
[  157.163120][ T6716] erofs: (device loop5): erofs_fc_fill_super: rootino(nid 36) is not a directory(i_mode 66300)
[  157.262177][ T6726] EXT4-fs (loop4): mounted filesystem without journal. Opts: sysvgroups,,errors=continue. Quota mode: none.
[  157.590729][ T6740] loop4: detected capacity change from 0 to 256
[  157.720004][ T5023] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  157.881910][ T4191] corsair-psu 0003:1B1C:1C09.0007: hidraw0: USB HID v4.08 Device [HID 1b1c:1c09] on usb-dummy_hcd.3-1/input0
[  158.026709][ T6761] loop4: detected capacity change from 0 to 64
[  158.176234][ T6768] attempt to access beyond end of device
[  158.176234][ T6768] loop4: rw=2049, want=162, limit=64
[  158.184422][ T6766] loop2: detected capacity change from 0 to 256
[  158.208810][ T6768] Buffer I/O error on dev loop4, logical block 161, lost async page write
[  158.236167][ T6768] attempt to access beyond end of device
[  158.236167][ T6768] loop4: rw=2049, want=163, limit=64
[  158.287838][ T6768] Buffer I/O error on dev loop4, logical block 162, lost async page write
[  158.298733][ T4191] corsair-psu 0003:1B1C:1C09.0007: unable to query firmware (-71)
[  158.313257][ T4191] corsair-psu: probe of 0003:1B1C:1C09.0007 failed with error -71
[  158.347129][ T6768] attempt to access beyond end of device
[  158.347129][ T6768] loop4: rw=2049, want=164, limit=64
[  158.398044][ T4191] usb 4-1: USB disconnect, device number 13
[  158.399616][ T6768] Buffer I/O error on dev loop4, logical block 163, lost async page write
[  158.451157][ T6768] attempt to access beyond end of device
[  158.451157][ T6768] loop4: rw=2049, want=168, limit=64
[  158.469526][ T6768] Buffer I/O error on dev loop4, logical block 167, lost async page write
[  158.478134][ T6768] attempt to access beyond end of device
[  158.478134][ T6768] loop4: rw=2049, want=170, limit=64
[  158.528595][ T6768] Buffer I/O error on dev loop4, logical block 169, lost async page write
[  158.575806][ T6771] fido_id[6771]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[  158.612877][ T6775] loop2: detected capacity change from 0 to 2048
[  158.617651][ T6768] attempt to access beyond end of device
[  158.617651][ T6768] loop4: rw=2049, want=172, limit=64
[  158.667231][ T6775] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  158.740071][ T6768] Buffer I/O error on dev loop4, logical block 171, lost async page write
[  158.760929][  T144] attempt to access beyond end of device
[  158.760929][  T144] loop4: rw=1, want=175, limit=64
[  158.776892][ T6768] attempt to access beyond end of device
[  158.776892][ T6768] loop4: rw=2049, want=173, limit=64
[  158.787953][  T144] Buffer I/O error on dev loop4, logical block 174, lost async page write
[  158.798446][ T4229] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  158.810226][  T144] attempt to access beyond end of device
[  158.810226][  T144] loop4: rw=1, want=176, limit=64
[  158.850198][ T6768] Buffer I/O error on dev loop4, logical block 172, lost async page write
[  158.873002][  T144] Buffer I/O error on dev loop4, logical block 175, lost async page write
[  158.920826][ T6768] attempt to access beyond end of device
[  158.920826][ T6768] loop4: rw=2049, want=174, limit=64
[  158.935987][  T144] Buffer I/O error on dev loop4, logical block 176, lost async page write
[  159.462078][ T4227] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  159.704692][ T6805] mmap: syz.4.684 (6805) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst.
[  159.748488][ T5023] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  159.840209][ T6731] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  160.048555][ T5023] usb 7-1: Using ep0 maxpacket: 32
[  160.128690][ T4227] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  160.204635][ T5023] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  160.222356][ T5023] usb 7-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 16
[  160.250136][ T5023] usb 7-1: config 1 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 576
[  160.292863][ T5023] usb 7-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 23
[  160.367658][ T6819] set_capacity_and_notify: 3 callbacks suppressed
[  160.367673][ T6819] loop3: detected capacity change from 0 to 4096
[  160.369250][ T4227] usb 6-1: Using ep0 maxpacket: 16
[  160.421175][ T6819] ntfs3: loop3: Different NTFS' sector size (2048) and media sector size (512)
[  160.441767][ T5023] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  160.461990][ T5023] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  160.490031][ T5023] usb 7-1: SerialNumber: syz
[  160.523703][ T6801] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  160.541397][ T6801] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  160.566382][ T6819] ntfs3: loop3: Failed to load $UpCase.
[  160.579031][ T5023] hub 7-1:1.0: bad descriptor, ignoring hub
[  160.594090][ T5023] hub: probe of 7-1:1.0 failed with error -5
[  160.610765][ T5023] cdc_acm 7-1:1.0: Control and data interfaces are not separated!
[  160.668598][ T4227] usb 6-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3
[  160.677725][ T4227] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  160.729044][ T4227] usb 6-1: Product: syz
[  160.733278][ T4227] usb 6-1: Manufacturer: syz
[  160.737908][ T4227] usb 6-1: SerialNumber: syz
[  160.740761][ T6828] netlink: 12 bytes leftover after parsing attributes in process `syz.2.694'.
[  160.779668][ T4227] usb 6-1: config 0 descriptor??
[  160.791794][ T5023] cdc_acm 7-1:1.0: ttyACM0: USB ACM device
[  160.855957][ T5023] usb 7-1: USB disconnect, device number 5
[  160.874925][ T6830] loop2: detected capacity change from 0 to 256
[  160.929376][ T5826] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  160.953941][ T6830] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x4ec6003b, utbl_chksum : 0xe619d30d)
[  161.114382][ T6838] netlink: 20 bytes leftover after parsing attributes in process `syz.4.699'.
[  161.249618][ T4227] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state.
[  161.292422][ T4227] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  161.338847][ T6846] loop2: detected capacity change from 0 to 2048
[  161.354559][ T4227] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T)
[  161.384597][ T4227] usb 6-1: media controller created
[  161.418849][ T4177]  loop2: p1 < > p3 p4
[  161.435418][ T4177] loop2: p3 size 54016 extends beyond EOD, truncated
[  161.450908][ T6810] dtv5100: wlen = 0, aborting.
[  161.458554][ T4177] loop2: p4 start 4294967295 is beyond EOD, truncated
[  161.472190][ T4227] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  161.518391][ T6846]  loop2: p1 < > p3 p4
[  161.534766][ T6846] loop2: p3 size 54016 extends beyond EOD, truncated
[  161.554939][ T6846] loop2: p4 start 4294967295 is beyond EOD, truncated
[  161.628725][ T4227] zl10353_read_register: readreg error (reg=127, ret==0)
[  161.662460][ T4227] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T'
[  161.709559][ T4227] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected.
[  161.768706][ T4227] usb 6-1: USB disconnect, device number 7
[  161.854648][ T4227] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected.
[  161.993123][ T4177] udevd[4177]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  161.995715][ T5023] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  162.026431][ T4178] udevd[4178]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  162.075663][ T6836] loop3: detected capacity change from 0 to 32768
[  162.099344][ T4178] udevd[4178]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  162.114547][ T4177] udevd[4177]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  162.214578][ T4177] udevd[4177]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  162.226469][ T4178] udevd[4178]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  162.256215][ T6836] XFS (loop3): Mounting V5 Filesystem
[  162.372176][ T6893] capability: warning: `syz.4.715' uses 32-bit capabilities (legacy support in use)
[  162.416657][ T6836] XFS (loop3): Ending clean mount
[  162.444759][ T6836] XFS (loop3): Metadata CRC error detected at xfs_inobt_read_verify+0x3a/0xd0, xfs_finobt block 0x10 
[  162.518769][ T5452] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  162.541552][ T6836] XFS (loop3): Unmount and run xfs_repair
[  162.594190][ T6836] XFS (loop3): First 128 bytes of corrupted metadata buffer:
[  162.629636][ T6836] 00000000: 46 49 42 33 00 00 00 01 ff ff ff ff ff ff ff ff  FIB3............
[  162.678490][ T6836] 00000010: 00 00 00 00 00 00 00 10 00 00 00 01 00 00 00 10  ................
[  162.719624][ T6903] ������: renamed from veth0_vlan
[  162.740788][ T6836] 00000020: d7 dc 42 4e 79 90 42 cb 9f 91 9c b7 20 0a 10 1d  ..BNy.B..... ...
[  162.789664][ T6836] 00000030: 00 00 00 00 0f 8d d2 a2 00 00 18 00 00 00 40 37  ..............@7
[  162.830220][ T6836] 00000040: ff ff ff ff ff ff fe 00 00 00 00 00 00 00 00 00  ................
[  162.879055][ T6836] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  162.888039][ T6836] 00000060: 00 00 00 00 00 f0 00 00 00 00 00 00 00 00 00 00  ................
[  162.921283][ T6836] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  162.939093][ T6836] XFS (loop3): metadata I/O error in "xfs_btree_read_buf_block+0x1db/0x2d0" at daddr 0x10 len 4 error 74
[  162.968850][ T6836] XFS (loop3): Failed to initialize disk quotas.
[  163.038659][ T5826] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  163.227401][ T4198] XFS (loop3): Unmounting Filesystem
[  163.240608][ T6929] vcan0: tx drop: invalid da for name 0xfffffffffffffffc
[  163.339897][ T6931] blk_update_request: I/O error, dev loop12, sector 0 op 0x0:(READ) flags 0x1000 phys_seg 1 prio class 0
[  163.370356][ T6931] EXT4-fs (loop12): unable to read superblock
[  163.428552][ T6731] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  163.478675][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  163.813585][ T4866] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  163.889131][ T6731] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  163.900580][ T6956] netlink: 28 bytes leftover after parsing attributes in process `syz.5.741'.
[  163.909649][ T6731] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  163.937022][ T6731] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  163.968054][ T6731] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  163.986430][ T6731] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  163.999417][ T6731] usb 3-1: config 0 descriptor??
[  164.010034][ T6956] device bridge1 entered promiscuous mode
[  164.044918][ T6956] team0: Port device bridge1 added
[  164.062074][ T6961] bridge0: port 3(team0) entered blocking state
[  164.078616][ T6961] bridge0: port 3(team0) entered disabled state
[  164.105727][ T6961] device team0 entered promiscuous mode
[  164.121937][ T6961] device team_slave_0 entered promiscuous mode
[  164.131447][ T5023] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  164.150216][ T6961] device team_slave_1 entered promiscuous mode
[  164.162033][ T6961] bridge0: port 3(team0) entered blocking state
[  164.168819][ T6961] bridge0: port 3(team0) entered forwarding state
[  164.198822][ T4866] usb 7-1: config 0 has an invalid interface number: 1 but max is 0
[  164.206953][ T4866] usb 7-1: config 0 has no interface number 0
[  164.283453][ T6967] loop5: detected capacity change from 0 to 1024
[  164.317596][ T6969] loop4: detected capacity change from 0 to 1024
[  164.398636][ T4866] usb 7-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  164.407850][ T4866] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  164.418685][ T4866] usb 7-1: Product: syz
[  164.422898][ T4866] usb 7-1: Manufacturer: syz
[  164.427602][ T4866] usb 7-1: SerialNumber: syz
[  164.443819][ T4866] usb 7-1: config 0 descriptor??
[  164.450340][ T6969] EXT4-fs (loop4): mounted filesystem without journal. Opts: barrier,nodioread_nolock,noquota,bsdgroups,auto_da_alloc,auto_da_alloc=0x0000000000000005,,errors=continue. Quota mode: none.
[  164.468717][    C1] vkms_vblank_simulate: vblank timer overrun
[  164.484718][ T6967] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  164.499124][ T6969] ext4 filesystem being mounted at /181/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  164.504075][ T6731] plantronics 0003:047F:FFFF.0008: No inputs registered, leaving
[  164.559185][ T6960] loop3: detected capacity change from 0 to 32768
[  164.575894][ T6731] plantronics 0003:047F:FFFF.0008: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  164.584810][ T6969] EXT4-fs error (device loop4): ext4_free_blocks:6232: comm syz.4.747: Freeing blocks not in datazone - block = 0, count = 16
[  164.654863][ T4249] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm kworker/u4:6: bg 0: block 112: padding at end of block bitmap is not set
[  164.708273][ T4249] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 61 with max blocks 1 with error 28
[  164.732850][ T4249] EXT4-fs (loop4): This should not happen!! Data will be lost
[  164.732850][ T4249] 
[  164.758866][ T4866] usb 7-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state
[  164.781049][ T6960] XFS (loop3): Mounting V5 Filesystem
[  164.786815][ T4866] usb 7-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  164.805581][ T4249] EXT4-fs (loop4): Total free blocks count 0
[  164.825230][ T6731] usb 3-1: USB disconnect, device number 4
[  164.828724][ T4249] EXT4-fs (loop4): Free/Dirty block details
[  164.837052][ T4249] EXT4-fs (loop4): free_blocks=0
[  164.843500][ T4866] dvbdev: DVB: registering new adapter (E3C EC168 reference design)
[  164.851679][ T4866] usb 7-1: media controller created
[  164.868866][ T4866] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  164.915622][ T4249] EXT4-fs (loop4): dirty_blocks=16
[  164.938302][ T4249] EXT4-fs (loop4): Block reservation details
[  164.945538][ T4249] EXT4-fs (loop4): i_reserved_data_blocks=1
[  165.004377][ T6960] XFS (loop3): Ending clean mount
[  165.017412][ T6960] XFS (loop3): Quotacheck needed: Please wait.
[  165.040191][ T4866] i2c i2c-1: ec100: i2c rd failed=-32 reg=33
[  165.096679][ T6986] loop4: detected capacity change from 0 to 1024
[  165.186178][ T6731] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  165.203391][ T6960] XFS (loop3): Quotacheck: Done.
[  165.307047][ T6990] hfsplus: request for non-existent node 16777216 in B*Tree
[  165.318813][ T6990] hfsplus: request for non-existent node 16777216 in B*Tree
[  165.340727][ T4198] XFS (loop3): Unmounting Filesystem
[  165.363670][ T6990] hfsplus: request for non-existent node 16777216 in B*Tree
[  165.384199][ T6990] hfsplus: request for non-existent node 16777216 in B*Tree
[  165.395442][ T6986] hfsplus: request for non-existent node 16777216 in B*Tree
[  165.424198][ T6986] hfsplus: request for non-existent node 16777216 in B*Tree
[  165.472995][ T4249] hfsplus: request for non-existent node 16777216 in B*Tree
[  165.482901][ T4249] hfsplus: request for non-existent node 16777216 in B*Tree
[  165.500384][ T6995] loop2: detected capacity change from 0 to 1024
[  165.556460][ T6995] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  165.578915][ T5452] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  165.636304][ T6995] EXT4-fs (loop2): mounted filesystem without journal. Opts: noblock_validity,journal_dev=0x0000000000000007,journal_ioprio=0x0000000000000006,noinit_itable,nogrpid,nodiscard,jqfmt=vfsv0,noinit_itable,mb_optimize_scan=0x0000000000000000,usrquota,dioread_nolock,,errors=continue. Quota mode: writeback.
[  165.692057][ T6995] ext4 filesystem being mounted at /95/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  165.747028][ T6995] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.752: bg 0: block 112: padding at end of block bitmap is not set
[  165.772123][ T6995] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 63 with max blocks 65 with error 117
[  165.785085][ T6995] EXT4-fs (loop2): This should not happen!! Data will be lost
[  165.785085][ T6995] 
[  166.148987][ T4866] usb 7-1: USB disconnect, device number 6
[  166.198900][ T5826] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  166.216189][ T7018] loop5: detected capacity change from 0 to 64
[  166.265314][ T7020] loop2: detected capacity change from 0 to 2048
[  166.333989][ T3561]  loop2: p1 < > p3
[  166.342932][ T3561] loop2: p3 size 134217728 extends beyond EOD, truncated
[  166.357518][ T7020]  loop2: p1 < > p3
[  166.363889][ T7020] loop2: p3 size 134217728 extends beyond EOD, truncated
[  166.434374][ T7023] netlink: 188 bytes leftover after parsing attributes in process `syz.5.763'.
[  166.647521][ T4177] udevd[4177]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  166.668161][ T4178] udevd[4178]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  166.726403][ T4178] udevd[4178]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  166.761533][ T4177] udevd[4177]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  167.005172][ T7043] device batadv_slave_1 entered promiscuous mode
[  167.033614][ T7045] netlink: 'syz.3.750': attribute type 1 has an invalid length.
[  167.089443][ T7045] device bond1 entered promiscuous mode
[  167.095537][ T7045] 8021q: adding VLAN 0 to HW filter on device bond1
[  167.218962][ T7048] 8021q: adding VLAN 0 to HW filter on device bond1
[  167.226182][ T7048] bond1: (slave gre1): The slave device specified does not support setting the MAC address
[  167.236859][ T7048] bond1: (slave gre1): Setting fail_over_mac to active for active-backup mode
[  167.247398][ T6731] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  167.269542][ T7048] bond1: (slave gre1): making interface the new active one
[  167.277699][ T7048] device gre1 entered promiscuous mode
[  167.293271][ T7048] bond1: (slave gre1): Enslaving as an active interface with an up link
[  167.306114][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  167.329692][ T7051] netlink: 12 bytes leftover after parsing attributes in process `syz.5.773'.
[  167.339539][ T4227] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  167.358044][ T7042] device batadv_slave_1 left promiscuous mode
[  167.542529][ T7061] device syzkaller1 entered promiscuous mode
[  167.582994][ T7063] loop6: detected capacity change from 0 to 1024
[  167.775876][ T7063] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  167.953073][ T7074] loop3: detected capacity change from 0 to 4096
[  168.043896][ T7074] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  168.049168][ T5903] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  168.258860][ T6731] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  168.282184][ T5825] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  168.358203][ T7077] loop6: detected capacity change from 0 to 32768
[  168.455399][ T7077] XFS (loop6): Mounting V5 Filesystem
[  168.478894][ T5903] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[  168.487813][ T5903] usb 6-1: config 0 has no interface number 0
[  168.502426][ T6731] usb 5-1: Using ep0 maxpacket: 16
[  168.538559][ T5452] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  168.584879][ T7077] XFS (loop6): Ending clean mount
[  168.605440][ T7077] XFS (loop6): Quotacheck needed: Please wait.
[  168.638762][ T6731] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  168.658504][ T6731] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  168.691283][ T5903] usb 6-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  168.700482][ T5903] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  168.708582][ T5903] usb 6-1: Product: syz
[  168.712781][ T5903] usb 6-1: Manufacturer: syz
[  168.717395][ T5903] usb 6-1: SerialNumber: syz
[  168.721649][ T7077] XFS (loop6): Quotacheck: Done.
[  168.728134][ T5903] usb 6-1: config 0 descriptor??
[  168.828768][ T6731] usb 5-1: New USB device found, idVendor=05ac, idProduct=9226, bcdDevice=b2.89
[  168.858713][ T6731] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  168.866846][ T6731] usb 5-1: Product: syz
[  168.881730][ T6731] usb 5-1: Manufacturer: syz
[  168.886402][ T6731] usb 5-1: SerialNumber: syz
[  168.914054][ T6731] usb 5-1: config 0 descriptor??
[  168.954292][ T5452] usb 4-1: config 1 has an invalid descriptor of length 51, skipping remainder of the config
[  168.995181][ T5452] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  169.028795][ T5903] usb 6-1: dvb_usb_v2: found a 'E3C EC168 reference design' in warm state
[  169.045445][ T5903] usb 6-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  169.046930][ T4954] XFS (loop6): Unmounting Filesystem
[  169.061004][ T7092] loop2: detected capacity change from 0 to 32768
[  169.077692][ T5903] dvbdev: DVB: registering new adapter (E3C EC168 reference design)
[  169.135056][ T5452] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  169.155824][ T5903] usb 6-1: media controller created
[  169.184612][ T5452] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  169.203143][ T5452] usb 4-1: SerialNumber: syz
[  169.213911][ T5903] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  169.219557][ T4191] usb 5-1: USB disconnect, device number 5
[  169.247331][ T7092] XFS (loop2): Mounting V5 Filesystem
[  169.319022][ T5825] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  169.357522][ T7092] XFS (loop2): Ending clean mount
[  169.417422][ T7092] XFS (loop2): Quotacheck needed: Please wait.
[  169.531393][ T5452] usb 4-1: 0:2 : does not exist
[  169.536889][ T5452] usb 4-1: unit 48 not found!
[  169.541949][ T5903] i2c i2c-1: ec100: i2c rd failed=-71 reg=33
[  169.549261][ T7092] XFS (loop2): Quotacheck: Done.
[  169.600519][ T7111] loop6: detected capacity change from 0 to 128
[  169.627257][ T5452] usb 4-1: USB disconnect, device number 14
[  169.656098][ T5903] usb 6-1: USB disconnect, device number 8
[  169.819379][ T5228] XFS (loop2): Unmounting Filesystem
[  169.845044][ T7114] device syzkaller1 entered promiscuous mode
[  169.916057][ T4177] udevd[4177]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  170.358985][ T4191] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  170.541129][ T7125] loop3: detected capacity change from 0 to 32768
[  170.557645][ T4866] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  170.644684][ T7125] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  170.652970][ T7125] gfs2: fsid=syz:syz: Now mounting FS (format 1802)...
[  170.671892][ T7125] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[  170.686145][ T4866] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  170.693032][ T4866] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  170.734265][ T7133] loop2: detected capacity change from 0 to 1024
[  170.767364][ T7133] EXT4-fs (loop2): inline encryption not supported
[  170.779209][ T7133] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  170.804341][ T4866] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 111ms
[  170.823610][ T4866] gfs2: fsid=syz:syz.0: jid=0: Done
[  170.841361][ T7125] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  170.899507][ T7133] EXT4-fs (loop2): mounted filesystem without journal. Opts: dioread_nolock,data_err=abort,inlinecrypt,noauto_da_alloc,data_err=ignore,delalloc,nodiscard,grpquota,noblock_validity,user_xattr,mb_optimize_scan=0x0000000000000001,errors=remount-ro,sb=0x4000000000000000,sb=0x0000000000000. Quota mode: writeback.
[  170.963477][ T7144] loop4: detected capacity change from 0 to 512
[  171.026329][ T7144] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option
[  171.074721][ T7144] EXT4-fs error (device loop4): ext4_orphan_get:1400: inode #11: comm syz.4.798: iget: bad extended attribute block 3153
[  171.103114][ T7144] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.798: couldn't read orphan inode 11 (err -117)
[  171.182396][ T7144] EXT4-fs (loop4): mounted filesystem without journal. Opts: nomblk_io_submit,nogrpid,,errors=continue. Quota mode: none.
[  171.238914][ T7147] loop3: detected capacity change from 0 to 512
[  171.246899][ T7133] EXT4-fs error (device loop2): ext4_mb_mark_diskspace_used:3885: comm syz.2.790: Allocating blocks 497-513 which overlap fs metadata
[  171.281779][   T26] audit: type=1800 audit(1774072968.114:186): pid=7144 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.798" name="bus" dev="loop4" ino=18 res=0 errno=0
[  171.305034][ T7133] EXT4-fs (loop2): Remounting filesystem read-only
[  171.389877][ T7132] EXT4-fs (loop2): pa ffff88805e60f540: logic 256, phys. 369, len 9
[  171.398852][ T7132] EXT4-fs error (device loop2): ext4_mb_release_inode_pa:4902: group 0, free 0, pa_free 1
[  171.421181][ T5826] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  171.439020][ T7132] EXT4-fs (loop2): Remounting filesystem read-only
[  171.640004][ T7154] loop6: detected capacity change from 0 to 4096
[  171.777947][ T7154] ntfs3: loop6: Mark volume as dirty due to NTFS errors
[  171.824191][ T7164] loop4: detected capacity change from 0 to 1764
[  171.833961][ T7154] ntfs3: loop6: Failed to load $Extend.
[  171.916309][ T7164] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[  172.365225][ T7181] loop4: detected capacity change from 0 to 256
[  172.452219][ T5826] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  172.528245][   T26] audit: type=1800 audit(1774072969.354:187): pid=7181 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.813" name=DC dev="loop4" ino=1048639 res=0 errno=0
[  172.609896][ T4191] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  172.738715][ T5452] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  172.838625][ T5826] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  172.978620][ T4191] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  172.994162][ T4191] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  173.004346][ T4191] usb 6-1: New USB device found, idVendor=1e7d, idProduct=30d4, bcdDevice= 0.01
[  173.013764][ T4191] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  173.018842][ T5452] usb 3-1: Using ep0 maxpacket: 32
[  173.028269][ T4191] usb 6-1: config 0 descriptor??
[  173.108549][ T4866] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  173.188680][ T5452] usb 3-1: config 0 has an invalid interface number: 67 but max is 0
[  173.197352][ T5452] usb 3-1: config 0 has no interface number 0
[  173.199422][ T5826] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  173.214739][ T5826] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  173.224803][ T5826] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  173.237909][ T5826] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  173.247285][ T5826] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  173.258084][ T5826] usb 7-1: config 0 descriptor??
[  173.378559][ T4866] usb 4-1: Using ep0 maxpacket: 8
[  173.398656][ T5452] usb 3-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  173.408587][ T5452] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  173.416739][ T5452] usb 3-1: Product: syz
[  173.421454][ T5452] usb 3-1: Manufacturer: syz
[  173.426141][ T5452] usb 3-1: SerialNumber: syz
[  173.435535][ T5452] usb 3-1: config 0 descriptor??
[  173.482013][ T5825] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  173.491855][ T5452] smsc95xx v2.0.0
[  173.498649][ T4866] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  173.513098][ T4191] arvo 0003:1E7D:30D4.0009: hidraw0: USB HID v0.00 Device [HID 1e7d:30d4] on usb-dummy_hcd.5-1/input0
[  173.517635][ T4866] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  173.539354][ T4866] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  173.554637][ T4866] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  173.573914][ T4866] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  173.583220][ T4866] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  173.598371][ T4227] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  173.740551][ T5826] plantronics 0003:047F:FFFF.000A: unbalanced delimiter at end of report description
[  173.753169][ T5826] plantronics 0003:047F:FFFF.000A: parse failed
[  173.759908][ T5826] plantronics: probe of 0003:047F:FFFF.000A failed with error -22
[  173.834116][ T7206] loop4: detected capacity change from 0 to 4096
[  173.878764][ T4866] usb 4-1: GET_CAPABILITIES returned 0
[  173.898018][ T4866] usbtmc 4-1:16.0: can't read capabilities
[  173.924300][ T7208] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  173.954816][ T4866] usb 6-1: USB disconnect, device number 9
[  173.976413][ T5903] usb 7-1: USB disconnect, device number 7
[  174.083588][ T7206] NILFS (loop4): error -2 preparing GC: cannot delete virtual blocks from DAT file
[  174.099576][ T4867] usb 4-1: USB disconnect, device number 15
[  174.209916][ T7210] loop4: detected capacity change from 0 to 4096
[  174.317599][ T7210] ntfs3: loop4: Mark volume as dirty due to NTFS errors
[  174.342358][ T7210] ntfs3: loop4: Failed to load $Extend.
[  174.518895][ T4191] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  174.558656][ T5452] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000034: -71
[  174.589806][ T7217] loop6: detected capacity change from 0 to 2048
[  174.600308][ T5452] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_DATA
[  174.640881][ T5452] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000014: -71
[  174.661007][ T7217] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  174.671945][ T5452] smsc95xx: probe of 3-1:0.67 failed with error -71
[  174.679198][ T7217] ext4 filesystem being mounted at /95/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  174.699479][ T5452] usb 3-1: USB disconnect, device number 5
[  174.718662][ T5826] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  174.827356][ T7220] erofs: (device loop3): mounted with root inode @ nid 36.
[  174.963044][ T5826] usb 5-1: Using ep0 maxpacket: 32
[  175.028964][ T7230] tipc: Started in network mode
[  175.034002][ T7230] tipc: Node identity 7f000001, cluster identity 4711
[  175.044754][ T7230] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  175.088698][ T5826] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  175.100210][ T5826] usb 5-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  175.118612][ T4191] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  175.133610][ T7232] netlink: 100 bytes leftover after parsing attributes in process `syz.5.836'.
[  175.218660][ T6731] usb 7-1: new full-speed USB device number 8 using dummy_hcd
[  175.268701][ T5826] usb 5-1: New USB device found, idVendor=1bc7, idProduct=1201, bcdDevice=55.67
[  175.278139][ T5826] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  175.286234][ T5826] usb 5-1: Product: syz
[  175.290601][ T5826] usb 5-1: Manufacturer: syz
[  175.295241][ T5826] usb 5-1: SerialNumber: syz
[  175.302424][ T5826] usb 5-1: config 0 descriptor??
[  175.378624][ T4191] usb 4-1: Using ep0 maxpacket: 32
[  175.438614][ T4866] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  175.508744][ T4191] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 106, changing to 10
[  175.520505][ T4191] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 34041, setting to 1024
[  175.531873][ T4191] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  175.541036][ T4191] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  175.553063][ T4191] usb 4-1: config 0 descriptor??
[  175.569043][ T5825] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  175.569493][ T7220] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  175.591978][ T4191] hub 4-1:0.0: USB hub found
[  175.608696][ T6731] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  175.619801][ T6731] usb 7-1: New USB device found, idVendor=056a, idProduct=033b, bcdDevice= 0.00
[  175.629349][ T6731] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  175.639501][ T6731] usb 7-1: config 0 descriptor??
[  175.691292][ T6731] usbhid 7-1:0.0: couldn't find an input interrupt endpoint
[  175.705885][ T7212] usb 7-1: USB disconnect, device number 8
[  175.747983][ T6731] usb 5-1: USB disconnect, device number 6
[  175.808822][ T4191] hub 4-1:0.0: 1 port detected
[  175.978611][ T4866] usb 3-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  175.987756][ T4866] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  176.000338][ T4866] usb 3-1: Product: syz
[  176.004549][ T4866] usb 3-1: Manufacturer: syz
[  176.011831][ T4866] usb 3-1: SerialNumber: syz
[  176.020657][ T4866] usb 3-1: config 0 descriptor??
[  176.095577][ T7224] udc-core: couldn't find an available UDC or it's busy
[  176.103661][ T7224] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  176.232879][ T4191] usb 4-1: USB disconnect, device number 16
[  176.312831][ T7239] netlink: 12 bytes leftover after parsing attributes in process `syz.4.838'.
[  176.520744][ T7247] set_capacity_and_notify: 1 callbacks suppressed
[  176.520761][ T7247] loop5: detected capacity change from 0 to 4096
[  176.529772][ T4191] usb 3-1: USB disconnect, device number 6
[  176.595913][ T7247] ntfs3: loop5: Mark volume as dirty due to NTFS errors
[  176.603324][ T4867] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  176.611777][ T5825] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  176.620812][ T7247] ntfs3: loop5: Failed to load $Extend.
[  176.710307][ T7249] loop6: detected capacity change from 0 to 2048
[  176.803982][ T7252] loop5: detected capacity change from 0 to 512
[  176.849389][ T7252] EXT4-fs (loop5): mounting ext2 file system using the ext4 subsystem
[  176.857696][ T7252] EXT4-fs (loop5): bad block size 16384
[  176.879753][ T7249] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  176.899332][ T7252] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  176.964829][ T7249] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm syz.6.843: bg 0: block 234: padding at end of block bitmap is not set
[  176.986034][ T7249] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 65537 with max blocks 33 with error 28
[  176.999133][ T7249] EXT4-fs (loop6): This should not happen!! Data will be lost
[  176.999133][ T7249] 
[  177.010170][ T7249] EXT4-fs (loop6): Total free blocks count 0
[  177.021669][ T7249] EXT4-fs (loop6): Free/Dirty block details
[  177.027702][ T7249] EXT4-fs (loop6): free_blocks=0
[  177.057320][ T7249] EXT4-fs (loop6): dirty_blocks=64
[  177.096480][ T7249] EXT4-fs (loop6): Block reservation details
[  177.157211][ T7249] EXT4-fs (loop6): i_reserved_data_blocks=4
[  177.173842][ T7261] loop2: detected capacity change from 0 to 256
[  177.480275][ T7270] loop2: detected capacity change from 0 to 1764
[  177.558838][ T4191] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  177.595189][ T7270] ISOFS: root inode is unusable. Disabling Rock Ridge and switching to Joliet.
[  177.633617][ T7272] loop5: detected capacity change from 0 to 4096
[  177.640750][ T4191] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  177.651157][    C0] vcan0: j1939_tp_rxtimer: 0xffff88806042b400: rx timeout, send abort
[  177.662475][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff88806042b400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  177.837827][ T7276] loop3: detected capacity change from 0 to 64
[  177.912554][  T483] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  177.936436][  T483] EXT4-fs (loop6): This should not happen!! Data will be lost
[  177.936436][  T483] 
[  177.942421][ T7280] netlink: 4 bytes leftover after parsing attributes in process `syz.2.867'.
[  178.039107][ T7282] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  178.098514][ T5452] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  178.139343][ T7283] handle_bad_sector: 7 callbacks suppressed
[  178.139363][ T7283] attempt to access beyond end of device
[  178.139363][ T7283] loop3: rw=2049, want=162, limit=64
[  178.178268][ T7285] loop5: detected capacity change from 0 to 1024
[  178.215407][ T7283] buffer_io_error: 6 callbacks suppressed
[  178.215423][ T7283] Buffer I/O error on dev loop3, logical block 161, lost async page write
[  178.231474][ T7283] attempt to access beyond end of device
[  178.231474][ T7283] loop3: rw=2049, want=163, limit=64
[  178.243103][ T7283] Buffer I/O error on dev loop3, logical block 162, lost async page write
[  178.255997][ T7285] EXT4-fs (loop5): inline encryption not supported
[  178.271849][ T7285] EXT4-fs (loop5): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  178.310191][ T7283] attempt to access beyond end of device
[  178.310191][ T7283] loop3: rw=2049, want=164, limit=64
[  178.413776][ T7285] EXT4-fs (loop5): mounted filesystem without journal. Opts: dioread_nolock,data_err=abort,inlinecrypt,noauto_da_alloc,data_err=ignore,delalloc,nodiscard,grpquota,noblock_validity,user_xattr,mb_optimize_scan=0x0000000000000001,errors=remount-ro,sb=0x4000000000000000,sb=0x0000000000000. Quota mode: writeback.
[  178.448723][ T7283] Buffer I/O error on dev loop3, logical block 163, lost async page write
[  178.464226][ T7283] attempt to access beyond end of device
[  178.464226][ T7283] loop3: rw=2049, want=168, limit=64
[  178.469524][ T5452] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  178.476754][ T7283] Buffer I/O error on dev loop3, logical block 167, lost async page write
[  178.494776][ T7283] attempt to access beyond end of device
[  178.494776][ T7283] loop3: rw=2049, want=170, limit=64
[  178.505817][ T7283] Buffer I/O error on dev loop3, logical block 169, lost async page write
[  178.514487][ T7283] attempt to access beyond end of device
[  178.514487][ T7283] loop3: rw=2049, want=172, limit=64
[  178.517502][ T7285] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:3885: comm syz.5.857: Allocating blocks 497-513 which overlap fs metadata
[  178.527665][ T7283] Buffer I/O error on dev loop3, logical block 171, lost async page write
[  178.550843][ T7295] loop2: detected capacity change from 0 to 16
[  178.558579][ T7283] attempt to access beyond end of device
[  178.558579][ T7283] loop3: rw=2049, want=173, limit=64
[  178.572282][ T5452] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  178.588040][ T7283] Buffer I/O error on dev loop3, logical block 172, lost async page write
[  178.597908][ T7285] EXT4-fs (loop5): Remounting filesystem read-only
[  178.608537][ T5452] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  178.629374][ T5452] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  178.629858][ T7283] attempt to access beyond end of device
[  178.629858][ T7283] loop3: rw=2049, want=174, limit=64
[  178.649830][ T7284] EXT4-fs (loop5): pa ffff88805e60f620: logic 256, phys. 369, len 9
[  178.657866][ T7284] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:4902: group 0, free 0, pa_free 1
[  178.667160][ T5452] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  178.692107][ T7295] erofs: (device loop2): mounted with root inode @ nid 36.
[  178.699620][ T4191] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  178.719022][ T7284] EXT4-fs (loop5): Remounting filesystem read-only
[  178.733687][ T5452] usb 5-1: config 0 descriptor??
[  178.753528][ T7283] Buffer I/O error on dev loop3, logical block 173, lost async page write
[  178.767581][ T7283] attempt to access beyond end of device
[  178.767581][ T7283] loop3: rw=2049, want=175, limit=64
[  178.785696][ T7283] Buffer I/O error on dev loop3, logical block 174, lost async page write
[  178.840515][ T7283] attempt to access beyond end of device
[  178.840515][ T7283] loop3: rw=2049, want=176, limit=64
[  178.852443][ T7283] Buffer I/O error on dev loop3, logical block 175, lost async page write
[  178.950337][ T7298] loop2: detected capacity change from 0 to 64
[  179.242422][ T5452] plantronics 0003:047F:FFFF.000B: No inputs registered, leaving
[  179.277522][ T7305] hfsplus: request for non-existent node 16777216 in B*Tree
[  179.295214][ T7305] hfsplus: request for non-existent node 16777216 in B*Tree
[  179.296094][ T5452] plantronics 0003:047F:FFFF.000B: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  179.332493][ T7305] hfsplus: request for non-existent node 16777216 in B*Tree
[  179.340621][ T7305] hfsplus: request for non-existent node 16777216 in B*Tree
[  179.364761][ T7302] hfsplus: request for non-existent node 16777216 in B*Tree
[  179.388271][ T4867] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  179.419530][ T7302] hfsplus: request for non-existent node 16777216 in B*Tree
[  179.489035][ T4249] hfsplus: request for non-existent node 16777216 in B*Tree
[  179.516861][ T4249] hfsplus: request for non-existent node 16777216 in B*Tree
[  179.551024][ T5452] usb 5-1: USB disconnect, device number 7
[  179.576056][ T7314] netlink: 104 bytes leftover after parsing attributes in process `syz.3.871'.
[  179.630226][ T7310] fido_id[7310]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[  179.658613][ T4867] usb 6-1: Using ep0 maxpacket: 16
[  179.718715][ T5825] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  179.778690][ T4867] usb 6-1: config 0 has an invalid interface number: 8 but max is 0
[  179.789669][ T4867] usb 6-1: config 0 has no interface number 0
[  179.801452][ T4867] usb 6-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  179.823626][ T4867] usb 6-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  179.959241][ T4867] usb 6-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  179.972957][ T4867] usb 6-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  179.990343][ T4867] usb 6-1: Product: syz
[  179.999124][ T4867] usb 6-1: SerialNumber: syz
[  180.021842][ T4867] usb 6-1: config 0 descriptor??
[  180.060529][ T4867] cm109 6-1:0.8: invalid payload size 0, expected 4
[  180.090189][ T4867] input: CM109 USB driver as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.8/input/input12
[  180.115999][ T7317] JBD2: Ignoring recovery information on journal
[  180.201047][ T7320] ialloc: diAlloc returned -5!
[  180.267281][ T7317] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  180.276874][    C0] cm109 6-1:0.8: cm109_urb_ctl_callback: usb_submit_urb (urb_irq) failed -90
[  180.505918][ T4954] ocfs2: Unmounting device (7,6) on (node local)
[  180.598939][ T4867] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  180.652775][ T4867] usb 6-1: USB disconnect, device number 10
[  180.685772][ T4867] cm109 6-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  180.769506][ T4191] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  180.925941][ T4866] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  180.944699][ T7347] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  180.981020][ T7346] input: syz0 as /devices/virtual/input/input13
[  181.062549][ T7349] input: syz1 as /devices/virtual/input/input14
[  181.074765][ T7349] input: failed to attach handler leds to device input14, error: -6
[  181.308857][ T4866] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  181.344089][ T4866] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  181.369356][ T4866] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  181.414736][ T4866] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  181.565639][ T4866] usb 4-1: config 0 descriptor??
[  181.602975][ T7340] set_capacity_and_notify: 3 callbacks suppressed
[  181.602991][ T7340] loop4: detected capacity change from 0 to 32768
[  181.643019][ T7367] loop2: detected capacity change from 0 to 512
[  181.691800][ T7367] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  181.734402][ T7367] EXT4-fs error (device loop2): ext4_orphan_get:1400: comm syz.2.891: inode #15: comm syz.2.891: iget: illegal inode #
[  181.750877][ T7367] EXT4-fs (loop2): Remounting filesystem read-only
[  181.757644][ T7367] EXT4-fs error (device loop2): ext4_orphan_get:1405: comm syz.2.891: couldn't read orphan inode 15 (err -117)
[  181.776417][ T7367] EXT4-fs (loop2): Remounting filesystem read-only
[  181.783543][ T7367] EXT4-fs (loop2): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000000001,errors=remount-ro,data=journal,usrjquota=,init_itable=0x0000000000000022,. Quota mode: none.
[  181.831664][ T7340] XFS (loop4): Mounting V5 Filesystem
[  181.838373][ T6731] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  181.926191][ T7340] XFS (loop4): Ending clean mount
[  181.955609][   T26] audit: type=1800 audit(1774072978.784:188): pid=7340 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.880" name="file1" dev="loop4" ino=6150 res=0 errno=0
[  182.061875][ T4866] pyra 0003:1E7D:2CF6.000C: unknown main item tag 0x1
[  182.077331][ T4866] pyra 0003:1E7D:2CF6.000C: unknown main item tag 0x2
[  182.088332][ T4866] pyra 0003:1E7D:2CF6.000C: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.3-1/input0
[  182.224299][ T4186] XFS (loop4): Unmounting Filesystem
[  182.343143][ T7389] loop2: detected capacity change from 0 to 128
[  182.403794][ T7379] loop5: detected capacity change from 0 to 32768
[  182.471357][ T7379] (syz.5.893,7379,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  182.496817][ T7379] (syz.5.893,7379,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  182.603468][ T7379] JBD2: Ignoring recovery information on journal
[  182.708583][ T4866] pyra 0003:1E7D:2CF6.000C: couldn't init struct pyra_device
[  182.730850][ T4866] pyra 0003:1E7D:2CF6.000C: couldn't install mouse
[  182.764712][ T7379] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  182.781256][ T4866] pyra: probe of 0003:1E7D:2CF6.000C failed with error -71
[  182.816482][ T7379] (syz.5.893,7379,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x98842a5e, computed 0xe74db1cd. Applying ECC.
[  182.839841][ T4866] usb 4-1: USB disconnect, device number 17
[  182.847575][ T4191] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  183.030153][ T7401] fido_id[7401]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[  183.073581][ T7379] (syz.5.893,7379,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x1cec3d0f, computed 0xd2ffbdfe. Applying ECC.
[  183.101300][ T7409] loop8: detected capacity change from 0 to 7
[  183.118901][ T7409] Dev loop8: unable to read RDB block 7
[  183.128929][ T7409]  loop8: unable to read partition table
[  183.143449][ T7379] (syz.5.893,7379,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xdf8356d3, computed 0xb8c23ae4. Applying ECC.
[  183.168571][ T7409] loop8: partition table beyond EOD, truncated
[  183.175793][ T7379] (syz.5.893,7379,1):ocfs2_block_check_validate:416 ERROR: Fixed CRC32 failed: stored: 0xdf8356d3, computed 0x2acb7e3c
[  183.188537][ T7409] loop_reread_partitions: partition scan of loop8 (�被x�^>��� ) failed (rc=-5)
[  183.211330][ T7379] (syz.5.893,7379,1):ocfs2_read_quota_phys_block:160 ERROR: status = -5
[  183.231896][ T7379] (syz.5.893,7379,1):ocfs2_quota_read:201 ERROR: status = -5
[  183.245568][ T7379] Quota error (device loop5): find_block_dqentry: Can't read quota tree block 6
[  183.301099][ T7379] Quota error (device loop5): qtree_read_dquot: Can't read quota structure for id 0
[  183.317207][ T7379] (syz.5.893,7379,1):ocfs2_acquire_dquot:878 ERROR: status = -5
[  183.360968][ T7379] (syz.5.893,7379,1):ocfs2_mknod:314 ERROR: status = -5
[  183.367993][ T7379] (syz.5.893,7379,1):ocfs2_mknod:502 ERROR: status = -5
[  183.402536][ T7418] loop2: detected capacity change from 0 to 64
[  183.408926][ T7379] (syz.5.893,7379,1):ocfs2_mkdir:659 ERROR: status = -5
[  183.525636][ T7379] (syz.5.893,7379,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xdf8356d3, computed 0xb8c23ae4. Applying ECC.
[  183.549752][ T7425] handle_bad_sector: 64 callbacks suppressed
[  183.549771][ T7425] attempt to access beyond end of device
[  183.549771][ T7425] loop2: rw=2049, want=162, limit=64
[  183.583779][ T7379] (syz.5.893,7379,1):ocfs2_block_check_validate:416 ERROR: Fixed CRC32 failed: stored: 0xdf8356d3, computed 0x2acb7e3c
[  183.602601][ T7379] (syz.5.893,7379,1):ocfs2_read_quota_phys_block:160 ERROR: status = -5
[  183.618010][ T7425] buffer_io_error: 54 callbacks suppressed
[  183.618037][ T7425] Buffer I/O error on dev loop2, logical block 161, lost async page write
[  183.633328][ T7379] (syz.5.893,7379,1):ocfs2_quota_read:201 ERROR: status = -5
[  183.640403][ T5452] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  183.646773][ T7379] Quota error (device loop5): qtree_write_dquot: Error -5 occurred while creating quota
[  183.659093][ T7425] attempt to access beyond end of device
[  183.659093][ T7425] loop2: rw=2049, want=163, limit=64
[  183.670472][ T7379] (syz.5.893,7379,1):ocfs2_acquire_dquot:878 ERROR: status = -5
[  183.680562][ T7425] Buffer I/O error on dev loop2, logical block 162, lost async page write
[  183.746223][ T7425] attempt to access beyond end of device
[  183.746223][ T7425] loop2: rw=2049, want=164, limit=64
[  183.780828][ T7425] Buffer I/O error on dev loop2, logical block 163, lost async page write
[  183.816003][ T7425] attempt to access beyond end of device
[  183.816003][ T7425] loop2: rw=2049, want=168, limit=64
[  183.827510][ T7425] Buffer I/O error on dev loop2, logical block 167, lost async page write
[  183.836358][ T7425] attempt to access beyond end of device
[  183.836358][ T7425] loop2: rw=2049, want=170, limit=64
[  183.842217][ T4546] ocfs2: Unmounting device (7,5) on (node local)
[  183.859407][ T7425] Buffer I/O error on dev loop2, logical block 169, lost async page write
[  183.868230][ T7425] attempt to access beyond end of device
[  183.868230][ T7425] loop2: rw=2049, want=172, limit=64
[  183.887518][ T7425] Buffer I/O error on dev loop2, logical block 171, lost async page write
[  183.906228][ T7432] loop3: detected capacity change from 0 to 1024
[  183.912628][ T7425] attempt to access beyond end of device
[  183.912628][ T7425] loop2: rw=2049, want=173, limit=64
[  183.912655][ T7425] Buffer I/O error on dev loop2, logical block 172, lost async page write
[  183.912698][ T7425] attempt to access beyond end of device
[  183.912698][ T7425] loop2: rw=2049, want=174, limit=64
[  183.912719][ T7425] Buffer I/O error on dev loop2, logical block 173, lost async page write
[  183.912796][ T7425] attempt to access beyond end of device
[  183.912796][ T7425] loop2: rw=2049, want=175, limit=64
[  183.912816][ T7425] Buffer I/O error on dev loop2, logical block 174, lost async page write
[  183.925395][ T6731] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  184.012184][ T7425] attempt to access beyond end of device
[  184.012184][ T7425] loop2: rw=2049, want=176, limit=64
[  184.023637][ T7425] Buffer I/O error on dev loop2, logical block 175, lost async page write
[  184.039083][ T4866] usb 5-1: new full-speed USB device number 8 using dummy_hcd
[  184.090922][ T7432] EXT4-fs (loop3): mounted filesystem without journal. Opts: nodioread_nolock,noblock_validity,noquota,delalloc,journal_dev=0x0000000000000009,nodioread_nolock,,errors=continue. Quota mode: none.
[  184.118634][ T7432] ext4 filesystem being mounted at /174/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  184.347240][ T7440] netlink: 256 bytes leftover after parsing attributes in process `syz.5.918'.
[  184.397677][ T7440] netlink: 16 bytes leftover after parsing attributes in process `syz.5.918'.
[  184.449005][ T4866] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  184.478496][ T4866] usb 5-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  184.505005][ T7446] loop2: detected capacity change from 0 to 1024
[  184.517244][ T4866] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 4
[  184.536313][ T4866] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  184.694828][   T26] audit: type=1800 audit(1774072981.524:189): pid=7446 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.917" name="file1" dev="loop2" ino=20 res=0 errno=0
[  184.731052][ T4866] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  184.743524][ T7446] hfsplus: request for non-existent node 33554434 in B*Tree
[  184.747766][ T4866] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  184.766899][ T4866] usb 5-1: Product: syz
[  184.771308][ T4866] usb 5-1: Manufacturer: syz
[  184.775938][ T4866] usb 5-1: SerialNumber: syz
[  184.799221][ T7446] hfsplus: request for non-existent node 33554434 in B*Tree
[  184.806778][ T7446] hfsplus: request for non-existent node 33554434 in B*Tree
[  184.866612][ T7446] hfsplus: request for non-existent node 33554434 in B*Tree
[  184.939270][ T4249] hfsplus: request for non-existent node 33554434 in B*Tree
[  184.956816][ T4249] hfsplus: request for non-existent node 33554434 in B*Tree
[  184.996284][ T7442] loop3: detected capacity change from 0 to 32768
[  185.009434][ T6731] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  185.045095][ T7430] netlink: 16 bytes leftover after parsing attributes in process `syz.4.912'.
[  185.089997][ T4867] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  185.098670][ T4867] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  185.118727][ T5452] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  185.224302][ T4866] usb 5-1: 0:2 : does not exist
[  185.267204][ T7442] XFS (loop3): Mounting V5 Filesystem
[  185.279666][ T4866] usb 5-1: USB disconnect, device number 8
[  185.368685][ T5452] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  185.388164][ T7442] XFS (loop3): Ending clean mount
[  185.440669][   T26] audit: type=1800 audit(1774072982.274:190): pid=7442 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.916" name="file1" dev="loop3" ino=6150 res=0 errno=0
[  185.469912][ T7442] XFS (loop3): User initiated shutdown received.
[  185.477179][ T7455] loop5: detected capacity change from 0 to 32768
[  185.494525][ T7442] XFS (loop3): Log I/O Error (0x6) detected at xfs_fs_goingdown+0x6d/0x150 (fs/xfs/xfs_fsops.c:495).  Shutting down filesystem.
[  185.510678][ T4177] udevd[4177]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  185.544212][ T7442] XFS (loop3): Please unmount the filesystem and rectify the problem(s)
[  185.610531][ T4198] XFS (loop3): Unmounting Filesystem
[  185.624402][ T7455] XFS (loop5): Mounting V5 Filesystem
[  185.764357][ T7455] XFS (loop5): Ending clean mount
[  185.788613][ T7455] XFS (loop5): Quotacheck needed: Please wait.
[  185.891323][ T7487] pimreg: tun_chr_ioctl cmd 1074025677
[  185.898172][ T7487] pimreg: linktype set to 769
[  185.903682][ T7487] pimreg: tun_chr_ioctl cmd 2147767506
[  185.969691][ T4227] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  185.984548][ T7455] XFS (loop5): Quotacheck: Done.
[  186.038778][ T6731] Bluetooth: hci4: command 0x0406 tx timeout
[  186.058654][ T5826] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  186.066367][ T6731] Bluetooth: hci2: command 0x0406 tx timeout
[  186.081707][ T5825] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  186.159126][ T7489] device syzkaller1 entered promiscuous mode
[  186.174310][ T4177] Dev loop7: unable to read RDB block 7
[  186.184223][ T4177]  loop7: unable to read partition table
[  186.194191][ T4546] XFS (loop5): Unmounting Filesystem
[  186.201951][ T4177] loop7: partition table beyond EOD, truncated
[  186.219625][ T7491] Dev loop7: unable to read RDB block 7
[  186.227111][ T7491]  loop7: unable to read partition table
[  186.233368][ T7491] loop7: partition table beyond EOD, truncated
[  186.264646][ T7491] loop_reread_partitions: partition scan of loop7 (�被x엟��� ) failed (rc=-5)
[  186.308547][ T5826] usb 5-1: Using ep0 maxpacket: 16
[  186.458660][ T5826] usb 5-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  186.478803][ T5826] usb 5-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[  186.501540][ T5826] usb 5-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 28
[  186.535911][ T5826] usb 5-1: config 0 interface 0 has no altsetting 0
[  186.546070][ T5826] usb 5-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  186.575855][ T5826] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  186.610394][ T5826] usb 5-1: config 0 descriptor??
[  186.678840][ T4227] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  186.739255][ T7504] device syzkaller1 entered promiscuous mode
[  187.085376][ T5826] hid (null): invalid report_size -411721051
[  187.097594][ T5826] hid (null): report_id 0 is invalid
[  187.103857][ T5826] hid (null): global environment stack underflow
[  187.115960][ T5826] hid (null): unknown global tag 0xe
[  187.123132][ T5826] hid (null): unknown global tag 0xc
[  187.159110][ T6731] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  187.303612][ T7522] set_capacity_and_notify: 2 callbacks suppressed
[  187.303630][ T7522] loop5: detected capacity change from 0 to 32768
[  187.319501][ T6731] usb 5-1: USB disconnect, device number 9
[  187.465370][ T7533] device syzkaller1 entered promiscuous mode
[  187.493071][ T7522] XFS (loop5): Mounting V5 Filesystem
[  187.552499][ T7522] XFS (loop5): Ending clean mount
[  187.581510][ T7522] XFS (loop5): User initiated shutdown received.
[  187.588013][ T7522] XFS (loop5): Log I/O Error (0x6) detected at xfs_fs_goingdown+0x6d/0x150 (fs/xfs/xfs_fsops.c:495).  Shutting down filesystem.
[  187.601692][ T7522] XFS (loop5): Please unmount the filesystem and rectify the problem(s)
[  187.641696][ T4546] XFS (loop5): Unmounting Filesystem
[  188.081649][ T7553] loop6: detected capacity change from 0 to 1024
[  188.119403][ T7553] EXT4-fs (loop6): inline encryption not supported
[  188.126166][ T7553] EXT4-fs (loop6): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  188.216640][ T5825] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  188.225923][ T7553] EXT4-fs (loop6): mounted filesystem without journal. Opts: dioread_nolock,data_err=abort,inlinecrypt,noauto_da_alloc,data_err=ignore,delalloc,nodiscard,grpquota,noblock_validity,user_xattr,mb_optimize_scan=0x0000000000000001,errors=remount-ro,sb=0x4000000000000000,sb=0x0000000000000. Quota mode: writeback.
[  188.312337][ T7553] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:3885: comm syz.6.954: Allocating blocks 257-513 which overlap fs metadata
[  188.424913][ T7553] EXT4-fs (loop6): Remounting filesystem read-only
[  188.758631][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  188.907600][ T7577] loop4: detected capacity change from 0 to 4096
[  189.172087][ T4186] ntfs3: loop4: ntfs_evict_inode r=5 failed, -22.
[  189.187591][ T4186] ntfs3: loop4: Mark volume as dirty due to NTFS errors
[  189.250912][ T5825] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  189.432512][ T7562] loop5: detected capacity change from 0 to 32768
[  189.612453][ T7562] XFS (loop5): Mounting V5 Filesystem
[  189.719030][ T5452] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  189.762086][ T7579] loop3: detected capacity change from 0 to 32768
[  189.792468][ T7579] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.964 (7579)
[  189.835670][ T7562] XFS (loop5): Ending clean mount
[  189.858167][ T7579] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  189.867985][ T7562] XFS (loop5): Quotacheck needed: Please wait.
[  189.887932][ T7579] BTRFS info (device loop3): turning off barriers
[  189.901863][ T7579] BTRFS info (device loop3): setting nodatasum
[  189.908160][ T7579] BTRFS info (device loop3): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  189.919129][ T7579] BTRFS info (device loop3): use zstd compression, level 3
[  189.926385][ T7579] BTRFS info (device loop3): using free space tree
[  189.946076][ T7579] BTRFS info (device loop3): has skinny extents
[  189.984449][ T7562] XFS (loop5): Quotacheck: Done.
[  190.046853][ T7562] XFS (loop5): Metadata CRC error detected at xfs_refcountbt_read_verify+0x3a/0xd0, xfs_refcountbt block 0x28 
[  190.088530][ T7562] XFS (loop5): Unmount and run xfs_repair
[  190.096669][ T7562] XFS (loop5): First 128 bytes of corrupted metadata buffer:
[  190.122290][ T7562] 00000000: 52 ff ff ff 7f 00 00 00 ff ff ff ff ff ff ff ff  R...............
[  190.148297][ T7562] 00000010: 00 00 00 00 00 00 00 28 00 00 00 00 00 00 00 00  .......(........
[  190.164060][ T7562] 00000020: c4 96 e0 5e 54 0d 4c 72 b5 91 04 d7 9d 8b 4e eb  ...^T.Lr......N.
[  190.253009][ T7562] 00000030: 00 00 00 00 bd e7 de 5d 00 00 00 00 00 00 00 00  .......]........
[  190.268888][ T7562] 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  190.288627][ T4191] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  190.309536][ T7562] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  190.350114][ T7562] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  190.433710][ T7562] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  190.468366][ T7562] XFS (loop5): metadata I/O error in "xfs_btree_read_buf_block+0x1db/0x2d0" at daddr 0x28 len 8 error 74
[  190.515029][ T7562] XFS (loop5): Corruption of in-memory data (0x8) detected at xfs_defer_finish_noroll+0x156f/0x1b80 (fs/xfs/libxfs/xfs_defer.c:504).  Shutting down filesystem.
[  190.586187][ T7562] XFS (loop5): Please unmount the filesystem and rectify the problem(s)
[  190.602129][ T7583] loop4: detected capacity change from 0 to 40427
[  190.682972][ T4546] XFS (loop5): Unmounting Filesystem
[  190.706967][ T7583] F2FS-fs (loop4): Found nat_bits in checkpoint
[  190.885231][ T7583] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  191.136452][ T4186] handle_bad_sector: 8 callbacks suppressed
[  191.136471][ T4186] attempt to access beyond end of device
[  191.136471][ T4186] loop4: rw=2049, want=45104, limit=40427
[  191.534529][ T7631] netlink: 'syz.5.971': attribute type 11 has an invalid length.
[  191.718562][ T7632] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  192.017831][ T7628] loop2: detected capacity change from 0 to 32768
[  192.319509][ T7653] capability: warning: `syz.4.979' uses deprecated v2 capabilities in a way that may be insecure
[  192.376398][ T7635] loop5: detected capacity change from 0 to 40427
[  192.392351][ T7628] XFS (loop2): Mounting V5 Filesystem
[  192.447767][ T7662] loop3: detected capacity change from 0 to 128
[  192.463298][ T7635] F2FS-fs (loop5): build fault injection attr: rate: 771, type: 0x1ffff
[  192.489146][ T7635] F2FS-fs (loop5): invalid crc value
[  192.518504][ T7667] syz.4.984 sent an empty control message without MSG_MORE.
[  192.565543][ T7628] XFS (loop2): Ending clean mount
[  192.571636][ T7662] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  192.586082][ T7662] hpfs: filesystem error: improperly stopped
[  192.592418][ T7635] F2FS-fs (loop5): Found nat_bits in checkpoint
[  192.599723][ T7662] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  192.599787][ T7662] hpfs: You really don't want any checks? You are crazy...
[  192.600049][ T7662] hpfs: hpfs_map_sector(): read error
[  192.600060][ T7662] hpfs: code page support is disabled
[  192.609590][ T7662] hpfs: hpfs_map_4sectors(): unaligned read
[  192.609661][ T7662] hpfs: hpfs_map_4sectors(): unaligned read
[  192.609673][ T7662] hpfs: filesystem error: unable to find root dir
[  192.756388][ T7628] XFS (loop2): WARNING: Reset corrupted AGFL on AG 0. 1 blocks leaked. Please unmount and run xfs_repair.
[  192.757182][ T7628] XFS (loop2): Corruption warning: Metadata has LSN (1:1536) ahead of current LSN (1:80). Please unmount and run xfs_repair (>= v4.3) to resolve.
[  192.757349][ T7628] XFS (loop2): Metadata CRC error detected at xfs_allocbt_read_verify+0x3a/0xd0, xfs_cntbt block 0x8 
[  192.757391][ T7628] XFS (loop2): Unmount and run xfs_repair
[  192.757404][ T7628] XFS (loop2): First 128 bytes of corrupted metadata buffer:
[  192.757423][ T7628] 00000000: 41 42 33 43 00 00 00 03 ff ff ff ff ff ff ff ff  AB3C............
[  192.757440][ T7628] 00000010: 00 00 00 00 00 00 00 08 00 00 00 01 00 00 06 00  ................
[  192.757457][ T7628] 00000020: 00 00 00 00 00 00 42 cb 9f 91 9c b7 20 0a 10 1d  ......B..... ...
[  192.757474][ T7628] 00000030: 00 00 00 00 83 85 41 d8 00 00 00 07 00 00 00 01  ......A.........
[  192.757490][ T7628] 00000040: 00 00 0b fe 00 00 00 02 00 00 0c 20 00 00 13 e0  ........... ....
[  192.757507][ T7628] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  192.757524][ T7628] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  192.757541][ T7628] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  192.757565][ T7628] XFS (loop2): metadata I/O error in "xfs_btree_read_buf_block+0x1db/0x2d0" at daddr 0x8 len 4 error 74
[  192.768691][ T5452] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  192.770680][ T7635] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  192.799654][ T7628] XFS (loop2): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x515/0x8b0 (fs/xfs/xfs_trans_buf.c:296).  Shutting down filesystem.
[  192.799711][ T7628] XFS (loop2): Please unmount the filesystem and rectify the problem(s)
[  193.254304][ T5825] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  193.270224][ T5228] XFS (loop2): Unmounting Filesystem
[  193.278755][ T4546] attempt to access beyond end of device
[  193.278755][ T4546] loop5: rw=2049, want=45104, limit=40427
[  193.442360][ T7683] loop6: detected capacity change from 0 to 2048
[  193.578308][ T7683] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  194.154463][ T7700] loop8: detected capacity change from 0 to 8
[  194.201983][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  194.232482][ T7700] Dev loop8: unable to read RDB block 8
[  194.238542][ T7700]  loop8: unable to read partition table
[  194.266201][ T7700] loop8: partition table beyond EOD, truncated
[  194.279271][ T5825] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  194.318594][ T7700] loop_reread_partitions: partition scan of loop8 (�被x�^>�� �) failed (rc=-5)
[  194.473808][ T5825] Bluetooth: hci0: command 0x1407 tx timeout
[  194.491945][ T7710] loop4: detected capacity change from 0 to 256
[  194.575026][ T7714] loop2: detected capacity change from 0 to 256
[  194.808566][ T5825] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  194.945438][ T7687] loop3: detected capacity change from 0 to 40427
[  194.992959][ T7687] F2FS-fs (loop3): invalid crc value
[  195.035199][ T7687] F2FS-fs (loop3): Found nat_bits in checkpoint
[  195.078472][ T5825] usb 6-1: Using ep0 maxpacket: 8
[  195.152719][ T7687] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  195.204870][   T26] audit: type=1800 audit(1774072992.034:191): pid=7687 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.993" name="file1" dev="loop3" ino=10 res=0 errno=0
[  195.266717][ T4198] attempt to access beyond end of device
[  195.266717][ T4198] loop3: rw=2049, want=45104, limit=40427
[  195.278384][ T5825] usb 6-1: unable to get BOS descriptor or descriptor too short
[  195.328847][ T7632] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  195.368612][ T5825] usb 6-1: config 4 has an invalid interface number: 147 but max is 0
[  195.376838][ T5825] usb 6-1: config 4 contains an unexpected descriptor of type 0x2, skipping
[  195.436424][ T5825] usb 6-1: config 4 has no interface number 0
[  195.487840][ T7712] loop6: detected capacity change from 0 to 40427
[  195.519016][ T7712] F2FS-fs (loop6): build fault injection attr: rate: 771, type: 0x1ffff
[  195.532120][ T7712] F2FS-fs (loop6): invalid crc value
[  195.553990][ T7712] F2FS-fs (loop6): Found nat_bits in checkpoint
[  195.660162][ T5825] usb 6-1: New USB device found, idVendor=04f2, idProduct=b746, bcdDevice=8e.6e
[  195.677644][ T5825] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  195.695644][ T5825] usb 6-1: Product: syz
[  195.705814][ T7712] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  195.713491][ T5825] usb 6-1: Manufacturer: syz
[  195.718112][ T5825] usb 6-1: SerialNumber: syz
[  195.754591][ T7733] loop2: detected capacity change from 0 to 8192
[  195.806391][ T4866] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  195.832662][ T7733] REISERFS (device loop2): found reiserfs format "3.6" with non-standard journal
[  195.854935][ T7733] REISERFS (device loop2): using ordered data mode
[  195.862944][ T7733] reiserfs: using flush barriers
[  195.869320][ T7733] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  195.886036][ T7733] REISERFS (device loop2): checking transaction log (loop2)
[  196.001469][ T7721] loop4: detected capacity change from 0 to 40427
[  196.035406][ T7733] REISERFS (device loop2): Using tea hash to sort names
[  196.056049][ T7733] REISERFS warning (device loop2): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 4) not found (pos 2)
[  196.087418][ T4954] attempt to access beyond end of device
[  196.087418][ T4954] loop6: rw=2049, want=45104, limit=40427
[  196.123810][ T7733] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage.
[  196.223209][ T7733] REISERFS warning (device loop2): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 5) not found (pos 2)
[  196.244672][ T5825] usb 6-1: Found UVC 0.02 device syz (04f2:b746)
[  196.251420][ T5825] usb 6-1: No valid video chain found.
[  196.259245][ T7733] REISERFS warning (device loop2): vs-13060 reiserfs_update_sd_size: stat data of object [1 2 0x0 SD] (nlink == 6) not found (pos 2)
[  196.303805][ T5825] usb 6-1: USB disconnect, device number 11
[  196.391435][ T7721] F2FS-fs (loop4): Found nat_bits in checkpoint
[  196.709203][ T7721] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  196.758596][    C0] ip6_tunnel: ip6gre1 xmit: Local address not yet configured!
[  197.042792][ T6731] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  197.061642][ T4186] attempt to access beyond end of device
[  197.061642][ T4186] loop4: rw=2049, want=45104, limit=40427
[  197.140400][ T7743] F2FS-fs (loop3): Found nat_bits in checkpoint
[  197.191590][ T6731] kernel write not supported for file /input/mouse0 (pid: 6731 comm: kworker/1:19)
[  197.209693][ T7754] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  197.222116][ T7632] usb 6-1: new high-speed USB device number 12 using dummy_hcd
[  197.238655][ T7743] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  197.308331][ T7754] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  197.488686][ T7632] usb 6-1: Using ep0 maxpacket: 8
[  197.629803][ T7632] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  197.674472][ T7632] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  197.692124][ T7632] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  197.728383][ T7632] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  197.748180][ T7632] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  197.786345][ T7632] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  197.912480][ T7773] set_capacity_and_notify: 2 callbacks suppressed
[  197.912503][ T7773] loop6: detected capacity change from 0 to 4096
[  197.938550][ T5452] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  197.954689][ T7773] ntfs: (device loop6): parse_options(): Invalid mft_zone_multiplier. Using default value, i.e. 1.
[  198.066792][ T7773] ntfs: volume version 3.1.
[  198.089880][ T7632] usb 6-1: GET_CAPABILITIES returned 0
[  198.095458][ T7632] usbtmc 6-1:16.0: can't read capabilities
[  198.175435][ T7781] netlink: 'syz.4.1026': attribute type 2 has an invalid length.
[  198.188484][ T5452] usb 4-1: Using ep0 maxpacket: 8
[  198.199399][ T4229] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  198.308238][ T4229] usb 6-1: USB disconnect, device number 12
[  198.308916][ T5452] usb 4-1: config 179 has an invalid interface number: 65 but max is 0
[  198.342885][ T5452] usb 4-1: config 179 has no interface number 0
[  198.368785][ T5452] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  198.404117][ T5452] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  198.436049][ T5452] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  198.468248][ T5452] usb 4-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  198.497517][ T5452] usb 4-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  198.527088][ T5452] usb 4-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  198.542033][ T5452] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  198.598834][ T7767] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  198.662309][ T7793] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  198.798026][ T7800] loop2: detected capacity change from 0 to 64
[  198.839076][ T5452] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  198.866193][ T5452] input: Generic X-Box pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:179.65/input/input15
[  199.079151][ T7767] udc-core: couldn't find an available UDC or it's busy
[  199.086142][ T7767] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  199.245322][ T5023] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  199.335051][ T5452] usb 4-1: USB disconnect, device number 18
[  199.341147][    C0] xpad 4-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  199.341229][    C0] xpad 4-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  199.476317][ T7829] loop2: detected capacity change from 0 to 2048
[  199.529461][ T7829] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  199.544294][ T7829] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  199.620198][ T7833] loop2: detected capacity change from 0 to 16
[  199.658992][ T7833] MTD: Attempt to mount non-MTD device "/dev/loop2"
[  200.288758][ T7632] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  200.310862][ T7866] loop5: detected capacity change from 0 to 128
[  200.647797][ T7884] overlayfs: overlay with incompat feature 'volatile' cannot be mounted
[  200.787205][ T7893] loop5: detected capacity change from 0 to 64
[  201.332269][ T7632] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  201.385600][ T7913] loop3: detected capacity change from 0 to 32768
[  201.429508][ T7913] JBD2: Ignoring recovery information on journal
[  201.496220][ T7913] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  201.575511][ T7913] overlayfs: upper fs does not support tmpfile.
[  201.590189][ T7913] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  201.598225][ T7913] 
[  201.600571][ T7913] ======================================================
[  201.607601][ T7913] WARNING: possible circular locking dependency detected
[  201.614619][ T7913] syzkaller #0 Not tainted
[  201.619023][ T7913] ------------------------------------------------------
[  201.626033][ T7913] syz.3.1089/7913 is trying to acquire lock:
[  201.632006][ T7913] ffff88806209ed88 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5){+.+.}-{3:3}, at: ocfs2_reserve_suballoc_bits+0x16a/0x44d0
[  201.645262][ T7913] 
[  201.645262][ T7913] but task is already holding lock:
[  201.652633][ T7913] ffff888050e15c78 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_xattr_set+0x464/0x13e0
[  201.662149][ T7913] 
[  201.662149][ T7913] which lock already depends on the new lock.
[  201.662149][ T7913] 
[  201.672573][ T7913] 
[  201.672573][ T7913] the existing dependency chain (in reverse order) is:
[  201.681604][ T7913] 
[  201.681604][ T7913] -> #4 (&oi->ip_xattr_sem){++++}-{3:3}:
[  201.689452][ T7913]        down_read+0x44/0x2e0
[  201.694166][ T7913]        ocfs2_init_acl+0x307/0x770
[  201.699387][ T7913]        ocfs2_mknod+0x15cb/0x2510
[  201.704531][ T7913]        ocfs2_mkdir+0x192/0x420
[  201.709495][ T7913]        vfs_mkdir+0x387/0x570
[  201.714276][ T7913]        do_mkdirat+0x1df/0x5b0
[  201.719146][ T7913]        __x64_sys_mkdirat+0x85/0x90
[  201.724462][ T7913]        do_syscall_64+0x4c/0xa0
[  201.729421][ T7913]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  201.735859][ T7913] 
[  201.735859][ T7913] -> #3 (&journal->j_trans_barrier){.+.+}-{3:3}:
[  201.744415][ T7913]        down_read+0x44/0x2e0
[  201.749123][ T7913]        ocfs2_start_trans+0x3a6/0x6f0
[  201.754617][ T7913]        ocfs2_modify_bh+0xe0/0x4c0
[  201.759844][ T7913]        ocfs2_local_read_info+0x13c8/0x1750
[  201.765852][ T7913]        dquot_load_quota_sb+0x756/0xac0
[  201.771515][ T7913]        dquot_load_quota_inode+0x2d8/0x5d0
[  201.777432][ T7913]        ocfs2_enable_quotas+0x1c5/0x490
[  201.783084][ T7913]        ocfs2_fill_super+0x3cd2/0x50f0
[  201.788645][ T7913]        mount_bdev+0x287/0x3c0
[  201.793508][ T7913]        legacy_get_tree+0xe6/0x180
[  201.798714][ T7913]        vfs_get_tree+0x88/0x270
[  201.803683][ T7913]        do_new_mount+0x24a/0xa40
[  201.808782][ T7913]        __se_sys_mount+0x2e3/0x3d0
[  201.813989][ T7913]        do_syscall_64+0x4c/0xa0
[  201.818927][ T7913]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  201.825354][ T7913] 
[  201.825354][ T7913] -> #2 (sb_internal#3){.+.+}-{0:0}:
[  201.832836][ T7913]        ocfs2_start_trans+0x2a7/0x6f0
[  201.838319][ T7913]        ocfs2_mknod+0xf5a/0x2510
[  201.843347][ T7913]        ocfs2_mkdir+0x192/0x420
[  201.848306][ T7913]        vfs_mkdir+0x387/0x570
[  201.853087][ T7913]        do_mkdirat+0x1df/0x5b0
[  201.857965][ T7913]        __x64_sys_mkdirat+0x85/0x90
[  201.863274][ T7913]        do_syscall_64+0x4c/0xa0
[  201.868218][ T7913]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  201.874643][ T7913] 
[  201.874643][ T7913] -> #1 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#6){+.+.}-{3:3}:
[  201.885159][ T7913]        down_write+0x38/0x60
[  201.889853][ T7913]        ocfs2_reserve_local_alloc_bits+0x11c/0x25f0
[  201.896522][ T7913]        ocfs2_reserve_clusters_with_limit+0x1b6/0xc10
[  201.903369][ T7913]        ocfs2_mknod+0xef8/0x2510
[  201.908416][ T7913]        ocfs2_mkdir+0x192/0x420
[  201.913372][ T7913]        vfs_mkdir+0x387/0x570
[  201.918162][ T7913]        do_mkdirat+0x1df/0x5b0
[  201.923008][ T7913]        __x64_sys_mkdirat+0x85/0x90
[  201.928296][ T7913]        do_syscall_64+0x4c/0xa0
[  201.933232][ T7913]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  201.939641][ T7913] 
[  201.939641][ T7913] -> #0 (&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5){+.+.}-{3:3}:
[  201.950160][ T7913]        __lock_acquire+0x2c42/0x7d10
[  201.955565][ T7913]        lock_acquire+0x19e/0x400
[  201.960595][ T7913]        down_write+0x38/0x60
[  201.965304][ T7913]        ocfs2_reserve_suballoc_bits+0x16a/0x44d0
[  201.971759][ T7913]        ocfs2_reserve_new_metadata_blocks+0x412/0x9a0
[  201.978661][ T7913]        ocfs2_init_xattr_set_ctxt+0x2f4/0x6f0
[  201.984882][ T7913]        ocfs2_xattr_set+0xc38/0x13e0
[  201.990299][ T7913]        __vfs_setxattr+0x3e0/0x420
[  201.995519][ T7913]        __vfs_setxattr_noperm+0x129/0x5e0
[  202.001360][ T7913]        vfs_setxattr+0x167/0x2e0
[  202.006412][ T7913]        ovl_get_workdir+0x9d3/0x1230
[  202.011815][ T7913]        ovl_fill_super+0x1824/0x2a30
[  202.017210][ T7913]        mount_nodev+0x52/0xe0
[  202.021997][ T7913]        legacy_get_tree+0xe6/0x180
[  202.027229][ T7913]        vfs_get_tree+0x88/0x270
[  202.032219][ T7913]        do_new_mount+0x24a/0xa40
[  202.037302][ T7913]        __se_sys_mount+0x2e3/0x3d0
[  202.042529][ T7913]        do_syscall_64+0x4c/0xa0
[  202.047495][ T7913]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  202.053936][ T7913] 
[  202.053936][ T7913] other info that might help us debug this:
[  202.053936][ T7913] 
[  202.064186][ T7913] Chain exists of:
[  202.064186][ T7913]   &ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5 --> &journal->j_trans_barrier --> &oi->ip_xattr_sem
[  202.064186][ T7913] 
[  202.081278][ T7913]  Possible unsafe locking scenario:
[  202.081278][ T7913] 
[  202.088722][ T7913]        CPU0                    CPU1
[  202.094120][ T7913]        ----                    ----
[  202.099481][ T7913]   lock(&oi->ip_xattr_sem);
[  202.104094][ T7913]                                lock(&journal->j_trans_barrier);
[  202.111917][ T7913]                                lock(&oi->ip_xattr_sem);
[  202.119021][ T7913]   lock(&ocfs2_sysfile_lock_key[args->fi_sysfile_type]#5);
[  202.126314][ T7913] 
[  202.126314][ T7913]  *** DEADLOCK ***
[  202.126314][ T7913] 
[  202.134575][ T7913] 4 locks held by syz.3.1089/7913:
[  202.139678][ T7913]  #0: ffff88802577e0e0 (&type->s_umount_key#68/1){+.+.}-{3:3}, at: alloc_super+0x201/0x950
[  202.149797][ T7913]  #1: ffff888058f7e460 (sb_writers#15){.+.+}-{0:0}, at: mnt_want_write+0x3d/0x90
[  202.159063][ T7913]  #2: ffff888050e15f48 (&sb->s_type->i_mutex_key#25){+.+.}-{3:3}, at: vfs_setxattr+0x140/0x2e0
[  202.169535][ T7913]  #3: ffff888050e15c78 (&oi->ip_xattr_sem){++++}-{3:3}, at: ocfs2_xattr_set+0x464/0x13e0
[  202.179480][ T7913] 
[  202.179480][ T7913] stack backtrace:
[  202.185375][ T7913] CPU: 0 PID: 7913 Comm: syz.3.1089 Not tainted syzkaller #0
[  202.192756][ T7913] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  202.202838][ T7913] Call Trace:
[  202.206136][ T7913]  <TASK>
[  202.209079][ T7913]  dump_stack_lvl+0x188/0x250
[  202.213772][ T7913]  ? load_image+0x400/0x400
[  202.218283][ T7913]  ? show_regs_print_info+0x20/0x20
[  202.223504][ T7913]  ? print_circular_bug+0x12b/0x1a0
[  202.228710][ T7913]  check_noncircular+0x296/0x330
[  202.233682][ T7913]  ? add_chain_block+0x940/0x940
[  202.238623][ T7913]  ? lockdep_lock+0xf1/0x1f0
[  202.243224][ T7913]  ? mark_lock+0x94/0x320
[  202.247553][ T7913]  __lock_acquire+0x2c42/0x7d10
[  202.252446][ T7913]  ? verify_lock_unused+0x140/0x140
[  202.257688][ T7913]  ? __mutex_unlock_slowpath+0x1b0/0x6c0
[  202.263327][ T7913]  ? do_raw_spin_lock+0x128/0x2f0
[  202.268358][ T7913]  ? mutex_unlock+0x10/0x10
[  202.272920][ T7913]  ? __rwlock_init+0x140/0x140
[  202.277702][ T7913]  ? do_raw_spin_unlock+0x11d/0x230
[  202.282923][ T7913]  lock_acquire+0x19e/0x400
[  202.287431][ T7913]  ? ocfs2_reserve_suballoc_bits+0x16a/0x44d0
[  202.293596][ T7913]  ? __bfs+0x2a3/0x5c0
[  202.297674][ T7913]  ? __might_sleep+0xf0/0xf0
[  202.302285][ T7913]  ? read_lock_is_recursive+0x10/0x10
[  202.307697][ T7913]  ? verify_lock_unused+0x140/0x140
[  202.312952][ T7913]  down_write+0x38/0x60
[  202.317135][ T7913]  ? ocfs2_reserve_suballoc_bits+0x16a/0x44d0
[  202.323216][ T7913]  ocfs2_reserve_suballoc_bits+0x16a/0x44d0
[  202.329123][ T7913]  ? mark_lock+0x94/0x320
[  202.333458][ T7913]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  202.339444][ T7913]  ? lock_chain_count+0x20/0x20
[  202.344301][ T7913]  ? __rwlock_init+0x140/0x140
[  202.349079][ T7913]  ? ocfs2_block_group_search+0x470/0x470
[  202.354823][ T7913]  ? _raw_spin_unlock_irqrestore+0x82/0x120
[  202.360742][ T7913]  ? lockdep_hardirqs_on+0x94/0x140
[  202.365975][ T7913]  ? _raw_spin_unlock_irqrestore+0xc1/0x120
[  202.371901][ T7913]  ? _raw_spin_unlock+0x40/0x40
[  202.376760][ T7913]  ? stack_trace_save+0xa6/0xf0
[  202.381605][ T7913]  ? stack_trace_snprint+0xf0/0xf0
[  202.386713][ T7913]  ? stack_depot_save+0x404/0x440
[  202.391756][ T7913]  ? __kasan_kmalloc+0xcc/0xf0
[  202.396541][ T7913]  ? __kasan_kmalloc+0xb5/0xf0
[  202.401326][ T7913]  ? ocfs2_reserve_new_metadata_blocks+0x109/0x9a0
[  202.407878][ T7913]  ? ocfs2_init_xattr_set_ctxt+0x2f4/0x6f0
[  202.413715][ T7913]  ? ocfs2_xattr_set+0xc38/0x13e0
[  202.418765][ T7913]  ? __vfs_setxattr+0x3e0/0x420
[  202.423725][ T7913]  ? __vfs_setxattr_noperm+0x129/0x5e0
[  202.429205][ T7913]  ? vfs_setxattr+0x167/0x2e0
[  202.433913][ T7913]  ? ovl_get_workdir+0x9d3/0x1230
[  202.438947][ T7913]  ? ovl_fill_super+0x1824/0x2a30
[  202.443997][ T7913]  ? mount_nodev+0x52/0xe0
[  202.448451][ T7913]  ? legacy_get_tree+0xe6/0x180
[  202.453336][ T7913]  ? vfs_get_tree+0x88/0x270
[  202.457957][ T7913]  ? do_new_mount+0x24a/0xa40
[  202.462648][ T7913]  ? __se_sys_mount+0x2e3/0x3d0
[  202.467499][ T7913]  ? do_syscall_64+0x4c/0xa0
[  202.472095][ T7913]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  202.478190][ T7913]  ocfs2_reserve_new_metadata_blocks+0x412/0x9a0
[  202.484530][ T7913]  ? ocfs2_init_steal_slots+0x150/0x150
[  202.490117][ T7913]  ? ocfs2_xattr_block_set+0x2e10/0x2e10
[  202.495755][ T7913]  ? do_raw_spin_lock+0x128/0x2f0
[  202.500801][ T7913]  ocfs2_init_xattr_set_ctxt+0x2f4/0x6f0
[  202.506454][ T7913]  ? _raw_spin_unlock+0x24/0x40
[  202.511307][ T7913]  ? ocfs2_prepare_refcount_xattr+0xff0/0xff0
[  202.517377][ T7913]  ? ocfs2_truncate_log_needs_flush+0x12c/0x300
[  202.523649][ T7913]  ? ocfs2_remove_btree_range+0x15e0/0x15e0
[  202.529552][ T7913]  ? up_write+0x1bb/0x420
[  202.533899][ T7913]  ocfs2_xattr_set+0xc38/0x13e0
[  202.538790][ T7913]  ? __ocfs2_xattr_set_handle+0xf30/0xf30
[  202.544516][ T7913]  ? __down_trylock_console_sem+0xf2/0x1f0
[  202.550365][ T7913]  ? aa_get_newest_label+0xf5/0x5a0
[  202.555595][ T7913]  ? posix_xattr_acl+0x8f/0xb0
[  202.560388][ T7913]  ? evm_protect_xattr+0x33c/0x9b0
[  202.565501][ T7913]  ? ocfs2_xattr_trusted_get+0x40/0x40
[  202.570977][ T7913]  __vfs_setxattr+0x3e0/0x420
[  202.575664][ T7913]  __vfs_setxattr_noperm+0x129/0x5e0
[  202.580957][ T7913]  vfs_setxattr+0x167/0x2e0
[  202.585487][ T7913]  ? xattr_permission+0x500/0x500
[  202.590546][ T7913]  ? up_write+0x1bb/0x420
[  202.594873][ T7913]  ? do_raw_spin_unlock+0x11d/0x230
[  202.600077][ T7913]  ovl_get_workdir+0x9d3/0x1230
[  202.604962][ T7913]  ? ovl_get_upper+0x600/0x600
[  202.609764][ T7913]  ovl_fill_super+0x1824/0x2a30
[  202.614646][ T7913]  ? ovl_mount+0x30/0x30
[  202.618899][ T7913]  ? sget+0x427/0x440
[  202.622879][ T7913]  ? free_anon_bdev+0x20/0x20
[  202.627579][ T7913]  ? ovl_mount+0x30/0x30
[  202.631825][ T7913]  mount_nodev+0x52/0xe0
[  202.636068][ T7913]  legacy_get_tree+0xe6/0x180
[  202.640741][ T7913]  ? virtio_fs_zero_page_range+0x120/0x120
[  202.646575][ T7913]  vfs_get_tree+0x88/0x270
[  202.651014][ T7913]  do_new_mount+0x24a/0xa40
[  202.655538][ T7913]  __se_sys_mount+0x2e3/0x3d0
[  202.660222][ T7913]  ? __x64_sys_mount+0xc0/0xc0
[  202.664984][ T7913]  ? lockdep_hardirqs_on+0x94/0x140
[  202.670184][ T7913]  ? __x64_sys_mount+0x1c/0xc0
[  202.674943][ T7913]  do_syscall_64+0x4c/0xa0
[  202.679370][ T7913]  ? clear_bhb_loop+0x30/0x80
[  202.684042][ T7913]  ? clear_bhb_loop+0x30/0x80
[  202.688737][ T7913]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  202.694655][ T7913] RIP: 0033:0x7f5ca4842799
[  202.699072][ T7913] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  202.718796][ T7913] RSP: 002b:00007f5ca2a9c028 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  202.727209][ T7913] RAX: ffffffffffffffda RBX: 00007f5ca4abbfa0 RCX: 00007f5ca4842799
[  202.735179][ T7913] RDX: 0000200000000440 RSI: 0000200000000100 RDI: 0000000000000000
[  202.743154][ T7913] RBP: 00007f5ca48d8c99 R08: 0000200000000300 R09: 0000000000000000
[  202.751137][ T7913] R10: 0000000000000008 R11: 0000000000000246 R12: 0000000000000000
[  202.759134][ T7913] R13: 00007f5ca4abc038 R14: 00007f5ca4abbfa0 R15: 00007ffd638f35b8
[  202.767138][ T7913]  </TASK>
[  202.773249][ T7632] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  202.781386][ T7632] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  202.799331][ T7913] overlayfs: upper fs missing required features.
[  202.836150][ T4198] ocfs2: Unmounting device (7,3) on (node local)
[  203.801385][ T5023] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  204.848899][ T5023] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  205.798710][ T4866] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  205.881508][ T4229] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  206.921367][ T4229] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  207.958988][ T4229] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  208.838756][ T4866] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  209.011584][ T4229] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  210.038938][ T4229] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  211.078751][ T5023] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog