last executing test programs:

1m35.645906984s ago: executing program 0 (id=983):
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4)

1m35.234794848s ago: executing program 0 (id=987):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x3, 0xd, &(0x7f0000000a80)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xdfaa}, [@call={0x85, 0x0, 0x0, 0x23}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000004c0)={r1, 0x18000000000002a0, 0xe, 0x0, &(0x7f00000002c0)="d2ff030060010000009e08f086dd", 0x0, 0xd5b1, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

1m34.486070127s ago: executing program 0 (id=993):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000413f5f201d0650c16fce0102030109021b00010000100009043300011870f500090582020002"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x204, &(0x7f0000000780)={[{0xc5, 0x4e00, "328dc43ce732a43629f9feffa8ffa8a0cf66fd0c5953c6bbc2e0fb93049dec370e16e645112618123311ab9ebc21f9e6f9d4752b2dd9364f8bf022c85d2c6da3649e75bb5f0722ba24fc1d1c841792cd1cdcb9cabf8d93adbdebee46532b6b168db8015415066ed82c6d44a628778e0d541d62beada2a309967a283322ef5529cf4b41651d5f65f0182bcb234845cd504a1f1b6dca32fbe301999c0fe54996a1272fc091a61789e0e44d95c9eba78d01db55137965769450ccb4c4606c80f708403b367167"}, {0x72, 0x4e00, "31006823e15dbcb52ade7d07f6b19dc0e7fb22b439a3ceed99d243284d4b82e5f7ac0929dac3c641a6f134af2ba286951775506eda25fcbc38e14597ee51873eaa6fb3da72fb534f8ebb7787d33e892b89f5a53a2f53194038121211fac7487cb41d1069cd0dae24a12dffff8aca2db6c864"}, {0xbb, 0x4e00, "5112e3a3d3aada69f583b492538eb9685054ee701da3a22a5ae2c1aadf6888553eadcbc442806b5c8537a295d67604b3e2f97ed2e90b4cd2b172fb907d3564f8dfc5f6c2433eaf86e701c09834a5951b71f919e9e8ead3a9795d264c832abf34f2763810ccee7c2c3cb2d1948ec7dd0b2f81292e032cfb534f334c439181f8b8e151fd89d527a4b6431d1eaa8bfb1383d47a65568248bf3b71741dea68ca34784fc981fffdb68828286e2e4ccb7d716e22265071c74c2eaf60f0b6"}]})

1m31.813473218s ago: executing program 0 (id=1011):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x2004000, &(0x7f0000000040), 0xfe, 0x563, &(0x7f00000007c0)="$eJzs3c9rHFUcAPDvbHbbpK02BSnoQQI9WKndtIk/KnioR9FiQe91SaahZNMt2U1pYsH2oBcvUgQRC+If4N1j8R/wryhooUgJevASmWQ22Ta7m1/bZHU/H5j2vZnZefPmzXv5vp1dNoCBNZb9U4h4OSK+SSKOt2wrRr5xbG2/5Se3p7IliZWVT/5MIsnXNfdP8v+PNjPFiF+/jDhT2FxufXFptlKtpvN5frwxd2O8vrh09tpcZSadSa9PTE5eeGty4t133u5ZXV+//Pf3Hz/44MLXp5a/+/nRiXtJXIxj+bbWeuzBndbMWIzl16QUF5/Z8XwPCusnyUGfALsylPfzUmRjwPEYyns98P/3RUSsAANpJBL9HwZUMw5ozu035sHDBxiV7J/H769NgDbXv7j23kgMr86NjiwnT82MsvnuaA/Kz8r45Y/797Ilevc+BMCW7tyNiHPF4ubxL8nHv907t419ni3D+Af750EW/7zRLv4prMc/0Sb+Odqm7+7G1v2/8KgHxXSUxX/vtY1/1x9ajQ7luRciRkajlFy9Vk2zse3FiDgdpcNZvtvznAvLD1c6bWuN/7IlK78ZC+bn8ah4+OnXTFcalb3UudXjuxGvtI1/k/X2T9q0f3Y9Lm+zjJPp/Vc7bdu6/s/Xyk8Rr7Vt/40nWkn355Pjq/fDePOu2Oyvr07+1qn8g65/1v5Hutd/NGl9XlvfeRk/Dv+Tdtq22/v/UPLpavpQvu5WpdGYPx9xKPlo8/qJjdc28839s/qfPtV9/Gt3/49ExGfbrH+3mXQ/tP/0jtp/54mHH37+Q6fy8/qXomv7v7maOp2v2c74t90T3Mu1AwAAAAAAgH5TiIhjkRTK6+lCoVxe+3zHS3GkUK3VG2eu1hauT8fqd2VHo1RoPuk+vpZPmp9/GG3JTzyTn4yIExHx7dDIar48VatOH3TlAQAAAAAAAAAAAAAAAAAAoE8c7fD9/8zvQwd9dsBz5ye/YXBt2f978UtPQF/a7d//+R6fB7D/xP8wuPR/GFz6Pwwu/R8Gl/4Pg0v/h8Gl/wMAAAAAAAAAAAAAAAAAAAAAAAAAAEBPXb50KVtWlp/cnsry0zcXF2ZrN89Op/XZ8tzCVHmqNn+jPFOrzVTT8lRtbqvjVWu1G+cnYuHWeCOtN8bri0tX5moL1xtXrs1VZtIraWlfagUAAAAAAAAAAAAAAAAAAAD/LfXFpdlKtZrOS/RzYvg5HfnO3o9T7IfrI7HjRBLd9znokQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANvwbAAD//+f9MzI=")
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x1204001, &(0x7f00000011c0)={[{@lowerdir={'lowerdir', 0x3d, '.'}, 0x3a}], [], 0x2f})
name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0, 0x0, 0x0)

1m31.105249047s ago: executing program 0 (id=1021):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./bus\x00', 0x800000, &(0x7f0000000180)=ANY=[@ANYRES64=0x0], 0xff, 0x371, &(0x7f0000000280)="$eJzs3T1oZNUXAPAz8yYzycL/n3SiIIx2gsbNdtqYIFlYTKMy+FGIg5tVmcQiwWBSbBILF0vBUis7BS0sxFIERewsbF1BVhcL3W7BxSszbz7efCSbrEQJ/n7FzN37znnn3veGmbePmZsXF6N1cSou3bhxLaanS1FZfHwxbpZiLrLo2Ytx1Ql9AMDpcDOl+D3ljphSOuEhAQAnrPP5/3JE1GMu73nzq8Pik09/ADj1uv//nzksZvqgDfUTGRIAcMLG7v/fP7S5WomoRqX3z0rhWwEAwGn19HPPP7G0EvFUvT4dsX5lq7HViEcH25cuxauxFqtxNmbjVkR+odB+KHUez19YWT5br9fL8fNcNCKi3E1s5FcKS1knvxYLMRtz3fz2pUbqtLPzn64sL9Q7ImJvt1M/1ktbjak4063/w5lYHVx49HbSeYq4sLJ8rt7dQWO9l78bsT+4b9Ee/3zMxncv9XeTUu8bjCvLlxd6gx7kbzVqcbF/FA68AwIAAAAAAAAAAAAAAAAAAAAAAHdkvt43118/J7Wf85Vy5ucnbO+sj5Pnd9cH2s/XB0q1FCn99sZDjbezGFofaHR9ni0LCQIAAAAAAAAAAAAAAAAAAEDf5nY1mmtrqxub2zutYmN3Y3O7HBHtnte++fjLmRiPuU2jkpeoRfRL1Ltld1rNlPWCUxYxnp61i/d6PvysP+JiTK0/i4nDqA1vKg/F/O++n94bBN+b9fb85yAmi8kTzArDeGyk6Pr/8yEd50D1G+eKPbXx6ldTSoWet4rpl18Y32GUIirHP3E7rXLnvG9Pd4/vUExqN76+9srdvaPf/CLlHnhw9pmr735wvdVca1eOzhmsbmzeSq1mqRd8rMMyU6xeirxRKr4SKs3rDx+Yvj/c08y+//XZe9759mjVU7Hn9fbreSQmy6fzyWh6NW+0hzk6nUH6VHcSa6tTE178t2vcwTm96/3PP0rpx1+OXGKgPPa2UfrbbzwAAAAAAAAAAAAAAAAAAMCYwm/Fu7o/9p06LOuRJ09+ZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwzxn8/f9CY38vRnr6jb2xnn7jj90JWbXVjSvVf3uSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD85/0VAAD//zYMU/U=")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000)

1m27.188717535s ago: executing program 0 (id=1050):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)={{0x14}, [@NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0x40}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x40, 0x4, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, @osf={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_OSF_DREG={0x8, 0x1, 0x1, 0x0, 0x4}]}}}, {0x24, 0x1, 0x0, 0x1, @meta={{0x9}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_META_KEY={0x8, 0x2, 0x1, 0x0, 0xc}, @NFTA_META_SREG={0x8, 0x3, 0x1, 0x0, 0x17}]}}}]}]}], {0x14, 0x11, 0x102}}, 0x94}}, 0x0)

1m26.382073042s ago: executing program 32 (id=1050):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)={{0x14}, [@NFT_MSG_NEWRULE={0x6c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2, 0x0, 0x40}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x40, 0x4, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, @osf={{0x8}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_OSF_DREG={0x8, 0x1, 0x1, 0x0, 0x4}]}}}, {0x24, 0x1, 0x0, 0x1, @meta={{0x9}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_META_KEY={0x8, 0x2, 0x1, 0x0, 0xc}, @NFTA_META_SREG={0x8, 0x3, 0x1, 0x0, 0x17}]}}}]}]}], {0x14, 0x11, 0x102}}, 0x94}}, 0x0)

33.452076206s ago: executing program 4 (id=1433):
syz_mount_image$exfat(&(0x7f00000002c0), &(0x7f0000000240)='./file0\x00', 0x3800052, &(0x7f0000000600)=ANY=[], 0xfd, 0x14fe, &(0x7f0000004bc0)="$eJzs3Au0ztXWMPA511p/NklPkvuaa/55kssiSXJJSCRJkiS5JSRJkoTEJrckJCH3JPeQ3GIn9/st9yQ5kiQJCUnWN3Q6n/e8nfftnO+c7/V9Z8/fGGvsNff/mfNZa889nv9ljL2/7Ti4av1qlesyM/xT8M9fUgEgBQD6AcA1ABABQKlspbIBDoNMGlP/uTcR/1oPTbvSKxBXkvQ/fZP+p2/S//RN+p++Sf/TN+l/+ib9T9+k/0KkZ1un575WRvod/3PP/0Ge//8/R87//0YOFxvz5fpi13f6B1Kk/+mb9D99k/6nb9L/9E36n75J///NRQCV/pvD0v/0TfovRHp2pZ8/y7iy40r//gkhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGESB/OhcsMAPxlfqXXJYQQQgghhBBCiH+dkPFKr0AIIYQQQgghhBD/9yEo0GAgggyQEVIgE2SGqyALXA1Z4RpIwLWQDa6D7HA95ICckAtyQx7IC/nAAoEDhhjyQwFIwg1QEG6EQlAYikBR8FAMisNNUAJuhpJwC5SCW6E03AZloCyUg/JwO1SAO6AiVILKcCdUgbugKlSDu6E63AM14F6oCfdBLbgfasMDUAcehLrwENSDh6E+PAIN4FFoCI2gMTSBpv9H+S9CV3gJukF3SIUe0BNehl7QG/pAX+gHr0B/eBUGwGswEAbBYHgdhsAbMBTehGEwHEbAWzASRsFoGANjYRyMh7dhArwDE+FdmASTYQpMhWkwHWbAezATZsFseB/mwAcwF+bBfFgAC+FDWASLIQ0+giXwMSyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVPYBtshx2wE3bBbtgDn8Je+Az2weewH774B/PP/qf8TggIqFChQYMZMAOmYApmxsyYBbNgVsyKCUxgNsyG2TE75sAcmAtzYR7Mg/kwHxISMjLmx/yYxCQWxIJYCAthESyCHj0Wx+JYAm/GklgSS2EpLI2lsQyWxbJYHstjBayAFbEiVsbKWAWrYFWsinfj3XgP1sAaWBNrYi2shbWxNtbBOlgX62I9rIf1sT42wAbYEBtiY2yMTbEpNsNm2BybY0tsia2wFbbG1tgG22BbbIvtsB22x/bYATtgR+yInbAzdsYX8UV8CV/C7lhF9cCe2BN7YS/sg32xL76C/fFVfBVfw4E4CAfj6/g6voFD8QwOw+E4AkdgBTUKR+MYZDUOx+N4nIATcCJOxEk4GSfjVJyG03EGzsCZOAtn4fs4Bz/AD3AezsMFuBAX4iJcjGmYhkvwLC7FZbgcV+BKXIUrcQ2uxTW4HjfgetyEm3ALbsFP8BPcjttxJ+7E3bgbP8VP8TP8DAfiftyPB/AAHsSDeAgP4WE8jEfwCB7Fo3gMj+FxPI4n8CSewpN4Gk/jGTyL5/AcnsfzeAGfz/N1vd2F1w0EdYlRRmVQGVSKSlGZVWaVRWVRWVVWlVAJlU1lU9lVdpVD5VC5VC6VR+VR+VQ+RYoUq1jlV/lVUiVVQVVQFVKFVBFVRHnlVXFVXJVQJVRJVVKVUreq0uo2VUaVVS18eVVeVVAtfUVVSVVWlVUVdZeqqqqpaqq6qq5qqBqqpqqpaqlaqrZ6QNVRPbAPPqQudaa+GoQN1GBsqBqpxqqJegMfU83UUGyuWqiW6gk1HIdha9XMt1FPq7ZqNLZTz6ox+JzqoMZhR/WC6qQ6qy7qRdVVNffdMvz2EaimYi/VW/VRfdVMvEtd6lhV9ZoaqAapwep1tQDfUEPVm2qYGq5GqLfUSDVKjVZj1Fg1To1Xb6sJ6h01Ub2rJqnJaoqaqqap6WqGek/NVLPUbPW+mqM+UHPVPDVfLVAL1YdqkVqs0tRHaon6WC1Vy9RytUKtVKvUarVGrVXr1Hq1QW1Um9RmtUVtVZ+obWq72qF2ql1qt9qjPlV71Wdqn/pc7VdfqAPqT+qg+lIdUl+pw+prdUR9o46qb9Ux9Z06rr5XJ9RJdUr9oE6rH9UZdVadUz+p8+pndUH9oi6qoECjVlproyOdQWfUKTqTzqyv0ln01TqrvkYn9LU6m75OZ9fX6xw6p86lc+s8Oq/Op60m7TTrWOfXBXRS36AL6ht1IV1YF9FFtdfFdHF9ky6hb9Yl9S26lL5Vl9a36TK6rC6ny+vbdQV9h66oK+nK+k5dRd+lq+pq+m5dXd+ja+h7dU19n66l79e19QO6jn5Q19UP6Xr6YV1fP6Ib6Ed1Q91IN9ZNdFP9mG6mH9fNdQvdUj+hW+kndWv9lG6jn9Zt9TO6nX5Wt9fP6Q76ed1Rv6A76c66i/5FX9RBd9PddaruoXvql3Uv3Vv30X11P/2K7q9f1QP0a3qgHqQH69f1EP2GHqrf1MP0cD1Cv6VH6lF6tB6jx+pxerx+W0/Q7+iJ+l09SU/WU/RUPU1P131+qzT778h/52/kD/j13bforfoTvU1v1zv0Tr1L79Z79B69V+/V+/Q+vV/v1wf0AX1QH9SH9CF9WB/WR/QRfVQf1cf0MX1cH9cn9En9k/5Bn9Y/6jP6rD6rf9Ln9Xl94befARg0ymhjTGQymIwmxWQymc1VJou52mQ115iEudZkM9eZ7OZ6k8PkNLlMbpPH5DX5jDVknGETm/ymgEmaG0xBc6MpZAqbIqao8aaYKW5u+qfz/2h9TU1T08w0M81Nc9PStDStTCvT2rQ2bUwb09a0Ne1MO9PetDcdTAfT0XQ0nUwn08V0MV1NV9PNdDOpJtX0NC+bXqa36WP6mn7mFdPf9DcDzAAz0Aw0g81gM8QMMUPNUDPMDDMjzAgz0ow0o81oM9aMNePNeDPBTDATzUQzyUwyU8wUM81MMzPMDDPTzDSzzWwzx8wxc81cM9/MNwvNQrPILDJpJs0sMUvMUrPMLDMrzAqzyqwya8was86sMxvMBrPJbDJLzVaz1Wwz28wOs8PsMrvMHrPH7DV7zT6zz+w3+80Bc8AcNAfNIXPIHDaHzRFzxBw1R80xc8wcN8fNCXPCnDKnzGlz2pwxZ8w5c86cN+fNBXPBXDQXL132RSpSkYlMlCHKEKVEKVHmKHOUJcoSZY2yRokoEWWLskXZo+ujHFHOKFeUO8oT5Y1SwUYUuYijOMofFYiS0Q1RwejGqFBUOCoSFY18VCwqHt0UlYhujkpGt0Sloluj0tFtUZmobFQuKh/dHlWI7ogqRpWiytGdUZXorqhqVC26O6oe3RPViO6Nakb3RbWi+6Pa0QNRnejBqG70UFQvejiqHz0SNYgejRpGjaLGUZOo6b+0fghncj7uu9nuNtX2sD3ty7aX7W372L62n33F9rev2gH2NTvQDrKD7et2iH3DDrVv2mF2uB1h37Ij7Sg72o6xY+04O96+bSfYd+xE+66dZCfbKXaqnWan2xn2PTvTzrKz7ft2jv3AzrXz7Hy7wC60H9pFdrFNsx/ZJfZju9Qus8vtCrvSrrKr7Rq71q6z6+0Gu9FuspvtFrvVfmK32e12h91pd9nddo/91O61n9l99nO7335hD9g/2YP2S3vIfmUP26/tEfuNPWq/tcfsd/a4/d6esCftKfuDPW1/tGfsWXvO/mTP25/tBfuLvWjDpYv7S6d3MmQoA2WgFEqhzJSZslAWykpZKUEJykbZKDtlpxyUg3JRLspDeSgf5aNLmJjyU35KUpIKUkEqRIWoCBUhT56KU3EqQSWoJJWkUlSKSlNpKkNlqByVo9vpdrqD7qBKVInupDvpLrqLqlE1qk7VqQbVoJpUk2pRLapNtakO1aG6VJfqUT2qT/WpATWghtSQGlNjakpNqRk1o+bUnFpSS2pFrag1taY21IbaUltqR+2oPbWnDtSBOlJH6kSdqAt1oa7UlbpRN0qlVOpJPakX9aI+1If6UT/qT/1pAA2ggTSQBtNgGkJDaCgNpWE0nEbQWzSSRtFoGkNjaRyNp/E0gSbQRJpIk2gSTaEpNI2m0QyaQTNpJs2m2TSH5tBcmkvzaT4tpIW0iBZRGqXRElpCS2kpLafltJJW0mpaTWtpLa2n9bSRNtJm2kxbaStto220g3bQLtpFe2gP7aW9tI/20X7aTwfoAB2kg3SIDtFhOkxH6AgdpaN0jI7RcTpOJ+gEnaJTdJpO0xk6Q+foHJ2nn+kC/UIXKVCKU5DZXeWyuKtdVneNS3GZ3KU4AoBLcS6X2+VxeV0+Z10Ol/OvYnLOFXKFXRFX1HlXzBV3N/0uLuPKunKuvLvdVXB3uIq/i6u7e1wNd6+r6e5z1dzdfxXXcve72u4RV8c96uq6Rq6ea+Lqu0dcA/eoa+gaucauiWvlnnSt3VOujXvatXXP/C5e5Ba7tW6dW+82uL3uM3fO/eSOum/defez6+a6u37uFdffveoGuNfcQDfod/EI95Yb6Ua50W6MG+vG/S6e4qa6aW66m+HeczPdrN/FC92Hbo5Lc3PdPDffLfg1vrSmNPeRW+I+dkvdMrfcrXAr3Sq32q3532td4Ta5zW6L2+M+ddvcdrfD7XS73O5f40v72Oc+d/vdF+6I+8YddF+6Q+6YO+y+/jW+tL9j7jt33H3vTriT7pT7wZ12P7oz7uyv+7+09x/cL+6iCw4YWbFmwxFn4Iycwpk4M1/FWfhqzsrXcIKv5Wx8HWfn6zkH5+RcnJvzcF7Ox5aJHTPHnJ8LcJJv4IJ8IxfiwlyEi7LnYlycb+ISfDOX5Fu4FN/Kpfk2LsNluRyX59u5At/BFbkSV+Y7uUoIXJWr8d1cne/hGnwv1+T7uBbfz7X5Aa7DD3Jdfojr8cNcnx/hBvwoN+RG3JibcFN+jJvx49ycW3BLfoJb8ZPcmp/iNvw0t+VnuB0/y+35Oe7Az3NHfoE7cWfuwi9yV36Ju3F3TuUe3JNf5l7cm/twX+7Hr3B/fpUH8Gs8kAfxYH6dh/AbPJTf5GE8nEfwWzySR/FoHsNjeRyP57d5Ar/DE/ldnsSTeQpP5Wk8nWfwezyTZ/Fsfp/n8Ac8l+fxfF7AC/lDXsSLOY0/4iX8MS/lZbycV/BKXsWreQ2v5XW8njfwRt7Em3kLb+VPeBtv5x28k3fxbt7Dn/Je/oz38ee8n7/gA/wnPshf8iH+ig/z13yEv+Gj/C0f4+/4OH/PJ/gkn+If+DT/yGf4LJ/jn/g8/8wX+Be+yIEhxljFOjZxFGeIM8YpcaY4c3xVnCW+Os4aXxMn4mvjbPF1cfb4+jhHnDPOFeeO88R543yxjSl2McdxnD8uECfjG+KC8Y1xobhwXCQuGvu4WFw8vikuEd8cl4xviUvFt8al49viMnHZ+JH7yse3xxXiO+KKcaW4cnxnXCW+K64aV4vvjqvH98Q14nvjmvF9ccn4/rh2/EBcJ34wrhs/FNeLH47rx4/EDeJH44Zxo7hx3CRuGj8WN4sfj5vHLeKW8RNxq/jJuHX8VNwmfjpuGz/zh8dT4x5xz/jl+OU4hHv1/OSC5MLkh8lFycXJtORHySXJj5NLk8uSy5MrkiuTq5Krk2uSa5PrkuuTG5Ibk5uSm5NbkiFUywgevfLaGx/5DD6jT/GZfGZ/lc/ir/ZZ/TU+4a/12fx1Pru/3ufwOX0un9vn8Xl9Pm89eefZxz6/L+CT/gZf0N/oC/nCvogv6r0v5ov7Jr6pb+qb+cd9c9/Ct/RP+Cf8k/5J/5R/yj/t2/pnfDv/rG/vn/Md/PP+ef+C7+Q7+y7+Rd/Vv+S7+e4+1af6nr6n7+V7+T6+j+/n+/n+vr8f4Af4gX6gH+wH+yF+iB/qh/phfpgf4Uf4kX6kH+1H+7F+rB/vx/sJfoKf6Cf6SX6Sn+Kn+Gl+mp/hZ/iZfqaf7Wf7OYXm+Ll+rp/v5/uFfqFf5Bf5NJ/ml/glfqlf6pf75X6lX+lX+9V+rV/r1/v1fqPf6Df7zX6r3+q3+W1+h9/hd/ldfo/f4/f6vX6f3+f3+/3+gD/gD/qD/pD/yh/2X/sj/ht/1H/rj/nv/HH/vT/hT/pT/gd/2v/oz/iz/pz/yZ/3P/sL/hd/0Qc/PvF2YkLincTExLuJSYnJiSmJqYlpiemJGYn3EjMTsxKzE+8n5iQ+SMxNzEvMTyxILEx8mFiUWJxIS3yUWJL4OLE0sSyxPLEisTKxKhFC3m1xyB8KhGS4IRQMN4ZCoXAoEooGH4qF4uGmUCLcHEqGW0KpcGsoHW4LZULZUC48GhqGRqFxaBKahsdCs/B4aB5ahJbhidAqPBlah6dCm/B0aBueCe3Cs6F9eC50CM+HjuGF0Cl0Dl3Ci6FreCl0C91DaugReoaXQ6/QO/QJfUO/8EroH14NA8JrYWAYFAaH18OQ8EYYGt4Mw8LwMCK8FUaGUWF0GBPGhnFhfHg7TAjvhInh3TApTA5TwtQwLUwPM8J7YWaYFWaH98Oc8EGYG+aF+WFBWBg+DIvC4pAWPgpLwsdhaVgWlocVYWVYFVaHNWFtWBfWhw1hY9gUNoctYWv4JGwL28OOsDPsCrvDnvBp2Bs+C/vC52F/+CIcCH8KB8OX4VD4KhwOX4cj4ZtwNHwbjoXvwvHwfTgRToZT4YdwOvwYzoSz4Vz4KZwPP4cL4ZdwUf5mTQghhBDi76L/4HiPv/G9DACgfpv3BICrt+c+/J9rbszx53lvladVAgCe7t7xob+MKlVSU1N/e+1SDVGBeQCQ+Ov6f4mXQUt4EtpACyjxN9fXW3U+z39QP3krQOb/kJMCl+PL9W/+L+o/9sSIRaXjc9n+m/rzAAoVuJyTCS7Hl+uX/C/q52z2B+vP9OV4gOb/IScLXI4v1y8Oj8Mz0OavXimEEEIIIYQQQvxZb1Wu/R/dP1+6P89jLudkhMvxH92fCyGEEEIIIYQQ4sp7rnOXpx5r06ZF+79vgr89F/jHsmQiE5n8fza50p9MQgghhBBCiH+1yxf9V3olQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCFE+vU/8e/ErvQehRBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCiCvtfwUAAP//luw5aQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x8004587d, &(0x7f0000000080)={@desc={0x1, 0x0, @desc2}})

32.163267465s ago: executing program 4 (id=1441):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./file1\x00', 0x20081e, &(0x7f0000000100), 0x1, 0x502, &(0x7f0000000a00)="$eJzs3c9vI1cdAPCvnV9OmjZp6QEQokspLGi1TuJto6oHKCeEUCVEjyBtQ+KNothxFDulCXvY/g9IVOIER/4Azj3xJyC4cYEDEj8iULMSSFPNeLzrzdob7yaxs/HnI41m3ryxv+/t7rzn+W7iF8DYuhYR9yJiOiI+iIiF/Hwh3+Ld9pZe99nR3fXjo7vrhUiS9/9VyOrTc9H1mtQL+XuWIuLH34/4WeHxuM2Dw+21Wq261y7OLrXqu0vNg8ObW/W1zepmdadSWV1ZXX771luVc+vra/Xp9sFE2sBv/yJt1nxe192Pc/T/JDP1IE5qMiJ+eAHBRmEi78/0qBvCMylGxCsR8Xp2/y/ERPa3CQBcZUmyEMlCdxkAuOqKWQ6sUCznuYD5KBbL5XYO79WYK9YazdaNO439nY12rmwxpop3tmrV5TxXuBhThbS8kh0/LFdOlG9FxMsR8cuZ2axcXm/UNkb5wQcAxtgLJ+b//860538A4IorjboBAMDQmf8BYPyY/wFg/Jj/AWD8mP8BYPyY/wFg/Jj/AWCs/Oi999ItOc6//3rjw4P97caHNzeqze1yfX+9vN7Y2y1vNhqb2Xf21E97v1qjsbvyZux/tPid3WZrqXlweLve2N9p3c6+1/t2dWoovQIAnuTl1z79cyEi7r0zm23RtZaDuRqutuJZXjx7fu0Ahm9i1A0ARsZqXzC+zvCMLz0AV0SPJXofUXrkcT+/OkmS5GKbBVyg61+S/4dx1ZX/91PAMGbk/2F8DZr/Py0/ADx/kqQw6Jr/MeiFAMDlJscP9Hm+fyXf/y7/z4Gfbpy84pOLbBUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABcbp31f8v5WuDzUSyWyxEvRsRiTBXubNWqyxHxUkT8aWZqJi2vjLjNAMBZFf9eyNf/ur7wxvzJ2unC/ZlsHxE///X7v/pordXa+2N6/t8Pzrc+yc9XRtF+AOA0nXk623c9yH92dHe9sw2zPf/4XkSU2vGPj6bj+EH8yZjM9qWYioi5/xTycluhK3dxFvc+jogv9up/IeazHEh75dOT8dPYLw41fvGR+MWsrr1P/yy+8NSRk4VzaD481z5Nx593e91/xbiW7Xvf/6VshDq7fPxL32r9OBsDH8bvjH8Tfca/a4PGePMPP2gfzT5e93HElycjOrGPu8afTvxCn/hvDBj/L1/56uv96pLfRFyP3vG7Yy216rtLzYPDm1v1tc3qZnWnUlldWV1++9ZblaUsR73Ufzb45zs3XupXl/Z/rk/80in9/8aA/f/t/z74ydeeEP9bX+8VvxivPiF+Oid+c8D4a3O/L/WrS+Nv9Ox/R//+3xgw/l//dvjYsuEAwOg0Dw6312q16t4wDzofJIYa1MEVOEj/1VyCZvQ8+O6wYk3HU70qSZ4pVr8R4zyybsBl0L7Xk+peRNwfdWMAAAAAAAAAAAAAAICehvEbS6PuIwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFfX5wEAAP//90HVog==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
ioctl$EXT4_IOC_GROUP_ADD(r0, 0x40286608, &(0x7f0000000000)={0x1, 0xfffffffffffff8f5, 0x0, 0x2, 0x4, 0x8})

30.925352366s ago: executing program 4 (id=1448):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1000043, &(0x7f0000000000), 0xa, 0x501, &(0x7f0000000140)="$eJzs3U9vG2kZAPBnnHibpGGdXTgsK7FbdrtKEdRJNvsn4rBsJf6cVkKUexoSJ4rixFXitE1UQfoJQKgCJE6cuCDxAZBQPwJCqgQ3DpxAFaTtgQsyGnvcJo6dJtRrt87vJ03nnfet53mepB7POzOqAzizLkTEpxExFBHvRUQh689lS+w1lvTvPdy/vZguSdRqV/+VRJL1te7zfPay1A++F/Gj5GjcrZ3dtYVyubR5uHv38ur6wkpppbQxOzvz0dzHcx/OTZ+wkmT4uNFXI+KTbz/+xU9/+91P/viNm3+f/+elH+cj4lo23q6ObmiUno+Rc82eY9N86QxlFeX7nQgAACdyMSJej4h3IuJrUYihATs/BQAAACJq3xpv3pmqAQAAAIMpFxHjkeSK2fO+45HLFYuNZ3i/FGO5cmWr+vXlyvbGUjoWMRH53PJquTSdPSs8Efkk3Z6pt59uv9+yPRsRr0XE3cJoul0fAwAAAHrjfMv8/3GhMf8HAAAABoyb8QAAADD4zP8BAABg8Jn/AwAAwED7/mefpUvt4f7t+vcALN3Y2V6r3Li8VNpaK65vLxYXK5vXiyuVykq5VBx69v7Klcr1D2Jj+9ZUdXirOrW1szu/XtneqM7Xv9d7vvR6D2oCAAAADnvt7Xt/TSJi75uj9SX1SjaW72tmwAskGW7puPbVPmUCdMUJLukfdmH780kE6LnWz3Tg7DDHB5LWjpYTg5FOpwp/On0s5xwAANAfk192/x/Oqly/EwD65mf9TgDoG9fi4ezKn/4JQGDAHLn/32Kk08Az7v8/vYZYq506KQAAoKvGG6u9yO4FjkcuVyw+uS2YLK+WS9MR8WpE/KWQP5duz/QxXwAAAAAAAAAAAAAAAAAAAAAAAAB4GdVqSdQAAACAgRaR+0eSff/XZOHieOv1gVeS/xTq64i4+eurv7y1UK1uzqT9/37SX/1V1v9+P65gAAAAwFmUP3a0OU9vzuMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoJse7t9ebC69jPvgSozGRLv4wzFSX49EPiLGHiUxfOB1SUQMdSH+3p2IeKNd/CRNKyayLMYenTv0ulxEjPY0/uH60/jnuxAfzrJ7VyLi03bvv1xcqK/bv/+Gs+V5PbhSf5O3jd88/g11OP594YQx3rz/+6mO8e9EvDnc/vjTjJ90iP/uCeNf++Hubqex2m8iJtt+/iSHYk1V169Pbe3sXl5dX1gprZQ2ZmdnPpr7eO7Duemp5dVyKfuzbYyff+UPe3c71p+rrw/Gb9Y50cjwJ53qv3jC+v97/9b+FxvN/NH4EZfebf/7f6O+bv/zT/9NvJd9DqTjk832XqN90Fu/+/NbnXJL4y91+Pk3fv+FWqf6L3UuOTnQPlIzANBfWzu7awvlcmmzB413PujeDpMe5fwyNFbGInoedOTFqL3Xje88936ap8PPs5+/da2udM7QfqjPByYAAKDrnp709zsTAAAAAAAAAAAAAAAAAAAAOLv+r/887O3Tvao15l5/SgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAONb/AgAA//9nwsbL")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
ioctl$EXT4_IOC_MIGRATE(r0, 0x6609)

29.219098724s ago: executing program 4 (id=1459):
syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x0, &(0x7f00000000c0)={[{@quota}, {@bsdgroups}, {@nouid32}, {@errors_remount}, {@jqfmt_vfsv1}, {@oldalloc}, {@stripe={'stripe', 0x3d, 0x5}}]}, 0x2, 0x46b, &(0x7f0000000580)="$eJzs3M1vFOUfAPDvzLbw+/HWivgColaJsfGlpQWVgxeNJh4wmugB9VTbQgiFGloTIUSqMXgxMSR6Vo8m/gXevBj1ZGLiSe+GhCgX0FPNzM5Ad9ltt3TZrd3PJxl4nn2e7TzfPvPMPDPPbgPoWUPZP0nEtoj4LSIGqtnaCkPV/65dOTf595Vzk0ksLr72Z5LXu3rl3GRZtXzf1iIznEakHyXFTmrNnTl7YmJmZvp0kR+dP/nO6NyZs08ePzlxbPrY9KnxQ4cOHhh75unxp9oSZxbX1T3vz+7d/dIbF1+ePHLx7R+/ydq7rShfGsct2XTzS0NZ4H8t5urLHon/r2l36832Jemkr4sNYVUqEZF1V38+/geiEjc6byBe/LCrjQNuq+zatLl58cIisIEl0e0WAN1RXuiz+99y69DUY124/Fz1BiiL+1qxVUv6Ii3q9Nfd37bTUEQcWfjni2yLdjyHAABYwSeTnx+OJxrN/9K4e0m9HcUaymBE3BEROyPizojYFRF3ReR174mIe1e5//qloZvnP+mlWwqsRdn879libat2/lfO/mKwUuS25/H3J0ePz0zvL34nw9G/OcuPLbOP71745dNmZUvnf9mW7b+cCxbtuNRX94BuamJ+Ip+UtsHlDyL29DWKP7m+EpBExO6I2LO6H72jTBx/7Ou9zSqtHP8y2rDOtPhVxKPV/l+IuvhLyfLrk6P/i5np/aPlUXGzn36+8Gqz/a8p/jbI+n9L7fFflHx5pkgMvrV0vXYuVr1yeeH3j5ve09zq8b8peT0/H5XLru9NzM+fHovYlBzO8zWvj994b5kv62fxD+9rPP53Fu/J+v++iMgO4vsj4oGIeLBo+0MR8XBE7Fsm/h+eb162Hvp/quH57/rxP5jU9P/qE5UT33/bbP+t9f/BPDVcvJKf/1bQagPX8rsDAACA/4o0/wx8ko5cT6fpyEj1M/y7Yks6Mzs3//jR2XdPTVU/Kz8Y/Wn5pGtgyfPQsWSh+InV/HjxrLgsP1A8N/6sEnl+ZHJ2ZqrLsUOv29pk/Gf+qHS7dcBt12gdbbzBF9qAjad+/Ke12fOvdLIxQEf5vjb0rhXGf9qpdgCd5/oPvavR+D9fl7cWABuT6z/0LuMfepfxD72rbvxX4tdutQTooLV8r1+ilxORrotmtJRo/e9B3O7Em+ujGS0kun1mAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaI9/AwAA//9sbvBf")
mount(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040)='devtmpfs\x00', 0x0, 0x0)
quotactl$Q_QUOTAON(0xffffffff80000200, &(0x7f0000000080)=@loop={'/dev/loop', 0x0}, 0x0, &(0x7f0000000000)='./file0\x00')

28.495165211s ago: executing program 4 (id=1462):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_GET(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000a00)={&(0x7f0000000000)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="030f000002000000000034000000080003000000ce"], 0x1c}}, 0x0)

27.378956355s ago: executing program 4 (id=1476):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x38, r1, 0x1, 0x0, 0x14, {}, [@FOU_ATTR_PEER_V6={0x14, 0x9, @mcast2}, @FOU_ATTR_AF={0x5, 0x2, 0xa}, @FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e21}]}, 0x38}}, 0x0)

26.74635547s ago: executing program 33 (id=1476):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x38, r1, 0x1, 0x0, 0x14, {}, [@FOU_ATTR_PEER_V6={0x14, 0x9, @mcast2}, @FOU_ATTR_AF={0x5, 0x2, 0xa}, @FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e21}]}, 0x38}}, 0x0)

15.38714149s ago: executing program 2 (id=1546):
r0 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000080), 0x2)
r1 = memfd_create(&(0x7f0000000180)='-\x02\x00\x00\x00\x00\x00\x00\x00\xfbV\xfc\x9eB\x93\xd7a\xb7\x8aB\x01u\b\xf7\xd6\xe3(\xc3Y//\xec\x0f\x81t7\xb8Xz\r\xc9\xcb\x89\xa9E;\xc5T8\xab\xeb\xc1c\x95}\xf0\xd3U4\x85B\x9a\x90ri\xc9\xc6G\xf1\xcd\xe7\x13\x06-\xe9\x176\xd3H\a\x81\xf7\xbc\x8f\"\xa2,\xcf\xc3\xa5\a\xb3\x03\xe8\x97(\xf3\x8a\xd5y\r=z\xfawv\xc7e\xf5\xa8j\x18k\xea-\"\x10.6\xf6\xe7J\x92\x1bE\b\xb9&\t*', 0x3)
ioctl$UDMABUF_CREATE(r0, 0x40187542, &(0x7f0000000140)={r1, 0x1, 0xfffffffe7effb000, 0x8000})

14.95980693s ago: executing program 2 (id=1549):
r0 = socket$kcm(0x2b, 0x1, 0x0)
sendmsg$inet(r0, &(0x7f0000000240)={&(0x7f00000000c0)={0x2, 0x3ffd, @dev={0xac, 0x14, 0x14, 0x1f}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x200048cc)
recvmsg(r0, &(0x7f0000000680)={0x0, 0x0, 0x0}, 0x40)

14.455882792s ago: executing program 2 (id=1556):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000480)='./file2\x00', 0x0, &(0x7f0000000280)={[{@noload}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x1}}, {@bh}, {@noload}, {@data_err_ignore}, {@usrjquota}]}, 0xfe, 0x452, &(0x7f00000014c0)="$eJzs3MtvG8UfAPDvrp30/Ut+UB4tLQQKouKRNOnzwKUIJA4gIcGhiFNI0qrUbaAJEq0qKBzKEVXijjgi8RdwggsCTkhc4Y4qVaiXFiQko13vpsa107hx6rb+fKR1Z7zjznx3d+zZGTsBDKyx7CGJ2BwRv0XESCP73wJjjX+uXTk389eVczNJ1Otv/Jnk5a5eOTdTFi1ft6mRqdeL/Lo29V54O2K6Vps7XeQnFk++N7Fw5uzzx09OH5s7Nndq6tChfXt3Dh+Y2t+TOLO4rm7/aH7HtlfeuvjazJGL7/z0TdbezcX+5jh6ZaxxdNt6qteV9dmW7CFtpJNqnxvDilUiIjtdQ3n/H4lKbFjaNxIvf9rXxgFrql6v19t9PhfO14F7WBL9bgHQH+UHfXb/W263aehxR7h8OOL9g434rxVbY0+1vJ3N7422rFH9YxFx5PzfX2ZbrNE8BABAs+8OR8Rz7cZ/aTzYVO5/xRrKaET8PyLui4j7I2JrXIwHIvKyD0XEw13W37pCcuP4J710S4GtUDb+e6FY21oa//1Tv76YETFaKXJb8viHkqPHa3N7imOyO4bWZfnJZer4/qVfP++0r3n8l21Z/eVYsCG9VG2ZoJudXpxeZdhLLn8Ssb3aEn8uiXIZJ4mIbRGxvav/+fodxvFnvt7RqdTN419GD9aZ6l9FPN04/+ejJf5S0nF9cvLggan9E+ujNrdnorwqbvTzLxde71T/quLvgez8b2y9/nNL8Y8m6yMWzpw9ka/XLnRfR/r7Zx3vaW71+h9O3szTw8VzH04vLp6ejBhOXr3x+anrry3zZfks/t272sWf5u9x5ZF4JCKyi3hnRDwaEY8VbX88Ip6IiF3LxP/ji0++2338y8zK91AW/+zNzn80n//uE5UTP3zbffyl7Pzvy1O7i2dW8v630gau5tgBAADA3SLNvwOfpONL6TQdH298h39rbExr8wuLzx6d/+DUbOO78qMxlJYzXSNN86GTxdxwmZ9qye8t5o2/qGzI8+Mz87XZfgcPA25Th/6f+aPS79YBa87vtWBw6f8wuPR/GFz6Pwwu/R8GV7v+/3Ef2gHcfj7/YXDp/zC49H8YXPo/DKSOv41PV/WTf4l7PhFp96+qxh3S+LspUV3xH7O4xcS6trv6/c4EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQG/8GAAD//+b67j4=")
r0 = open(&(0x7f0000000140)='./file2\x00', 0x66842, 0x21)
pwritev2(r0, &(0x7f0000006940)=[{0x0}, {&(0x7f0000006800)="a8", 0x1}], 0x2, 0x200, 0x8007, 0xa)

13.477486885s ago: executing program 2 (id=1560):
syz_mount_image$minix(&(0x7f0000000300), &(0x7f0000000180)='./file2\x00', 0x4040, &(0x7f0000000000)=ANY=[], 0x1, 0x214, &(0x7f0000000480)="$eJzs201PE0Ecx/Hf9omKRnyID/FkYmK82CqQkJ6UF+DFo4kHUgtpLGrEC4REeRPevXryJZDo+/ANwMGbJ8bM7tSydO3u1F020O8nofuHzm9nFpih0xYBmFlPw9tAgZphZYz5eFfSi2eSaiUPDkChjDseGQCzpzr11H85XEMAnEmHq1VJTe0H0s9fu90D99HM+PjhcLUSFYF0cCx/IWt+LwiPd2rx/Lyki2Otxzck5kuUv69h3o58t3vJs/95xfvXlaz56Pof3FNdx/KXJS1I4WmuSrom6bo0Z9vekFSJ9d9wn43yt6Mv7GW8DAAAAAAAJrK7z9Z/paVW6gmqclvfMXYfvN4f9B75dTzcPqvu8o/98n81XH5xUiOTnl9KHN1JwaisR4c5l2913w5eeYwbyEPFb/6PPS1of6P3U07wz+ngVob4/K9nH417RnC9/9krAyCytb3zem0w6L3Ps3gyqY3ke0K7IuQ8wuTiqy30O3plpOC+pinsYjttfPiCTN4D+6T0NiZDm/NU1PL9Pn9XcHKe1mKT6Jv72Xqc+XnSXQ3F5mlM9ZQXJgCFa3/YfNfe2t552N9c2+ht9N4sr3Q6K8tLi512+LDc3pqFskcJoAijv/4Jd2Z9Ew8AAAAAAAAAAAAAACjVTUm3wurHkUeMdwYAAAAAZ9Bp/FNU2dcIAAAAAAAAAAAAAMB59ycAAP//QsA2Lg==")
syz_mount_image$fuse(0x0, &(0x7f0000000000)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000b80), 0x10000, &(0x7f0000000280)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@xino_auto}]})

12.389111918s ago: executing program 2 (id=1566):
r0 = syz_open_dev$cec(&(0x7f00000001c0), 0x0, 0x101880)
ioctl$CEC_S_MODE(r0, 0x40046109, &(0x7f0000000140)=0x11)
ioctl$CEC_S_MODE(r0, 0x40046109, &(0x7f0000000180))

11.638837116s ago: executing program 2 (id=1569):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x2, &(0x7f0000000100), 0x1, 0x57e, &(0x7f00000005c0)="$eJzs3U1oHGUfAPD/zGbffuV90xcUVHooKlQo3ST90OqpvYqFQg+CFw2bbSjZZEM20SbkkN6L2IOo9FJvevCoePAgXjx6ErwonoVig0LTg67MfqRpvtzUJlszvx/M7jzz7Oz/eXb2/+zMMMMGkFtHs4c04umIuJhEDKyq64t25dHW65aXFsr3lhbKSTQal35NIomIu0sL5c7rk/bzoYhYjIinIuKbYsTxdH3c+tz8+Ei1WplulwdnJqYG63PzJ65MjIxVxiqTp156+czZ02eGTw6vXu1eY3WpuL2+Xv/pxrvXv3v11o1PPzuyWH5/JIlz0d+uW92PR6n1mRTj3Jrlp3ciWA8lvW4AD6XQzvMslZ6MgSi0s34jjYFdbRqwwxr7IhpATiXyH3Kqsx+QHf92pt3c/7h9vnUAksVdbk+tmr7WuYnY3zw2Ofhb8sCRSXa8eXg3G8qetHgtIob6+tZ//5P29+/hDT2KBrKjvj7f2lDrt3+6Mv7EBuNPf+fc6T/UGf+W141/9+MXNhn/LnYZ4483fv5o0/jXIp7ZMH6yEj/ZIH4aEW91Gf/m61+e3ayu8XHEsdg4fkey9fnhwctXqpWh1uOGMb46duSVrfp/cJP4rXO2+5s/M2v6fyhr01SX/f/i28+fXdwi/gvPbb39N/r8D0TEe13G///dT17brO72teROthew3e2fLbvVZfwXzx39scuXAgAAAAAAAAAA25A2r2VL0tLKfJqWSq17eJ+Ig2m1Vp85frk2OznauubtcBTTzpVWA61ykpWH29fjdson15RPFdoBCwea5VK5Vh3tcd8BAAAAAAAAAAAAAAAAAADgcXFozf3/vxea9/+v/btqYK/a/C+/gb1O/kN+PZj/Sc/aAew+v/+QWw35D/kl/yG/5D/kl/yH/JL/kF/yH/JL/gMAAAAAAAAAAAAAAAAAAAAAAAAAwI64eOFCNjXuLS2Us/Jo39zseO3tE6OV+nhpYrZcKtemp0pjtdpYtVIq1yb+7v2SWm1qKCZnrw7OVOozg/W5+TcnarOTSXzfrK4Ud6FPAAAAAAAAAAAAAAAAAAAA8G/T35yStBQRaXM+TUuliP9GxOEoJpevVCtDEfG/iPihUNyXlYd73WgAAAAAAAAAAAAAAAAAAADYY+pz8+Mj1Wplek/O7I+IB5f0bWf1iFh8tA3L3nHbaxXb2+px+VTN5GGmxwMTAAAAAAAAAAAAAAAAAADk0P2bfrtd48+dbRAAAAAAAAAAAAAAAAAAAADkUvpLEhHZdGzg+f61tf9JlgvN54h45+alD66OzMxMD2fL76wsn/mwvfxkL9oPdKuTp508BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO6rz82Pj1SrlekdnOl1HwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAexl8BAAD//5aV1q4=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x141042, 0x0)
pwritev2(r0, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)

10.657778895s ago: executing program 34 (id=1569):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000580)='./file1\x00', 0x2, &(0x7f0000000100), 0x1, 0x57e, &(0x7f00000005c0)="$eJzs3U1oHGUfAPD/zGbffuV90xcUVHooKlQo3ST90OqpvYqFQg+CFw2bbSjZZEM20SbkkN6L2IOo9FJvevCoePAgXjx6ErwonoVig0LTg67MfqRpvtzUJlszvx/M7jzz7Oz/eXb2/+zMMMMGkFtHs4c04umIuJhEDKyq64t25dHW65aXFsr3lhbKSTQal35NIomIu0sL5c7rk/bzoYhYjIinIuKbYsTxdH3c+tz8+Ei1WplulwdnJqYG63PzJ65MjIxVxiqTp156+czZ02eGTw6vXu1eY3WpuL2+Xv/pxrvXv3v11o1PPzuyWH5/JIlz0d+uW92PR6n1mRTj3Jrlp3ciWA8lvW4AD6XQzvMslZ6MgSi0s34jjYFdbRqwwxr7IhpATiXyH3Kqsx+QHf92pt3c/7h9vnUAksVdbk+tmr7WuYnY3zw2Ofhb8sCRSXa8eXg3G8qetHgtIob6+tZ//5P29+/hDT2KBrKjvj7f2lDrt3+6Mv7EBuNPf+fc6T/UGf+W141/9+MXNhn/LnYZ4483fv5o0/jXIp7ZMH6yEj/ZIH4aEW91Gf/m61+e3ayu8XHEsdg4fkey9fnhwctXqpWh1uOGMb46duSVrfp/cJP4rXO2+5s/M2v6fyhr01SX/f/i28+fXdwi/gvPbb39N/r8D0TEe13G///dT17brO72teROthew3e2fLbvVZfwXzx39scuXAgAAAAAAAAAA25A2r2VL0tLKfJqWSq17eJ+Ig2m1Vp85frk2OznauubtcBTTzpVWA61ykpWH29fjdson15RPFdoBCwea5VK5Vh3tcd8BAAAAAAAAAAAAAAAAAADgcXFozf3/vxea9/+v/btqYK/a/C+/gb1O/kN+PZj/Sc/aAew+v/+QWw35D/kl/yG/5D/kl/yH/JL/kF/yH/JL/gMAAAAAAAAAAAAAAAAAAAAAAAAAwI64eOFCNjXuLS2Us/Jo39zseO3tE6OV+nhpYrZcKtemp0pjtdpYtVIq1yb+7v2SWm1qKCZnrw7OVOozg/W5+TcnarOTSXzfrK4Ud6FPAAAAAAAAAAAAAAAAAAAA8G/T35yStBQRaXM+TUuliP9GxOEoJpevVCtDEfG/iPihUNyXlYd73WgAAAAAAAAAAAAAAAAAAADYY+pz8+Mj1Wplek/O7I+IB5f0bWf1iFh8tA3L3nHbaxXb2+px+VTN5GGmxwMTAAAAAAAAAAAAAAAAAADk0P2bfrtd48+dbRAAAAAAAAAAAAAAAAAAAADkUvpLEhHZdGzg+f61tf9JlgvN54h45+alD66OzMxMD2fL76wsn/mwvfxkL9oPdKuTp508BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO6rz82Pj1SrlekdnOl1HwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAexl8BAAD//5aV1q4=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x141042, 0x0)
pwritev2(r0, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfdef}], 0x1, 0xe7b, 0x0, 0x0)

7.879081874s ago: executing program 5 (id=1586):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = dup2(r0, r0)
sendmsg$nl_xfrm(r1, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000880)={&(0x7f00000004c0)=@newae={0x50, 0x1e, 0x305, 0x70bd2a, 0x25dfdbfe, {{@in=@remote, 0x4d4, 0x2, 0x33}, @in=@dev={0xac, 0x14, 0x14, 0x35}, 0x5, 0x3505}, [@replay_val={0x10, 0xa, {0x70bd26, 0x70bd27, 0x9}}]}, 0x50}, 0x1, 0x0, 0x0, 0x4000000}, 0x80)

7.459311264s ago: executing program 5 (id=1589):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$fou(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$FOU_CMD_ADD(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000000)={0x38, r1, 0x1, 0x70bd25, 0x21dfdbfb, {}, [@FOU_ATTR_PEER_PORT={0x6, 0xa, 0x4e23}, @FOU_ATTR_AF={0x5, 0x2, 0xa}, @FOU_ATTR_PEER_V6={0x14, 0x9, @ipv4={'\x00', '\xff\xff', @loopback}}]}, 0x38}, 0x1, 0x0, 0x0, 0xc0d4}, 0x4000000)

6.992049566s ago: executing program 5 (id=1592):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x2000080, &(0x7f0000000340)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c726f6469722c696f636861727365743d63703836342c756e695f786c6174653d312c636f6465706167653d313235302c73686f72746e616d653d6c6f7765722c756e695f786c6174653d302c726f6469722c6e6f6e756d7461696c3d302c696f636861727365743d63703836322c726f6469722c73686f72746e616d653d77696e39352c6e6f6e756d7461696c3d302c002aa220cdeeb5ba33c93123800bef80e5155d8840d88fc461c6"], 0x25, 0x336, &(0x7f0000000500)="$eJzs3T1sW9UXAPDjviROI/VvD3+pgsmwIaGqCWKAKVFVpIoMUGTxtWDRlI/YVIqFpTDE9QJiBLEgwcTWAcbOiAEhNgZWioQKiIVulVrxkP1e7OeP0BThlI/fb4iOzj3H976Xq/glSm5eWo/tC4tx8caN67G8XIqF9TPrcbMU1TgWSWQuBwDwb3IzTePXNHPn6vdX9qOlOa8LAJifwfv/KydGifK9XA0AcBQO+f3/UzOzl+a2LABgjqbe/x8cG574Mf/C8HcCAIB/rmeef+HJjc2I87XackTrnU69U4/HR+MbF+O1aMZWnI5K3I7IHhSyp4X+xyfObZ49Xev7sRr1fkenHtHqdurZk8JGMugvx2pUopr3p8P+pN+/OuivRcTl7mD+aJU69cVYyef/biW2Yi0q8f+p/ohzm2fXavkL1Fv7/d2IXizvX0R//aeiEt+8HJeiGRei3zta/95qrXYm3Rzr71wpD+oAAAAAAAAAAAAAAAAAAAAAAGAeTtWGqsPzb9JWt/P2+cmC6tj5OPVsOD8fqJedD5SW90/neTeZPB9o/HyeTn0hjt3TKwcAAAAAAAAAAAAAAAAAAIC/j/buUjSaza2d9u5b28WgW8i88dWnXxyPyZrXk1EmFrKXG6vJc1HoSmLYng7b02SsJg+SiFHxlavDFRdrysOrmGrvB+WpoVK+pkazeeKBHz6a1fXbKJPE1G0ZD0r5/IWh1v+y1B90HRys3aHmWpqmB7XvfTjdFaWIhalP3F8RfHn91fseaZ98dJD5PD/04aGHK89e++CTn7cbzchvTbO5tNO+nf7puZLC/inl97k0YyfMDnqjTG+nvdtIvv3lufvf+3qiOJm9f9Ji5s2D5/psMrOUBf1lHuZKF2ds/tnBi7eGu/fub+bJj9cbV/e+/+mwXYUvEg7qAAAAAAAAAAAAAAAAAACAI1H4W/G78NjT81sRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABy90f//LwS9qcxhglvdmB4qb+20D5z8+JFeKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2G/BwAA//9pxHjs")
mount$nfs(&(0x7f0000000100)='...', &(0x7f0000000140)='./file0\x00', 0x0, 0x2000, 0x0)
mount$nfs(&(0x7f0000000100)='...', &(0x7f0000000140)='./file0\x00', 0x0, 0x2000, 0x0)

5.781152705s ago: executing program 5 (id=1598):
syz_mount_image$minix(&(0x7f0000000300), &(0x7f0000000180)='./file2\x00', 0x4040, &(0x7f0000000000)=ANY=[], 0x1, 0x214, &(0x7f0000000480)="$eJzs201PE0Ecx/Hf9omKRnyID/FkYmK82CqQkJ6UF+DFo4kHUgtpLGrEC4REeRPevXryJZDo+/ANwMGbJ8bM7tSydO3u1F020O8nofuHzm9nFpih0xYBmFlPw9tAgZphZYz5eFfSi2eSaiUPDkChjDseGQCzpzr11H85XEMAnEmHq1VJTe0H0s9fu90D99HM+PjhcLUSFYF0cCx/IWt+LwiPd2rx/Lyki2Otxzck5kuUv69h3o58t3vJs/95xfvXlaz56Pof3FNdx/KXJS1I4WmuSrom6bo0Z9vekFSJ9d9wn43yt6Mv7GW8DAAAAAAAJrK7z9Z/paVW6gmqclvfMXYfvN4f9B75dTzcPqvu8o/98n81XH5xUiOTnl9KHN1JwaisR4c5l2913w5eeYwbyEPFb/6PPS1of6P3U07wz+ngVob4/K9nH417RnC9/9krAyCytb3zem0w6L3Ps3gyqY3ke0K7IuQ8wuTiqy30O3plpOC+pinsYjttfPiCTN4D+6T0NiZDm/NU1PL9Pn9XcHKe1mKT6Jv72Xqc+XnSXQ3F5mlM9ZQXJgCFa3/YfNfe2t552N9c2+ht9N4sr3Q6K8tLi512+LDc3pqFskcJoAijv/4Jd2Z9Ew8AAAAAAAAAAAAAACjVTUm3wurHkUeMdwYAAAAAZ9Bp/FNU2dcIAAAAAAAAAAAAAMB59ycAAP//QsA2Lg==")
syz_mount_image$fuse(0x0, &(0x7f0000000000)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000b80), 0x10000, &(0x7f0000000280)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@xino_auto}]})

5.004423887s ago: executing program 5 (id=1602):
syz_mount_image$xfs(&(0x7f0000009600), &(0x7f0000009640)='./file0\x00', 0x200800, &(0x7f0000000040)={[{@grpquota}, {@pqnoenforce}, {@filestreams}, {@filestreams}, {@nolargeio}]}, 0x1, 0x9698, &(0x7f000001c300)="$eJzs+gm8pnPh+P/fZxi7jKGSUlMRLbJmiWpmMEMhWaIdWVKWkgptUlKoiGjPvmUrSyhbK8neQgmhkiXSYhvm/zgzZxjjxae+ff4/n3q9Xo/HOfd9X/d1Xed9v5/Xcg6z2aSNJg4Gcw2mN24wa+ddO3nKmKvXv+OoLRc8drlT7zng0SsuPn7kccLI48TBYDBq5O2h6cvGDk47fdRg9mnLH2neuecZmn8wWH7k5ch+BitPf5j/ihnrTZ2lWQc69Mi3faZ/TWuB4R8x/OTwA/Y6YjAYjJlp+6HBYGiPx3xQaZtNmDzpEauH3YatRo88n/lrjulf8188GMx/5oCPj5nXHXoSPtLwz9zjReeOXv9J+Nn/cW02YfI6s/gPn4uzjSxbefgcn/UcNDbrcX7bEpuvOjKF0463wWD4Eveoc+U/os0mTFp38PjX+cFRq124z9Tp1805B9NvFHMPBoN5Rq6v8z3ZLvXvNWHiCtPu2TNej7DPOJb3oOPihLee/NDwTXowGCw0GIxde8a9oKqqqv4zmjBxhTXg/j/XE93/Tzll0TO7/1dVVf3nts6EiSsM3+tnuf/P90T3/50XvWjP6f/tf/zK07d66Mn9EFVVVfUvNWkdvP+PeaL7/8prXLZu9/+qqqr/3DZcb9r9f75Z7v8LP9H9/00nr7bYyHozfm94cKZdDs30/xMemGn5bDMtv3+m5aNn2s/M688x0/J7Z1o+5/B7sP64wWDsjH8vOOWRxWPHDb83svy+mZaPf+Tf6Sy+5kzLJ8y0fNJMyyeOjHV4+eSZlk+eaf21n2Cqq6qq/s+04QqT1hjM9O/sRxYvMuN9uv9fcNZ1Sz9Z462qqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqr/zB664+xzB4PB0GAwGDUYTBmMPJ/5cTB16tSpw69POf/yy5+0gf7faOi8aydPGXP1+nccteWCxy536j0HPDJL/7H953+C+nca9p/r+HGDwY6bPNlDqSehzn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vIX99AdZ587cgyMGgymDEae7zHj8az93/jmkVVX3fTUuw5+ZMvFx2838uy8aydP2e5JGPuT0NDwZx1z9fp3HLXlgscud+o9B/wXnD3/+Z+g/p2m+W83NBiMnN9jhs/l9SdsuPFSg8Hg4LtO3XSlwcPvrTL83mpjZxvMNm3TpaZ9X2tx3vEea09/HD/8beGH93HKtP2vM/Ww2YZmGcRMveK8G496x2b3rDjr45KP/zlGzXhyxPVn3D116tSpj1o40lyPs/GM/c/4LLOe5yNjX2p47MvsssO7l3nvbrsvvd0OW2y79bZb77jcCqusuNLyy6206suW2Wa77bdedvr3x5mzcdO+r/HPzNl8s87ZHRNmnrNZP9vjzdm4J56zaXucsvvQxjPmbPZ/cc7WeOI5G7fdyA9afPzowebTpmZoMFh8zdGDXYdfLDfnYLD4WiPrLjK87upjRw0G+z/yQYefzfnwMTi0x/A6m03aaOIjI3vsJ3zMdfpRKy4+fuRxwsjjxOlDHDd45FAcOzjt9FHDc/GoaZ537nmG5h8Mlh95ObKfwaoj7x46Y72pszTrQIce+bbP9K9pLTC8k+En71z27GuGz8VZtv//R/9P1//HeK0y9PBEDY18jawz3WvC5HUe+VnTpmF47mYbWbbysMmsc/a/2WPGO272wZgnGO+kdSauMLx4lvmfsQkeX3cuceEHpx9b41eevtVD/88oNN75nmC860zA8c73ROM9/kOXnj59V/9r453lWrfutO/j/5lr3eCJr3Wz0Q62vmSxWa91r3n8IT7qPJ4xR3POstLjXet2PWT5PYb3P/6Jr3XrDo999KOudaMGg8XXmHGtG77wTRo92H/4xfLDLyaPHhw7/GKFaS/mHpw//OKlb99p+62GF6w9Y06WHd7v+LFD09wvXPnWJaceOHXqmiNjGT/20WMdOT7GzXw/nzB2+mTO2HbGfodXnbHfW54+/b1JI/ud8C/sd8a2NN67Fpj+3uSR/U6cZb+jn2C/M7Z9zPmw1NDDF67Hud5MmuV6M/I3zowf96ivOaZ/zX/xYDD/meQ7y7r/4zWTzt+5nmC8EyausMbw+GY5fx8+HOn8vXTy1cP3ivkHg8FCg8HYtWeM/V9s6PHGO/sTj3cijHf2JxrvlcftsN7/wngHM433UcfZZhtOP1bWHjnOJv8Lx++MbWe9jo2e9u70y/7a/8x1bNxjrmMfm23ULJM9U4/3O9tWsP7054s88nvutScdM2PuR8+y3//pd7aZPssQXMfGzPL3/Ki1bxgM0Zzvcfzqlw0d9MRzPnrw6L8tZsz5jG2faM4n/zNz/qwnnvN/9vfkpZ4//f3Rs4x/5jnfYL9n7jtjzueYZb//05xPfuJ7x2PnfPxgNM35svdPn7cnup4+3pzP2HbGnA9/xNXGzj5Ya/ieNTLnk/6ZOV/kf+c4nwfWn/5864cXnXPUqa+fMeezzvH/NOeT/tU5H/fwcb74tPeeN2owxxyDXbfYZZedl5v+fcbL5ad/52vRvddOn+cnupc+ntGMbZ/ovFjznzEa808ZDf1PRovO/nhGj5xaR+6089P+X69Fa/6rRgO+Fl19zPR5e6Lfix5vzmdsS/fBhWfafta/Qzdcb9rv3fPNch+csQneB885a929Z+xyZLMHZxnmjPvqAzMtn22m5ffPtHz0TPuZef05Zlp+70zLhz/CHDOtP4N13PDfvCPLpzyy+tjhX57GjSy/b6bl4x/ZdvE1Z1o+Yablk2ZaPvGRQ2PxyTMtnzzT+msP/sVm/Dfp7Wa9yNc/W//9113+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7iH7jj73JFjYNRgMGUw/fnQyONgj6ENbn/V8ONgMBi98olTN3iyx/skN3TetZOnjLl6/TuO2nLBY5c79Z4D/gvOnv/8T1D/TtP8txsaDEbO7zHbDQaD9SdsuPFSg8Fgg6knrjxq8PB7iwy/t/rYUYPB/kOP2sGcD68ztMfwOptN2mjiYDDXyBrjHvNDH3MePWrFxcePPE4YeZw4/fo0bvDI8Tp2cNrpowazT1v+SPPOPc/Q/IPB8iMvR/YzWHn6w/xXzFhv6izNOtChR77tM/1rWgsM/4jhJ7tuO/nZw3M1y/b/Z5pxrd5u1P+4aue/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL392/5t/R8t9Wou7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn9xD91x9rkjx8CowWDKYPrzoT1GHgdDJ5/2wpFDZPRuVx192JM93ie5ofOunTxlzNXr33HUlgseu9yp9xzwX3D2/Od/gvp3mua/3dBgMHJ+j9luMBisP2HDjZcaDAaHHX3VbqMGD7+3yPB7q48dNRjsP/SoHcz58DpDewyvs9mkjSYOBnONrDHuMT/0MefRo1ZcfPzI44SRx4nTr0/jBo8cr2MHp50+ajD7tOWPNO/c8wzNPxgsP/JyZD+Dlac/zH/FjPWmztKsAx165Ns+07+mtcDwjxh+std81548PFezbP9/phnX6u1G/Y+rdv67y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/uIfuOPvckWNg1GAwZTD9+aiRx6E9br7pIxsPPw6/XnDtva99ssf7JDd03rWTp4y5ev07jtpywWOXO/WeA/4Lzp7//E9Q/07D/nMdP24w2HGTJ3so9STU+e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7u8neXv7v83eXvLn93+bvL313+7vJ3l7+7/N3l7y5/d/m7y99d/u7yd5e/u/zd5e8uf3f5u8vfXf7iHrrj7HNHno56ZOmoPTousKHzrp08ZczV699x1JYLHrvcqfcc8GQP6N/tcfw/lj9m8d8zf8zi//H8MYv/J/LHLP575Y9Z/D+ZP2bx3zt/zOL/qfwxi/+n88cs/vvkj1n8980fs/jvlz9m8f9M/pjF/7P5Yxb/z+WPWfz3zx+z+B+QP2bx/3z+mMX/wPwxi/9B+WMW/y/kj1n8D84fs/gfkj9m8f9i/pjF/0v5Yxb/L+ePWfy/kj9m8f9q/pjF/2v5Yxb/r+ePWfy/kT9m8T80f8zif1j+mMX/8Pwxi/8R+WMW/yPzxyz+R+WPWfyPzh+z+B+TP2bxPzZ/zOJ/XP6Yxf/4/DGL/zfzxyz+J+SPWfxPzB+z+J+UP2bxPzl/zOJ/Sv6Yxf9b+WMW/2/nj1n8T80fs/iflj9m8T89f8zif0b+mMX/O/ljFv8z88cs/mflj1n8z84fs/h/N3/M4v+9/DGL/zn5Yxb/c/PHLP7n5Y9Z/M/PH7P4X5A/ZvH/fv6Yxf8H+WMW/x/mj1n8f5Q/ZvH/cf6Yxf8n+WMW/wvzxyz+F+WPWfx/mj9m8b84f8zi/7P8MYv/JfljFv9L88cs/pflj1n8L88fs/hfkT9m8b8yf8zif1X+mMX/5/ljFv9f5I9Z/H+ZP2bx/1X+mMX/6vwxi/81+WMW/1/nj1n8f5M/ZvG/Nn/M4v/b/DGL/3X5Yxb/6/PHLP435I9Z/H+XP2bxvzF/zOJ/U/6Yxf/m/DGL/+/zxyz+f8gfs/j/MX/M4n9L/pjF/0/5Yxb/W/PHLP635Y9Z/G/PH7P435E/ZvH/c/6Yxf/O/DGL/135Yxb/v+SPWfzvzh+z+P81f8zi/7f8MYv/3/PHLP7/yB+z+N+TP2bxvzd/zOJ/X/6Yxf/+/DGL/wP5Yxb/KfljFv8H88cs/g/lj1n8p+aPSfxnG+SPWfyH8scs/qPyxyz+s+WPWfxnzx+z+I/OH7P4z5E/ZvGfM3/M4j9X/pjFf+78MYv/PPljFv9588cs/vPlj1n8588fs/g/JX/M4r9A/pjFf0z+mMV/wfwxi//Y/DGL/0L5Yxb/hfPHLP5PzR+z+D8tf8zi//T8MYv/IvljFv9n5I9Z/BfNH7P4PzN/zOL/rPwxi/9i+WMW/2fnj1n8n5M/ZvEflz9m8X9u/pjF/3n5P6bZRx4N/s/PH7Oc/4vnj1n8l8gfs/i/IH/M4r9k/pjFf6n8MYv/C/PHLP4vyh+z+L84f8zi/5L8MYv/0vljFv+X5o9Z/JfJH7P4L5s/ZvFfLn/M4r98/pjFf4X8MYv/ivljFv+X5Y9Z/FfKH7P4r5w/ZvFfJX/M4r9q/pjF/+X5Yxb/1fLHLP6r549Z/F+RP2bxf2X+mMX/VfljFv/x+WMW/wn5Yxb/ifljFv818scs/mvmj1n818ofs/hPyh+z+E9W+c/2T69p8V9b5f/PZ/FfJ3/M4v/q/DGL/2vyxyz+6+aPWfzXyx+z+K+fP2bxf63efxQutfhvoPfnLP6vyx+z+G+YP2bx3yh/zOK/cf6YxX+T/DGL/+vzxyz+m+aPWfw3yx+z+L8hf8zi/8b8MYv/m/LHLP5vzh+z+L8lf8zi/9b8MYv/2/LHLP6b549Z/LfIH7P4b5k/ZvF/e/6YxX+r/DGL/9b5Yxb/bfLHLP7b5o9Z/N+RP2bx3y5/zOL/zvwxi/+78scs/tvnj1n8d8gfs/jvmD9m8d8pf8zi/+78MYv/e/LHLP47549Z/N+bP2bx3yV/zOL/vvwxi//788cs/h/IH7P475o/ZvHfLX/M4r97/pjF/4P5Yxb/D+WPWfw/nD9m8f9I/pjF/6P5Yxb/PfLHLP4fyx+z+O+ZP2bx/3j+mMX/E/ljFv+98scs/p/MH7P4750/ZvH/VP6Yxf/T+WMW/33yxyz+++aPWfz3yx+z+H8mf8zi/9n8MYv/5/LHLP77549Z/A/IH7P4fz5/zOJ/YP6Yxf+g/DGL/xfyxyz+B+ePWfwPyR+z+H8xf8zi/6X8MYv/l/PHLP5fyR+z+H81f8zi/7X8MYv/1/PHLP7fyB+z+B+aP2bxPyx/zOJ/eP6Yxf+I/DGL/5H5Yxb/o/LHLP5H549Z/I/JH7P4H5s/ZvE/Ln/M4n98/pjF/5v5Yxb/E/LHLP4n5o9Z/E/KH7P4n5w/ZvE/JX/M4v+t/DGL/7fzxyz+p+aPWfxPyx+z+J+eP2bxPyN/zOL/nfwxi/+Z+WMW/7Pyxyz+Z+ePWfy/mz9m8f9e/pjF/5z8MYv/ufljFv/z8scs/ufnj1n8L8gfs/h/P3/M4v+D/DGL/w/zxyz+P8ofs/j/OH/M4v+T/DGL/4X5Yxb/i/LHLP4/zR+z+F+cP2bx/1n+mMX/kvwxi/+l+WMW/8vyxyz+l+ePWfyvyB+z+F+ZP2bxvyp/zOL/8/wxi/8v8scs/r/MH7P4/yp/zOJ/df6Yxf+a/DGL/6/zxyz+v8kfs/hfmz9m8f9t/pjF/7r8MYv/9fljFv8b8scs/r/LH7P435g/ZvG/KX/M4n9z/pjF//f5Yxb/P+SPWfz/mD9m8b8lf8zi/6f8MYv/rfljFv/b8scs/rfnj1n878gfs/j/OX/M4n9n/pjF/678MYv/X/LHLP53549Z/P+aP2bx/1v+mMX/7/ljFv9/5I9Z/O/JH7P435s/ZvG/L3/M4n9//pjF/4H8MYv/lPwxi/+D+WMW/4fyxyz+U/PHJP6zD/LHLP5D+WMW/1H5Yxb/2fLHLP6z549Z/Efnj1n858gfs/jPmT9m8Z8rf8ziP3f+mMV/nvwxi/+8+WMW//nyxyz+8+ePWfyfkj9m8V8gf8ziPyZ/zOK/YP6YxX9s/pjFf6H8MYv/wvljFv+n5o9Z/J+WP2bxf3r+mMV/kfwxi/8z8scs/ovmj1n8n5k/ZvF/Vv6YxX+x/DGL/7Pzxyz+z8kfs/iPyx+z+D83f8zi/7z8MYv/8/PHLP6L549Z/JfIH7P4vyB/zOK/ZP6YxX+p/DGL/wvzxyz+L8ofs/i/OH/M4v+S/DGL/9L5Yxb/l+aPWfyXyR+z+C+bP2bxXy5/zOK/fP6YxX+F/DGL/4r5Yxb/l+WPWfxXyh+z+K+cP2bxX8Xov/T/vIrFf1Wj/z+Rxf/l+WMW/9Xyxyz+q+ePWfxfkT9m8X9l/pjF/1X5Yxb/8fljFv8J+WMW/4n5Yxb/NfLHLP5r5o9Z/NfKH7P4T8ofs/hPzh+z+K+dP2bxXyd/zOL/6vwxi/9r8scs/uvmj1n818sfs/ivnz9m8X9t/pjFf4P8MYv/6waX5w9Z/Dfs/Mcs/hvlj1n8N84fs/hvkj9m8X99/pjFf9P8MYv/ZvljFv835I9Z/N+YP2bxf1P+mMX/zfljFv+35I9Z/N+aP2bxf1v+mMV/8/wxi/8W+WMW/y3zxyz+b88fs/hvlT9m8d86f8ziv03+mMV/2/wxi/878scs/tvlj1n835k/ZvF/V/6YxX/7/DGL/w75Yxb/HfPHLP475Y9Z/N+dP2bxf0/+mMV/5/wxi/9788cs/rvkj1n835c/ZvF/f/6Yxf8D+WMW/13zxyz+u+WPWfx3zx+z+H8wf8zi/6H8MYv/h/PHLP4fyR+z+H80f8ziv0f+mMX/Y/ljFv8988cs/h/PH7P4fyJ/zOK/V/6Yxf+T+WMW/73zxyz+n8ofs/h/On/M4r9P/pjFf9/8MYv/fvljFv/P5I9Z/D+bP2bx/1z+mMV///wxi/8B+WMW/8/nj1n8D8wfs/gflD9m8f9C/pjF/+D8MYv/IfljFv8v5o9Z/L+UP2bx/3L+mMX/K/ljFv+v5o9Z/L+WP2bx/3r+mMX/G/ljFv9D88cs/oflj1n8D88fs/gfkT9m8T8yf8zif1T+mMX/6Pwxi/8x+WMW/2Pzxyz+x+WPWfyPzx+z+H8zf8zif0L+mMX/xPwxi/9J+WMW/5Pzxyz+p+SPWfy/lT9m8f92/pjF/9T8MYv/afljFv/T88cs/mfkj1n8v5M/ZvE/M3/M4n9W/pjF/+z8MYv/d/PHLP7fyx+z+J+TP2bxPzd/zOJ/Xv6Yxf/8/DGL/wX5Yxb/7+ePWfx/kD9m8f9h/pjF/0f5Yxb/H+ePWfx/kj9m8b8wf8zif1H+mMX/p/ljFv+L88cs/j/LH7P4X5I/ZvG/NH/M4n9Z/pjF//L8MYv/FfljFv8r88cs/lflj1n8f54/ZvH/Rf6Yxf+X+WMW/1/lj1n8r84fs/hfkz9m8f91/pjF/zf5Yxb/a/PHLP6/zR+z+F+XP2bxvz5/zOJ/Q/6Yxf93+WMW/xvzxyz+N+WPWfxvzh+z+P8+f8zi/4f8MYv/H/PHLP635I9Z/P+UP2bxvzV/zOJ/W/6Yxf/2/DGL/x35Yxb/P+ePWfzvzB+z+N+VP2bx/0v+mMX/7vwxi/9f88cs/n/LH7P4/z1/zOL/j/wxi/89+WMW/3vzxyz+9+WPWfzvzx+z+D+QP2bxn5I/ZvF/MH/M4v9Q/pjFf2r+mMR/9CB/zOI/lD9m8R+VP2bxny1/zOI/e/6YxX90/pjFf478MYv/nPljFv+58scs/nPnj1n858kfs/jPmz9m8Z8vf8ziP3/+mMX/KfljFv8F8scs/mPyxyz+C+aPWfzH5o9Z/BfKH7P4L5w/ZvF/av6Yxf9p+WMW/6fnj1n8F8kfs/g/I3/M4r9o/pjF/5n5Yxb/Z+WPWfwXyx+z+D87f8zi/5z8MYv/uPwxi/9z88cs/s/LH7P4Pz9/zOK/eP6YxX+J/DGL/wvyxyz+S+aPWfyXyh+z+L8wf8zi/6L8MYv/i/PHLP4vyR+z+C+dP2bxf2n+mMV/mfwxi/+y+WMW/+Xyxyz+y+ePWfxXyB+z+K+YP2bxf1n+mMV/pfwxi//K+WMW/1Xyxyz+q+aPWfxfnj9m8V8tf8ziv3r+mMX/FfljFv9X5o9Z/F+VP2bxH58/ZvGfkD9m8Z+YP2bxXyN/zOK/Zv6YxX+t/DGL/6T8MYv/5Pwxi//a+WMW/3Xyxyz+r84fs/i/Jn/M4r9u/pjFf738MYv/+vljFv/X5o9Z/DfIH7P4vy5/zOK/Yf6YxX+j/DGL/8b5Yxb/TfLHLP6vzx+z+G+aP2bx3yx/zOL/hvwxi/8b88cs/m/KH7P4vzl/zOL/lvwxi/9b88cs/m/LH7P4b54/ZvHfIn/M4r9l/pjF/+35Yxb/rfLHLP5b549Z/LfJH7P4b5s/ZvF/R/6YxX+7/DGL/zvzxyz+78ofs/hvnz9m8d8hf8ziv2P+mMV/p/wxi/+788cs/u/JH7P475w/ZvF/b/6YxX+X/DGL//vyxyz+788fs/h/IH/M4r9r/pjFf7f8MYv/7vljFv8P5o9Z/D+UP2bx/3D+mMX/I/ljFv+P5o9Z/PfIH7P4fyx/zOK/Z/6Yxf/j+WMW/0/kj1n898ofs/h/Mn/M4r93/pjF/1P5Yxb/T+ePWfz3yR+z+O+bP2bx3y9/zOL/mfwxi/9n88cs/p/LH7P4758/ZvE/IH/M4v/5/DGL/4H5Yxb/g/LHLP5fyB+z+B+cP2bxPyR/zOL/xfwxi/+X8scs/l/OH7P4fyV/zOL/1fwxi//X8scs/l/PH7P4fyN/zOJ/aP6Yxf+w/DGL/+H5Yxb/I/LHLP5H5o9Z/I/KH7P4H50/ZvE/Jn/M4n9s/pjF/7j8MYv/8fljFv9v5o9Z/E/IH7P4n5g/ZvE/KX/M4n9y/pjF/5T8MYv/t/LHLP7fzh+z+J+aP2bxPy1/zOJ/ev6Yxf+M/DGL/3fyxyz+Z+aPWfzPyh+z+J+dP2bx/27+mMX/e/ljFv9z8scs/ufmj1n8z8sfs/ifnz9m8b8gf8zi//38MYv/D/LHLP4/zB+z+P8of8zi/+P8MYv/T/LHLP4X5o9Z/C/KH7P4/zR/zOJ/cf6Yxf9n+WMW/0vyxyz+l+aPWfwvyx+z+F+eP2bxvyJ/zOJ/Zf6Yxf+q/DGL/8/zxyz+v8gfs/j/Mn/M4v+r/DGL/9X5Yxb/a/LHLP6/zh+z+P8mf8zif23+mMX/t/ljFv/r8scs/tfnj1n8b8gfs/j/Ln/M4n9j/pjF/6b8MYv/zfljFv/f549Z/P+QP2bx/2P+mMX/lvwxi/+f8scs/rfmj1n8b8sfs/jfnj9m8b8jf8zi/+f8MYv/nfljFv+78scs/n/JH7P4350/ZvH/a/6Yxf9v+WMW/7/nj1n8/5E/ZvG/J3/M4n9v/pjF/778MYv//fljFv8H8scs/lPyxyz+D+aPWfwfyh+z+E/NH5P4zzHIH7P4D+WPWfxH5Y9Z/GfLH7P4z54/ZvEfnT9m8Z8jf8ziP2f+mMV/rvwxi//c+WMW/3nyxyz+8+aPWfznyx+z+M+fP2bxf0r+mMV/gfwxi/+Y/DGL/4L5Yxb/sfljFv+F8scs/gvnj1n8n5o/ZvF/Wv6Yxf/p+WMW/0Xyxyz+z8gfs/gvmj9m8X9m/pjF/1n5Yxb/xfLHLP7Pzh+z+D8nf8ziPy5/zOL/3Pwxi//z8scs/s/PH7P4L54/ZvFfIn/M4v+C/DGL/5L5Yxb/pfLHLP4vzB+z+L8of8zi/+L8MYv/S/LHLP5L549Z/F+aP2bxXyZ/zOK/bP6YxX+5/DGL//L5Yxb/FfLHLP4r5o9Z/F+WP2bxXyl/zOK/cv6YxX+V/DGL/6r5Yxb/l+ePWfxXyx+z+K+eP2bxf0X+mMX/lfljFv9X5Y9Z/Mfnj1n8J+SPWfwn5o9Z/NfIH7P4r5k/ZvFfK3/M4j8pf8ziPzl/zOK/dv6YxX+d/DGL/6vzxyz+r8kfs/ivmz9m8V8vf8ziv37+mMX/tfljFv8N8scs/q/LH7P4b5g/ZvHfKH/M4r9x/pjFf5P8MYv/6/PHLP6b5o9Z/DfLH7P4vyF/zOL/xvwxi/+b8scs/m/OH7P4vyV/zOL/1vwxi//b8scs/pvnj1n8t8gfs/hvmT9m8X97/pjFf6v8MYv/1vljFv9t8scs/tvmj1n835E/ZvHfLn/M4v/O/DGL/7vyxyz+2+ePWfx3yB+z+O+YP2bx3yl/zOL/7vwxi/978scs/jvnj1n835s/ZvHfJX/M4v++/DGL//vzxyz+H8gfs/jvmj9m8d8tf8ziv3v+mMX/g/ljFv8P5Y9Z/D+cP2bx/0j+mMX/o/ljFv898scs/h/LH7P475k/ZvH/eP6Yxf8T+WMW/73yxyz+n8wfs/jvnT9m8f9U/pjF/9P5Yxb/ffLHLP775o9Z/PfLH7P4fyZ/zOL/2fwxi//n8scs/vvnj1n8D8gfs/h/Pn/M4n9g/pjF/6D8MYv/F/LHLP4H549Z/A/JH7P4fzF/zOL/pfwxi/+X88cs/l/JH7P4fzV/zOL/tfwxi//X88cs/t/IH7P4H5o/ZvE/LH/M4n94/pjF/4j8MYv/kfljFv+j8scs/kfnj1n8j8kfs/gfmz9m8T8uf8zif3z+mMX/m/ljFv8T8scs/ifmj1n8T8ofs/ifnD9m8T8lf8zi/638MYv/t/PHLP6n5o9Z/E/LH7P4n54/ZvE/I3/M4v+d/DGL/5n5Yxb/s/LHLP5n549Z/L+bP2bx/17+mMX/nPwxi/+5+WMW//Pyxyz+5+ePWfwvyB+z+H8/f8zi/4P8MYv/D/PHLP4/yh+z+P84f8zi/5P8MYv/hfljFv+L8scs/j/NH7P4X5w/ZvH/Wf6Yxf+S/DGL/6X5Yxb/y/LHLP6X549Z/K/IH7P4X5k/ZvG/Kn/M4v/z/DGL/y/yxyz+v8wfs/j/Kn/M4n91/pjF/5r8MYv/r/PHLP6/yR+z+F+bP2bx/23+mMX/uvwxi//1+WMW/xvyxyz+v8sfs/jfmD9m8b8pf8zif3P+mMX/9/ljFv8/5I9Z/P+YP2bxvyV/zOL/p/wxi/+t+WMW/9vyxyz+t+ePWfzvyB+z+P85f8zif2f+mMX/rvwxi/9f8scs/nfnj1n8/5o/ZvH/W/6Yxf/v+WMW/3/kj1n878kfs/jfmz9m8b8vf8zif3/+mMX/gfwxi/+U/DGL/4P5Yxb/h/LHLP5T88ck/nMO8scs/kP5Yxb/UfljFv/Z8scs/rPnj1n8R+ePWfznyB+z+M+ZP2bxnyt/zOI/d/6YxX+e/DGL/7z5Yxb/+fLHLP7z549Z/J+SP2bxXyB/zOI/Jn/M4r9g/pjFf2z+mMV/ofwxi//C+WMW/6fmj1n8n5Y/ZvF/ev6YxX+R/DGL/zPyxyz+i+aPWfyfmT9m8X9W/pjFf7H8MYv/s/PHLP7PyR+z+I/LH7P4Pzd/zOL/vPwxi//z88cs/ovnj1n8l8gfs/i/IH/M4r9k/pjFf6n8MYv/C/PHLP4vyh+z+L84f8zi/5L8MYv/0vljFv+X5o9Z/JfJH7P4L5s/ZvFfLn/M4r98/pjFf4X8MYv/ivljFv+X5Y9Z/FfKH7P4r5w/ZvFfJX/M4r9q/pjF/+X5Yxb/1fLHLP6r549Z/F+RP2bxf2X+mMX/VfljFv/x+WMW/wn5Yxb/ifljFv818scs/mvmj1n818ofs/hPyh+z+E/OH7P4r50/ZvFfJ3/M4v/q/DGL/2vyxyz+6+aPWfzXyx+z+K+fP2bxf23+mMV/g/wxi//r8scs/hvmj1n8N8ofs/hvnD9m8d8kf8zi//r8MYv/pvljFv/N8scs/m/IH7P4vzF/zOL/pvwxi/+b88cs/m/JH7P4vzV/zOL/tvwxi//m+WMW/y3yxyz+W+aPWfzfnj9m8d8qf8ziv3X+mMV/m/wxi/+2+WMW/3fkj1n8t8sfs/i/M3/M4v+u/DGL//b5Yxb/HfLHLP475o9Z/HfKH7P4vzt/zOL/nvwxi//O+WMW//fmj1n8d8kfs/i/L3/M4v/+/DGL/wfyxyz+u+aPWfx3yx+z+O+eP2bx/2D+mMX/Q/ljFv8P549Z/D+SP2bx/2j+mMV/j/wxi//H8scs/nvmj1n8P54/ZvH/RP6YxX+v/DGL/yfzxyz+e+ePWfw/lT9m8f90/pjFf5/8MYv/vvljFv/98scs/p/JH7P4fzZ/zOL/ufwxi//++WMW/wPyxyz+n88fs/gfmD9m8T8of8zi/4X8MYv/wfljFv9D8scs/l/MH7P4fyl/zOL/5fwxi/9X8scs/l/NH7P4fy1/zOL/9fwxi/838scs/ofmj1n8D8sfs/gfnj9m8T8if8zif2T+mMX/qPwxi//R+WMW/2Pyxyz+x+aPWfyPyx+z+B+fP2bx/2b+mMX/hPwxi/+J+WMW/5Pyxyz+J+ePWfxPyR+z+H8rf8zi/+38MYv/qfljFv/T8scs/qfnj1n8z8gfs/h/J3/M4n9m/pjF/6z8MYv/2fljFv/v5o9Z/L+XP2bxPyd/zOJ/bv6Yxf+8/DGL//n5Yxb/C/LHLP7fzx+z+P8gf8zi/8P8MYv/j/LHLP4/zh+z+P8kf8zif2H+mMX/ovwxi/9P88cs/hfnj1n8f5Y/ZvG/JH/M4n9p/pjF/7L8MYv/5fljFv8r8scs/lfmj1n8r8ofs/j/PH/M4v+L/DGL/y/zxyz+v8ofs/hfnT9m8b8mf8zi/+v8MYv/b/LHLP7X5o9Z/H+bP2bxvy5/zOJ/ff6Yxf+G/DGL/+/yxyz+N+aPWfxvyh+z+N+cP2bx/33+mMX/D/ljFv8/5o9Z/G/JH7P4/yl/zOJ/a/6Yxf+2/Ge0yswvLP63549Z/O/IH7P4/zl/zOJ/Z/6Yxf+u/DGL/1/yxyz+d+ePWfz/mj9m8f9b/pjF/+/5Yxb/f+SPWfzvyR+z+N+bP2bxvy9/zOJ/f/6Yxf+B/DGL/5T8MYv/g/ljFv+H8scs/lPzxyT+cw3yxyz+Q/ljFv9R+WMW/9nyxyz+s+ePWfxH549Z/OfIH7P4z5k/ZvGfK3/M4j93/pjFf578MYv/vPljFv/58scs/vPnj1n8n5I/ZvFfIH/M4j8mf8ziv2D+mMV/bP6YxX+h/DGL/8L5Yxb/p+aPWfyflj9m8X96/pjFf5H8MYv/M/LHLP6L5o9Z/J+ZP2bxf1b+mMV/sfwxi/+z88cs/s/JH7P4j8sfs/g/N3/M4v+8/DGL//Pzxyz+i+ePWfyXyB+z+L8gf8ziv2T+mMV/qfwxi/8L88cs/i/KH7P4vzh/zOL/kvwxi//S+WMW/5fmj1n8l8kfs/gvmz9m8V8uf8ziv3z+mMV/hfwxi/+K+WMW/5flj1n8V8ofs/ivnD9m8V8lf8ziv2r+Z9NCi//L88cs/qvlj1n8V88fs/i/In/M4v/K/DGL/6vyxyz+4/PHLP4T8scs/hPzxyz+a+SPWfzXzB+z+K+VP2bxn5Q/ZvGfnD9m8V87f8ziv07+mMX/1fljFv/X5I9Z/NfNH7P4r5c/ZvFfP3/M4v/a/DGL/wb5Yxb/1+WPWfw3zB+z+G+UP2bx3zh/zOK/Sf6Yxf/1+WMW/03zxyz+m+WPWfzfkD9m8X9j/pjF/035Yxb/N+ePWfzfkj9m8X9r/pjF/235Yxb/zfPHLP5b5I9Z/LfMH7P4vz1/zOK/Vf6YxX/r/DGL/zb5Yxb/bfPHLP7vyB+z+G+XP2bxf2f+mMX/XfljFv/t88cs/jvkj1n8d8wfs/jvlD9m8X93/pjF/z35Yxb/nfPHLP7vzR+z+O+SP2bxf1/+mMX//fljFv8P5I9Z/HfNH7P475Y/ZvHfPX/M4v/B/DGL/4fyxyz+H84fs/h/JH/M4v/R/DGL/x75Yxb/j+WPWfz3zB+z+H88f8zi/4n8MYv/XvljFv9P5o9Z/PfOH7P4fyp/zOL/6fwxi/8++WMW/33zxyz+++WPWfw/kz9m8f9s/pjF/3P5Yxb//fPHLP4H5I9Z/D+fP2bxPzB/zOJ/UP6Yxf8L+WMW/4Pzxyz+h+SPWfy/mD9m8f9S/pjF/8v5Yxb/r+SPWfy/mj9m8f9a/pjF/+v5Yxb/b+SPWfwPzR+z+B+WP2bxPzx/zOJ/RP6Yxf/I/DGL/1H5Yxb/o/PHLP7H5I9Z/I/NH7P4H5c/ZvE/Pn/M4v/N/DGL/wn5Yxb/E/PHLP4n5Y9Z/E/OH7P4n5I/ZvH/Vv6Yxf/b+WMW/1Pzxyz+p+WPWfxPzx+z+J+RP2bx/07+mMX/zPwxi/9Z+WMW/7Pzxyz+380fs/h/L3/M4n9O/pjF/9z8MYv/efljFv/z88cs/hfkj1n8v58/ZvH/Qf6Yxf+H+WMW/x/lj1n8f5w/ZvH/Sf6Yxf/C/DGL/0X5Yxb/n+aPWfwvzh+z+P8sf8zif0n+mMX/0vwxi/9l+WMW/8vzxyz+V+SPWfyvzB+z+F+VP2bx/3n+mMX/F/ljFv9f5o9Z/H+VP2bxvzp/zOJ/Tf6Yxf/X+WMW/9/kj1n8r80fs/j/Nn/M4n9d/pjF//r8MYv/DfljFv/f5Y9Z/G/MH7P435Q/ZvG/OX/M4v/7/DGL/x/yxyz+f8wfs/jfkj9m8f9T/pjF/9b8MYv/bfljFv/b88cs/nfkj1n8/5w/ZvG/M3/M4n9X/pjF/y/5Yxb/u/PHLP5/zR+z+P8tf8zi//f8MYv/P/LHLP735I9Z/O/NH7P435c/ZvG/P3/M4v9A/pjFf0r+mMX/wfwxi/9D+WMW/6n5YxL/uQf5Yxb/ofwxi/+o/DGL/2z5Yxb/2fPHLP6j88cs/nPkj1n858wfs/jPlT9m8Z87f8ziP0/+mMV/3vwxi/98+WMW//nzxyz+T8kfs/gvkD9m8R+TP2bxXzB/zOI/Nn/M4r9Q/pjFf+H8MYv/U/PHLP5Pyx+z+D89f8ziv0j+mMX/GfljFv9F88cs/s/MH7P4Pyt/zOK/WP6Yxf/Z+WMW/+fkj1n8x+WPWfyfmz9m8X9e/pjF//n5Yxb/xfPHLP5L5I9Z/F+QP2bxXzJ/zOK/VP6Yxf+F+WMW/xflj1n8X5w/ZvF/Sf6YxX/p/DGL/0vzxyz+y+SPWfyXzR+z+C+XP2bxXz5/zOK/Qv6YxX/F/DGL/8vyxyz+K+WPWfxXzh+z+K+SP2bxXzV/zOL/8vwxi/9q+WMW/9Xzxyz+r8gfs/i/Mn/M4v+q/DGL//j8MYv/hPwxi//E/DGL/xr5Yxb/NfPHLP5r5Y9Z/Cflj1n8J+ePWfzXzh+z+K+TP2bxf3X+mMX/NfljFv9188cs/uvlj1n8188fs/i/Nn/M4r9B/pjF/3X5Yxb/DfPHLP4b5Y9Z/DfOH7P4b5I/ZvF/ff6YxX/T/DGL/2b5Yxb/N+SPWfzfmD9m8X9T/pjF/835Yxb/t+SPWfzfmj9m8X9b/pjFf/P8MYv/FvljFv8t88cs/m/PH7P4b5U/ZvHfOn/M4r9N/pjFf9v8MYv/O/LHLP7b5Y9Z/N+ZP2bxf1f+mMV/+/wxi/8O+WMW/x3zxyz+O+WPWfzfnT9m8X9P/pjFf+f8MYv/e/PHLP675I9Z/N+XP2bxf3/+mMX/A/ljFv9d88cs/rvlj1n8d88fs/h/MH/M4v+h/DGL/4fzxyz+H8kfs/h/NH/M4r9H/pjF/2P5Yxb/PfPHLP4fzx+z+H8if8ziv1f+mMX/k/ljFv+988cs/p/KH7P4fzp/zOK/T/6YxX/f/DGL/375Yxb/z+SPWfw/mz9m8f9c/pjFf//8MYv/AfljFv/P549Z/A/MH7P4H5Q/ZvH/Qv6Yxf/g/DGL/yH5Yxb/L+aPWfy/lD9m8f9y/pjF/yv5Yxb/r+aPWfy/lj9m8f96/pjF/xv5Yxb/Q/PHLP6H5Y9Z/A/PH7P4H5E/ZvE/Mn/M4n9U/pjF/+j8MYv/MfljFv9j88cs/sflj1n8j88fs/h/M3/M4n9C/pjF/8T8MYv/SfljFv+T88cs/qfkj1n8v5U/ZvH/dv6Yxf/U/DGL/2n5Yxb/0/PHLP5n5I9Z/L+TP2bxPzN/zOJ/Vv6Yxf/s/DGL/3fzxyz+38sfs/ifkz9m8T83f8zif17+mMX//Pwxi/8F+WMW/+/nj1n8f5A/ZvH/Yf6Yxf9H+WMW/x/nj1n8f5I/ZvG/MH/M4n9R/pjF/6f5Yxb/i/PHLP4/yx+z+F+SP2bxvzR/zOJ/Wf6Yxf/y/DGL/xX5Yxb/K/PHLP5X5Y9Z/H+eP2bx/0X+mMX/l/ljFv9f5Y9Z/K/OH7P4X5M/ZvH/df6Yxf83+WMW/2vzxyz+v80fe7T/6Cd7OP9+j+N/Xf6Y5fy/Pn/M4n9D/pjF/3f5Yxb/G/PHLP435Y9Z/G/OH7P4/z5/zOL/h/wxi/8f88cs/rfkj1n8/5Q/ZvG/NX/M4n9b/pjF//b8MYv/HfljFv8/549Z/O/MH7P435U/ZvH/S/6Yxf/u/DGL/1/zxyz+f8sfs/j/PX/M4v+P/DGL/z35Yxb/e/PHLP735Y9Z/O/PH7P4P5A/ZvGfkj9m8X8wf8zi/1D+mMV/av6YxH+eQf6YxX8of8ziPyp/zOI/W/6YxX/2/DGL/+j8MYv/HPljFv8588cs/nPlj1n8584fs/jPkz/23+8/18Nv5f/Y/vv9pzXPfPljFv/588cs/k/JH7P4L5A/ZvEfkz9m8V8wf8ziPzZ/zOK/UP6YxX/h/DGL/1Pzxyz+T8sfs/g/PX/M4r9I/pjF/xn5Yxb/RfPHLP7PzB+z+D8rf8ziv1j+mMX/2fljFv/n5I9Z/Mflj1n8n5s/ZvF/Xv6Yxf/5+WMW/8Xzxyz+S+SPWfxfkD9m8V8yf8ziv1T+mMX/hfljFv8X5Y9Z/F+cP2bxf0n+mMV/6fwxi/9L88cs/svkj1n8l80fs/gvlz9m8V8+f8ziv0L+mMV/xfwxi//L8scs/ivlj1n8V84fs/ivkj9m8V81f8zi//L8MYv/avljFv/V88cs/q/IH7P4vzJ/zOL/qvwxi//4/DGL/4T8MYv/xPwxi/8a+WMW/zXzxyz+a+WPWfwn5Y9Z/Cfnj1n8184fs/ivkz9m8X91/pjF/zX5Yxb/dfPHLP7r5Y9Z/NfPH7P4vzZ/zOK/Qf6Yxf91+WMW/w3zxyz+G+WPWfw3zh+z+G+SP2bxf33+mMV/0/wxi/9m+WMW/zfkj1n835g/ZvF/U/6Yxf/N+WMW/7fkj1n835o/ZvF/W/6YxX/z/DGL/xb5Yxb/LfPHLP5vzx+z+G+VP2bx3zp/zOK/Tf6YxX/b/DGL/zvyxyz+2+WPWfzfmT9m8X9X/pjFf/v8MYv/DvljFv8d88cs/jvlj1n8350/ZvF/T/6YxX/n/DGL/3vzxyz+u+SPWfzflz9m8X9//pjF/wP5Yxb/XfPHLP675Y9Z/HfPH7P4fzB/zOL/ofwxi/+H88cs/h/JH7P4fzR/zOK/R/6Yxf9j+WMW/z3zxyz+H88fs/h/In/M4r9X/pjF/5P5Yxb/vfPHLP6fyh+z+H86f8ziv0/+mMV/3/wxi/9++WMW/8/kj1n8P5s/ZvH/XP6YxX///DGL/wH5Yxb/z+ePWfwPzB+z+B+UP2bx/0L+mMX/4Pwxi/8h+WMW/y/mj1n8v5Q/ZvH/cv6Yxf8r+WMW/6/mj1n8v5Y/ZvH/ev6Yxf8b+WMW/0Pzxyz+h+WPWfwPzx+z+B+RP2bxPzJ/zOJ/VP6Yxf/o/DGL/zH5Yxb/Y/PHLP7H5Y9Z/I/PH7P4fzN/zOJ/Qv6Yxf/E/DGL/0n5Yxb/k/PHLP6n5I9Z/L+VP2bx/3b+mMX/1Pwxi/9p+WMW/9Pzxyz+Z+SPWfy/kz9m8T8zf8zif1b+mMX/7Pwxi/9388cs/t/LH7P4n5M/ZvE/N3/M4n9e/pjF//z8MYv/BfljFv/v549Z/H+QP2bx/2H+mMX/R/ljFv8f549Z/H+SP2bxvzB/zOJ/Uf6Yxf+n+WMW/4vzxyz+P8sfs/hfkj9m8b80f8zif1n+mMX/8vwxi/8V+WMW/yvzxyz+V+WPWfx/nj9m8f9F/pjF/5f5Yxb/X+WPWfyvntl/6tQnYWD/N7P4X9P5j1n8f50/ZvH/Tf6Yxf/a/DGL/2/zxyz+1+WPWfyvzx+z+N+QP2bx/13+mMX/xvwxi/9N+WMW/5vzxyz+v88fs/j/IX/M4v/H/DGL/y35Yxb/P+WPWfxvzR+z+N+WP2bxvz1/zOJ/R/6Yxf/P+WMW/zvzxyz+d+WPWfz/kj9m8b87f8zi/9f8MYv/3/LHLP5/zx+z+P8jf8zif0/+mMX/3vwxi/99+WMW//vzxyz+D+SPWfyn5I9Z/B/MH7P4P5Q/ZvGfmj8m8Z93kD9m8R/KH7P4j8ofs/jPlj9m8Z89f8ziPzp/zOI/R/6YxX/O/DGL/1z5Yxb/ufPHLP7z5I9Z/OfNH7P4z5c/ZvGfP3/M4v+U/DGL/wL5Yxb/MfljFv8F88cs/mPzxyz+C+WPWfwXzh+z+D81f8zi/7T8MYv/0/PHLP6L5I9Z/J+RP2bxXzR/zOL/zPwxi/+z8scs/ovlj1n8n50/ZvF/Tv6YxX9c/pjF/7n5Yxb/5+WPWfyfnz9m8V88f8ziv0T+mMX/BfljFv8l88cs/kvlj1n8X5g/ZvF/Uf6Yxf/F+WMW/5fkj1n8l84fs/i/NH/M4r9M/pjFf9n8MYv/cvljFv/l88cs/ivkj1n8V8wfs/i/LH/M4r9S/pjFf+X8MYv/KvljFv9V88cs/i/PH7P4r5Y/ZvFfPX/M4v+K/DGL/yvzxyz+r8ofs/iPzx+z+E/IH7P4T8wfs/ivkT9m8V8zf8ziv1b+mMV/Uv6YxX9y/pjFf+38MYv/OvljFv9X549Z/F+TP2bxXzd/zOK/Xv6YxX/9/DGL/2vzxyz+G+SPWfxflz9m8d8wf8ziv1H+mMV/4/wxi/8m+WMW/9fnj1n8N80fs/hvlj9m8X9D/pjF/435Yxb/N+WPWfzfnD9m8X9L/pjF/635Yxb/t+WPWfw3zx+z+G+RP2bx3zJ/zOL/9vwxi/9W+WMW/63zxyz+2+SPWfy3zR+z+L8jf8ziv13+mMX/nfljFv935Y9Z/LfPH7P475A/ZvHfMX/M4r9T/pjF/935Yxb/9+SPWfx3zh+z+L83f8ziv0v+mMX/ffljFv/3549Z/D+QP2bx3zV/zOK/W/6YxX/3/DGL/wfzxyz+H8ofs/h/OH/M4v+R/DGL/0fzxyz+e+SPWfw/lj9m8d8zf8zi//H8MYv/J/LHLP575Y9Z/D+ZP2bx3zt/zOL/qfwxi/+n88cs/vvkj1n8980fs/jvlz9m8f9M/pjF/7P5Yxb/z+WPWfz3zx+z+B+QP2bx/3z+mMX/wPwxi/9B+WMW/y/kj1n8D84fs/gfkj9m8f9i/pjF/0v5Yxb/L+ePWfy/kj9m8f9q/pjF/2v5Yxb/r+ePWfy/kT9m8T80f8zif1j+mMX/8Pwxi/8R+WMW/yPzxyz+R+WPWfyPzh+z+B+TP2bxPzZ/zOJ/XP6Yxf/4/DGL/zfzxyz+J+SPWfxPzB+z+J+UP2bxPzl/zOJ/Sv6Yxf9b+WMW/2/nj1n8T80fs/iflj9m8T89f8zif0b+mMX/O/ljFv8z88cs/mflj1n8z84fs/h/N3/M4v+9/DGL/zn5Yxb/c/PHLP7n5Y9Z/M/PH7P4X5A/ZvH/fv6Yxf8H+WMW/x/mj1n8f5Q/ZvH/cf6Yxf8n+WMW/wvzxyz+F+WPWfx/mj9m8b84f8zi/7P8MYv/JfljFv9L88cs/pflj1n8L88fs/hfkT9m8b8yf8zif1X+mMX/5/ljFv9f5I9Z/H+ZP2bx/1X+mMX/6vwxi/81+WMW/1/nj1n8f5M/ZvG/Nn/M4v/b/DGL/3X5Yxb/6/PHLP435I9Z/H+XP2bxvzF/zOJ/U/6Yxf/m/DGL/+/zxyz+f8gfs/j/MX/M4n9L/pjF/0/5Yxb/W/PHLP635Y9Z/G/PH7P435E/ZvH/c/6Yxf/O/DGL/135Yxb/v+SPWfzvzh+z+P81f8zi/7f8MYv/3/PHLP7/yB+z+N+TP2bxvzd/zOJ/X/6Yxf/+/DGL/wP5Yxb/KfljFv8H88cs/g/lj1n8p+aPSfznG+SPWfyH8scs/qPyxyz+s+WPWfxnzx+z+I/OH7P4z5E/ZvGfM3/M4j9X/pjFf+78MYv/PPljFv9588cs/vPlj1n8588fs/g/JX/M4r9A/pjFf0z+mMV/wfwxi//Y/DGL/0L5Yxb/hfPHLP5PzR+z+D8tf8zi//T8MYv/IvljFv9n5I9Z/BfNH7P4PzN/zOL/rPwxi/9i+WMW/2fnj1n8n5M/ZvEflz9m8X9u/pjF/3n5Yxb/5+ePWfwXzx+z+C+RP2bxf0H+mMV/yfwxi/9S+WMW/xfmj1n8X5Q/ZvF/cf6Yxf8l+WMW/6Xzxyz+L80fs/gvkz9m8V82f8ziv1z+mMV/+fwxi/8K+WMW/xXzxyz+L8sfs/ivlD9m8V85f8ziv0r+mMV/1fwxi//L88cs/qvlj1n8V88fs/i/In/M4v/K/DGL/6vyxyz+4/PHLP4T8scs/hPzxyz+a+SPWfzXzB+z+K+VP2bxn5Q/ZvGfnD9m8V87f8ziv07+mMX/1fljFv/X5I9Z/NfNH7P4r5c/ZvFfP3/M4v/a/DGL/wb5Yxb/1+WPWfw3zB+z+G+UP2bx3zh/zOK/Sf6Yxf/1+WMW/03zxyz+m+WPWfzfkD9m8X9j/pjF/035Yxb/N+ePWfzfkj9m8X9r/pjF/235Yxb/zfPHLP5b5I9Z/LfMH7P4vz1/zOK/Vf6YxX/r/DGL/zb5Yxb/bfPHLP7vyB+z+G+XP2bxf2f+mMX/XfljFv/t88cs/jvkj1n8d8wfs/jvlD/2sP82J/9X+787f8xy/r8nf8ziv3P+mMX/vfljFv9d8scs/u/LH7P4vz9/zOL/gfwxi/+u+WMW/93yxyz+u+ePWfw/mD9m8f9Q/pjF/8P5Yxb/j+SPWfw/mj9m8d8jf8zi/7H8MYv/nvljFv+P549Z/D/xaP/Z/z8f1//RLP57df5jFv9P5o9Z/PfOH7P4fyp/zOL/6fwxi/8++WMW/33zxyz+++WPWfw/kz9m8f9s/pjF/3P5Yxb//fPHLP4H5I9Z/D+fP2bxPzB/zOJ/UP6Yxf8L+WMW/4Pzxyz+h+SPWfy/mD9m8f9S/pjF/8v5Yxb/r+SPWfy/mj9m8f9a/pjF/+v5Yxb/b+SPWfwPzR+z+B+WP2bxPzx/zOJ/RP6Yxf/I/DGL/1H5Yxb/o/PHLP7H5I9Z/I/NH7P4H5c/ZvE/Pn/M4v/N/DGL/wn5Yxb/E/PHLP4n5Y9Z/E/OH7P4n5I/ZvH/Vv6Yxf/b+WMW/1Pzxyz+p+WPWfxPzx+z+J+RP2bx/07+mMX/zPwxi/9Z+WMW/7Pzxyz+380fs/h/L3/M4n9O/pjF/9z8MYv/efljFv/z88cs/hfkj1n8v58/ZvH/Qf6Yxf+H+WMW/x/lj1n8f5w/ZvH/Sf6Yxf/C/DGL/0X5Yxb/n+aPWfwvzh+z+P8sf8zif0n+mMX/0vwxi/9l+WMW/8vzxyz+V+SPWfyvzB+z+F+VP2bx/3n+mMX/F/ljFv9f5o9Z/H+VP2bxvzp/zOJ/Tf6Yxf/X+WMW/9/kj1n8r80fs/j/Nn/M4n9d/pjF//r8MYv/DfljFv/f5Y9Z/G/MH7P435Q/ZvG/OX/M4v/7/DGL/x/yxyz+f8wfs/jfkj9m8f9T/pjF/9b8MYv/bfljFv/b88cs/nfkj1n8/5w/ZvG/M3/M4n9X/pjF/y/5Yxb/u/PHLP5/zR+z+P8tf8zi//f8MYv/P/LHLP735I9Z/O/NH7P435c/ZvG/P3/M4v9A/pjFf0r+mMX/wfwxi/9D+WMW/6n5YxL/+Qf5Yxb/ofwxi/+o/DGL/2z5Yxb/2fPHLP6j88cs/nPkj1n858wfs/jPlT9m8Z87f8ziP0/+mMV/3vwxi/98+WMW//nzxyz+T8kfs/gvkD9m8R+TP2bxXzB/zOI/Nn/M4r9Q/pjFf+H8MYv/U/PHLP5Pyx+z+D89f8ziv0j+mMX/GfljFv9F88cs/s/MH7P4Pyt/zOK/WP6Yxf/Z+WMW/+fkj1n8x+WPWfyfmz9m8X9e/pjF//n5Yxb/xfPHLP5L5I9Z/F+QP2bxXzJ/zOK/VP6Yxf+F+WMW/xflj1n8X5w/ZvF/Sf6YxX/p/DGL/0vzxyz+y+SPWfyXzR+z+C+XPzbN/4Gp0/sv9l8+f8xy/q+QP2bxXzF/zOL/svwxi/9K+WMW/5Xzxyz+q+SPWfxXzR+z+L88f8ziv1r+mMV/9fwxi/8r8scs/q/MH7P4vyp/zOI/Pn/M4j8hf8ziPzF/zOK/Rv6YxX/N/DGL/1r5Yxb/SfljFv/J+WMW/7Xzxyz+6+SPWfxfnT9m8X9N/pjFf938MYv/evljFv/188cs/q/NH7P4b5A/ZvF/Xf6YxX/D/DGL/0b5Yxb/jfPHLP6b5I9Z/F+fP2bx3zR/zOK/Wf6Yxf8N+WMW/zfmj1n835Q/ZvF/c/6Yxf8t+WMW/7fmj1n835Y/ZvHfPH/M4r9F/pjFf8v8MYv/2/PHLP5b5Y9Z/LfOH7P4b5M/ZvHfNn/M4v+O/DGL/3b5Yxb/d+aPWfzflT9m8d8+f8ziv0P+mMV/x/wxi/9O+WMW/3fnj1n835M/ZvHfOX/M4v/e/DGL/y75Yxb/9+WPWfzfnz9m8f9A/pjFf9f8MYv/bvljFv/d88cs/h/MH7P4fyh/zOL/4fwxi/9H8scs/h/NH7P475E/ZvH/WP6YxX/P/DGL/8fzxyz+n8gfs/jvlT9m8f9k/pjFf+/8MYv/p/LHLP6fzh+z+O+TP2bx3zd/zOK/X/6Yxf8z+WMW/8/mj1n8P5c/ZvHfP3/M4n9A/pjF//P5Yxb/A/PHLP4H5Y9Z/L+QP2bxPzh/zOJ/SP6Yxf+L+WMW/y/lj1n8v5w/ZvH/Sv6Yxf+r+WMW/6/lj1n8v54/ZvH/Rv6Yxf/Q/DGL/2H5Yxb/w/PHLP5H5I9Z/I/MH7P4H5U/ZvE/On/M4n9M/pjF/9j8MYv/cfljFv/j88cs/t/MH7P4n5A/ZvE/MX/M4n9S/pjF/+T8MYv/KfljFv9v5Y9Z/L+dP2bxPzV/zOJ/Wv6Yxf/0/DGL/xn5Yxb/7+SPWfzPzB+z+J+VP2bxPzt/zOL/3fwxi//38scs/ufkj1n8z80fs/iflz9m8T8/f8zif0H+mMX/+/ljFv8f5I9Z/H+YP2bx/1H+mMX/x/ljFv+f5I9Z/C/MH7P4X5Q/ZvH/af6Yxf/i/DGL/8/yxyz+l+SPWfwvzR+z+F+WP2bxvzx/zOJ/Rf6Yxf/K/DGL/1X5Yxb/n+ePWfx/kT9m8f9l/pjF/1f5Yxb/q/PHLP7X5I9Z/H+dP2bx/03+mMX/2vwxi/9v88cs/tflj1n8r88fs/jfkD9m8f9d/pjF/8b8MYv/TfljFv+b88cs/r/PH7P4/yF/zOL/x/wxi/8t+WMW/z/lj1n8b80fs/jflj9m8b89f8zif0f+mMX/z/ljFv8788cs/nflj1n8/5I/ZvG/O3/M4v/X/DGL/9/yxyz+f88fs/j/I3/M4n9P/pjF/978MYv/ffljFv/788cs/g/kj1n8p+SPWfwfzB+z+D+UP2bxn5o/JvF/yiB/zOI/lD9m8R+VP2bxny1/zOI/e/6YxX90/pjFf478MYv/nPljFv+58scs/nPnj1n858kfs/jPmz9m8Z8vf8ziP3/+mMX/KfljFv8F8scs/mPyxyz+C+aPWfzH5o9Z/BfKH7P4L5w/ZvF/av6Yxf9p+WMW/6fnj1n8F8kfs/g/I3/M4r9o/pjF/5n5Yxb/Z+WPWfwXyx+z+D87f8zi/5z8MYv/uPwxi/9z88cs/s/LH7P4Pz9/zOK/eP6YxX+J/DGL/wvyxyz+S+aPWfyXyh+z+L8wf8zi/6L8MYv/i/PHLP4vyR+z+C+dP2bxf2n+mMV/mfwxi/+y+WMW/+Xyxyz+y+ePWfxXyB+z+K+YP2bxf1n+mMV/pfwxi//K+WMW/1Xyxyz+q+aPWfxfnj9m8V8tf8ziv3r+mMX/FfljFv9X5o9Z/F+VP2bxH58/ZvGfkD9m8Z+YP2bxXyN/zOK/psh/rn9hXYv/WiL/fyWL/6T8MYv/5Pwxi//a+WMW/3Xyxyz+r84fs/i/Jn/M4r9u/pjFf738MYv/+vljFv/X5o9Z/DfIH7P4vy5/zOK/Yf6YxX+j/DGL/8b5Yxb/TfLHLP6vzx+z+G+aP2bx3yx/zOL/hvwxi/8b88cs/m/KH7P4vzl/zOL/lvwxi/9b88cs/m/LH7P4b54/ZvHfIn/M4r9l/pjF/+35Yxb/rfLHLP5b549Z/LfJH7P4b5s/ZvF/R/6YxX+7/DGL/zvzxyz+78ofs/hvnz9m8d8hf8ziv2P+mMV/p/wxi/+788cs/u/JH7P475w/ZvF/b/6YxX+X/DGL//vyxyz+788fs/h/IH/M4r9r/pjFf7f8MYv/7vljFv8P5o9Z/D+UP2bx/3D+mMX/I/ljFv+P5o9Z/PfIH7P4fyx/zOK/Z/6Yxf/j+WMW/0/kj1n898ofs/h/Mn/M4r93/pjF/1P5Yxb/T+ePWfz3yR+z+O+bP2bx3y9/zOL/mfwxi/9n88cs/p/LH7P4758/ZvE/IH/M4v/5/DGL/4H5Yxb/g/LHLP5fyB+z+B+cP2bxPyR/zOL/xfwxi/+X8scs/l/OH7P4fyV/zOL/1fwxi//X8scs/l/PH7P4fyN/zOJ/aP6Yxf+w/DGL/+H5Yxb/I/LHLP5H5o9Z/I/KH7P4H50/ZvE/Jn/M4n9s/pjF/7j8MYv/8fljFv9v5o9Z/E/IH7P4n5g/ZvE/KX/M4n9y/pjF/5T8MYv/t/LHLP7fzh+z+J+aP2bxPy1/zOJ/ev6Yxf+M/DGL/3fyxyz+Z+aPWfzPyh+z+J+dP2bx/27+mMX/e/ljFv9z8scs/ufmj1n8z8sfs/ifnz9m8b8gf8zi//38MYv/D/LHLP4/zB+z+P8of8zi/+P8MYv/T/LHLP4X5o9Z/C/KH7P4/zR/zOJ/cf6Yxf9n+WMW/0vyxyz+l+aPWfwvyx+z+F+eP2bxvyJ/zOJ/Zf6Yxf+q/DGL/8/zxyz+v8gfs/j/Mn/M4v+r/DGL/9X5Yxb/a/LHLP6/zh+z+P8mf8zif23+mMX/t/ljFv/r8scs/tfnj1n8b8gfs/j/Ln/M4n9j/pjF/6b8MYv/zfljFv/f549Z/P+QP2bx/2P+mMX/lvwxi/+f8scs/rfmj1n8b8sfs/jfnj9m8b8jf8zi/+f8MYv/nfljFv+78scs/n/JH7P4350/ZvH/a/6Yxf9v+WMW/7/nj1n8/5E/ZvG/J3/M4n9v/pjF/778MYv//fljFv8H8scs/lPyxyz+D+aPWfwfyh+z+E/NH5P4LzDIH7P4D+WPWfxH5Y9Z/GfLH7P4z57/o5pt5NHiPzp/zOI/R/6YxX/O/DGL/1z5Yxb/ufPHLP7z5I9Z/OfNH7P4z5c/ZvGfP3/M4v+U/DGL/wL5Yxb/MfljFv8F88cs/mPzxyz+C+WPWfwXzh+z+D81f8zi/7T8MYv/0/PHLP6L5I9Z/J+RP2bxXzR/zOL/zPwxi/+z8scs/ovlj1n8n50/ZvF/Tv6YxX9c/pjF/7n5Yxb/5+WPWfyfnz9m8V88f8ziv0T+mMX/BfljFv8l88cs/kvlj1n8X5g/ZvF/Uf6Yxf/F+WMW/5fkj1n8l84fs/i/NH/M4r9M/pjFf9n8MYv/cvljFv/l88cs/ivkj1n8V8wfs/i/LH/M4r9S/pjFf+X8MYv/KvljFv9V88cs/i/PH7P4r5Y/ZvFfPX/M4v+K/DGL/yvzxyz+r8ofs/iPzx+z+E/IH7P4T8wfs/ivkT9m8V8zf8ziv1b+mMV/Uv6YxX9y/pjFf+38MYv/OvljFv9X549Z/F+TP2bxXzd/zOK/Xv6YxX/9/DGL/2vzxyz+G+SPWfxflz9m8d8wf8ziv1H+mMV/4/wxi/8m+WMW/9fnj1n8N80fs/hvlj9m8X9D/pjF/435Yxb/N+WPWfzfnD9m8X9L/pjF/635Yxb/t+WPWfw3zx+z+G+RP2bx3zJ/zOL/9vwxi/9W+WMW/63zxyz+2+SPWfy3zR+z+L8jf8ziv13+mMX/nfljFv935Y9Z/LfPH7P475A/ZvHfMX/M4r9T/pjF/935Yxb/9+SPWfx3zh+z+L83f8ziv0v+mMX/ffljFv/3549Z/D+QP2bx3zV/zOK/W/6YxX/3/DGL/wfzxyz+H8ofs/h/OH/M4v+R/DGL/0fz//+xT0+9gxhaFEdnrn3n2qht27Zt28ZMbdu2bdu2bZv/foHdZJ6apnut5/Nwkl921NJ/mP5RS//t9I9a+m+vf9TSfwf9o5b+O+oftfTfSf+opf/O+kct/XfRP2rpv6v+UUv/3fSPWvrvrn/U0n8P/aOW/nvqH7X030v/qKX/3vpHLf330T9q6b+v/lFL//30j1r6769/1NL/AP2jlv4H6h+19D9I/6il/8H6Ry39D9E/aul/qP5RS//D9I9a+h+uf9TS/wj9o5b+R+oftfQ/Sv+opf/R+kct/Y/RP2rpf6z+UUv/4/SPWvofr3/U0v8E/aOW/ifqH7X0P0n/qKX/yfpHLf1P0T9q6X+q/lFL/9O+rf/gQYOGfUevfR+19D/d/qOW/mfoH7X0P1P/qKX/WfpHLf3P1j9q6X+O/lFL/3P1j1r6n6d/1NL/fP2jlv4X6B+19L9Q/6il/0X6Ry39L9Y/aul/if5RS/9L9Y9a+l9W1X9gYGDo8F229L+8qv/wa+l/hf5RS/8r9Y9a+l+lf9TS/2r9o5b+1+gftfS/Vv+opf91+kct/a/XP2rpf4P+UUv/G/WPWvrfpH/U0v9m/aOW/rfoH7X0v1X/qKX/bfpHLf1v1z9q6X+H/lFL/zv1j1r636V/1NL/bv2jlv736B+19L9X/6il/336Ry3979c/aun/gP5RS/8H9Y9a+j+kf9TS/2H9o5b+j+gftfR/VP+opf9j+kct/R/XP2rp/4T+UUv/J/WPWvo/pX/U0v9p/aOW/s/oH7X0f1b/qKX/c/pHLf2f1z9q6f+C/lFL/xf1j1r6v6R/1NL/Zf2jlv6v6B+19H9V/6il/2v6Ry39X9c/aun/hv5RS/839Y9a+r+lf9TS/239o5b+7+gftfR/V/+opf97+kct/d/XP2rp/4H+UUv/D/WPWvp/pH/U0v9j/aOW/p/oH7X0/1T/qKX/Z/pHLf0/1z9q6f+F/lFL/y/1j1r6f6V/1NL/a/2jlv4D+kcl/YcM0j9q6T9Y/6il/4/0j1r6/1j/qKX/T/SPWvr/VP+opf/P9I9a+v9c/6il/y/0j1r6/1L/qKX/r/SPWvr/Wv+opf9v9I9a+v9W/6il/+/0j1r6/17/qKX/EP2jlv5/0D9q6f9H/aOW/n/SP2rp/2f9o5b+f9E/aun/V/2jlv5/0z9q6f93/aOW/v/QP2rp/0/9o5b+/9I/aun/b/2jlv7/0T9q6f9f/aOW/v/TP2rp/3/9o5b+I+gftfQfUf+opf9I+kct/UfWP2rpP4r+UUv/UfWPWvqPpn/U0n90/aOW/mPoH7X0H1P/qKX/WPpHLf3H1j9q6T+O/lFL/3H1j1r6j6d/1NJ/fP2jlv4T6B+19J9Q/6il/0T6Ry39J9Y/auk/if5RS/9J9Y9a+k+mf9TSf3L9o5b+U+gftfSfUv+opf9U+kct/afWP2rpP43+UUv/afWPWvpPp3/U0n96/aOW/jPoH7X0n1H/qKX/TPpHLf1n1j9q6T+L/lFL/1n1j1r6z6Z/1NJ/dv2jlv5z6B+19J9T/6il/1z6Ry3959Y/auk/j/5RS/959Y9a+s+nf9TSf379o5b+C+gftfRfUP+opf9C+kct/RfWP2rpv4j+UUv/RfWPWvovpn/U0n9x/aOW/kvoH7X0X1L/qKX/UvpHLf2X1j9q6b+M/lFL/2X1j1r6L6d/1NJ/ef2jlv4r6B+19F9R/6il/0r6Ry39V9Y/aum/iv5RS/9V9Y9a+q+mf9TSf3X9o5b+a+gftfRfU/+opf9a+kct/dfWP2rpv47+UUv/dfWPWvqvp3/U0n99/aOW/hvoH7X031D/qKX/RvpHLf031j9q6b+J/lFL/031j1r6b6Z/1NJ/c/2jlv5b6B+19N9S/6il/1b6Ry39t9Y/aum/jf5RS/9t9Y9a+g/VP/rB9QcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiGfXuPrbMs4Dj+dlvHmJiMuOAyNNnkQSERZrtLxh+ETca2OujGfQxw7NKNjXabXYddAXf5YxIhXCSZZIkSZctQwkxoJAaCFUQ06KImGrwAohBF40QIuiUu1pz2tLRnXbPz1OdZhM/nj57zvu3v3dbku/ddKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/6+GxrmHRtcMOjV64MFHDzb1vM44vPTmfX/surDvtfzpRUNcctTAg+7u7u4Zz03fVj48pSiK0q+2vXw8rnJcuv72+q+09x6FOV0vLTg64deNh/atPP2Rus7D99f2nK0tblqzrrnpU6OKIlxcW7SXDupqiiLMry3uKx3Ulw4W1BaPlA6m9xycWny/dHD+qo3Nq0snFkZ/z+C9oqFxezF6ULHFoL8NBva/vf57d/a9DnPJvquNKcr9X9Hx47cqPtfnOP33XT/Mrey/6j8gcFzV9f/CnL7XYS55zP1//FPLXhnqc8fvv+/64dP6h3SGeP4f1Gjlc3/F8/+UIS7Zv7+qpuNoqf9Lb3t2avnUmBN5/n/3+uHiyv5HDXr+Lz3Hz+t7/j+lKMIlI/x2wPtKQ+OOQ8Pd/4fvf8zkik3NwP7PaN24t9T/4wt+9ET5VG2V/c8b5v4/amHF7xWoTkPj17sr7v9V9F98YohL9vf/9hO/f7jU/2N/fuDMAZ+rpv9LKvuf1tayadrmrR3nrWtZsbZpbdOGuumzZ8yqr5t1wcxpPY8EvR9H+F2B94eR3f+L8RWbmqJo6t9f07nv6VL/Mx98cEb51Lgq+58/7P1/ivs/DOljo4qxY4v2FW1trXW9H/sO63s/9n7ZEP1X8e//s84pf1lt+bWmKCb17+868+4lpf7fOfDszvKpsVX2v2DY/uf0/7pAhBHe/1dXbAb1v//ASz3P/4vu3X9G+VS1//5fOGz/r7r/w0g0NFb8wM//WKn/HcVlkZ2GBv/9D9LJ0f9j79zQFbcOn9E/pJOj/z996fC5ceuwSP+QTo7+x6x/4Pm4dbhU/5BOjv4XT5y9JG4dLtM/pJOj/1Wvnvv3uHVo1D+kk6P/c762sz1uHRbrH9LJ0f9DrTO2xK3DEv1DOjn6/+VpD70Wtw6X6x/SydH/kSP33Bi3DlfoH9LJ0X/nrrN/ErcOV+of0snR/+Vr5oa4dbhK/5BOjv4nT/rr43HrcLX+IZ0c/c/6279Pi1uHa/QP6eTo/44vL9kTtw7X6h/SydH/6OtfeTFuHZbqH9LJ0f/Cs7fMjVuH6/QP6eTof/UvVnefwJdu+cAxp8Iy/UM6Ofqf9u2frYtbh+v1D+nk6P/g4kd3xa3DDfqHdHL0v6uumBC3DjfqH9LJ0f+3fnj6gbh1+Kz+IZ0c/f/hqSdnx63Dcv1DOjn6f+4jt38nbh1u0j+kk6P/e1e+eFbcOqzQP6STo/+Hdz//1bh1WKl/SCdH/2+80XLsj/ackLBK/5BOjv7Hjzv19bh1WK1/SCdH/3Nv/UZr3Do06R/SydF/y87On8atwxr9Qzo5+v/40UnL4tZhrf4hnRz9L525+8Nx63Cz/iGdHP1/aNGFO+LWYZ3+IZ0c/V/U9cmL4tZhvf4hnRz9tz3zxW/GrcMt+od0cvS/e+pr8+PWoVn/kE6O/l9evvDncevQon9IJ0f/bz163Ya4ddigf0gnR/9P/urtI3HrsFH/kE6O/j94wbx/xq3DJv1DOjn6n7/gzVVx6/A5/UM6Ofpf3/mfl+PWoVX/kE6O/qcevHpR3Dps1j+kk6P/H5xXtzduHdr0D+nk6P/OK/fUx63DFv1DOjn637v/rrvj1uFW/UM6Ofp/8zdTJsetw+f1D+nk6P/+CQeujVuHdv1DOjn6/+2G2mfi1mGr/iGdHP3/a8/EbXHr0KF/SCdH/0+/3vWXuHW4Tf+QTo7+l4/53di4dbhd/5BOjv4ndmy6L24d7tA/pJOj/9n3rDg/bh2+oH9IJ0f/m//xwnfj1mGb/iGdzVs7blnR3NzU6o033njT/+Zk/80EpPZu9Cf7dwIAAAAAAAAAAAAAABxPjv+d6GT/GQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgP+yAwcCAAAAAED+r41QVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhR04FgAAAAAQ5m8dRO8GAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF8BAAD//xd16/k=")
openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
chown(&(0x7f0000000040)='./file0\x00', 0xffffffffffffffff, 0xee00)

4.19487279s ago: executing program 6 (id=1606):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)={{0x14}, [@NFT_MSG_NEWRULE={0x7c, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x50, 0x4, 0x0, 0x1, [{0x24, 0x1, 0x0, 0x1, @socket={{0xb}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_SOCKET_DREG={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_SOCKET_KEY={0x8, 0x1, 0x1, 0x0, 0x2}]}}}, {0x28, 0x1, 0x0, 0x1, @nat={{0x8}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_NAT_REG_PROTO_MIN={0x8, 0x5, 0x1, 0x0, 0x3}, @NFTA_NAT_FAMILY={0x8, 0x2, 0x1, 0x0, 0x2}, @NFTA_NAT_TYPE={0x8, 0x1, 0x1, 0x0, 0x1}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0xa4}}, 0x0)

4.089083043s ago: executing program 5 (id=1607):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5ac, 0x267, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x20, [{{0x9, 0x4, 0x0, 0x68, 0x1, 0x3, 0x0, 0x81657b94fb2d95cb, 0x0, {0x9, 0x21, 0x6, 0x0, 0x1, {0x22, 0x7}}, {{{0x9, 0x5, 0x81, 0x3, 0x40, 0x5}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x24, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x22, 0x7, {[@global=@item_4={0x3, 0x1, 0x5, "2e9ec08c"}, @global=@item_012={0x1, 0x1, 0x3, "ff"}]}}, 0x0}, 0x0)

3.537311922s ago: executing program 35 (id=1607):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5ac, 0x267, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x20, [{{0x9, 0x4, 0x0, 0x68, 0x1, 0x3, 0x0, 0x81657b94fb2d95cb, 0x0, {0x9, 0x21, 0x6, 0x0, 0x1, {0x22, 0x7}}, {{{0x9, 0x5, 0x81, 0x3, 0x40, 0x5}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x24, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x22, 0x7, {[@global=@item_4={0x3, 0x1, 0x5, "2e9ec08c"}, @global=@item_012={0x1, 0x1, 0x3, "ff"}]}}, 0x0}, 0x0)

3.53216941s ago: executing program 6 (id=1609):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r1 = dup(r0)
write$UHID_INPUT(r1, &(0x7f0000001040)={0x18, {"a2e3ad21ed6b52f99cfbf4c087f70c1b3e6ee7ff7fc6e5539b9b3b0e8b9b411b5d30091b080d29428f0e1ac6e7049b3468959b4c9a242a9b67f3988f7ef319520200ffe8d178708c523c921b1b25380a169b63d336cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae193973735b36d5b1b63e91c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca5b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295cba0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b4124351601611c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1388dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44060bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783f287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca4051c2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4fe5b7b6eb65ca8104e1b4da1fbb77ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b405177548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e05130935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463181f4b87c10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fad6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b3110b932a4d02da711b757fe43c06d21e35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc238a081ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed714887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee658e4cb5e930ed624806c43a006dc9336d07c2b8081c128ad2706f48261f7897084c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e45df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264d2700c838fa2c7b34252600c9654e502dcea39cb6bc3eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c6000064b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa70826ad01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x101c}}, 0x20002046)

2.446895224s ago: executing program 6 (id=1615):
r0 = msgget(0x1, 0x2b0)
msgrcv(r0, 0x0, 0x0, 0x2, 0x0)
msgctl$IPC_SET(r0, 0x1, &(0x7f0000000400)={{0x2, 0x0, 0x0, 0x0, 0x0, 0x14, 0x7}, 0x0, 0x0, 0x28596bc9, 0x8c, 0x20000000000000a, 0x100, 0x200000000, 0x803, 0x9, 0x9})

2.158417235s ago: executing program 3 (id=1616):
r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000002a40))

2.01666456s ago: executing program 3 (id=1617):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x8, 0x2, 0x0, 0x1}, 0x48)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000280)=@bpf_lsm={0x6, 0x3, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000003f000000000000000000f195"], &(0x7f0000000140)='GPL\x00'}, 0x80)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000000c0)={r0, &(0x7f0000000300), &(0x7f0000000000)=""/10, 0x2}, 0x20)

1.799265552s ago: executing program 3 (id=1619):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0), 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="15"], 0x48)
bpf$MAP_LOOKUP_ELEM(0x5, &(0x7f00000000c0)={r0, &(0x7f0000000000), &(0x7f0000000040)=""/73}, 0x70)

1.703312251s ago: executing program 1 (id=1620):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f00000003c0)=0x7, 0x4)
sendto$inet(r0, &(0x7f0000000140)='Z', 0x1, 0x20008054, &(0x7f00000000c0)={0x2, 0x4e24, @local}, 0x10)

1.607876342s ago: executing program 1 (id=1621):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
shutdown(r0, 0x0)
close(r0)

1.550301601s ago: executing program 3 (id=1622):
r0 = syz_io_uring_setup(0x339e, &(0x7f0000000300)={0x0, 0x0, 0x800}, &(0x7f0000002480), &(0x7f00000024c0))
io_uring_register$IORING_REGISTER_BUFFERS2(r0, 0xf, &(0x7f0000002380)={0x1, 0x0, 0x0, &(0x7f00000022c0)=[{0x0}], 0x0}, 0x20)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f0000004f40)={0x0, 0x0, &(0x7f0000004f00)=[{0x0}], 0xfffffffffffffffe, 0x1}, 0x20)

1.505550057s ago: executing program 1 (id=1623):
setreuid(0xee00, 0xee01)
r0 = getpid()
prlimit64(r0, 0x8, 0x0, 0x0)

1.331591543s ago: executing program 6 (id=1624):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x2, 0x0)
ioctl$AUTOFS_IOC_CATATONIC(r0, 0x9362, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR(r0, 0xc0046209, 0x200000000000000)

1.237080204s ago: executing program 3 (id=1625):
syz_mount_image$vfat(&(0x7f0000000540), &(0x7f0000000040)='./file1\x00', 0x0, &(0x7f0000000940)=ANY=[@ANYBLOB="756e695f786c6174653d312c696f636861727365743d69a17707e859d35af809cabc3e7b83736f383835392d392c73686f72746e616d653d77696e6e742c636f6465706167653d313235352c757466383d302c636f6465706167653d3836332c756e695f786c6174653d302c6e6f6e756d7461696c3d302c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6d697865642c726f6469722c726f6469722c696f636861727365743d6b6f69382d72752c00", @ANYRES32=0x0, @ANYRES64, @ANYBLOB=' \t', @ANYRES16], 0x81, 0x2c0, &(0x7f0000000a40)="$eJzs3c+KI0UYAPCve5KZjArJwZMINujB07C7T7CDjLA4JyUHvejiZkGTsJBAwD8Y9+Rd8OQ7+A4+gBffwINHwZt7EFuS7p50bxJnImNWdn6/S76u+r6u6prKBAZS89Gr4+GDR9OHj7/8JTqdJNK7cTeeJNGLNCpfBwDwPHmS5/F7nuYLl+W24jAi8m55le5hegDAf6D4/M+v9PkPADwf3nv/g3dOz8/P3s2yTsT4m1k/ieK16D99GJ/EKAZxK7rxZ0R+oYhfund+Fq0sq/4YMDuOfsT4w5/K69PfIpb1t6MbvafrD8usbCneGM9n/cXIi9d2vJBEnOZJkXInuvFyRN6O8ibFy9v3zs/uZOv10T+MN1//vpz/X4M4iW78/HE8ilE8WN5iVf/V7Sx7K//ujy+KJ+hHJPNZ/2iZt5If7OUHAgAAAAAAAAAAAAAAAAAAAADAjXCSXejVz8+pTgM8Odncv/V8oPKEn3ntfJ1bWZZVx/jM+u0o6lvxSitaz+7JAQAAAAAAAAAAAAAAAAAA4P9j+tnnw/uj0WDSCH7MF8FxM2dxuSm5DFq1lupr/VuTtwefLoLhDxE7VV05iINyaqOkMUSntibXMdbRLsnHmwaNdNsatkZRTP7b3Sf2WvMBk0uqqiXZcRGqsuH9JC5J7mzeJLWdWW3DyTT5x03bDPINS3ewteqw3pJecYhN93nx326b4/WFKt9F7YvFbFYttmy9pX3N75SnJNfy+wYAAAAAAAAAAAAAAAAAANhu9aXf+HWt8/EzmRIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7F31//+r68FkGr1ly6TqSlddZcu83pI2kteCo8l0mXvUGLa3vycEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgJvg7AAD//2w5Q3s=")
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
rmdir(&(0x7f0000005a40)='./file0\x00')

1.223174776s ago: executing program 6 (id=1626):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_NET_SET(r0, &(0x7f0000000940)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000000)={0x20, r1, 0x1, 0x70bd2c, 0x25dfdbfb, {}, [@TIPC_NLA_NET={0xc, 0x7, 0x0, 0x1, [@TIPC_NLA_NET_ID={0x8, 0x1, 0x8}]}]}, 0x20}, 0x1, 0x0, 0x0, 0x48084}, 0x4008000)

1.178584376s ago: executing program 1 (id=1627):
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1f, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r0}, 0xc)

242.815646ms ago: executing program 6 (id=1628):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0)
r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/compact_memory\x00', 0x1, 0x0)
sendfile(r1, r0, &(0x7f00000000c0)=0x58, 0x5)

242.69874ms ago: executing program 1 (id=1629):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="18000000000000040000000000000000850000000e000000850000000e00000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000500)='sys_exit\x00', r0}, 0x10)
timer_delete(0x0)

242.595052ms ago: executing program 3 (id=1630):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x10c4, 0x8acf, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000400)={0x24, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x22, 0x6, {[@global=@item_012={0x0, 0x1, 0x8}, @global=@item_4={0x3, 0x1, 0x2, "8b2fc8a6"}]}}, 0x0}, 0x0)

0s ago: executing program 1 (id=1631):
r0 = syz_mount_image$nilfs2(&(0x7f00000008c0), &(0x7f0000000e00)='./file0\x00', 0x10000, &(0x7f0000000940)=ANY=[], 0x0, 0xdab, &(0x7f0000000e80)="$eJzs3ctvXNX9APBzx544L36x8wuNm6ZJSkigj9iQumklNkaii1KE1CVLmgaa1gmP0AUoi5RFV0i1hPgDipDIpuqi6oJNFbGiG1Sp+wqx6iaVkLJAUcCV7XPG429mdGcc2+PxfD7SnTP3fs+955x53LlzXycBI6ux8jg3N12l9N5H7z7zr7O/+NvylJOtHKdWHsfz2HxKqdmaL6XJsLz5idX0qy+uX2xPv85plc6nKlWt6en52615D6SUbqRT6VaaTE+9cOfeh4vPPrc4debm0Xc+vbs1rV9TbXUBAACwA3z58w9e+8djP70+dfcvJ+bTRGt62T6fz+MH83b/fN5QLtvL5X9A1ZZWHban94R843lohHxjHfK1l9MM+ca7lL8nLLfZJd9ETfljbdM6tRuG2dr/+Koxs2680ZiZWf1PvuyzsT3VzNXLCy9dG1BFgU1352TexWcwGEZuWDo06DUQwKp43PA+Nzb3SF1raeO9lX/76Ubn+WETbPfnX/nDVf4Hv7fGYfPs1k9TaVf5Hh3M4/E4wniYr9/vf1lePB7R7LGe3Y4jDMvxhW71HNvmemxUt/rHz8Vu9e2cltfhRIi3f3/iezos7zHQ2Zf2/xsMIzssDXoFBOxY8by5pazE43l9MT5RE99bE99XE99fEz9QE4dR9tc3/pgWq7X/+fE/fb/7w8p+tody+n991ifuj+y3/Hjeb78etPx4PjHsZL8898mf7/zu1j/j+f9fh/P/T+ff0sm8gij7C+N+9da5/+HC4EaXfIdDfR7qkH/l+ZH1+aoja8tJbeuZ++oxvX6+Q93yHV+fbzLk25+3RfaG+sbtk/1hvrL9Udar5fUaD+1thnbsCfUo78xUTveG9kx1a1fYkb0n5Gvm4f9Du46Edj0c5vtGaFc1vb5dcf95qc/RMD0eJyn5wtt23+9SfC/idRmP5PTtnL6f049z+nmHckdR+Tx2O/+/fD6nU7N66fLCpSfyePmcfjLWnFie/uQ21xt4cL1e/zOd1l//c7A1vdloXy8cWpteta8XJsP0812m/zCPl9+zX4/tW5k+c/GVhV9tduNhxF17863fvriwcOl1TzzxxJPWk0GvmYCtNvvGlVdnr7351rnLV158+dLLl65e+MmPzj8x9+MLF2ZXNutn2zfugV1l7Ud/0DUBAAAAAAAAAAAAelbt6zw5p3X3ty3Xk5fr0+P18QyH8r6VT0O5j0G5/rPbfV3K9ZtT21BHNt92XE406DYCnf3X/X8NhpEdlpbcxR/YGQbd/1+572FJr/79Z3uXh5Lt9tPr15fx/oXwIHZ6/3PK3139/7X6v+p5/Rd6zJrcWLlX7j16s63YdKzX8mP7y31gj/RX/tVcfmnN2dRb+Ut/CuXHG5X26JVQ/v4ey7+v/cc3Vv6rufzysj1+utfyV2tcNdbXI+43LvcBjPuNi9dC+8u9/fpu/wY7ans9lw+jbFj6mezXsPT/2U1ZblkP5tVz6zhduf927O+g3/qX+36X34GHw/Krmt83/X8Ot7r+P8vnb1b/n7DrfOb4n8EwssPS0tJAuz4Z1X5XdopBv/6D3oYcdPmDfv3rxP4/4/+l2P9njMf+P2M89v8Z47F/rRiP/X/G1zP2/xnjR8NyY/+g0zXxb9bEj9XEv1UTP14Tj//fYvxUTfxETfxkTfxwTfyRmvjpmvijNfEzNfHHauKP18R3u+/kdFTbD6Ms9hvp+w+joxz/6fb9P1ITB4ZX7Nc5fr/P1sSB4VXO8/D9hhFUdb5jR9zfXvbjvp3T93P6cU4/37IKsh2+m9Pv5fT7Of1BTs/ldCansznVNeRw+8N/jp1YrNbO8zsU4r2eTxqvB4j3iXmyx/rE43P9ns96tMdytqr8DV4OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA0GiuPc3PTVUrvffTuM/8+95vDy1NOtnKcWnkcz2PzKaVmSqnK4+NheTcmVtOvvrh+sVNapfMrj2U8PX+7Ne+B5fnTqXQrTaanXrhz78PFZ59bnDpz8+g7n97dmtavqba6AAAAABig/wUAAP//vrPsgA==")
r1 = openat(r0, &(0x7f0000000140)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r1, 0xc0186e87, &(0x7f00000002c0)={@id={0x20000000, 0x0, @auto="660000002800a73e1baeff79da3b89f5"}})

kernel console output (not intermixed with test programs):

): Directory bread(block 67) failed
[  259.944288][ T5849] EXT4-fs warning (device loop0): empty_inline_dir:1787: bad inline directory (dir #12) - inode 150994957, rec_len 16, name_len 5inline size 60
[  259.964873][ T8538] FAT-fs (loop5): Directory bread(block 68) failed
[  259.974473][ T5948] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  260.015472][ T8538] FAT-fs (loop5): Directory bread(block 69) failed
[  260.027909][ T5849] EXT4-fs warning (device loop0): empty_inline_dir:1787: bad inline directory (dir #12) - inode 150994957, rec_len 16, name_len 5inline size 60
[  260.029462][ T8546] loop3: detected capacity change from 0 to 1024
[  260.052829][ T8538] FAT-fs (loop5): Directory bread(block 70) failed
[  260.059397][ T8538] FAT-fs (loop5): Directory bread(block 71) failed
[  260.080054][ T8538] FAT-fs (loop5): Directory bread(block 72) failed
[  260.087834][ T8538] FAT-fs (loop5): Directory bread(block 73) failed
[  260.162859][ T5948] usb 5-1: Using ep0 maxpacket: 32
[  260.193873][ T5948] usb 5-1: config 0 has an invalid interface number: 85 but max is 0
[  260.212801][ T5948] usb 5-1: config 0 has no interface number 0
[  260.237162][ T5948] usb 5-1: config 0 interface 85 altsetting 7 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  260.256400][ T3016] hfsplus: b-tree write err: -5, ino 4
[  260.293339][ T5948] usb 5-1: config 0 interface 85 altsetting 7 endpoint 0x82 has invalid wMaxPacketSize 0
[  260.312236][ T5948] usb 5-1: config 0 interface 85 has no altsetting 0
[  260.338286][ T5948] usb 5-1: New USB device found, idVendor=05ac, idProduct=0219, bcdDevice=f0.72
[  260.382313][ T5948] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  260.390937][ T5948] usb 5-1: Product: syz
[  260.412273][ T5948] usb 5-1: Manufacturer: syz
[  260.422555][ T5948] usb 5-1: SerialNumber: syz
[  260.445068][ T5948] usb 5-1: config 0 descriptor??
[  260.746199][ T8557] xt_hashlimit: size too large, truncated to 1048576
[  260.838452][ T8558] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1037'.
[  260.886227][ T5948] appletouch 5-1:0.85: Failed to request geyser raw mode
[  260.931811][ T5948] appletouch 5-1:0.85: probe with driver appletouch failed with error -5
[  261.023980][ T5948] usb 5-1: USB disconnect, device number 11
[  261.037192][ T8562] loop3: detected capacity change from 0 to 1024
[  261.098495][ T8562] hfsplus: failed to load root directory
[  261.289479][ T7857] udevd[7857]: symlink '../../loop2' '/dev/disk/by-diskseq/398.tmp-b7:2' failed: Read-only file system
[  261.353057][ T5868] udevd[5868]: symlink '../../loop3' '/dev/disk/by-diskseq/402.tmp-b7:3' failed: Read-only file system
[  261.490014][ T8498] udevd[8498]: symlink '../../loop3' '/dev/disk/by-diskseq/402.tmp-b7:3' failed: Read-only file system
[  261.593642][ T5868] udevd[5868]: symlink '../../loop2' '/dev/disk/by-diskseq/398.tmp-b7:2' failed: Read-only file system
[  261.597745][ T8498] udevd[8498]: symlink '../../loop3' '/dev/disk/by-diskseq/402.tmp-b7:3' failed: Read-only file system
[  261.680487][ T8550] loop1: detected capacity change from 0 to 32768
[  261.726939][ T8498] udevd[8498]: symlink '../../loop3' '/dev/disk/by-diskseq/403.tmp-b7:3' failed: Read-only file system
[  261.768791][ T5868] udevd[5868]: symlink '../../loop4' '/dev/disk/by-diskseq/386.tmp-b7:4' failed: Read-only file system
[  261.828229][ T8498] udevd[8498]: symlink '../../loop3' '/dev/disk/by-diskseq/403.tmp-b7:3' failed: Read-only file system
[  261.874414][ T5868] udevd[5868]: symlink '../../loop2' '/dev/disk/by-diskseq/398.tmp-b7:2' failed: Read-only file system
[  261.876713][ T8550] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  261.896473][ T8498] udevd[8498]: symlink '../../loop3' '/dev/disk/by-diskseq/403.tmp-b7:3' failed: Read-only file system
[  261.931607][ T8575] loop3: detected capacity change from 0 to 512
[  262.016804][ T8575] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  262.167599][ T8575] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1217: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  262.225020][ T5849] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.242589][ T8575] EXT4-fs (loop3): 1 truncate cleaned up
[  262.299041][ T8575] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  262.472843][ T8593] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  262.597777][ T8593] CIFS: Unable to determine destination address
[  262.613435][ T8550] XFS (loop1): Ending clean mount
[  262.634945][ T8550] XFS (loop1): Quotacheck needed: Please wait.
[  262.696709][ T5848] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.730661][ T8550] XFS (loop1): Quotacheck: Done.
[  262.754096][  T190] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  262.968163][ T5850] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  262.986970][  T190] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  263.123576][  T190] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  263.317279][ T8607] loop2: detected capacity change from 0 to 256
[  263.334457][ T8606] loop4: detected capacity change from 0 to 512
[  263.384396][ T8606] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  263.443817][  T190] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  263.477034][ T8606] EXT4-fs (loop4): 1 truncate cleaned up
[  263.554786][ T8606] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  263.784355][ T8606] EXT4-fs error (device loop4): ext4_generic_delete_entry:2667: inode #2: block 13: comm syz.4.1056: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  263.904099][ T8606] EXT4-fs error (device loop4) in ext4_delete_entry:2739: Corrupt filesystem
[  264.283899][ T5871] Bluetooth: hci2: unexpected event for opcode 0x2035
[  264.334350][ T5974] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  264.514375][ T5974] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  264.524593][ T5974] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x7 has invalid maxpacket 0
[  264.544981][ T5974] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  264.570505][ T8620] loop5: detected capacity change from 0 to 40427
[  264.582981][ T8620] F2FS-fs (loop5): Wrong secs_per_zone / total_sections (0, 24)
[  264.587617][ T5974] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x89 has invalid maxpacket 0
[  264.590656][ T8620] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  264.632366][    T9] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  264.691977][ T5851] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  264.692792][ T5974] usb 2-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b
[  264.702826][ T8620] F2FS-fs (loop5): Mismatch valid blocks 0 vs. 2
[  264.750015][ T8620] F2FS-fs (loop5): Failed to initialize F2FS segment manager (-117)
[  264.777410][  T190] bridge_slave_1: left allmulticast mode
[  264.789531][ T5974] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  264.817607][ T5864] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  264.860338][  T190] bridge_slave_1: left promiscuous mode
[  264.872720][ T5864] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  264.881752][ T5864] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  264.886874][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  264.909646][ T5864] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  264.913636][ T5974] usb 2-1: config 0 descriptor??
[  264.951611][ T5864] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  264.962849][  T190] bridge0: port 2(bridge_slave_1) entered disabled state
[  265.026980][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  265.127845][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  265.157106][  T190] bridge_slave_0: left allmulticast mode
[  265.202374][  T190] bridge_slave_0: left promiscuous mode
[  265.209399][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  265.211184][  T190] bridge0: port 1(bridge_slave_0) entered disabled state
[  265.253017][ T5974] hdpvr 2-1:0.0: firmware version 0x0 dated 
[  265.273887][    T9] usb 3-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[  265.297511][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  265.301498][ T5974] hdpvr 2-1:0.0: untested firmware, the driver might not work.
[  265.304162][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  265.317129][    T9] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  265.381911][    T9] usb 3-1: Product: syz
[  265.406261][    T9] usb 3-1: Manufacturer: syz
[  265.429201][    T9] usb 3-1: SerialNumber: syz
[  265.472948][    T9] usb 3-1: config 0 descriptor??
[  265.734024][    T9] adutux 3-1:0.0: ADU208 4242424 now attached to /dev/usb/adutux0
[  265.787729][ T5974] hdpvr 2-1:0.0: Could not setup controls
[  265.845319][ T5974] hdpvr 2-1:0.0: registering videodev failed
[  265.912336][ T5941] usb 6-1: new full-speed USB device number 14 using dummy_hcd
[  265.937288][    T9] usb 3-1: USB disconnect, device number 11
[  265.948575][ T5974] hdpvr 2-1:0.0: probe with driver hdpvr failed with error -71
[  266.031937][ T5974] usb 2-1: USB disconnect, device number 15
[  266.124393][ T5941] usb 6-1: config 0 interface 0 altsetting 4 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  266.172399][ T5941] usb 6-1: config 0 interface 0 has no altsetting 0
[  266.211950][ T5941] usb 6-1: New USB device found, idVendor=5543, idProduct=0042, bcdDevice= 0.00
[  266.269473][ T5941] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  266.313553][ T5941] usb 6-1: config 0 descriptor??
[  266.335500][ T8658] loop3: detected capacity change from 0 to 2048
[  266.392443][ T8498] udevd[8498]: symlink '../../loop5' '/dev/disk/by-diskseq/411.tmp-b7:5' failed: Read-only file system
[  266.414904][ T8658] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  266.500080][ T8498] udevd[8498]: symlink '../../loop5' '/dev/disk/by-diskseq/411.tmp-b7:5' failed: Read-only file system
[  266.557443][ T5868] udevd[5868]: symlink '../../loop3' '/dev/disk/by-diskseq/414.tmp-b7:3' failed: Read-only file system
[  266.569865][ T7857] udevd[7857]: symlink '../../loop1' '/dev/disk/by-diskseq/407.tmp-b7:1' failed: Read-only file system
[  266.586821][ T8498] udevd[8498]: symlink '../../loop5' '/dev/disk/by-diskseq/411.tmp-b7:5' failed: Read-only file system
[  266.617050][ T5868] udevd[5868]: symlink '../../loop3' '/dev/disk/by-label/LinuxUDF.tmp-b7:3' failed: Read-only file system
[  266.638416][ T6037] udevd[6037]: symlink '../../loop2' '/dev/disk/by-diskseq/410.tmp-b7:2' failed: Read-only file system
[  266.659979][ T5868] udevd[5868]: symlink '../../loop3' '/dev/disk/by-uuid/1234567812345678.tmp-b7:3' failed: Read-only file system
[  266.676938][ T8498] udevd[8498]: symlink '../../loop5' '/dev/disk/by-diskseq/413.tmp-b7:5' failed: Read-only file system
[  266.753428][ T5868] udevd[5868]: symlink '../../loop3' '/dev/disk/by-diskseq/414.tmp-b7:3' failed: Read-only file system
[  266.819756][ T5941] uclogic 0003:5543:0042.0023: hidraw0: USB HID v2.07 Device [HID 5543:0042] on usb-dummy_hcd.5-1/input0
[  266.999960][  T117] usb 6-1: USB disconnect, device number 14
[  267.054802][ T5864] Bluetooth: hci0: command tx timeout
[  267.076286][ T8665] fido_id[8665]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/6-1/report_descriptor': No such file or directory
[  267.368204][ T8673] loop1: detected capacity change from 0 to 64
[  267.482496][ T8677] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1080'.
[  268.334353][ T5864] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  268.343320][ T5864] Bluetooth: hci2: Injecting HCI hardware error event
[  268.351149][ T8698] loop1: detected capacity change from 0 to 256
[  268.353134][ T5871] Bluetooth: hci2: hardware error 0x00
[  268.550137][ T8698] FAT-fs (loop1): Directory bread(block 64) failed
[  268.552964][ T8702] comedi comedi3: driver 'ni_daq_700' does not support attach using comedi_config
[  268.598651][ T8698] FAT-fs (loop1): Directory bread(block 65) failed
[  268.632558][ T8698] FAT-fs (loop1): Directory bread(block 66) failed
[  268.669701][ T8698] FAT-fs (loop1): Directory bread(block 67) failed
[  268.731387][ T8698] FAT-fs (loop1): Directory bread(block 68) failed
[  268.781452][ T8698] FAT-fs (loop1): Directory bread(block 69) failed
[  268.836729][ T8698] FAT-fs (loop1): Directory bread(block 70) failed
[  268.846731][ T8698] FAT-fs (loop1): Directory bread(block 71) failed
[  268.894843][ T8698] FAT-fs (loop1): Directory bread(block 72) failed
[  268.919258][ T8698] FAT-fs (loop1): Directory bread(block 73) failed
[  269.008687][ T8709] loop3: detected capacity change from 0 to 512
[  269.097512][ T8709] EXT4-fs (loop3): filesystem is read-only
[  269.134822][ T5864] Bluetooth: hci0: command tx timeout
[  269.142721][ T8709] EXT4-fs (loop3): filesystem is read-only
[  269.158847][ T8709] EXT4-fs (loop3): orphan cleanup on readonly fs
[  269.200816][ T8683] loop5: detected capacity change from 0 to 32768
[  269.209627][ T8709] EXT4-fs error (device loop3): ext4_orphan_get:1419: comm syz.3.1096: bad orphan inode 16
[  269.231446][  T190] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  269.255739][ T8709] ext4_test_bit(bit=15, block=3) = 0
[  269.279805][  T190] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  269.283811][ T8709] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  269.375289][  T190] bond0 (unregistering): Released all slaves
[  269.637688][ T5848] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  269.874956][ T8724] loop5: detected capacity change from 0 to 64
[  270.032456][ T8726] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1101'.
[  270.062290][   T30] audit: type=1800 audit(1753811081.567:31): pid=8724 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1099" name="file1" dev="loop5" ino=5 res=0 errno=0
[  270.492456][ T5871] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  270.538998][ T8732] loop5: detected capacity change from 0 to 512
[  270.661713][ T8734] loop4: detected capacity change from 0 to 1024
[  270.671315][ T8706] loop2: detected capacity change from 0 to 32768
[  270.678156][  T117] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  270.715875][ T8734] EXT4-fs (loop4): filesystem is read-only
[  270.732576][ T8732] Quota error (device loop5): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  270.766893][ T8734] EXT4-fs (loop4): ext4_check_descriptors: Inode table for group 0 overlaps block group descriptors
[  270.768934][ T8732] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[  270.792238][ T8734] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (11891!=20869)
[  270.822606][ T8732] EXT4-fs error (device loop5): ext4_acquire_dquot:6931: comm syz.5.1104: Failed to acquire dquot type 1
[  270.836063][ T8734] EXT4-fs (loop4): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  270.847771][ T8734] EXT4-fs error (device loop4): ext4_get_journal_inode:5796: comm syz.4.1105: inode #1: comm syz.4.1105: iget: illegal inode #
[  270.867471][ T8732] EXT4-fs (loop5): 1 truncate cleaned up
[  270.895639][ T8734] EXT4-fs (loop4): no journal found
[  270.903923][ T8734] EXT4-fs (loop4): can't get journal size
[  270.927253][ T8734] EXT4-fs error (device loop4): __ext4_fill_super:5500: inode #2: comm syz.4.1105: iget: bad extra_isize 65535 (inode size 1024)
[  270.963947][  T117] usb 4-1: New USB device found, idVendor=041e, idProduct=3100, bcdDevice= 0.00
[  270.992367][ T8732] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  271.042491][ T8734] EXT4-fs (loop4): get root inode failed
[  271.049586][  T117] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  271.062885][ T8732] ext4 filesystem being mounted at /191/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  271.103151][ T8734] EXT4-fs (loop4): mount failed
[  271.153025][  T117] usb 4-1: config 0 descriptor??
[  271.188191][ T8732] EXT4-fs error (device loop5): ext4_lookup:1789: inode #2: comm syz.5.1104: deleted inode referenced: 12
[  271.212533][ T5871] Bluetooth: hci0: command tx timeout
[  271.392403][ T8741] EXT4-fs error (device loop5): ext4_validate_block_bitmap:440: comm ext4lazyinit: bg 0: block 248: padding at end of block bitmap is not set
[  271.434657][ T5868] udevd[5868]: symlink '../../loop4' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system
[  271.477942][ T8498] udevd[8498]: symlink '../../loop5' '/dev/disk/by-diskseq/424.tmp-b7:5' failed: Read-only file system
[  271.481879][ T7857] udevd[7857]: symlink '../../loop2' '/dev/disk/by-diskseq/428.tmp-b7:2' failed: Read-only file system
[  271.501709][ T6037] udevd[6037]: symlink '../../loop1' '/dev/disk/by-diskseq/421.tmp-b7:1' failed: Read-only file system
[  271.577629][ T8498] udevd[8498]: symlink '../../loop5' '/dev/disk/by-label/syzkall\x04.tmp-b7:5' failed: Read-only file system
[  271.581052][ T5853] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  271.594890][  T117] creative-sb0540 0003:041E:3100.0024: unknown main item tag 0x0
[  271.645314][ T7857] udevd[7857]: symlink '../../loop2' '/dev/disk/by-uuid/45b0d9a3-5e0b-4fd0-ae05-2ff6b274033b.tmp-b7:2' failed: Read-only file system
[  271.669267][ T5868] udevd[5868]: symlink '../../loop0' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system
[  271.672407][  T117] creative-sb0540 0003:041E:3100.0024: unknown main item tag 0x0
[  271.720160][ T5868] udevd[5868]: symlink '../../loop4' '/dev/disk/by-diskseq/427.tmp-b7:4' failed: Read-only file system
[  271.795522][  T117] creative-sb0540 0003:041E:3100.0024: unknown main item tag 0x0
[  271.795570][  T117] creative-sb0540 0003:041E:3100.0024: unknown main item tag 0x0
[  271.795607][  T117] creative-sb0540 0003:041E:3100.0024: unknown main item tag 0x0
[  271.811325][ T8498] udevd[8498]: symlink '../../loop5' '/dev/disk/by-diskseq/425.tmp-b7:5' failed: Read-only file system
[  271.816450][ T5868] udevd[5868]: symlink '../../loop4' '/dev/disk/by-diskseq/427.tmp-b7:4' failed: Read-only file system
[  271.818395][  T117] creative-sb0540 0003:041E:3100.0024: hidraw0: USB HID v1.01 Device [HID 041e:3100] on usb-dummy_hcd.3-1/input0
[  271.830655][  T117] usb 4-1: USB disconnect, device number 10
[  271.880713][  T190] hsr_slave_0: left promiscuous mode
[  271.906832][  T190] hsr_slave_1: left promiscuous mode
[  271.907879][  T190] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  271.907954][  T190] batman_adv: batadv0: Removing interface: batadv_slave_0
[  271.945759][  T190] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  271.945806][  T190] batman_adv: batadv0: Removing interface: batadv_slave_1
[  272.085882][ T8762] loop5: detected capacity change from 0 to 1024
[  272.169377][  T190] veth1_macvtap: left promiscuous mode
[  272.346809][ T8760] fido_id[8760]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[  272.488252][ T8766] loop4: detected capacity change from 0 to 2048
[  272.506652][ T3016] hfsplus: b-tree write err: -5, ino 4
[  272.515868][  T190] veth0_macvtap: left promiscuous mode
[  272.575657][ T8766] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  272.603340][  T190] veth1_vlan: left promiscuous mode
[  272.611160][  T190] veth0_vlan: left promiscuous mode
[  272.772119][ T8766] UDF-fs: error (device loop4): udf_verify_fi: directory (ino 1376) has entry where CRC length (28) does not match entry length (24)
[  272.915341][ T8775] loop3: detected capacity change from 0 to 64
[  273.294103][ T5871] Bluetooth: hci0: command tx timeout
[  273.476414][ T8786] CIFS: Unable to determine destination address
[  274.237460][ T8764] loop1: detected capacity change from 0 to 32768
[  274.345659][ T8764] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  274.396362][ T8799] autofs: Bad value for 'fd'
[  274.582417][ T8795] loop5: detected capacity change from 0 to 32768
[  274.617636][ T8795] gfs2: fsid=norecovery: Trying to join cluster "lock_nolock", "norecovery"
[  274.626481][ T8795] gfs2: fsid=norecovery: Now mounting FS (format 0)...
[  274.670026][ T8795] syz.5.1125: attempt to access beyond end of device
[  274.670026][ T8795] loop5: rw=12288, sector=18446744073709551608, nr_sectors = 8 limit=32768
[  274.685435][ T8795] gfs2: fsid=norecovery.s: fatal: filesystem consistency error - inode = 1 19, function = gfs2_jdesc_check, file = fs/gfs2/super.c, line = 119
[  274.700191][ T8795] gfs2: fsid=norecovery.s: G:  s:SH n:2/13 f:aqob t:SH d:EX/0 a:0 v:0 r:2 m:20 p:2
[  274.709643][ T8795] gfs2: fsid=norecovery.s:  H: s:SH f:eEcH e:0 p:8795 [syz.5.1125] init_inodes+0x113b/0x2eb0
[  274.722939][ T8795] gfs2: fsid=norecovery.s:  I: n:1/19 t:8 f:0x00 d:0x00000200 s:8388608 p:0
[  274.731710][ T8795] gfs2: fsid=norecovery.s: about to withdraw this file system
[  274.737936][ T5850] ocfs2: Unmounting device (7,1) on (node local)
[  274.740969][ T8795] gfs2: fsid=norecovery.s: Journal recovery skipped for jid 0 until next mount.
[  274.754699][ T8795] gfs2: fsid=norecovery.s: Glock dequeues delayed: 0
[  274.761718][ T8795] gfs2: fsid=norecovery.s: File system withdrawn
[  274.768154][ T8795] CPU: 0 UID: 0 PID: 8795 Comm: syz.5.1125 Not tainted 6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(full) 
[  274.768205][ T8795] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  274.768228][ T8795] Call Trace:
[  274.768241][ T8795]  <TASK>
[  274.768254][ T8795]  dump_stack_lvl+0x16c/0x1f0
[  274.768312][ T8795]  gfs2_withdraw+0xa8b/0x1130
[  274.768369][ T8795]  ? __pfx_gfs2_withdraw+0x10/0x10
[  274.768425][ T8795]  ? srso_alias_return_thunk+0x5/0xfbef5
[  274.768483][ T8795]  ? srso_alias_return_thunk+0x5/0xfbef5
[  274.768537][ T8795]  gfs2_jdesc_check+0x2b0/0x2f0
[  274.768596][ T8795]  check_journal_clean+0x13c/0x350
[  274.768641][ T8795]  ? __pfx_check_journal_clean+0x10/0x10
[  274.768691][ T8795]  ? srso_alias_return_thunk+0x5/0xfbef5
[  274.768736][ T8795]  ? do_raw_spin_lock+0x12c/0x2b0
[  274.768782][ T8795]  ? srso_alias_return_thunk+0x5/0xfbef5
[  274.768828][ T8795]  ? find_held_lock+0x2b/0x80
[  274.768885][ T8795]  ? init_inodes+0x113b/0x2eb0
[  274.768929][ T8795]  ? srso_alias_return_thunk+0x5/0xfbef5
[  274.768976][ T8795]  ? do_raw_spin_unlock+0x172/0x230
[  274.769024][ T8795]  ? srso_alias_return_thunk+0x5/0xfbef5
[  274.769070][ T8795]  ? _raw_spin_unlock+0x28/0x50
[  274.769115][ T8795]  ? gfs2_jdesc_find+0xbf/0x100
[  274.769168][ T8795]  init_inodes+0x113b/0x2eb0
[  274.769234][ T8795]  ? __pfx_init_inodes+0x10/0x10
[  274.769288][ T8795]  ? gfs2_fill_super+0x1be2/0x2d30
[  274.769332][ T8795]  ? init_sb+0xa50/0x10d0
[  274.769391][ T8795]  ? __pfx_snprintf+0x10/0x10
[  274.769464][ T8795]  ? gfs2_fill_super+0x1be2/0x2d30
[  274.769508][ T8795]  ? srso_alias_return_thunk+0x5/0xfbef5
[  274.769553][ T8795]  gfs2_fill_super+0x1be2/0x2d30
[  274.769598][ T8795]  ? srso_alias_return_thunk+0x5/0xfbef5
[  274.769664][ T8795]  ? __pfx_gfs2_fill_super+0x10/0x10
[  274.769716][ T8795]  ? gfs2_fill_super+0x1875/0x2d30
[  274.769762][ T8795]  ? srso_alias_return_thunk+0x5/0xfbef5
[  274.769808][ T8795]  ? set_blocksize+0x406/0x500
[  274.769874][ T8795]  ? srso_alias_return_thunk+0x5/0xfbef5
[  274.769920][ T8795]  ? sb_set_blocksize+0x176/0x1d0
[  274.769981][ T8795]  ? srso_alias_return_thunk+0x5/0xfbef5
[  274.770036][ T8795]  get_tree_bdev_flags+0x38c/0x620
[  274.770092][ T8795]  ? __pfx_gfs2_fill_super+0x10/0x10
[  274.770140][ T8795]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  274.770195][ T8795]  ? rcu_is_watching+0x12/0xc0
[  274.770248][ T8795]  ? srso_alias_return_thunk+0x5/0xfbef5
[  274.770303][ T8795]  ? srso_alias_return_thunk+0x5/0xfbef5
[  274.770349][ T8795]  ? apparmor_capable+0x114/0x1d0
[  274.770412][ T8795]  gfs2_get_tree+0x4e/0x280
[  274.770458][ T8795]  vfs_get_tree+0x8e/0x340
[  274.770505][ T8795]  path_mount+0x1482/0x1fd0
[  274.770554][ T8795]  ? __pfx_path_mount+0x10/0x10
[  274.770595][ T8795]  ? srso_alias_return_thunk+0x5/0xfbef5
[  274.770642][ T8795]  ? kmem_cache_free+0x2d1/0x4d0
[  274.770697][ T8795]  ? putname+0x154/0x1a0
[  274.770742][ T8795]  ? srso_alias_return_thunk+0x5/0xfbef5
[  274.770789][ T8795]  ? putname+0x154/0x1a0
[  274.770833][ T8795]  ? __x64_sys_mount+0x28d/0x310
[  274.770869][ T8795]  __x64_sys_mount+0x28d/0x310
[  274.770909][ T8795]  ? __pfx___x64_sys_mount+0x10/0x10
[  274.770946][ T8795]  ? srso_alias_return_thunk+0x5/0xfbef5
[  274.771010][ T8795]  do_syscall_64+0xcd/0x4c0
[  274.771068][ T8795]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  274.771108][ T8795] RIP: 0033:0x7fe75cd9014a
[  274.771137][ T8795] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  274.771176][ T8795] RSP: 002b:00007fe75dc6be68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  274.771213][ T8795] RAX: ffffffffffffffda RBX: 00007fe75dc6bef0 RCX: 00007fe75cd9014a
[  274.771240][ T8795] RDX: 0000200000000400 RSI: 0000200000012500 RDI: 00007fe75dc6beb0
[  274.771266][ T8795] RBP: 0000200000000400 R08: 00007fe75dc6bef0 R09: 0000000000200001
[  274.771292][ T8795] R10: 0000000000200001 R11: 0000000000000246 R12: 0000200000012500
[  274.771317][ T8795] R13: 00007fe75dc6beb0 R14: 00000000000125bb R15: 0000200000000180
[  274.771368][ T8795]  </TASK>
[  274.771388][ T8795] gfs2: fsid=norecovery.s: Error checking journal for spectator mount.
[  275.000896][ T8803] loop3: detected capacity change from 0 to 256
[  275.118270][    C1] vkms_vblank_simulate: vblank timer overrun
[  276.219073][ T8822] loop5: detected capacity change from 0 to 512
[  276.245860][ T8822] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  276.305903][ T8822] EXT4-fs (loop5): 1 truncate cleaned up
[  276.340471][ T8822] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  276.367770][  T190] team0 (unregistering): Port device team_slave_1 removed
[  276.483090][ T8498] udevd[8498]: symlink '../../loop5' '/dev/disk/by-diskseq/444.tmp-b7:5' failed: Read-only file system
[  276.516060][ T8822] EXT4-fs error (device loop5): ext4_generic_delete_entry:2667: inode #2: block 13: comm syz.5.1135: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  276.525305][ T8498] udevd[8498]: symlink '../../loop5' '/dev/disk/by-label/syzkaller.tmp-b7:5' failed: Read-only file system
[  276.554047][  T190] team0 (unregistering): Port device team_slave_0 removed
[  276.598626][ T5868] udevd[5868]: symlink '../../loop4' '/dev/disk/by-diskseq/436.tmp-b7:4' failed: Read-only file system
[  276.602623][ T8822] EXT4-fs error (device loop5) in ext4_delete_entry:2739: Corrupt filesystem
[  276.687199][ T5853] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  276.739874][ T8498] udevd[8498]: symlink '../../loop0' '/dev/disk/by-label/syzkaller.tmp-b7:5' failed: Read-only file system
[  276.766915][ T8498] udevd[8498]: symlink '../../loop5' '/dev/disk/by-diskseq/444.tmp-b7:5' failed: Read-only file system
[  276.821369][ T8498] udevd[8498]: symlink '../../loop5' '/dev/disk/by-diskseq/444.tmp-b7:5' failed: Read-only file system
[  276.875702][ T8498] udevd[8498]: symlink '../../loop5' '/dev/disk/by-diskseq/445.tmp-b7:5' failed: Read-only file system
[  276.926814][ T8498] udevd[8498]: symlink '../../loop5' '/dev/disk/by-diskseq/445.tmp-b7:5' failed: Read-only file system
[  277.055199][ T8498] udevd[8498]: symlink '../../loop5' '/dev/disk/by-diskseq/445.tmp-b7:5' failed: Read-only file system
[  277.291885][ T8784] tipc: Started in network mode
[  277.297331][ T8784] tipc: Node identity aaaaaaaaaa3, cluster identity 4711
[  277.308551][ T8784] tipc: Enabled bearer <eth:ipvlan0>, priority 10
[  277.326456][ T8836] netlink: 13 bytes leftover after parsing attributes in process `syz.5.1141'.
[  277.516517][ T8498] udevd[8498]: symlink '../../loop1' '/dev/disk/by-diskseq/441.tmp-b7:1' failed: Read-only file system
[  277.586765][ T8633] chnl_net:caif_netlink_parms(): no params data found
[  277.796831][ T8844] loop3: detected capacity change from 0 to 512
[  277.860022][ T8844] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  278.213589][ T8859] loop1: detected capacity change from 0 to 256
[  278.314844][   T43] tipc: Node number set to 10136234
[  278.329919][ T8862] loop4: detected capacity change from 0 to 512
[  278.340158][ T8859] exFAT-fs (loop1): failed to load upcase table (idx : 0x00011f41, chksum : 0xf6438d2e, utbl_chksum : 0xe619d30d)
[  278.375933][ T5848] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  278.437238][ T8855] loop2: detected capacity change from 0 to 4096
[  278.515390][ T8862] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  278.552399][ T8862] ext4 filesystem being mounted at /199/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  278.591743][ T8633] bridge0: port 1(bridge_slave_0) entered blocking state
[  278.647869][ T8855] NILFS (loop2): invalid segment: Checksum error in segment payload
[  278.657136][ T8633] bridge0: port 1(bridge_slave_0) entered disabled state
[  278.694275][ T8633] bridge_slave_0: entered allmulticast mode
[  278.711275][ T8855] NILFS (loop2): trying rollback from an earlier position
[  278.741495][ T8633] bridge_slave_0: entered promiscuous mode
[  278.780236][ T8633] bridge0: port 2(bridge_slave_1) entered blocking state
[  278.843099][ T8633] bridge0: port 2(bridge_slave_1) entered disabled state
[  278.880482][ T8855] NILFS (loop2): recovery complete
[  278.896609][ T8633] bridge_slave_1: entered allmulticast mode
[  278.954387][ T8633] bridge_slave_1: entered promiscuous mode
[  278.964265][ T8876] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  279.304680][ T5851] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  279.508299][ T8633] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  279.608785][ T8633] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  279.903849][ T8892] syz.1.1158 (8892): drop_caches: 4
[  279.947908][ T8888] loop2: detected capacity change from 0 to 4096
[  279.981247][ T8897] loop3: detected capacity change from 0 to 256
[  280.023353][ T8888] NILFS (loop2): invalid segment: Checksum error in segment payload
[  280.044301][ T8897] exfat: Deprecated parameter 'utf8'
[  280.049748][ T8897] exfat: Deprecated parameter 'utf8'
[  280.067306][ T8899] loop4: detected capacity change from 0 to 1024
[  280.093184][ T8888] NILFS (loop2): trying rollback from an earlier position
[  280.128958][ T8897] exfat: Deprecated parameter 'utf8'
[  280.169071][ T8899] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  280.201293][ T8888] NILFS (loop2): recovery complete
[  280.222957][ T8897] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xabf88b1f, utbl_chksum : 0xe619d30d)
[  280.288209][ T8905] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  280.317682][ T8633] team0: Port device team_slave_0 added
[  280.461375][ T8633] team0: Port device team_slave_1 added
[  280.778975][ T5851] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  280.960006][ T8913] loop3: detected capacity change from 0 to 512
[  281.035462][ T8633] batman_adv: batadv0: Adding interface: batadv_slave_0
[  281.047129][ T8913] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  281.090344][ T8633] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  281.147040][ T8913] EXT4-fs (loop3): 1 truncate cleaned up
[  281.155221][ T8913] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  281.172397][ T8633] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  281.222561][ T8913] EXT4-fs error (device loop3): ext4_generic_delete_entry:2667: inode #2: block 13: comm syz.3.1166: bad entry in directory: rec_len is smaller than minimal - offset=24, inode=11, rec_len=8, size=1024 fake=0
[  281.246815][ T8913] EXT4-fs error (device loop3) in ext4_delete_entry:2739: Corrupt filesystem
[  281.281531][ T8633] batman_adv: batadv0: Adding interface: batadv_slave_1
[  281.306872][ T8633] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  281.420392][ T8633] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  281.546868][ T5848] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  281.595216][ T8498] udevd[8498]: symlink '../../loop3' '/dev/disk/by-diskseq/459.tmp-b7:3' failed: Read-only file system
[  281.668678][ T8498] udevd[8498]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[  281.718470][ T5868] udevd[5868]: symlink '../../loop4' '/dev/disk/by-diskseq/460.tmp-b7:4' failed: Read-only file system
[  281.868338][ T7857] udevd[7857]: symlink '../../loop2' '/dev/disk/by-diskseq/457.tmp-b7:2' failed: Read-only file system
[  281.883989][   T43] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  281.891720][ T8498] udevd[8498]: symlink '../../loop5' '/dev/disk/by-diskseq/445.tmp-b7:5' failed: Read-only file system
[  281.916606][ T5868] udevd[5868]: symlink '../../loop0' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[  281.967556][ T8633] hsr_slave_0: entered promiscuous mode
[  281.985522][ T5868] udevd[5868]: symlink '../../loop3' '/dev/disk/by-diskseq/459.tmp-b7:3' failed: Read-only file system
[  282.005758][ T8633] hsr_slave_1: entered promiscuous mode
[  282.023358][ T8633] debugfs: 'hsr0' already exists in 'hsr'
[  282.029158][ T8633] Cannot create hsr debugfs directory
[  282.040433][   T43] usb 2-1: Using ep0 maxpacket: 32
[  282.066737][ T8498] udevd[8498]: symlink '../../loop3' '/dev/disk/by-diskseq/459.tmp-b7:3' failed: Read-only file system
[  282.092417][   T43] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  282.132502][   T43] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  282.189726][   T43] usb 2-1: New USB device found, idVendor=1e7d, idProduct=2ced, bcdDevice= 0.00
[  282.236057][ T8498] udevd[8498]: symlink '../../loop4' '/dev/disk/by-diskseq/460.tmp-b7:4' failed: Read-only file system
[  282.257725][   T43] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  282.329551][   T43] usb 2-1: config 0 descriptor??
[  282.338419][ T7857] udevd[7857]: symlink '../../loop3' '/dev/disk/by-diskseq/461.tmp-b7:3' failed: Read-only file system
[  282.500978][ T8940] loop5: detected capacity change from 0 to 2048
[  282.721630][ T8940] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  283.060970][   T43] kone 0003:1E7D:2CED.0025: item fetching failed at offset 1/5
[  283.105014][ T5853] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  283.118868][   T43] kone 0003:1E7D:2CED.0025: parse failed
[  283.123674][ T8955] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1182'.
[  283.141400][   T43] kone 0003:1E7D:2CED.0025: probe with driver kone failed with error -22
[  283.499205][  T117] usb 2-1: USB disconnect, device number 16
[  283.667714][ T8966] loop2: detected capacity change from 0 to 47
[  284.062969][ T8633] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  284.146356][ T8633] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  284.247912][ T8633] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  284.316880][ T8980] loop2: detected capacity change from 0 to 256
[  284.369783][ T8633] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  284.382899][ T8980] exfat: Deprecated parameter 'utf8'
[  284.388286][ T8980] exfat: Deprecated parameter 'utf8'
[  284.505063][ T8980] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xd67973f8, utbl_chksum : 0xe619d30d)
[  285.073967][ T8633] 8021q: adding VLAN 0 to HW filter on device bond0
[  285.223280][ T8633] 8021q: adding VLAN 0 to HW filter on device team0
[  285.294075][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  285.301378][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  285.459456][ T9002] virtio-fs: tag </dev/md0> not found
[  285.502580][   T49] bridge0: port 2(bridge_slave_1) entered blocking state
[  285.509781][   T49] bridge0: port 2(bridge_slave_1) entered forwarding state
[  285.543101][ T9005] Bluetooth: MGMT ver 1.23
[  285.579168][ T9011] ucma_write: process 427 (syz.2.1202) changed security contexts after opening file descriptor, this is not allowed.
[  285.722866][ T9010] team_slave_0: entered promiscuous mode
[  285.729107][ T9010] team_slave_1: entered promiscuous mode
[  285.801908][ T9010] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  285.873633][ T9010] team0: Device macvtap1 is already an upper device of the team interface
[  286.109963][ T9010] team_slave_0: left promiscuous mode
[  286.115659][ T9010] team_slave_1: left promiscuous mode
[  286.421181][ T9032] loop3: detected capacity change from 0 to 128
[  286.454098][ T9032] EXT4-fs: Ignoring removed nobh option
[  286.467709][ T9023] sp0: Synchronizing with TNC
[  286.537535][ T9026] sp0: Found TNC
[  286.554877][ T9030] loop5: detected capacity change from 0 to 4096
[  286.576317][ T8633] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  286.587116][ T9032] EXT4-fs (loop3): Test dummy encryption mode enabled
[  286.705405][ T5941] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  286.717045][ T9032] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  286.733385][ T8498] udevd[8498]: symlink '../../loop3' '/dev/disk/by-diskseq/468.tmp-b7:3' failed: Read-only file system
[  286.807565][ T9032] ext4 filesystem being mounted at /225/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  286.835778][ T8498] udevd[8498]: symlink '../../loop3' '/dev/disk/by-uuid/76b65be2-f6da-4727-8c75-0525a5b65a09.tmp-b7:3' failed: Read-only file system
[  286.937754][ T7857] udevd[7857]: symlink '../../loop1' '/dev/disk/by-diskseq/451.tmp-b7:1' failed: Read-only file system
[  286.953224][ T5941] usb 5-1: Using ep0 maxpacket: 16
[  286.997768][ T5941] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  287.059788][ T5941] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  287.067185][ T5868] udevd[5868]: symlink '../../loop5' '/dev/disk/by-diskseq/469.tmp-b7:5' failed: Read-only file system
[  287.084058][ T8498] udevd[8498]: symlink '../../loop3' '/dev/disk/by-diskseq/468.tmp-b7:3' failed: Read-only file system
[  287.124473][ T9030] ntfs3(loop5): failed to convert "0000" to iso8859-3
[  287.138460][ T9030] ntfs3(loop5): failed to convert name for inode 1e.
[  287.146794][ T5941] usb 5-1: New USB device found, idVendor=06a3, idProduct=0ccb, bcdDevice= 0.00
[  287.169469][ T9030] ntfs3(loop5): ino=1f, mi_enum_attr
[  287.169874][ T8498] udevd[8498]: symlink '../../loop3' '/dev/disk/by-uuid/76b65be2-f6da-4727-8c75-0525a5b65a09.tmp-b7:3' failed: Read-only file system
[  287.201162][ T5941] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  287.209826][ T5868] udevd[5868]: symlink '../../loop5' '/dev/disk/by-label/syzkaller.tmp-b7:5' failed: Read-only file system
[  287.211333][ T5868] udevd[5868]: symlink '../../loop5' '/dev/disk/by-uuid/0B506D495F2D248F.tmp-b7:5' failed: Read-only file system
[  287.241544][ T7857] udevd[7857]: symlink '../../loop2' '/dev/disk/by-diskseq/467.tmp-b7:2' failed: Read-only file system
[  287.312562][ T5941] usb 5-1: config 0 descriptor??
[  287.395525][ T5848] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  287.549260][ T5868] udevd[5868]: symlink '../../loop3' '/dev/disk/by-diskseq/468.tmp-b7:3' failed: Read-only file system
[  287.612498][ T5871] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  287.622803][ T5871] Bluetooth: hci0: command 0x0c1a tx timeout
[  287.730244][ T5941] saitek 0003:06A3:0CCB.0026: item fetching failed at offset 0/2
[  287.752124][ T5941] saitek 0003:06A3:0CCB.0026: parse failed
[  287.758810][ T5941] saitek 0003:06A3:0CCB.0026: probe with driver saitek failed with error -22
[  287.816323][ T9055] loop3: detected capacity change from 0 to 512
[  287.962351][ T9055] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  287.978627][   T43] usb 5-1: USB disconnect, device number 12
[  288.085752][ T9055] EXT4-fs (loop3): 1 truncate cleaned up
[  288.104366][ T8633] 8021q: adding VLAN 0 to HW filter on device batadv0
[  288.184572][ T9055] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  288.362829][ T9055] EXT4-fs warning (device loop3): ext4_block_to_path:105: block 1969368878 > max in inode 18
[  288.698508][ T5848] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  288.883050][ T5920] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  289.103480][ T5920] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  289.134579][ T9088] loop2: detected capacity change from 0 to 8
[  289.146938][ T5920] usb 2-1: New USB device found, idVendor=046d, idProduct=c71f, bcdDevice= 0.00
[  289.196301][ T5920] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  289.257779][ T5920] usb 2-1: config 0 descriptor??
[  289.284366][ T9088] SQUASHFS error: Unable to read directory block [2c0:35]
[  289.363938][ T9094] tipc: Started in network mode
[  289.399011][ T9094] tipc: Node identity aaaaaaaaaa3, cluster identity 4711
[  289.453399][ T9094] tipc: Enabled bearer <eth:ipvlan0>, priority 10
[  289.706811][ T5920] hid (null): invalid report_size -1431966552
[  289.764257][ T8633] veth0_vlan: entered promiscuous mode
[  289.780650][ T5920] logitech-djreceiver 0003:046D:C71F.0027: invalid report_size -1431966552
[  289.827838][ T5920] logitech-djreceiver 0003:046D:C71F.0027: item 0 4 1 7 parsing failed
[  289.846879][ T8633] veth1_vlan: entered promiscuous mode
[  289.892637][ T5920] logitech-djreceiver 0003:046D:C71F.0027: logi_dj_probe: parse failed
[  289.959038][ T5920] logitech-djreceiver 0003:046D:C71F.0027: probe with driver logitech-djreceiver failed with error -22
[  290.043686][ T5920] usb 2-1: USB disconnect, device number 17
[  290.062062][ T8633] veth0_macvtap: entered promiscuous mode
[  290.109329][ T8633] veth1_macvtap: entered promiscuous mode
[  290.236905][ T8633] batman_adv: batadv0: Interface activated: batadv_slave_0
[  290.312834][ T8633] batman_adv: batadv0: Interface activated: batadv_slave_1
[  290.369342][ T8633] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  290.419743][ T8633] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  290.452746][ T8633] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  290.461552][ T8633] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  290.572384][  T117] tipc: Node number set to 10136234
[  291.056964][ T3013] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  291.106906][ T3013] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  291.274215][ T9134] tipc: Started in network mode
[  291.285794][ T9134] tipc: Node identity aaaaaaaaaa3, cluster identity 4711
[  291.306544][ T9134] tipc: Enabled bearer <eth:ipvlan0>, priority 10
[  291.362959][ T3006] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  291.413188][ T3006] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  291.771094][ T8498] udevd[8498]: symlink '../../loop2' '/dev/disk/by-diskseq/475.tmp-b7:2' failed: Read-only file system
[  292.012286][    T9] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  292.030708][ T8498] udevd[8498]: symlink '../../loop1' '/dev/disk/by-diskseq/451.tmp-b7:1' failed: Read-only file system
[  292.089366][ T5868] udevd[5868]: symlink '../../loop5' '/dev/disk/by-diskseq/472.tmp-b7:5' failed: Read-only file system
[  292.213197][    T9] usb 3-1: Using ep0 maxpacket: 16
[  292.230838][    T9] usb 3-1: config 0 has an invalid interface number: 8 but max is 0
[  292.252403][    T9] usb 3-1: config 0 has no interface number 0
[  292.273046][    T9] usb 3-1: config 0 interface 8 altsetting 3 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  292.338741][    T9] usb 3-1: config 0 interface 8 altsetting 3 endpoint 0x81 has invalid wMaxPacketSize 0
[  292.382219][    T9] usb 3-1: config 0 interface 8 has no altsetting 0
[  292.383765][ T8498] udevd[8498]: symlink '../../loop5' '/dev/disk/by-diskseq/472.tmp-b7:5' failed: Read-only file system
[  292.426115][    T9] usb 3-1: New USB device found, idVendor=5543, idProduct=0522, bcdDevice= 0.00
[  292.442595][ T5941] tipc: Node number set to 10136234
[  292.472015][ T5868] udevd[5868]: symlink '../../loop1' '/dev/disk/by-diskseq/451.tmp-b7:1' failed: Read-only file system
[  292.486272][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  292.533849][    T9] usb 3-1: config 0 descriptor??
[  292.823936][ T8498] udevd[8498]: symlink '../../loop1' '/dev/disk/by-diskseq/451.tmp-b7:1' failed: Read-only file system
[  292.913128][ T5868] udevd[5868]: symlink '../../loop5' '/dev/disk/by-diskseq/472.tmp-b7:5' failed: Read-only file system
[  292.968735][    T9] uclogic 0003:5543:0522.0028: unknown main item tag 0x0
[  292.986124][    T9] uclogic 0003:5543:0522.0028: unknown main item tag 0x0
[  293.027208][    T9] uclogic 0003:5543:0522.0028: unknown main item tag 0x0
[  293.067265][    T9] uclogic 0003:5543:0522.0028: unknown main item tag 0x0
[  293.089351][ T9138] loop3: detected capacity change from 0 to 32768
[  293.095858][    T9] uclogic 0003:5543:0522.0028: unknown main item tag 0x0
[  293.103274][    T9] uclogic 0003:5543:0522.0028: hidraw0: USB HID v0.00 Device [HID 5543:0522] on usb-dummy_hcd.2-1/input8
[  293.135223][  T117] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  293.183211][    T9] usb 3-1: USB disconnect, device number 12
[  293.312291][  T117] usb 5-1: Using ep0 maxpacket: 32
[  293.330116][  T117] usb 5-1: config 0 has an invalid interface number: 12 but max is 0
[  293.380027][  T117] usb 5-1: config 0 has no interface number 0
[  293.421144][  T117] usb 5-1: config 0 interface 12 has no altsetting 0
[  293.483340][ T9189] netlink: 332 bytes leftover after parsing attributes in process `syz.5.1262'.
[  293.502937][  T117] usb 5-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  293.505583][ T9186] fido_id[9186]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory
[  293.547949][  T117] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  293.560933][ T7857] udevd[7857]: symlink '../../loop5' '/dev/disk/by-diskseq/472.tmp-b7:5' failed: Read-only file system
[  293.581437][ T6037] udevd[6037]: symlink '../../loop1' '/dev/disk/by-diskseq/451.tmp-b7:1' failed: Read-only file system
[  293.612625][  T117] usb 5-1: Product: syz
[  293.633350][  T117] usb 5-1: Manufacturer: syz
[  293.638034][  T117] usb 5-1: SerialNumber: syz
[  293.682123][ T5868] udevd[5868]: symlink '../../loop3' '/dev/disk/by-diskseq/476.tmp-b7:3' failed: Read-only file system
[  293.697676][  T117] usb 5-1: config 0 descriptor??
[  293.730388][  T117] f81534 5-1:0.12: required endpoints missing
[  293.984271][ T9198] loop1: detected capacity change from 0 to 1024
[  294.053144][ T9200] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1267'.
[  294.088156][ T9176] netlink: 4768 bytes leftover after parsing attributes in process `syz.4.1259'.
[  294.149271][ T5941] usb 5-1: USB disconnect, device number 13
[  294.265834][ T9205] loop3: detected capacity change from 0 to 512
[  294.414469][ T9205] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  294.529017][ T9205] ext4 filesystem being mounted at /234/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  294.583344][ T9207] loop2: detected capacity change from 0 to 4096
[  294.703162][ T9217] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  294.843416][ T9207] NILFS error (device loop2): nilfs_bmap_lookup_contig: broken bmap (inode number=12)
[  294.943777][ T9207] Remounting filesystem read-only
[  295.205852][ T5852] NILFS (loop2): disposed unprocessed dirty file(s) when detaching log writer
[  295.737605][ T5848] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  296.318596][ T9253] loop5: detected capacity change from 0 to 512
[  296.534371][ T9253] EXT4-fs (loop5): 1 orphan inode deleted
[  296.552718][ T3006] Quota error (device loop5): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  296.557244][ T9253] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  296.587309][ T9266] loop2: detected capacity change from 0 to 256
[  296.618369][ T3006] EXT4-fs error (device loop5): ext4_release_dquot:6967: comm kworker/u8:7: Failed to release dquot type 1
[  296.673253][ T9253] ext4 filesystem being mounted at /238/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  296.693531][ T9266] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  296.829988][ T9266] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=512, location=512
[  296.862414][ T9266] UDF-fs: warning (device loop2): udf_load_vrs: No anchor found
[  296.870097][ T9266] UDF-fs: Scanning with blocksize 512 failed
[  296.905534][ T5868] udevd[5868]: symlink '../../loop2' '/dev/disk/by-diskseq/482.tmp-b7:2' failed: Read-only file system
[  296.918856][ T6037] udevd[6037]: symlink '../../loop1' '/dev/disk/by-diskseq/480.tmp-b7:1' failed: Read-only file system
[  296.930287][ T6557] udevd[6557]: symlink '../../loop3' '/dev/disk/by-diskseq/483.tmp-b7:3' failed: Read-only file system
[  296.980909][ T8498] udevd[8498]: symlink '../../loop5' '/dev/disk/by-diskseq/484.tmp-b7:5' failed: Read-only file system
[  297.059642][ T9266] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  297.065388][ T8498] udevd[8498]: symlink '../../loop5' '/dev/disk/by-label/syzkaller.tmp-b7:5' failed: Read-only file system
[  297.090506][ T9266] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  297.126726][ T5853] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  297.287998][ T9284] loop3: detected capacity change from 0 to 512
[  297.299074][ T5868] udevd[5868]: symlink '../../loop2' '/dev/disk/by-diskseq/485.tmp-b7:2' failed: Read-only file system
[  297.316078][ T8498] udevd[8498]: symlink '../../loop0' '/dev/disk/by-label/syzkaller.tmp-b7:5' failed: Read-only file system
[  297.397688][ T8498] udevd[8498]: symlink '../../loop5' '/dev/disk/by-diskseq/484.tmp-b7:5' failed: Read-only file system
[  297.499505][ T7857] udevd[7857]: symlink '../../loop3' '/dev/disk/by-diskseq/487.tmp-b7:3' failed: Read-only file system
[  297.539476][ T9288] loop5: detected capacity change from 0 to 256
[  297.579017][ T5868] udevd[5868]: symlink '../../loop2' '/dev/disk/by-diskseq/485.tmp-b7:2' failed: Read-only file system
[  297.695747][ T9288] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x0ede1155, utbl_chksum : 0xe619d30d)
[  297.964686][ T9284] EXT4-fs (loop3): Test dummy encryption mode enabled
[  298.023728][ T9284] EXT4-fs error (device loop3): __ext4_iget:5374: inode #11: block 1: comm syz.3.1297: invalid block
[  298.140339][ T9301] loop1: detected capacity change from 0 to 256
[  298.157530][ T9284] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.1297: couldn't read orphan inode 11 (err -117)
[  298.299462][ T9284] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  298.532950][ T9284] EXT4-fs error (device loop3): htree_dirblock_to_tree:1051: inode #2: comm syz.3.1297: Directory hole found for htree leaf block 0
[  298.714079][ T9312] loop2: detected capacity change from 0 to 1024
[  298.772549][ T9312] ext4: Unknown parameter 'euid'
[  298.845472][ T5848] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  299.172717][ T5941] usb 6-1: new full-speed USB device number 15 using dummy_hcd
[  299.367611][ T5941] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  299.412852][ T5941] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 2
[  299.464570][ T5941] usb 6-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  299.470156][ T9327] loop6: detected capacity change from 0 to 16
[  299.509226][ T9292] loop4: detected capacity change from 0 to 32768
[  299.516776][ T5941] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  299.526686][ T9327] MTD: Attempt to mount non-MTD device "/dev/loop6"
[  299.563382][ T5941] usb 6-1: config 0 descriptor??
[  299.599932][ T5941] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  299.632523][ T9292] XFS (loop4): Mounting V5 Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  299.658827][ T5941] dvb-usb: bulk message failed: -22 (3/0)
[  299.686516][ T5941] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  299.703393][ T5941] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  299.710618][ T5941] usb 6-1: media controller created
[  299.790838][ T5941] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  299.925908][ T9292] XFS (loop4): Ending clean mount
[  299.952732][ T5941] dvb-usb: bulk message failed: -22 (6/0)
[  299.958618][ T5941] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  300.000031][ T9292] XFS (loop4): Quotacheck needed: Please wait.
[  300.063497][ T5941] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.5/usb6/6-1/input/input20
[  300.152467][ T9292] XFS (loop4): Quotacheck: Done.
[  300.183835][ T9345] loop1: detected capacity change from 0 to 2048
[  300.201918][ T5941] dvb-usb: schedule remote query interval to 150 msecs.
[  300.252397][ T5941] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  300.285020][ T9345] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[  300.337853][ T5941] usb 6-1: USB disconnect, device number 15
[  300.468428][ T9350] loop2: detected capacity change from 0 to 1024
[  300.503696][ T9353] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  300.503921][ T5851] XFS (loop4): Unmounting Filesystem ed37bf6e-74ea-4e01-afba-5fee274b0f3a
[  300.535493][ T5941] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  300.991949][ T9347] loop6: detected capacity change from 0 to 8192
[  301.061455][   T36] hfsplus: b-tree write err: -5, ino 4
[  301.091232][ T9347] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  301.184159][    T9] kernel write not supported for file /vcs (pid: 9 comm: kworker/0:0)
[  301.845452][ T9372] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[  301.891918][ T9372] overlayfs: missing 'lowerdir'
[  302.083844][ T5868] udevd[5868]: symlink '../../loop5' '/dev/disk/by-diskseq/491.tmp-b7:5' failed: Read-only file system
[  302.112692][ T8498] udevd[8498]: symlink '../../loop6' '/dev/disk/by-diskseq/502.tmp-b7:6' failed: Read-only file system
[  302.150476][ T7857] udevd[7857]: symlink '../../loop4' '/dev/disk/by-diskseq/501.tmp-b7:4' failed: Read-only file system
[  302.223623][ T9383] loop4: detected capacity change from 0 to 128
[  302.243914][ T8498] udevd[8498]: symlink '../../loop6' '/dev/disk/by-diskseq/502.tmp-b7:6' failed: Read-only file system
[  302.244927][ T5868] udevd[5868]: symlink '../../loop2' '/dev/disk/by-diskseq/504.tmp-b7:2' failed: Read-only file system
[  302.301691][ T9383] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  302.365619][ T8498] udevd[8498]: symlink '../../loop6' '/dev/disk/by-diskseq/502.tmp-b7:6' failed: Read-only file system
[  302.397499][ T7857] udevd[7857]: symlink '../../loop4' '/dev/disk/by-diskseq/506.tmp-b7:4' failed: Read-only file system
[  302.423976][ T9383] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  302.434813][ T9387] loop6: detected capacity change from 0 to 1024
[  302.494690][ T9387] EXT4-fs: Ignoring removed oldalloc option
[  302.500830][ T9387] EXT4-fs: Ignoring removed bh option
[  302.559246][ T9383] overlayfs: upper fs needs to support d_type.
[  302.560041][ T9387] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  302.613884][ T7857] udevd[7857]: symlink '../../loop5' '/dev/disk/by-diskseq/491.tmp-b7:5' failed: Read-only file system
[  302.623735][ T6037] udevd[6037]: symlink '../../loop3' '/dev/disk/by-diskseq/495.tmp-b7:3' failed: Read-only file system
[  302.643438][ T9383] overlayfs: upper fs does not support tmpfile.
[  302.651243][ T8498] udevd[8498]: symlink '../../loop4' '/dev/disk/by-diskseq/506.tmp-b7:4' failed: Read-only file system
[  302.808356][ T9395] Driver unsupported XDP return value 0 on prog  (id 105) dev N/A, expect packet loss!
[  302.956572][ T8633] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  303.343361][   T24] usb 4-1: new full-speed USB device number 11 using dummy_hcd
[  303.411618][ T9411] loop4: detected capacity change from 0 to 512
[  303.423367][ T9411] EXT4-fs: Ignoring removed nobh option
[  303.428978][ T9411] EXT4-fs: Ignoring removed mblk_io_submit option
[  303.551053][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  303.650650][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64
[  303.673446][ T9411] fscrypt (loop4, inode 2): Error -61 getting encryption context
[  303.765223][   T24] usb 4-1: New USB device found, idVendor=17ef, idProduct=6067, bcdDevice= 0.00
[  303.778770][ T9411] EXT4-fs (loop4): Cannot turn on journaled quota: type 1: error -61
[  303.856003][ T9411] EXT4-fs error (device loop4): ext4_orphan_get:1393: inode #13: comm syz.4.1341: casefold flag without casefold feature
[  303.868927][   T24] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  303.941359][   T24] usb 4-1: config 0 descriptor??
[  303.989818][ T9411] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.1341: couldn't read orphan inode 13 (err -117)
[  304.021043][ T9401] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  304.098401][ T9411] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  304.546125][   T24] lenovo 0003:17EF:6067.0029: unknown main item tag 0x1
[  304.619127][   T24] lenovo 0003:17EF:6067.0029: hidraw0: USB HID v0.00 Device [HID 17ef:6067] on usb-dummy_hcd.3-1/input0
[  304.696533][ T5851] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  304.745684][ T9409] loop1: detected capacity change from 0 to 131072
[  304.762413][ T5941] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  304.792663][ T9409] F2FS-fs (loop1): QUOTA feature is enabled, so ignore qf_name
[  304.811686][   T24] usb 4-1: USB disconnect, device number 11
[  304.824832][ T9409] F2FS-fs (loop1): invalid crc value
[  304.848320][ T9409] F2FS-fs (loop1): Wrong journal entry on segno 1541
[  304.858438][ T9409] F2FS-fs (loop1): Failed to initialize F2FS segment manager (-117)
[  304.970359][ T5941] usb 3-1: config 0 interface 0 altsetting 15 endpoint 0x81 has invalid wMaxPacketSize 0
[  304.985806][ T9425] fido_id[9425]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.3/usb4/report_descriptor': No such file or directory
[  305.012338][ T5941] usb 3-1: config 0 interface 0 has no altsetting 0
[  305.045196][ T5941] usb 3-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[  305.099718][ T5941] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  305.179707][ T5941] usb 3-1: config 0 descriptor??
[  305.705886][ T5941] acrux 0003:1A34:0802.002A: unknown main item tag 0x0
[  305.773270][ T5941] acrux 0003:1A34:0802.002A: hidraw0: USB HID v10.00 Device [HID 1a34:0802] on usb-dummy_hcd.2-1/input0
[  305.824343][ T5941] acrux 0003:1A34:0802.002A: no inputs found
[  305.830429][ T5941] acrux 0003:1A34:0802.002A: Failed to enable force feedback support, error: -19
[  305.997299][ T5941] usb 3-1: USB disconnect, device number 13
[  306.989489][ T9434] loop5: detected capacity change from 0 to 32768
[  307.112355][    T9] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  307.307347][ T6037] udevd[6037]: symlink '../../loop4' '/dev/disk/by-diskseq/512.tmp-b7:4' failed: Read-only file system
[  307.328411][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  307.453869][ T7857] udevd[7857]: symlink '../../loop5' '/dev/disk/by-diskseq/514.tmp-b7:5' failed: Read-only file system
[  307.561455][ T6037] udevd[6037]: symlink '../../loop6' '/dev/disk/by-diskseq/509.tmp-b7:6' failed: Read-only file system
[  307.602283][ T7857] udevd[7857]: symlink '../../loop5' '/dev/disk/by-uuid/45b0d9a3-5e0b-4fd0-ae05-2ff6b274033b.tmp-b7:5' failed: Read-only file system
[  307.727529][ T9478] loop4: detected capacity change from 0 to 40427
[  307.737660][ T9478] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504)
[  307.744749][ T9478] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  307.759623][ T9478] F2FS-fs (loop4): invalid crc value
[  307.766061][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  307.776103][    T9] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  307.792359][    T9] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  307.801507][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  307.821802][ T9478] F2FS-fs (loop4): Current segment's next free block offset is inconsistent with bitmap, logtype:5, segno:2, type:0, next_blkoff:0, blkofs:1
[  307.851972][ T9478] F2FS-fs (loop4): Failed to initialize F2FS segment manager (-117)
[  307.893359][    T9] usb 3-1: config 0 descriptor??
[  308.286807][ T6037] udevd[6037]: symlink '../../loop4' '/dev/disk/by-diskseq/515.tmp-b7:4' failed: Read-only file system
[  308.292126][ T6557] udevd[6557]: symlink '../../loop6' '/dev/disk/by-diskseq/509.tmp-b7:6' failed: Read-only file system
[  308.330130][    T9] plantronics 0003:047F:FFFF.002B: collection stack underflow
[  308.389605][    T9] plantronics 0003:047F:FFFF.002B: item 0 0 0 12 parsing failed
[  308.405085][ T6037] udevd[6037]: symlink '../../loop4' '/dev/disk/by-uuid/922c7623-35ee-4af3-bdd7-07040bb1b7db.tmp-b7:4' failed: Read-only file system
[  308.441092][    T9] plantronics 0003:047F:FFFF.002B: parse failed
[  308.480971][    T9] plantronics 0003:047F:FFFF.002B: probe with driver plantronics failed with error -22
[  308.554510][    T9] usb 3-1: USB disconnect, device number 14
[  308.653524][ T9498] loop1: detected capacity change from 0 to 512
[  308.698270][ T9498] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  308.746148][ T7857] udevd[7857]: symlink '../../loop5' '/dev/disk/by-diskseq/514.tmp-b7:5' failed: Read-only file system
[  308.784350][ T9498] EXT4-fs error (device loop1): ext4_orphan_get:1393: inode #15: comm syz.1.1374: iget: bad extended attribute block 9
[  308.822532][ T9468] loop3: detected capacity change from 0 to 32768
[  308.834385][ T7857] udevd[7857]: symlink '../../loop5' '/dev/disk/by-diskseq/514.tmp-b7:5' failed: Read-only file system
[  308.901345][ T6487] udevd[6487]: symlink '../../loop6' '/dev/disk/by-diskseq/509.tmp-b7:6' failed: Read-only file system
[  308.918980][ T9498] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.1374: couldn't read orphan inode 15 (err -117)
[  308.932711][ T9502] sp0: Synchronizing with TNC
[  308.934911][ T9501] loop5: detected capacity change from 0 to 2048
[  308.974931][ T9505] sp0: Found TNC
[  308.991091][ T9501] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[  309.014288][ T9468] ocfs2: Slot 0 on device (7,3) was already allocated to this node!
[  309.033290][ T9507] loop6: detected capacity change from 0 to 512
[  309.044131][ T9498] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  309.096807][ T9468] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  309.145759][ T9507] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  309.170596][ T9512] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  309.249817][ T9507] ext4 filesystem being mounted at /26/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  309.400145][   T30] audit: type=1800 audit(1753811120.897:32): pid=9507 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1377" name="file2" dev="loop6" ino=16 res=0 errno=0
[  309.625598][ T8633] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  309.636990][ T5850] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  309.749506][ T5848] ocfs2: Unmounting device (7,3) on (node local)
[  310.292473][ T5920] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  310.477247][ T5920] usb 2-1: New USB device found, idVendor=0c45, idProduct=60a8, bcdDevice=b5.55
[  310.513146][ T5920] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  310.558674][ T5920] usb 2-1: Product: syz
[  310.588056][ T5920] usb 2-1: Manufacturer: syz
[  310.616106][ T5920] usb 2-1: SerialNumber: syz
[  310.640700][ T9536] loop4: detected capacity change from 0 to 2048
[  310.698338][ T5920] usb 2-1: config 0 descriptor??
[  310.760960][ T5920] gspca_main: sonixb-2.14.0 probing 0c45:60a8
[  310.806481][ T9536] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  310.850007][ T9536] ext4 filesystem being mounted at /243/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  311.181431][ T5920] input: sonixb as /devices/platform/dummy_hcd.1/usb2/2-1/input/input21
[  311.448003][ T5920] usb 2-1: USB disconnect, device number 18
[  311.615860][ T5851] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  311.993981][ T9571] loop5: detected capacity change from 0 to 512
[  312.058256][ T9571] EXT4-fs: Ignoring removed nobh option
[  312.107278][ T9571] EXT4-fs error (device loop5): ext4_orphan_get:1393: inode #15: comm syz.5.1400: iget: bad i_size value: 38620345925642
[  312.130621][ T9569] loop2: detected capacity change from 0 to 4096
[  312.183158][ T9571] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.1400: couldn't read orphan inode 15 (err -117)
[  312.284335][ T9571] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  312.303316][   T24] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  312.339402][ T6037] udevd[6037]: symlink '../../loop1' '/dev/disk/by-diskseq/522.tmp-b7:1' failed: Read-only file system
[  312.414472][ T9569] ntfs3(loop2): ino=1e, mi_enum_attr
[  312.421777][ T9569] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[  312.431642][ T7857] udevd[7857]: symlink '../../loop5' '/dev/disk/by-diskseq/528.tmp-b7:5' failed: Read-only file system
[  312.474335][ T7857] udevd[7857]: symlink '../../loop5' '/dev/disk/by-label/syzkaller.tmp-b7:5' failed: Read-only file system
[  312.524704][   T24] usb 5-1: config index 0 descriptor too short (expected 23569, got 27)
[  312.547444][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  312.607149][   T24] usb 5-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[  312.625046][ T7857] udevd[7857]: symlink '../../loop1' '/dev/disk/by-diskseq/522.tmp-b7:1' failed: Read-only file system
[  312.647671][ T8498] udevd[8498]: symlink '../../loop2' '/dev/disk/by-diskseq/529.tmp-b7:2' failed: Read-only file system
[  312.663246][   T24] usb 5-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[  312.683530][ T5853] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  312.712007][   T24] usb 5-1: Manufacturer: syz
[  312.742101][ T8498] udevd[8498]: symlink '../../loop2' '/dev/disk/by-label/syzkaller.tmp-b7:2' failed: Read-only file system
[  312.753411][   T24] usb 5-1: config 0 descriptor??
[  312.827008][ T8498] udevd[8498]: symlink '../../loop2' '/dev/disk/by-uuid/275C1089492DF3B0.tmp-b7:2' failed: Read-only file system
[  312.863393][ T6037] udevd[6037]: symlink '../../loop2' '/dev/disk/by-label/syzkaller.tmp-b7:5' failed: Read-only file system
[  312.924944][ T6037] udevd[6037]: symlink '../../loop5' '/dev/disk/by-diskseq/528.tmp-b7:5' failed: Read-only file system
[  312.972527][   T30] audit: type=1326 audit(1753811124.477:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9575 comm="syz.6.1401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa18118e9a9 code=0x7fc00000
[  313.084264][ T6557] udevd[6557]: symlink '../../loop1' '/dev/disk/by-diskseq/522.tmp-b7:1' failed: Read-only file system
[  313.108017][ T9592] loop2: detected capacity change from 0 to 512
[  313.114363][   T30] audit: type=1326 audit(1753811124.477:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9575 comm="syz.6.1401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa18118e9a9 code=0x7fc00000
[  313.114451][   T30] audit: type=1326 audit(1753811124.477:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9575 comm="syz.6.1401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa18118e9a9 code=0x7fc00000
[  313.114524][   T30] audit: type=1326 audit(1753811124.477:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9575 comm="syz.6.1401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa18118e9a9 code=0x7fc00000
[  313.114596][   T30] audit: type=1326 audit(1753811124.477:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9575 comm="syz.6.1401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa18118e9a9 code=0x7fc00000
[  313.114669][   T30] audit: type=1326 audit(1753811124.477:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9575 comm="syz.6.1401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa18118e9a9 code=0x7fc00000
[  313.114742][   T30] audit: type=1326 audit(1753811124.477:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9575 comm="syz.6.1401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa18118e9a9 code=0x7fc00000
[  313.114815][   T30] audit: type=1326 audit(1753811124.477:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9575 comm="syz.6.1401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa18118e9a9 code=0x7fc00000
[  313.114888][   T30] audit: type=1326 audit(1753811124.477:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9575 comm="syz.6.1401" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa18118e9a9 code=0x7fc00000
[  313.428076][   T24] rc_core: IR keymap rc-hauppauge not found
[  313.444693][ T9592] EXT4-fs: Ignoring removed nomblk_io_submit option
[  313.446590][   T24] Registered IR keymap rc-empty
[  313.471318][ T9592] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  313.474442][   T24] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  313.527848][   T24] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input22
[  313.531998][  T117] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  313.578802][ T9592] EXT4-fs (loop2): 1 truncate cleaned up
[  313.619425][ T9603] rc rc0: two consecutive events of type space
[  313.656045][ T9592] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  313.704680][  T117] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  313.732732][ T5852] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  313.745407][  T117] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  313.767978][  T117] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  313.817040][  T117] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  313.842413][    T9] usb 5-1: USB disconnect, device number 14
[  313.866778][  T117] usb 2-1: SerialNumber: syz
[  314.135801][  T117] usb 2-1: 0:2 : does not exist
[  314.184839][  T117] usb 2-1: unit 5: unexpected type 0x03
[  314.195861][  T117] usb 2-1: unit 255 not found!
[  314.338168][  T117] usb 2-1: USB disconnect, device number 19
[  315.077333][ T9630] loop3: detected capacity change from 0 to 1024
[  315.169745][ T9634] loop5: detected capacity change from 0 to 64
[  315.262595][ T9630] hfsplus: inconsistency in B*Tree (1,0,1,0,1)
[  315.303077][ T9636] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1421'.
[  315.313054][ T9630] hfsplus: inconsistency in B*Tree (1,0,1,0,1)
[  315.644370][ T3013] hfsplus: b-tree write err: -5, ino 4
[  316.276046][ T9661] loop4: detected capacity change from 0 to 256
[  316.346760][ T9661] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  316.370567][ T9666] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1434'.
[  316.381300][ T9661] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[  316.521930][ T9661] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  317.061118][ T9672] loop5: detected capacity change from 0 to 32768
[  317.125749][ T9672] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  317.135259][ T9672] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  317.197980][ T9672] gfs2: fsid=syz:syz.s: fatal: filesystem consistency error - inode = 1 19, function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 400
[  317.214034][ T9672] gfs2: fsid=syz:syz.s: G:  s:SH n:2/13 f:aqobnN t:SH d:EX/0 a:0 v:0 r:2 m:20 p:1
[  317.225208][ T9672] gfs2: fsid=syz:syz.s:  H: s:SH f:eEcH e:0 p:9672 [syz.5.1436] init_inodes+0x113b/0x2eb0
[  317.235238][ T9672] gfs2: fsid=syz:syz.s:  I: n:1/19 t:8 f:0x00 d:0x00000000 s:0 p:0
[  317.248849][ T9672] gfs2: fsid=syz:syz.s: about to withdraw this file system
[  317.256156][ T9672] gfs2: fsid=syz:syz.s: Journal recovery skipped for jid 0 until next mount.
[  317.265023][ T9672] gfs2: fsid=syz:syz.s: Glock dequeues delayed: 0
[  317.271807][ T9672] gfs2: fsid=syz:syz.s: File system withdrawn
[  317.277993][ T9672] CPU: 1 UID: 0 PID: 9672 Comm: syz.5.1436 Not tainted 6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(full) 
[  317.278044][ T9672] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  317.278069][ T9672] Call Trace:
[  317.278080][ T9672]  <TASK>
[  317.278094][ T9672]  dump_stack_lvl+0x16c/0x1f0
[  317.278151][ T9672]  gfs2_withdraw+0xa8b/0x1130
[  317.278212][ T9672]  ? __pfx_gfs2_withdraw+0x10/0x10
[  317.278255][ T9672]  ? srso_alias_return_thunk+0x5/0xfbef5
[  317.278302][ T9672]  ? gfs2_meta_buffer+0x194/0x3f0
[  317.278374][ T9672]  ? srso_alias_return_thunk+0x5/0xfbef5
[  317.278439][ T9672]  inode_go_instantiate+0xe68/0x1290
[  317.278489][ T9672]  ? __pfx_inode_go_instantiate+0x10/0x10
[  317.278532][ T9672]  ? srso_alias_return_thunk+0x5/0xfbef5
[  317.278581][ T9672]  ? srso_alias_return_thunk+0x5/0xfbef5
[  317.278636][ T9672]  gfs2_instantiate+0x16c/0x250
[  317.278699][ T9672]  gfs2_glock_wait+0x214/0x330
[  317.278757][ T9672]  ? __pfx_gfs2_glock_wait+0x10/0x10
[  317.278817][ T9672]  ? srso_alias_return_thunk+0x5/0xfbef5
[  317.278872][ T9672]  gfs2_glock_nq+0x12f2/0x19f0
[  317.278912][ T9672]  ? srso_alias_return_thunk+0x5/0xfbef5
[  317.278957][ T9672]  ? do_raw_spin_unlock+0x172/0x230
[  317.279018][ T9672]  check_journal_clean+0x11a/0x350
[  317.279062][ T9672]  ? __pfx_check_journal_clean+0x10/0x10
[  317.279118][ T9672]  ? srso_alias_return_thunk+0x5/0xfbef5
[  317.279162][ T9672]  ? do_raw_spin_lock+0x12c/0x2b0
[  317.279207][ T9672]  ? srso_alias_return_thunk+0x5/0xfbef5
[  317.279253][ T9672]  ? find_held_lock+0x2b/0x80
[  317.279309][ T9672]  ? init_inodes+0x113b/0x2eb0
[  317.279352][ T9672]  ? srso_alias_return_thunk+0x5/0xfbef5
[  317.279397][ T9672]  ? do_raw_spin_unlock+0x172/0x230
[  317.279454][ T9672]  ? srso_alias_return_thunk+0x5/0xfbef5
[  317.279499][ T9672]  ? _raw_spin_unlock+0x28/0x50
[  317.279542][ T9672]  ? gfs2_jdesc_find+0xbf/0x100
[  317.279598][ T9672]  init_inodes+0x113b/0x2eb0
[  317.279666][ T9672]  ? __pfx_init_inodes+0x10/0x10
[  317.279720][ T9672]  ? gfs2_fill_super+0x1be2/0x2d30
[  317.279764][ T9672]  ? init_sb+0xa50/0x10d0
[  317.279818][ T9672]  ? __pfx_snprintf+0x10/0x10
[  317.279889][ T9672]  ? gfs2_fill_super+0x1be2/0x2d30
[  317.279932][ T9672]  ? srso_alias_return_thunk+0x5/0xfbef5
[  317.279978][ T9672]  gfs2_fill_super+0x1be2/0x2d30
[  317.280021][ T9672]  ? srso_alias_return_thunk+0x5/0xfbef5
[  317.280086][ T9672]  ? __pfx_gfs2_fill_super+0x10/0x10
[  317.280138][ T9672]  ? gfs2_fill_super+0x1875/0x2d30
[  317.280186][ T9672]  ? srso_alias_return_thunk+0x5/0xfbef5
[  317.280232][ T9672]  ? set_blocksize+0x406/0x500
[  317.280298][ T9672]  ? srso_alias_return_thunk+0x5/0xfbef5
[  317.280343][ T9672]  ? sb_set_blocksize+0x176/0x1d0
[  317.280409][ T9672]  ? srso_alias_return_thunk+0x5/0xfbef5
[  317.280464][ T9672]  get_tree_bdev_flags+0x38c/0x620
[  317.280519][ T9672]  ? __pfx_gfs2_fill_super+0x10/0x10
[  317.280583][ T9672]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  317.280638][ T9672]  ? rcu_is_watching+0x12/0xc0
[  317.280690][ T9672]  ? srso_alias_return_thunk+0x5/0xfbef5
[  317.280743][ T9672]  ? srso_alias_return_thunk+0x5/0xfbef5
[  317.280787][ T9672]  ? apparmor_capable+0x114/0x1d0
[  317.280841][ T9672]  gfs2_get_tree+0x4e/0x280
[  317.280884][ T9672]  vfs_get_tree+0x8e/0x340
[  317.280927][ T9672]  path_mount+0x1482/0x1fd0
[  317.280974][ T9672]  ? __pfx_path_mount+0x10/0x10
[  317.281010][ T9672]  ? srso_alias_return_thunk+0x5/0xfbef5
[  317.281053][ T9672]  ? kmem_cache_free+0x2d1/0x4d0
[  317.281102][ T9672]  ? putname+0x154/0x1a0
[  317.281142][ T9672]  ? srso_alias_return_thunk+0x5/0xfbef5
[  317.281184][ T9672]  ? putname+0x154/0x1a0
[  317.281226][ T9672]  ? __x64_sys_mount+0x28d/0x310
[  317.281261][ T9672]  __x64_sys_mount+0x28d/0x310
[  317.281296][ T9672]  ? __pfx___x64_sys_mount+0x10/0x10
[  317.281330][ T9672]  ? srso_alias_return_thunk+0x5/0xfbef5
[  317.281387][ T9672]  do_syscall_64+0xcd/0x4c0
[  317.281446][ T9672]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  317.281484][ T9672] RIP: 0033:0x7fe75cd9014a
[  317.281512][ T9672] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  317.281546][ T9672] RSP: 002b:00007fe75dc6be68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  317.281578][ T9672] RAX: ffffffffffffffda RBX: 00007fe75dc6bef0 RCX: 00007fe75cd9014a
[  317.281601][ T9672] RDX: 0000200000000400 RSI: 0000200000012500 RDI: 00007fe75dc6beb0
[  317.281624][ T9672] RBP: 0000200000000400 R08: 00007fe75dc6bef0 R09: 0000000000200001
[  317.281646][ T9672] R10: 0000000000200001 R11: 0000000000000246 R12: 0000200000012500
[  317.281671][ T9672] R13: 00007fe75dc6beb0 R14: 00000000000125d5 R15: 0000200000000080
[  317.281718][ T9672]  </TASK>
[  317.281788][ T9672] gfs2: fsid=syz:syz.s: Error -5 locking journal for spectator mount.
[  317.377505][  T117] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  317.426555][ T6487] udevd[6487]: symlink '../../loop6' '/dev/disk/by-diskseq/525.tmp-b7:6' failed: Read-only file system
[  317.477764][ T7857] udevd[7857]: symlink '../../loop2' '/dev/disk/by-diskseq/533.tmp-b7:2' failed: Read-only file system
[  317.881311][ T9692] loop4: detected capacity change from 0 to 512
[  317.969242][ T6037] udevd[6037]: symlink '../../loop1' '/dev/disk/by-diskseq/522.tmp-b7:1' failed: Read-only file system
[  318.015777][ T9692] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  318.032237][  T117] usb 7-1: Using ep0 maxpacket: 16
[  318.039719][  T117] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  318.058195][  T117] usb 7-1: New USB device found, idVendor=04fc, idProduct=05d8, bcdDevice= 0.00
[  318.069396][  T117] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  318.111162][ T7857] udevd[7857]: symlink '../../loop4' '/dev/disk/by-diskseq/538.tmp-b7:4' failed: Read-only file system
[  318.133288][ T9692] ext4 filesystem being mounted at /248/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  318.200773][ T6037] udevd[6037]: symlink '../../loop3' '/dev/disk/by-diskseq/537.tmp-b7:3' failed: Read-only file system
[  318.231711][ T6557] udevd[6557]: symlink '../../loop2' '/dev/disk/by-diskseq/533.tmp-b7:2' failed: Read-only file system
[  318.251001][ T8498] udevd[8498]: symlink '../../loop5' '/dev/disk/by-diskseq/539.tmp-b7:5' failed: Read-only file system
[  318.287875][ T9692] EXT4-fs warning (device loop4): verify_group_input:156: Last group not full
[  318.323836][ T7857] udevd[7857]: symlink '../../loop4' '/dev/disk/by-label/syzkaller.tmp-b7:4' failed: Read-only file system
[  318.344835][  T117] usb 7-1: config 0 descriptor??
[  318.420738][ T6557] udevd[6557]: symlink '../../loop1' '/dev/disk/by-diskseq/522.tmp-b7:1' failed: Read-only file system
[  318.463627][ T9704] loop2: detected capacity change from 0 to 1024
[  318.620092][ T7857] udevd[7857]: symlink '../../loop4' '/dev/disk/by-diskseq/538.tmp-b7:4' failed: Read-only file system
[  318.623986][ T9704] hfsplus: bad catalog entry type
[  318.678605][ T5851] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  318.868576][  T117] sunplus 0003:04FC:05D8.002C: reserved main item tag 0xd
[  318.940125][  T117] sunplus 0003:04FC:05D8.002C: unexpected long global item
[  318.954446][ T3016] hfsplus: b-tree write err: -5, ino 4
[  319.003806][  T117] sunplus 0003:04FC:05D8.002C: probe with driver sunplus failed with error -22
[  319.072868][  T117] usb 7-1: USB disconnect, device number 2
[  319.201491][ T9717] loop4: detected capacity change from 0 to 512
[  319.331930][ T9722] loop2: detected capacity change from 0 to 64
[  319.345687][ T9717] EXT4-fs (loop4): feature flags set on rev 0 fs, running e2fsck is recommended
[  319.370854][ T9721] loop1: detected capacity change from 0 to 2048
[  319.405330][ T9717] EXT4-fs (loop4): orphan cleanup on readonly fs
[  319.417193][ T9715] loop5: detected capacity change from 0 to 4096
[  319.439041][ T9717] EXT4-fs error (device loop4): ext4_ext_check_inode:523: inode #3: comm syz.4.1448: pblk 0 bad header/extent: invalid eh_max - magic f30a, entries 7, max 0(0), depth 0(0)
[  319.480929][ T9717] EXT4-fs error (device loop4): ext4_quota_enable:7126: comm syz.4.1448: Bad quota inode: 3, type: 0
[  319.551182][ T9722] hfs: small file entry
[  319.585108][ T9721] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  319.644797][ T9717] EXT4-fs warning (device loop4): ext4_enable_quotas:7164: Failed to enable quota tracking (type=0, err=-117, ino=3). Please run e2fsck to fix.
[  319.692685][ T9717] EXT4-fs (loop4): Cannot turn on quotas: error -117
[  319.710929][ T9717] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  319.868951][ T9721] EXT4-fs (loop1): can't enable nombcache during remount
[  320.021681][   T30] kauditd_printk_skb: 18 callbacks suppressed
[  320.021707][   T30] audit: type=1800 audit(1753811131.507:60): pid=9715 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1450" name="file1" dev="loop5" ino=33 res=0 errno=0
[  320.117611][ T9737] loop2: detected capacity change from 0 to 164
[  320.206089][ T9737] rock: directory entry would overflow storage
[  320.248338][ T9737] rock: sig=0x66, size=4, remaining=3
[  320.274622][ T5850] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  320.328114][ T5851] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  320.592619][ T9744] loop3: detected capacity change from 0 to 64
[  320.677228][ T9748] loop4: detected capacity change from 0 to 512
[  320.685118][ T9748] EXT4-fs: Ignoring removed oldalloc option
[  320.699531][ T9748] EXT4-fs (loop4): 1 truncate cleaned up
[  320.708680][ T9748] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  320.949975][   T43] IPVS: starting estimator thread 0...
[  321.033547][ T5851] EXT4-fs error (device loop4): htree_dirblock_to_tree:1077: inode #2: block 13: comm syz-executor: bad entry in directory: rec_len is smaller than minimal - offset=76, inode=0, rec_len=0, size=1024 fake=0
[  321.062352][ T9755] IPVS: using max 22 ests per chain, 52800 per kthread
[  321.190599][ T5851] EXT4-fs (loop4): Remounting filesystem read-only
[  321.927507][ T5851] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  322.360091][   T49] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  322.551540][ T8498] udevd[8498]: symlink '../../loop1' '/dev/disk/by-diskseq/553.tmp-b7:1' failed: Read-only file system
[  322.611449][ T8498] udevd[8498]: symlink '../../loop3' '/dev/disk/by-diskseq/558.tmp-b7:3' failed: Read-only file system
[  322.632144][   T49] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  322.632763][  T117] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  322.778269][   T49] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  322.852547][  T117] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  322.882441][  T117] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  322.889973][ T8498] udevd[8498]: symlink '../../loop6' '/dev/disk/by-diskseq/525.tmp-b7:6' failed: Read-only file system
[  322.921427][ T9796] loop5: detected capacity change from 0 to 256
[  322.937671][  T117] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  322.962327][  T117] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  322.979942][ T9796] exfat: Deprecated parameter 'namecase'
[  323.013126][  T117] usb 3-1: Product: syz
[  323.025529][  T117] usb 3-1: Manufacturer: syz
[  323.030180][  T117] usb 3-1: SerialNumber: syz
[  323.078586][ T9796] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d)
[  323.094646][ T7857] udevd[7857]: symlink '../../loop5' '/dev/disk/by-diskseq/559.tmp-b7:5' failed: Read-only file system
[  323.110788][  T117] cdc_mbim 3-1:1.0: skipping garbage
[  323.163197][  T117] usb 3-1: selecting invalid altsetting 1
[  323.193309][ T7857] udevd[7857]: symlink '../../loop5' '/dev/disk/by-uuid/1234-1234.tmp-b7:5' failed: Read-only file system
[  323.231920][ T6037] udevd[6037]: symlink '../../loop3' '/dev/disk/by-diskseq/558.tmp-b7:3' failed: Read-only file system
[  323.281138][   T49] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  323.344499][ T7857] udevd[7857]: symlink '../../loop1' '/dev/disk/by-diskseq/553.tmp-b7:1' failed: Read-only file system
[  323.401294][   T30] audit: type=1326 audit(1753811134.907:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9803 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ab7f8e9a9 code=0x7ffc0000
[  323.456988][ T6037] udevd[6037]: symlink '../../loop6' '/dev/disk/by-diskseq/525.tmp-b7:6' failed: Read-only file system
[  323.529072][  T117] cdc_mbim 3-1:1.0: failed GET_NTB_PARAMETERS
[  323.544191][   T30] audit: type=1326 audit(1753811134.907:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9803 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ab7f8e9a9 code=0x7ffc0000
[  323.582528][  T117] cdc_mbim 3-1:1.0: bind() failure
[  323.646197][ T7857] udevd[7857]: symlink '../../loop5' '/dev/disk/by-diskseq/559.tmp-b7:5' failed: Read-only file system
[  323.648128][  T117] usb 3-1: USB disconnect, device number 15
[  323.682299][   T30] audit: type=1326 audit(1753811134.947:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9803 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9ab7f8d310 code=0x7ffc0000
[  323.761284][ T6557] udevd[6557]: symlink '../../loop3' '/dev/disk/by-diskseq/558.tmp-b7:3' failed: Read-only file system
[  323.868782][   T30] audit: type=1326 audit(1753811134.947:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9803 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ab7f8e9a9 code=0x7ffc0000
[  323.988824][   T30] audit: type=1326 audit(1753811134.947:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9803 comm=77DEA305FF07 exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ab7f8e9a9 code=0x7ffc0000
[  324.157203][ T9815] loop3: detected capacity change from 0 to 4096
[  324.234511][ T9821] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  324.254153][   T49] bridge_slave_1: left allmulticast mode
[  324.279449][   T49] bridge_slave_1: left promiscuous mode
[  324.302611][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[  324.431829][   T49] bridge_slave_0: left allmulticast mode
[  324.457458][   T49] bridge_slave_0: left promiscuous mode
[  324.522427][   T49] bridge0: port 1(bridge_slave_0) entered disabled state
[  324.553196][ T5848] NILFS (loop3): nilfs_palloc_commit_free_entry (ino=6): entry number 11 already freed
[  324.719223][ T5871] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  324.743068][ T5871] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  324.759831][ T5871] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  324.780510][ T5871] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  324.798437][ T5871] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  324.805717][   T24] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  324.855130][ T5848] NILFS (loop3): nilfs_palloc_commit_free_entry (ino=6): entry number 13 already freed
[  324.899681][ T9833] loop5: detected capacity change from 0 to 1024
[  324.930001][ T5848] NILFS (loop3): nilfs_palloc_commit_free_entry (ino=6): entry number 14 already freed
[  324.953384][ T9833] EXT4-fs: Ignoring removed mblk_io_submit option
[  324.985155][   T24] usb 7-1: Using ep0 maxpacket: 8
[  325.012299][ T5848] NILFS (loop3): nilfs_palloc_commit_free_entry (ino=6): entry number 15 already freed
[  325.025029][   T24] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  325.069795][ T5848] NILFS (loop3): nilfs_palloc_commit_free_entry (ino=6): entry number 16 already freed
[  325.091855][   T24] usb 7-1: New USB device found, idVendor=05e1, idProduct=0893, bcdDevice=fd.5b
[  325.121079][ T9833] EXT4-fs (loop5): can't mount with commit=, fs mounted w/o journal
[  325.132780][ T5848] NILFS (loop3): nilfs_palloc_commit_free_entry (ino=6): entry number 17 already freed
[  325.142211][   T24] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  325.168910][   T24] usb 7-1: Product: syz
[  325.175805][   T24] usb 7-1: Manufacturer: syz
[  325.181868][   T24] usb 7-1: SerialNumber: syz
[  325.210583][   T24] usb 7-1: config 0 descriptor??
[  325.257143][   T24] gspca_main: stk014-2.14.0 probing 05e1:0893
[  325.285111][ T9837] loop2: detected capacity change from 0 to 2048
[  325.302370][   T24] usb 7-1: selecting invalid altsetting 1
[  325.332736][ T5941] NILFS (loop3): nilfs_palloc_commit_free_entry (ino=6): entry number 12 already freed
[  325.395003][ T9837] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  325.458582][ T9837] ext4 filesystem being mounted at /255/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  325.518741][ T9808] loop1: detected capacity change from 0 to 32768
[  325.597689][ T9808] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1483 (9808)
[  325.629321][ T9837] EXT4-fs error (device loop2): __ext4_new_inode:1072: comm syz.2.1493: reserved inode found cleared - inode=1
[  325.693585][ T9808] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  325.715469][ T9845] EXT4-fs error (device loop2) in ext4_free_inode:361: Corrupt filesystem
[  325.784337][ T5920] usb 7-1: USB disconnect, device number 3
[  325.786571][ T9848] netlink: 240 bytes leftover after parsing attributes in process `syz.3.1491'.
[  325.806027][ T9808] BTRFS info (device loop1): using sha256 (sha256-x86_64) checksum algorithm
[  325.872288][ T9848] NCSI netlink: No device for ifindex 0
[  325.896164][ T9808] BTRFS info (device loop1): using free-space-tree
[  326.180619][ T5852] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  326.307599][ T9871] loop5: detected capacity change from 0 to 512
[  326.354439][ T9871] EXT4-fs: Ignoring removed bh option
[  326.404773][ T9871] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  326.538921][ T5850] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  326.567488][ T9871] EXT4-fs (loop5): 1 truncate cleaned up
[  326.604633][ T9871] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  326.737080][ T1294] ieee802154 phy0 wpan0: encryption failed: -22
[  326.748382][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  326.828761][   T30] audit: type=1800 audit(1753811138.337:66): pid=9871 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1495" name="file2" dev="loop5" ino=16 res=0 errno=0
[  326.899803][ T5865] Bluetooth: hci3: command tx timeout
[  326.988743][ T9882] loop3: detected capacity change from 0 to 1024
[  327.153003][ T9886] hfsplus: inconsistency in B*Tree (1,0,1,0,2)
[  327.159451][ T9886] hfsplus: xattr searching failed
[  327.214068][ T5853] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  327.243089][ T9886] syz.3.1500: attempt to access beyond end of device
[  327.243089][ T9886] loop3: rw=0, sector=5778, nr_sectors = 2 limit=1024
[  327.348854][ T9886] Buffer I/O error on dev loop3, logical block 2889, async page read
[  327.422492][ T9886] syz.3.1500: attempt to access beyond end of device
[  327.422492][ T9886] loop3: rw=0, sector=5778, nr_sectors = 2 limit=1024
[  327.478641][ T9886] Buffer I/O error on dev loop3, logical block 2889, async page read
[  327.579865][   T30] audit: type=1800 audit(1753811139.077:67): pid=9886 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1500" name="file1" dev="loop3" ino=20 res=0 errno=0
[  327.600762][ T9886] hfsplus: inconsistency in B*Tree (1,0,1,0,2)
[  327.632391][ T9886] hfsplus: xattr searching failed
[  327.655402][ T9886] hfsplus: can't free extent
[  327.788721][ T7857] udevd[7857]: symlink '../../loop2' '/dev/disk/by-diskseq/568.tmp-b7:2' failed: Read-only file system
[  327.885947][ T9901] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1507'.
[  327.979207][ T7857] udevd[7857]: symlink '../../loop3' '/dev/disk/by-diskseq/569.tmp-b7:3' failed: Read-only file system
[  328.014195][   T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  328.050754][ T6037] udevd[6037]: symlink '../../loop6' '/dev/disk/by-diskseq/525.tmp-b7:6' failed: Read-only file system
[  328.057839][ T7857] udevd[7857]: symlink '../../loop3' '/dev/disk/by-diskseq/569.tmp-b7:3' failed: Read-only file system
[  328.075367][ T9905] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1509'.
[  328.103398][   T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  328.136552][   T49] bond0 (unregistering): Released all slaves
[  328.184951][ T7857] udevd[7857]: symlink '../../loop3' '/dev/disk/by-diskseq/571.tmp-b7:3' failed: Read-only file system
[  328.187486][ T6037] udevd[6037]: symlink '../../loop2' '/dev/disk/by-diskseq/568.tmp-b7:2' failed: Read-only file system
[  328.397132][ T7857] udevd[7857]: symlink '../../loop3' '/dev/disk/by-diskseq/571.tmp-b7:3' failed: Read-only file system
[  328.538188][ T6037] udevd[6037]: symlink '../../loop6' '/dev/disk/by-diskseq/525.tmp-b7:6' failed: Read-only file system
[  328.550016][   T49] tipc: Disabling bearer <eth:ipvlan0>
[  328.598013][ T8498] udevd[8498]: symlink '../../loop1' '/dev/disk/by-diskseq/566.tmp-b7:1' failed: Read-only file system
[  328.630842][ T9914] loop6: detected capacity change from 0 to 1024
[  328.643195][ T7857] udevd[7857]: symlink '../../loop5' '/dev/disk/by-diskseq/570.tmp-b7:5' failed: Read-only file system
[  328.665126][   T49] tipc: Left network mode
[  328.784847][ T9921] genirq: Flags mismatch irq 31. 00200000 (comedi_parport) vs. 00200000 (virtio1-input.0)
[  328.846523][ T9914] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  328.965077][ T9914] ext4 filesystem being mounted at /50/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  328.999198][ T5865] Bluetooth: hci3: command tx timeout
[  329.089438][ T9914] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1217: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  329.107284][ T9914] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 65 with error 28
[  329.131536][ T9914] EXT4-fs (loop6): This should not happen!! Data will be lost
[  329.131536][ T9914] 
[  329.208257][ T9914] EXT4-fs (loop6): Total free blocks count 0
[  329.229918][ T9914] EXT4-fs (loop6): Free/Dirty block details
[  329.269017][ T9914] EXT4-fs (loop6): free_blocks=4293918720
[  329.303402][ T9914] EXT4-fs (loop6): dirty_blocks=80
[  329.320946][ T9914] EXT4-fs (loop6): Block reservation details
[  329.362404][ T9914] EXT4-fs (loop6): i_reserved_data_blocks=5
[  329.710052][ T8633] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  330.233657][ T9909] loop2: detected capacity change from 0 to 32768
[  330.302262][   T43] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  330.342391][ T9909] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.1511 (9909)
[  330.407305][ T9909] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  330.482347][   T43] usb 7-1: Using ep0 maxpacket: 32
[  330.490797][   T43] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  330.523210][ T9909] BTRFS info (device loop2): using sha256 (sha256-x86_64) checksum algorithm
[  330.532091][ T9909] BTRFS info (device loop2): using free-space-tree
[  330.549239][   T43] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  330.592284][   T43] usb 7-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  330.632843][   T43] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  330.679991][   T43] usb 7-1: config 0 descriptor??
[  330.695998][   T43] hub 7-1:0.0: USB hub found
[  330.708899][   T49] hsr_slave_0: left promiscuous mode
[  330.767065][ T9926] loop1: detected capacity change from 0 to 32768
[  330.788885][   T49] hsr_slave_1: left promiscuous mode
[  330.837610][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  330.861294][   T49] batman_adv: batadv0: Removing interface: batadv_slave_0
[  330.914430][   T43] hub 7-1:0.0: 29 ports detected
[  330.914761][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  330.968341][   T43] hub 7-1:0.0: insufficient power available to use all downstream ports
[  330.972331][   T49] batman_adv: batadv0: Removing interface: batadv_slave_1
[  331.052514][ T5865] Bluetooth: hci3: command tx timeout
[  331.101489][   T49] veth1_macvtap: left promiscuous mode
[  331.115153][   T49] veth0_macvtap: left promiscuous mode
[  331.121042][   T49] veth1_vlan: left promiscuous mode
[  331.128215][   T49] veth0_vlan: left promiscuous mode
[  331.271058][ T5852] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  331.351310][ T9982] MTD: Couldn't look up 'mountinfo': -2
[  331.465187][   T43] usb 7-1: USB disconnect, device number 4
[  331.977194][ T9987] loop1: detected capacity change from 0 to 4096
[  332.018921][ T9987] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[  332.061185][ T9987] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 4096)
[  332.737547][ T9997] loop1: detected capacity change from 0 to 256
[  332.819775][ T9997] exFAT-fs (loop1): failed to load upcase table (idx : 0x000104d0, chksum : 0xda218cab, utbl_chksum : 0xe619d30d)
[  332.820507][ T8498] udevd[8498]: symlink '../../loop2' '/dev/disk/by-diskseq/575.tmp-b7:2' failed: Read-only file system
[  332.871986][ T6037] udevd[6037]: symlink '../../loop6' '/dev/disk/by-diskseq/574.tmp-b7:6' failed: Read-only file system
[  332.882793][ T7857] udevd[7857]: symlink '../../loop1' '/dev/disk/by-diskseq/581.tmp-b7:1' failed: Read-only file system
[  332.921273][ T7857] udevd[7857]: symlink '../../loop1' '/dev/disk/by-uuid/1234-1234.tmp-b7:1' failed: Read-only file system
[  332.923854][ T9997] exFAT-fs (loop1): error, invalid access to FAT free cluster (entry 0x00000008)
[  333.044299][ T8498] udevd[8498]: symlink '../../loop6' '/dev/disk/by-diskseq/574.tmp-b7:6' failed: Read-only file system
[  333.134886][ T5865] Bluetooth: hci3: command tx timeout
[  333.161783][ T8498] udevd[8498]: symlink '../../loop1' '/dev/disk/by-diskseq/581.tmp-b7:1' failed: Read-only file system
[  333.210510][ T8498] udevd[8498]: symlink '../../loop1' '/dev/disk/by-diskseq/581.tmp-b7:1' failed: Read-only file system
[  333.251568][T10003] loop1: detected capacity change from 0 to 1024
[  333.268629][ T7857] udevd[7857]: symlink '../../loop6' '/dev/disk/by-diskseq/574.tmp-b7:6' failed: Read-only file system
[  333.328325][T10003] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  333.342710][ T8498] udevd[8498]: symlink '../../loop1' '/dev/disk/by-diskseq/582.tmp-b7:1' failed: Read-only file system
[  333.355671][T10003] EXT4-fs (loop1): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  333.374653][ T8498] udevd[8498]: symlink '../../loop1' '/dev/disk/by-label/syzkaller.tmp-b7:1' failed: Read-only file system
[  333.401018][T10003] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  333.498750][ T5850] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  333.616815][   T49] team0 (unregistering): Port device team_slave_1 removed
[  333.666084][   T49] team0 (unregistering): Port device team_slave_0 removed
[  334.042695][T10010] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1542'.
[  334.347087][ T9830] chnl_net:caif_netlink_parms(): no params data found
[  334.780917][T10030] loop5: detected capacity change from 0 to 64
[  334.832919][T10030] MINIX-fs: mounting unchecked file system, running fsck is recommended
[  334.944274][T10030] MINIX-fs warning: remounting unchecked fs, running fsck is recommended
[  335.330498][T10045] loop3: detected capacity change from 0 to 512
[  335.360243][ T9830] bridge0: port 1(bridge_slave_0) entered blocking state
[  335.373195][T10045] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (57259!=33349)
[  335.389537][ T9830] bridge0: port 1(bridge_slave_0) entered disabled state
[  335.426958][ T9830] bridge_slave_0: entered allmulticast mode
[  335.452138][T10045] EXT4-fs (loop3): orphan cleanup on readonly fs
[  335.453951][ T9830] bridge_slave_0: entered promiscuous mode
[  335.484321][T10045] EXT4-fs error (device loop3): ext4_read_block_bitmap_nowait:516: comm syz.3.1555: Block bitmap for bg 0 marked uninitialized
[  335.498920][ T9830] bridge0: port 2(bridge_slave_1) entered blocking state
[  335.522333][T10045] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6548: Corrupt filesystem
[  335.527139][ T9830] bridge0: port 2(bridge_slave_1) entered disabled state
[  335.553549][T10050] loop2: detected capacity change from 0 to 512
[  335.561089][T10050] EXT4-fs: Ignoring removed bh option
[  335.601287][T10050] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  335.613813][T10045] EXT4-fs (loop3): 1 orphan inode deleted
[  335.632027][ T9830] bridge_slave_1: entered allmulticast mode
[  335.660864][ T9830] bridge_slave_1: entered promiscuous mode
[  335.674836][T10054] loop5: detected capacity change from 0 to 512
[  335.683330][T10045] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  335.753793][T10050] EXT4-fs (loop2): 1 truncate cleaned up
[  335.761674][T10050] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  335.850158][ T5848] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  335.934055][T10054] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  335.951094][   T30] audit: type=1800 audit(1753811147.467:68): pid=10050 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1556" name="file2" dev="loop2" ino=16 res=0 errno=0
[  335.987571][T10054] ext4 filesystem being mounted at /285/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  336.031630][ T9830] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  336.102551][T10054] EXT4-fs warning (device loop5): ext4_group_extend:1862: can't shrink FS - resize aborted
[  336.103477][ T9830] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  336.131828][ T5852] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  336.221123][T10063] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1558'.
[  336.396483][ T5853] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  336.408235][ T9830] team0: Port device team_slave_0 added
[  336.433188][T10066] loop2: detected capacity change from 0 to 64
[  336.469379][ T9830] team0: Port device team_slave_1 added
[  336.651160][T10069] overlayfs: upper fs needs to support d_type.
[  336.773003][T10069] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  336.803119][T10069] overlayfs: failed to set xattr on upper
[  336.824358][T10069] overlayfs: ...falling back to redirect_dir=nofollow.
[  336.847053][T10069] overlayfs: ...falling back to index=off.
[  336.857980][T10069] overlayfs: ...falling back to uuid=null.
[  336.878988][ T9830] batman_adv: batadv0: Adding interface: batadv_slave_0
[  336.887865][T10069] overlayfs: ...falling back to xino=off.
[  336.894465][ T9830] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  336.912328][ T5962] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  336.923170][ T9830] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  336.949930][ T9830] batman_adv: batadv0: Adding interface: batadv_slave_1
[  336.970075][ T9830] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  337.102007][ T9830] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  337.172413][ T5962] usb 2-1: Using ep0 maxpacket: 8
[  337.194608][ T5962] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  337.239227][ T5962] usb 2-1: config 0 interface 0 has no altsetting 0
[  337.263985][ T5962] usb 2-1: New USB device found, idVendor=04fc, idProduct=05d8, bcdDevice= 0.00
[  337.275220][ T5852] VFS: Lookup of 'À.' in minix loop2 would have caused loop
[  337.304834][ T5852] VFS: Lookup of 'À.' in minix loop2 would have caused loop
[  337.313832][ T5962] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  337.363789][ T5962] usb 2-1: config 0 descriptor??
[  337.454621][ T9830] hsr_slave_0: entered promiscuous mode
[  337.492132][ T9830] hsr_slave_1: entered promiscuous mode
[  337.530913][ T9830] debugfs: 'hsr0' already exists in 'hsr'
[  337.563501][ T9830] Cannot create hsr debugfs directory
[  337.840315][ T5962] sunplus 0003:04FC:05D8.002D: unknown main item tag 0x0
[  337.864820][ T5962] sunplus 0003:04FC:05D8.002D: unknown main item tag 0x0
[  337.872037][ T5962] sunplus 0003:04FC:05D8.002D: unknown main item tag 0x0
[  337.891661][ T7857] udevd[7857]: symlink '../../loop3' '/dev/disk/by-diskseq/590.tmp-b7:3' failed: Read-only file system
[  337.925284][ T5962] sunplus 0003:04FC:05D8.002D: unknown main item tag 0x0
[  337.943624][ T5962] sunplus 0003:04FC:05D8.002D: unknown main item tag 0x0
[  337.963730][ T5962] sunplus 0003:04FC:05D8.002D: unknown main item tag 0x0
[  337.994500][ T5962] sunplus 0003:04FC:05D8.002D: unknown main item tag 0x0
[  338.033211][ T5962] sunplus 0003:04FC:05D8.002D: hidraw0: USB HID v0.00 Device [HID 04fc:05d8] on usb-dummy_hcd.1-1/input0
[  338.112497][ T5962] usb 2-1: USB disconnect, device number 20
[  338.321853][T10098] fido_id[10098]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[  338.329118][ T7857] udevd[7857]: symlink '../../loop3' '/dev/disk/by-diskseq/590.tmp-b7:3' failed: Read-only file system
[  338.489431][ T3016] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  338.544079][T10077] loop6: detected capacity change from 0 to 32768
[  338.643163][T10077] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  338.766794][ T8498] udevd[8498]: symlink '../../loop6' '/dev/disk/by-diskseq/594.tmp-b7:6' failed: Read-only file system
[  338.779855][ T8498] udevd[8498]: symlink '../../loop6' '/dev/disk/by-uuid/bfdc47fc-10d8-4eed-a562-11a831b3f791.tmp-b7:6' failed: Read-only file system
[  338.813282][ T3016] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  338.961560][ T7857] udevd[7857]: symlink '../../loop1' '/dev/disk/by-diskseq/584.tmp-b7:1' failed: Read-only file system
[  339.021325][ T6037] udevd[6037]: symlink '../../loop5' '/dev/disk/by-diskseq/593.tmp-b7:5' failed: Read-only file system
[  339.083770][ T8498] udevd[8498]: symlink '../../loop6' '/dev/disk/by-diskseq/594.tmp-b7:6' failed: Read-only file system
[  339.107830][T10116] loop5: detected capacity change from 0 to 256
[  339.133895][ T8498] udevd[8498]: symlink '../../loop6' '/dev/disk/by-uuid/bfdc47fc-10d8-4eed-a562-11a831b3f791.tmp-b7:6' failed: Read-only file system
[  339.241632][T10077] XFS (loop6): Ending clean mount
[  339.244250][ T3016] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  339.273669][T10116] exFAT-fs (loop5): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  339.286663][ T7857] udevd[7857]: symlink '../../loop5' '/dev/disk/by-diskseq/595.tmp-b7:5' failed: Read-only file system
[  339.319092][ T7857] udevd[7857]: symlink '../../loop5' '/dev/disk/by-uuid/1234-1234.tmp-b7:5' failed: Read-only file system
[  339.334254][T10077] XFS (loop6): Quotacheck needed: Please wait.
[  339.439988][T10077] XFS (loop6): Quotacheck: Done.
[  339.720615][ T8633] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  339.804616][ T3016] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  340.355975][ T5871] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  340.358704][ T5962] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  340.372887][ T5871] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  340.380888][ T5871] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  340.404904][ T5871] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  340.420221][ T5871] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  340.552460][ T5962] usb 4-1: Using ep0 maxpacket: 16
[  340.578381][ T5962] usb 4-1: config 0 has an invalid interface number: 8 but max is 0
[  340.604098][ T5962] usb 4-1: config 0 has no interface number 0
[  340.618120][ T5962] usb 4-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  340.651521][ T5962] usb 4-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  340.717194][ T5962] usb 4-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  340.727006][ T3016] bridge_slave_1: left allmulticast mode
[  340.742306][ T3016] bridge_slave_1: left promiscuous mode
[  340.742567][ T5962] usb 4-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  340.749353][T10143] netlink: 76 bytes leftover after parsing attributes in process `syz.6.1577'.
[  340.770056][ T3016] bridge0: port 2(bridge_slave_1) entered disabled state
[  340.776683][ T5962] usb 4-1: Product: syz
[  340.781302][ T5962] usb 4-1: SerialNumber: syz
[  340.791751][ T3016] bridge_slave_0: left allmulticast mode
[  340.812923][ T3016] bridge_slave_0: left promiscuous mode
[  340.820257][ T5962] usb 4-1: config 0 descriptor??
[  340.833805][ T3016] bridge0: port 1(bridge_slave_0) entered disabled state
[  340.850435][ T5962] cm109 4-1:0.8: invalid payload size 0, expected 4
[  340.900181][ T5962] input: CM109 USB driver as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.8/input/input23
[  341.004702][T10146] ubi31: attaching mtd0
[  341.009278][T10146] ubi31 error: ubi_attach_mtd_dev: bad VID header (589824) or data offsets (589888)
[  341.078371][    C0] cm109_urb_ctl_callback: 21 callbacks suppressed
[  341.078403][    C0] cm109 4-1:0.8: cm109_urb_ctl_callback: urb status -71
[  341.079934][   T43] usb 4-1: USB disconnect, device number 12
[  341.084879][    C0] cm109 4-1:0.8: cm109_submit_buzz_toggle: usb_submit_urb (urb_ctl) failed -19
[  341.393855][   T43] cm109 4-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  341.691057][T10157] loop6: detected capacity change from 0 to 512
[  341.770380][T10157] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  341.903220][T10157] EXT4-fs (loop6): 1 truncate cleaned up
[  341.939860][T10157] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  342.493361][ T5865] Bluetooth: hci4: command tx timeout
[  342.500215][ T8633] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  342.666818][T10176] loop5: detected capacity change from 0 to 256
[  342.873408][T10176] FAT-fs (loop5): Directory bread(block 64) failed
[  342.911993][ T7857] udevd[7857]: symlink '../../loop6' '/dev/disk/by-diskseq/598.tmp-b7:6' failed: Read-only file system
[  342.915295][T10176] FAT-fs (loop5): Directory bread(block 65) failed
[  342.931159][ T8498] udevd[8498]: symlink '../../loop5' '/dev/disk/by-diskseq/599.tmp-b7:5' failed: Read-only file system
[  342.948755][ T6037] udevd[6037]: symlink '../../loop3' '/dev/disk/by-diskseq/590.tmp-b7:3' failed: Read-only file system
[  342.993693][T10176] FAT-fs (loop5): Directory bread(block 66) failed
[  343.035308][T10176] FAT-fs (loop5): Directory bread(block 67) failed
[  343.038179][ T8498] udevd[8498]: symlink '../../loop6' '/dev/disk/by-diskseq/598.tmp-b7:6' failed: Read-only file system
[  343.042008][T10176] FAT-fs (loop5): Directory bread(block 68) failed
[  343.096277][ T6557] udevd[6557]: symlink '../../loop1' '/dev/disk/by-diskseq/584.tmp-b7:1' failed: Read-only file system
[  343.152463][T10176] FAT-fs (loop5): Directory bread(block 69) failed
[  343.159263][T10176] FAT-fs (loop5): Directory bread(block 70) failed
[  343.169516][ T8498] udevd[8498]: symlink '../../loop6' '/dev/disk/by-diskseq/600.tmp-b7:6' failed: Read-only file system
[  343.232232][T10176] FAT-fs (loop5): Directory bread(block 71) failed
[  343.246794][ T7857] udevd[7857]: symlink '../../loop5' '/dev/disk/by-diskseq/599.tmp-b7:5' failed: Read-only file system
[  343.293027][T10176] FAT-fs (loop5): Directory bread(block 72) failed
[  343.299628][T10176] FAT-fs (loop5): Directory bread(block 73) failed
[  343.352146][T10183] loop3: detected capacity change from 0 to 4096
[  343.533306][ T7857] udevd[7857]: symlink '../../loop1' '/dev/disk/by-diskseq/584.tmp-b7:1' failed: Read-only file system
[  343.559688][T10183] ntfs3(loop3): ino=21, "file1" fiemap is not supported for compressed file (cp -r)
[  343.666046][ T8498] udevd[8498]: symlink '../../loop3' '/dev/disk/by-diskseq/601.tmp-b7:3' failed: Read-only file system
[  343.714435][ T8498] udevd[8498]: symlink '../../loop3' '/dev/disk/by-label/syzkaller.tmp-b7:3' failed: Read-only file system
[  343.864225][T10189] loop1: detected capacity change from 0 to 4096
[  343.990601][T10191] loop5: detected capacity change from 0 to 64
[  344.146498][T10191] overlayfs: upper fs needs to support d_type.
[  344.147002][T10189] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  344.183992][T10191] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  344.248777][T10191] overlayfs: failed to set xattr on upper
[  344.308108][T10191] overlayfs: ...falling back to redirect_dir=nofollow.
[  344.348760][T10191] overlayfs: ...falling back to index=off.
[  344.372383][T10191] overlayfs: ...falling back to uuid=null.
[  344.378261][T10191] overlayfs: ...falling back to xino=off.
[  344.408637][ T3016] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  344.458061][ T3016] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  344.480376][ T3016] bond0 (unregistering): Released all slaves
[  344.524400][ T9830] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  344.573211][ T5865] Bluetooth: hci4: command tx timeout
[  344.610064][ T5853] VFS: Lookup of 'À.' in minix loop5 would have caused loop
[  344.635104][ T5853] VFS: Lookup of 'À.' in minix loop5 would have caused loop
[  344.765959][ T9830] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  344.802009][ T3016] tipc: Disabling bearer <eth:ipvlan0>
[  344.823621][ T3016] tipc: Left network mode
[  344.832318][   T43] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  344.863505][ T9830] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  344.992384][   T43] usb 2-1: Using ep0 maxpacket: 32
[  345.000352][   T43] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  345.032678][   T43] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1056, setting to 1024
[  345.074421][   T43] usb 2-1: New USB device found, idVendor=1e7d, idProduct=31ce, bcdDevice= 0.00
[  345.090289][ T9830] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  345.102274][   T43] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  345.129107][   T43] usb 2-1: config 0 descriptor??
[  345.140295][T10197] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  345.196888][ T5853] bridge0: port 3(syz_tun) entered disabled state
[  345.265465][ T5853] syz_tun (unregistering): left allmulticast mode
[  345.295892][ T5853] syz_tun (unregistering): left promiscuous mode
[  345.328187][ T5853] bridge0: port 3(syz_tun) entered disabled state
[  345.630808][   T43] ryos 0003:1E7D:31CE.002E: unknown main item tag 0x0
[  345.647740][   T43] ryos 0003:1E7D:31CE.002E: unknown main item tag 0x0
[  345.661667][   T43] ryos 0003:1E7D:31CE.002E: unknown main item tag 0x0
[  345.684010][   T43] ryos 0003:1E7D:31CE.002E: unknown main item tag 0x0
[  345.690847][   T43] ryos 0003:1E7D:31CE.002E: unknown main item tag 0x0
[  345.707263][   T43] ryos 0003:1E7D:31CE.002E: hidraw0: USB HID v0.00 Device [HID 1e7d:31ce] on usb-dummy_hcd.1-1/input0
[  345.726411][ T3016] hsr_slave_0: left promiscuous mode
[  345.748398][ T3016] hsr_slave_1: left promiscuous mode
[  345.763110][ T3016] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  345.770570][ T3016] batman_adv: batadv0: Removing interface: batadv_slave_0
[  345.847711][ T3016] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  345.863061][ T3016] batman_adv: batadv0: Removing interface: batadv_slave_1
[  345.874743][   T24] usb 2-1: USB disconnect, device number 21
[  345.925621][T10215] fido_id[10215]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/2-1/report_descriptor': No such file or directory
[  345.950133][ T3016] veth0_macvtap: left promiscuous mode
[  345.955978][ T3016] veth1_vlan: left promiscuous mode
[  345.961398][ T3016] veth0_vlan: left promiscuous mode
[  346.662331][ T5865] Bluetooth: hci4: command tx timeout
[  347.084048][ T5871] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  347.102500][ T5871] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  347.117911][T10229] loop1: detected capacity change from 0 to 256
[  347.126487][ T5871] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  347.148221][ T5871] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  347.160179][ T5871] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  347.250016][T10229] FAT-fs (loop1): Directory bread(block 64) failed
[  347.258030][T10229] FAT-fs (loop1): Directory bread(block 65) failed
[  347.264843][T10229] FAT-fs (loop1): Directory bread(block 66) failed
[  347.271720][T10222] orangefs_mount: mount request failed with -4
[  347.295865][T10229] FAT-fs (loop1): Directory bread(block 67) failed
[  347.320042][T10229] FAT-fs (loop1): Directory bread(block 68) failed
[  347.326835][T10229] FAT-fs (loop1): Directory bread(block 69) failed
[  347.333615][T10229] FAT-fs (loop1): Directory bread(block 70) failed
[  347.355347][T10229] FAT-fs (loop1): Directory bread(block 71) failed
[  347.383160][T10229] FAT-fs (loop1): Directory bread(block 72) failed
[  347.389843][T10229] FAT-fs (loop1): Directory bread(block 73) failed
[  347.714877][T10240] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1618'.
[  347.727736][T10240] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1618'.
[  347.924761][ T8498] udevd[8498]: symlink '../../loop1' '/dev/disk/by-diskseq/608.tmp-b7:1' failed: Read-only file system
[  348.039649][ T8498] udevd[8498]: symlink '../../loop3' '/dev/disk/by-diskseq/605.tmp-b7:3' failed: Read-only file system
[  348.080429][ T7857] udevd[7857]: symlink '../../loop1' '/dev/disk/by-diskseq/608.tmp-b7:1' failed: Read-only file system
[  348.181487][ T8498] udevd[8498]: symlink '../../loop6' '/dev/disk/by-diskseq/600.tmp-b7:6' failed: Read-only file system
[  348.223934][T10253] binder: 10252:10253 ioctl 9362 0 returned -22
[  348.241342][T10253] binder: 10252:10253 ioctl c0046209 200000000000000 returned -22
[  348.348713][ T8498] udevd[8498]: symlink '../../loop3' '/dev/disk/by-diskseq/605.tmp-b7:3' failed: Read-only file system
[  348.423228][ T3016] team0 (unregistering): Port device team_slave_1 removed
[  348.475098][T10255] loop3: detected capacity change from 0 to 256
[  348.507895][ T7857] udevd[7857]: symlink '../../loop1' '/dev/disk/by-diskseq/608.tmp-b7:1' failed: Read-only file system
[  348.524330][ T8498] udevd[8498]: symlink '../../loop6' '/dev/disk/by-diskseq/600.tmp-b7:6' failed: Read-only file system
[  348.597958][ T6037] udevd[6037]: symlink '../../loop3' '/dev/disk/by-diskseq/609.tmp-b7:3' failed: Read-only file system
[  348.628732][ T3016] team0 (unregistering): Port device team_slave_0 removed
[  348.675007][ T8498] udevd[8498]: symlink '../../loop3' '/dev/disk/by-diskseq/609.tmp-b7:3' failed: Read-only file system
[  348.710465][ T8498] udevd[8498]: symlink '../../loop3' '/dev/disk/by-diskseq/609.tmp-b7:3' failed: Read-only file system
[  348.732642][ T5865] Bluetooth: hci4: command tx timeout
[  349.212642][ T5865] Bluetooth: hci5: command tx timeout
[  349.572861][ T5941] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  349.732894][ T5941] usb 4-1: Using ep0 maxpacket: 32
[  349.763868][ T9830] 8021q: adding VLAN 0 to HW filter on device bond0
[  349.817005][ T5941] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  349.831828][ T5941] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  349.854273][ T5941] usb 4-1: New USB device found, idVendor=10c4, idProduct=8acf, bcdDevice= 0.00
[  349.879070][ T5941] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  349.890792][ T5941] usb 4-1: config 0 descriptor??
[  349.959337][T10271] loop1: detected capacity change from 0 to 4096
[  349.993585][ T9830] 8021q: adding VLAN 0 to HW filter on device team0
[  350.010434][T10265] ==================================================================
[  350.014909][ T3016] IPVS: stop unused estimator thread 0...
[  350.018514][T10265] BUG: KASAN: slab-use-after-free in move_to_new_folio+0x132/0x760
[  350.018566][T10265] Read of size 8 at addr ffff88807ba82e08 by task syz.6.1628/10265
[  350.018595][T10265] 
[  350.042757][T10265] CPU: 0 UID: 0 PID: 10265 Comm: syz.6.1628 Not tainted 6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(full) 
[  350.042812][T10265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  350.042838][T10265] Call Trace:
[  350.042850][T10265]  <TASK>
[  350.042864][T10265]  dump_stack_lvl+0x116/0x1f0
[  350.042922][T10265]  print_report+0xcd/0x630
[  350.042981][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  350.043030][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  350.043078][T10265]  ? __phys_addr+0xe8/0x180
[  350.043130][T10265]  ? move_to_new_folio+0x132/0x760
[  350.043168][T10265]  kasan_report+0xe0/0x110
[  350.043237][T10265]  ? move_to_new_folio+0x132/0x760
[  350.043282][T10265]  kasan_check_range+0x100/0x1b0
[  350.043324][T10265]  move_to_new_folio+0x132/0x760
[  350.043366][T10265]  migrate_pages_batch+0x201d/0x31a0
[  350.043412][T10265]  ? __pfx_compaction_free+0x10/0x10
[  350.043464][T10265]  ? __pfx_migrate_pages_batch+0x10/0x10
[  350.043506][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  350.043554][T10265]  ? __lock_acquire+0x622/0x1c90
[  350.043600][T10265]  migrate_pages_sync+0x12d/0x8a0
[  350.043644][T10265]  ? lock_acquire+0x179/0x350
[  350.043681][T10265]  ? __pfx_compaction_alloc+0x10/0x10
[  350.043723][T10265]  ? __pfx_compaction_free+0x10/0x10
[  350.043770][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  350.043821][T10265]  ? __pfx_migrate_pages_sync+0x10/0x10
[  350.043862][T10265]  ? do_raw_spin_unlock+0x172/0x230
[  350.043912][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  350.043965][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  350.044018][T10265]  migrate_pages+0x1b67/0x23b0
[  350.044062][T10265]  ? __pfx_compaction_alloc+0x10/0x10
[  350.044105][T10265]  ? __pfx_compaction_free+0x10/0x10
[  350.044156][T10265]  ? __pfx_migrate_pages+0x10/0x10
[  350.044209][T10265]  ? __pfx_isolate_migratepages_block+0x10/0x10
[  350.044260][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  350.044308][T10265]  ? pfn_to_online_page+0x1de/0x560
[  350.044366][T10265]  compact_zone+0x2023/0x4760
[  350.044420][T10265]  ? __lock_acquire+0xb8a/0x1c90
[  350.044471][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  350.044522][T10265]  ? __pfx_compact_zone+0x10/0x10
[  350.044568][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  350.044623][T10265]  compact_node+0x1a4/0x2d0
[  350.044671][T10265]  ? __pfx_compact_node+0x10/0x10
[  350.044742][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  350.044790][T10265]  ? __lru_add_drain_all+0xe7/0x6f0
[  350.044853][T10265]  sysctl_compaction_handler+0x141/0x210
[  350.044905][T10265]  proc_sys_call_handler+0x440/0x570
[  350.044956][T10265]  ? __pfx_proc_sys_call_handler+0x10/0x10
[  350.045014][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  350.045063][T10265]  ? splice_from_pipe_next+0x1f8/0x5d0
[  350.045127][T10265]  iter_file_splice_write+0x91f/0x1150
[  350.045206][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  350.045256][T10265]  ? __pfx_iter_file_splice_write+0x10/0x10
[  350.045321][T10265]  ? __pfx_copy_splice_read+0x10/0x10
[  350.045389][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  350.045438][T10265]  ? __pfx_iter_file_splice_write+0x10/0x10
[  350.045501][T10265]  direct_splice_actor+0x192/0x6c0
[  350.045561][T10265]  splice_direct_to_actor+0x345/0xa30
[  350.045619][T10265]  ? __pfx_direct_splice_actor+0x10/0x10
[  350.045681][T10265]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  350.045743][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  350.045796][T10265]  do_splice_direct+0x174/0x240
[  350.045852][T10265]  ? __pfx_do_splice_direct+0x10/0x10
[  350.045910][T10265]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  350.045971][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  350.046019][T10265]  ? rw_verify_area+0xcf/0x680
[  350.046072][T10265]  do_sendfile+0xb06/0xe50
[  350.046130][T10265]  ? __pfx_do_sendfile+0x10/0x10
[  350.046200][T10265]  __x64_sys_sendfile64+0x154/0x220
[  350.046241][T10265]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  350.046282][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  350.046336][T10265]  do_syscall_64+0xcd/0x4c0
[  350.046394][T10265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  350.046434][T10265] RIP: 0033:0x7fa18118e9a9
[  350.046463][T10265] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  350.046503][T10265] RSP: 002b:00007fa1820ba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  350.046541][T10265] RAX: ffffffffffffffda RBX: 00007fa1813b5fa0 RCX: 00007fa18118e9a9
[  350.046567][T10265] RDX: 00002000000000c0 RSI: 0000000000000003 RDI: 0000000000000004
[  350.046592][T10265] RBP: 00007fa181210d69 R08: 0000000000000000 R09: 0000000000000000
[  350.046618][T10265] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000000
[  350.046643][T10265] R13: 0000000000000000 R14: 00007fa1813b5fa0 R15: 00007ffe38333a88
[  350.046683][T10265]  </TASK>
[  350.046697][T10265] 
[  350.512278][T10265] Allocated by task 8795:
[  350.516621][T10265]  kasan_save_stack+0x33/0x60
[  350.521369][T10265]  kasan_save_track+0x14/0x30
[  350.526103][T10265]  __kasan_slab_alloc+0x89/0x90
[  350.531000][T10265]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[  350.536514][T10265]  gfs2_glock_get+0x1e5/0x1230
[  350.541322][T10265]  gfs2_inode_lookup+0x277/0x8a0
[  350.546292][T10265]  gfs2_dir_search+0x22a/0x2e0
[  350.551087][T10265]  gfs2_lookupi+0x4b7/0x6e0
[  350.555656][T10265]  init_inodes+0x869/0x2eb0
[  350.560187][T10265]  gfs2_fill_super+0x1be2/0x2d30
[  350.565161][T10265]  get_tree_bdev_flags+0x38c/0x620
[  350.570337][T10265]  gfs2_get_tree+0x4e/0x280
[  350.574869][T10265]  vfs_get_tree+0x8e/0x340
[  350.579315][T10265]  path_mount+0x1482/0x1fd0
[  350.583840][T10265]  __x64_sys_mount+0x28d/0x310
[  350.588626][T10265]  do_syscall_64+0xcd/0x4c0
[  350.593169][T10265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  350.599093][T10265] 
[  350.601432][T10265] Freed by task 15:
[  350.605247][T10265]  kasan_save_stack+0x33/0x60
[  350.609960][T10265]  kasan_save_track+0x14/0x30
[  350.614677][T10265]  kasan_save_free_info+0x3b/0x60
[  350.619731][T10265]  __kasan_slab_free+0x51/0x70
[  350.624537][T10265]  kmem_cache_free+0x2d1/0x4d0
[  350.629343][T10265]  gfs2_glock_dealloc+0xd0/0x150
[  350.634307][T10265]  rcu_core+0x79c/0x14e0
[  350.638665][T10265]  handle_softirqs+0x219/0x8e0
[  350.643547][T10265]  run_ksoftirqd+0x3a/0x60
[  350.647998][T10265]  smpboot_thread_fn+0x3f7/0xae0
[  350.652977][T10265]  kthread+0x3c5/0x780
[  350.657069][T10265]  ret_from_fork+0x5d7/0x6f0
[  350.661679][T10265]  ret_from_fork_asm+0x1a/0x30
[  350.666472][T10265] 
[  350.668799][T10265] Last potentially related work creation:
[  350.674524][T10265]  kasan_save_stack+0x33/0x60
[  350.679243][T10265]  kasan_record_aux_stack+0xa7/0xc0
[  350.684472][T10265]  __call_rcu_common.constprop.0+0xa5/0xa10
[  350.690396][T10265]  gfs2_glock_free+0x35/0x90
[  350.695031][T10265]  glock_work_func+0x396/0x4d0
[  350.699827][T10265]  process_one_work+0x9cf/0x1b70
[  350.704799][T10265]  worker_thread+0x6c8/0xf10
[  350.709424][T10265]  kthread+0x3c5/0x780
[  350.713518][T10265]  ret_from_fork+0x5d7/0x6f0
[  350.718135][T10265]  ret_from_fork_asm+0x1a/0x30
[  350.722938][T10265] 
[  350.725268][T10265] Second to last potentially related work creation:
[  350.731868][T10265]  kasan_save_stack+0x33/0x60
[  350.736585][T10265]  kasan_record_aux_stack+0xa7/0xc0
[  350.741812][T10265]  insert_work+0x36/0x230
[  350.746174][T10265]  __queue_work+0x97e/0x10f0
[  350.750797][T10265]  __queue_delayed_work+0x35b/0x460
[  350.756034][T10265]  queue_delayed_work_on+0x1b5/0x200
[  350.761358][T10265]  gfs2_glock_queue_work+0x75/0x120
[  350.766594][T10265]  clear_glock+0xa7/0xe0
[  350.770889][T10265]  glock_hash_walk+0x12c/0x1c0
[  350.775948][T10265]  gfs2_gl_hash_clear+0x103/0x780
[  350.781017][T10265]  gfs2_fill_super+0x2524/0x2d30
[  350.785982][T10265]  get_tree_bdev_flags+0x38c/0x620
[  350.791221][T10265]  gfs2_get_tree+0x4e/0x280
[  350.795762][T10265]  vfs_get_tree+0x8e/0x340
[  350.800234][T10265]  path_mount+0x1482/0x1fd0
[  350.804758][T10265]  __x64_sys_mount+0x28d/0x310
[  350.809543][T10265]  do_syscall_64+0xcd/0x4c0
[  350.814092][T10265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  350.820011][T10265] 
[  350.822353][T10265] The buggy address belongs to the object at ffff88807ba82a40
[  350.822353][T10265]  which belongs to the cache gfs2_glock(aspace) of size 1224
[  350.837120][T10265] The buggy address is located 968 bytes inside of
[  350.837120][T10265]  freed 1224-byte region [ffff88807ba82a40, ffff88807ba82f08)
[  350.851113][T10265] 
[  350.853445][T10265] The buggy address belongs to the physical page:
[  350.859858][T10265] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88807ba824f8 pfn:0x7ba80
[  350.869948][T10265] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  350.878462][T10265] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  350.886031][T10265] page_type: f5(slab)
[  350.890148][T10265] raw: 00fff00000000040 ffff888020f38140 dead000000000122 0000000000000000
[  350.898769][T10265] raw: ffff88807ba824f8 00000000800c0002 00000000f5000000 0000000000000000
[  350.907404][T10265] head: 00fff00000000040 ffff888020f38140 dead000000000122 0000000000000000
[  350.916147][T10265] head: ffff88807ba824f8 00000000800c0002 00000000f5000000 0000000000000000
[  350.924850][T10265] head: 00fff00000000002 ffffea0001eea001 00000000ffffffff 00000000ffffffff
[  350.933555][T10265] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  350.942258][T10265] page dumped because: kasan: bad access detected
[  350.948691][T10265] page_owner tracks the page as allocated
[  350.954419][T10265] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 8485, tgid 8484 (syz.2.1006), ts 256914562029, free_ts 253660529634
[  350.975094][T10265]  post_alloc_hook+0x1c0/0x230
[  350.979912][T10265]  get_page_from_freelist+0x1321/0x3890
[  350.985509][T10265]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  350.991489][T10265]  alloc_pages_mpol+0x1fb/0x550
[  350.996426][T10265]  new_slab+0x23b/0x330
[  351.000706][T10265]  ___slab_alloc+0xd9c/0x1940
[  351.005604][T10265]  __slab_alloc.constprop.0+0x56/0xb0
[  351.011022][T10265]  kmem_cache_alloc_noprof+0xef/0x3b0
[  351.016443][T10265]  gfs2_glock_get+0x1e5/0x1230
[  351.021250][T10265]  gfs2_inode_lookup+0x277/0x8a0
[  351.026316][T10265]  gfs2_lookup_root+0x57/0x130
[  351.031116][T10265]  init_sb+0xae5/0x10d0
[  351.035560][T10265]  gfs2_fill_super+0x1967/0x2d30
[  351.040533][T10265]  get_tree_bdev_flags+0x38c/0x620
[  351.045687][T10265]  gfs2_get_tree+0x4e/0x280
[  351.050228][T10265]  vfs_get_tree+0x8e/0x340
[  351.054677][T10265] page last free pid 8421 tgid 8421 stack trace:
[  351.061014][T10265]  __free_frozen_pages+0x7fe/0x1180
[  351.066251][T10265]  __folio_put+0x329/0x450
[  351.070711][T10265]  vhost_dev_cleanup+0x7bf/0x1030
[  351.075779][T10265]  vhost_vsock_dev_release+0x2d6/0x400
[  351.081284][T10265]  __fput+0x402/0xb70
[  351.085299][T10265]  task_work_run+0x150/0x240
[  351.089936][T10265]  exit_to_user_mode_loop+0xeb/0x110
[  351.095256][T10265]  do_syscall_64+0x3f6/0x4c0
[  351.099887][T10265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  351.105809][T10265] 
[  351.108138][T10265] Memory state around the buggy address:
[  351.113781][T10265]  ffff88807ba82d00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  351.121867][T10265]  ffff88807ba82d80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  351.129949][T10265] >ffff88807ba82e00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  351.138029][T10265]                       ^
[  351.142371][T10265]  ffff88807ba82e80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  351.150538][T10265]  ffff88807ba82f00: fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  351.158619][T10265] ==================================================================
[  351.180681][T10265] Disabling lock debugging due to kernel taint
[  351.192221][T10265] ==================================================================
[  351.196417][ T9830] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  351.200320][T10265] BUG: KASAN: slab-use-after-free in move_to_new_folio+0x6d0/0x760
[  351.215695][ T9830] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  351.218541][T10265] Read of size 8 at addr ffff88807ba82e08 by task syz.6.1628/10265
[  351.237204][T10265] 
[  351.239537][T10265] CPU: 1 UID: 0 PID: 10265 Comm: syz.6.1628 Tainted: G    B               6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(full) 
[  351.239582][T10265] Tainted: [B]=BAD_PAGE
[  351.239593][T10265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  351.239610][T10265] Call Trace:
[  351.239621][T10265]  <TASK>
[  351.239632][T10265]  dump_stack_lvl+0x116/0x1f0
[  351.239676][T10265]  print_report+0xcd/0x630
[  351.239720][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  351.239755][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  351.239789][T10265]  ? __phys_addr+0xe8/0x180
[  351.239827][T10265]  ? move_to_new_folio+0x6d0/0x760
[  351.239855][T10265]  kasan_report+0xe0/0x110
[  351.239900][T10265]  ? move_to_new_folio+0x6d0/0x760
[  351.239933][T10265]  move_to_new_folio+0x6d0/0x760
[  351.239963][T10265]  migrate_pages_batch+0x201d/0x31a0
[  351.239997][T10265]  ? __pfx_compaction_free+0x10/0x10
[  351.240035][T10265]  ? __pfx_migrate_pages_batch+0x10/0x10
[  351.240066][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  351.240101][T10265]  ? __lock_acquire+0x622/0x1c90
[  351.240134][T10265]  migrate_pages_sync+0x12d/0x8a0
[  351.240164][T10265]  ? lock_acquire+0x179/0x350
[  351.240193][T10265]  ? __pfx_compaction_alloc+0x10/0x10
[  351.240223][T10265]  ? __pfx_compaction_free+0x10/0x10
[  351.240256][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  351.240293][T10265]  ? __pfx_migrate_pages_sync+0x10/0x10
[  351.240322][T10265]  ? do_raw_spin_unlock+0x172/0x230
[  351.240357][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  351.240396][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  351.240434][T10265]  migrate_pages+0x1b67/0x23b0
[  351.240475][T10265]  ? __pfx_compaction_alloc+0x10/0x10
[  351.240506][T10265]  ? __pfx_compaction_free+0x10/0x10
[  351.240542][T10265]  ? __pfx_migrate_pages+0x10/0x10
[  351.240576][T10265]  ? __pfx_isolate_migratepages_block+0x10/0x10
[  351.240613][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  351.240647][T10265]  ? pfn_to_online_page+0x1de/0x560
[  351.240689][T10265]  compact_zone+0x2023/0x4760
[  351.240727][T10265]  ? __lock_acquire+0xb8a/0x1c90
[  351.240764][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  351.240799][T10265]  ? __pfx_compact_zone+0x10/0x10
[  351.240832][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  351.240872][T10265]  compact_node+0x1a4/0x2d0
[  351.240905][T10265]  ? __pfx_compact_node+0x10/0x10
[  351.240956][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  351.240990][T10265]  ? __lru_add_drain_all+0xe7/0x6f0
[  351.241036][T10265]  sysctl_compaction_handler+0x141/0x210
[  351.241074][T10265]  proc_sys_call_handler+0x440/0x570
[  351.241111][T10265]  ? __pfx_proc_sys_call_handler+0x10/0x10
[  351.241145][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  351.241180][T10265]  ? splice_from_pipe_next+0x1f8/0x5d0
[  351.241227][T10265]  iter_file_splice_write+0x91f/0x1150
[  351.241279][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  351.241315][T10265]  ? __pfx_iter_file_splice_write+0x10/0x10
[  351.241362][T10265]  ? __pfx_copy_splice_read+0x10/0x10
[  351.241410][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  351.241449][T10265]  ? __pfx_iter_file_splice_write+0x10/0x10
[  351.241494][T10265]  direct_splice_actor+0x192/0x6c0
[  351.241537][T10265]  splice_direct_to_actor+0x345/0xa30
[  351.241579][T10265]  ? __pfx_direct_splice_actor+0x10/0x10
[  351.241625][T10265]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  351.241668][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  351.241706][T10265]  do_splice_direct+0x174/0x240
[  351.241746][T10265]  ? __pfx_do_splice_direct+0x10/0x10
[  351.241788][T10265]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  351.241831][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  351.241865][T10265]  ? rw_verify_area+0xcf/0x680
[  351.241902][T10265]  do_sendfile+0xb06/0xe50
[  351.241942][T10265]  ? __pfx_do_sendfile+0x10/0x10
[  351.241987][T10265]  __x64_sys_sendfile64+0x154/0x220
[  351.242016][T10265]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  351.242045][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  351.242084][T10265]  do_syscall_64+0xcd/0x4c0
[  351.242125][T10265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  351.242154][T10265] RIP: 0033:0x7fa18118e9a9
[  351.242182][T10265] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  351.242216][T10265] RSP: 002b:00007fa1820ba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  351.242249][T10265] RAX: ffffffffffffffda RBX: 00007fa1813b5fa0 RCX: 00007fa18118e9a9
[  351.242273][T10265] RDX: 00002000000000c0 RSI: 0000000000000003 RDI: 0000000000000004
[  351.242296][T10265] RBP: 00007fa181210d69 R08: 0000000000000000 R09: 0000000000000000
[  351.242319][T10265] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000000
[  351.242342][T10265] R13: 0000000000000000 R14: 00007fa1813b5fa0 R15: 00007ffe38333a88
[  351.242378][T10265]  </TASK>
[  351.242391][T10265] 
[  351.245460][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  351.255663][T10265] Allocated by task 8795:
[  351.255684][T10265]  kasan_save_stack+0x33/0x60
[  351.255740][T10265]  kasan_save_track+0x14/0x30
[  351.259953][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  351.270011][T10265]  __kasan_slab_alloc+0x89/0x90
[  351.741222][T10265]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[  351.746729][T10265]  gfs2_glock_get+0x1e5/0x1230
[  351.751539][T10265]  gfs2_inode_lookup+0x277/0x8a0
[  351.756516][T10265]  gfs2_dir_search+0x22a/0x2e0
[  351.761309][T10265]  gfs2_lookupi+0x4b7/0x6e0
[  351.765843][T10265]  init_inodes+0x869/0x2eb0
[  351.770373][T10265]  gfs2_fill_super+0x1be2/0x2d30
[  351.775339][T10265]  get_tree_bdev_flags+0x38c/0x620
[  351.780488][T10265]  gfs2_get_tree+0x4e/0x280
[  351.785013][T10265]  vfs_get_tree+0x8e/0x340
[  351.789455][T10265]  path_mount+0x1482/0x1fd0
[  351.794007][T10265]  __x64_sys_mount+0x28d/0x310
[  351.798788][T10265]  do_syscall_64+0xcd/0x4c0
[  351.803323][T10265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  351.809234][T10265] 
[  351.811561][T10265] Freed by task 15:
[  351.815371][T10265]  kasan_save_stack+0x33/0x60
[  351.820080][T10265]  kasan_save_track+0x14/0x30
[  351.824790][T10265]  kasan_save_free_info+0x3b/0x60
[  351.829945][T10265]  __kasan_slab_free+0x51/0x70
[  351.834750][T10265]  kmem_cache_free+0x2d1/0x4d0
[  351.839550][T10265]  gfs2_glock_dealloc+0xd0/0x150
[  351.844514][T10265]  rcu_core+0x79c/0x14e0
[  351.848782][T10265]  handle_softirqs+0x219/0x8e0
[  351.853667][T10265]  run_ksoftirqd+0x3a/0x60
[  351.858113][T10265]  smpboot_thread_fn+0x3f7/0xae0
[  351.863099][T10265]  kthread+0x3c5/0x780
[  351.867298][T10265]  ret_from_fork+0x5d7/0x6f0
[  351.871901][T10265]  ret_from_fork_asm+0x1a/0x30
[  351.876692][T10265] 
[  351.879047][T10265] Last potentially related work creation:
[  351.884770][T10265]  kasan_save_stack+0x33/0x60
[  351.889511][T10265]  kasan_record_aux_stack+0xa7/0xc0
[  351.894839][T10265]  __call_rcu_common.constprop.0+0xa5/0xa10
[  351.900781][T10265]  gfs2_glock_free+0x35/0x90
[  351.905407][T10265]  glock_work_func+0x396/0x4d0
[  351.910195][T10265]  process_one_work+0x9cf/0x1b70
[  351.915247][T10265]  worker_thread+0x6c8/0xf10
[  351.919866][T10265]  kthread+0x3c5/0x780
[  351.923955][T10265]  ret_from_fork+0x5d7/0x6f0
[  351.928563][T10265]  ret_from_fork_asm+0x1a/0x30
[  351.933357][T10265] 
[  351.935684][T10265] Second to last potentially related work creation:
[  351.942269][T10265]  kasan_save_stack+0x33/0x60
[  351.946984][T10265]  kasan_record_aux_stack+0xa7/0xc0
[  351.952213][T10265]  insert_work+0x36/0x230
[  351.956564][T10265]  __queue_work+0x97e/0x10f0
[  351.961178][T10265]  __queue_delayed_work+0x35b/0x460
[  351.966408][T10265]  queue_delayed_work_on+0x1b5/0x200
[  351.971720][T10265]  gfs2_glock_queue_work+0x75/0x120
[  351.976957][T10265]  clear_glock+0xa7/0xe0
[  351.981245][T10265]  glock_hash_walk+0x12c/0x1c0
[  351.986046][T10265]  gfs2_gl_hash_clear+0x103/0x780
[  351.991139][T10265]  gfs2_fill_super+0x2524/0x2d30
[  351.996145][T10265]  get_tree_bdev_flags+0x38c/0x620
[  352.001310][T10265]  gfs2_get_tree+0x4e/0x280
[  352.005887][T10265]  vfs_get_tree+0x8e/0x340
[  352.010426][T10265]  path_mount+0x1482/0x1fd0
[  352.014956][T10265]  __x64_sys_mount+0x28d/0x310
[  352.019749][T10265]  do_syscall_64+0xcd/0x4c0
[  352.024323][T10265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  352.030247][T10265] 
[  352.032577][T10265] The buggy address belongs to the object at ffff88807ba82a40
[  352.032577][T10265]  which belongs to the cache gfs2_glock(aspace) of size 1224
[  352.047348][T10265] The buggy address is located 968 bytes inside of
[  352.047348][T10265]  freed 1224-byte region [ffff88807ba82a40, ffff88807ba82f08)
[  352.061253][T10265] 
[  352.063583][T10265] The buggy address belongs to the physical page:
[  352.070004][T10265] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88807ba824f8 pfn:0x7ba80
[  352.080222][T10265] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  352.088742][T10265] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  352.096308][T10265] page_type: f5(slab)
[  352.100338][T10265] raw: 00fff00000000040 ffff888020f38140 dead000000000122 0000000000000000
[  352.108949][T10265] raw: ffff88807ba824f8 00000000800c0002 00000000f5000000 0000000000000000
[  352.117558][T10265] head: 00fff00000000040 ffff888020f38140 dead000000000122 0000000000000000
[  352.126255][T10265] head: ffff88807ba824f8 00000000800c0002 00000000f5000000 0000000000000000
[  352.135048][T10265] head: 00fff00000000002 ffffea0001eea001 00000000ffffffff 00000000ffffffff
[  352.143744][T10265] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  352.152428][T10265] page dumped because: kasan: bad access detected
[  352.158881][T10265] page_owner tracks the page as allocated
[  352.164688][T10265] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 8485, tgid 8484 (syz.2.1006), ts 256914562029, free_ts 253660529634
[  352.185458][T10265]  post_alloc_hook+0x1c0/0x230
[  352.190271][T10265]  get_page_from_freelist+0x1321/0x3890
[  352.195857][T10265]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  352.201792][T10265]  alloc_pages_mpol+0x1fb/0x550
[  352.206690][T10265]  new_slab+0x23b/0x330
[  352.210957][T10265]  ___slab_alloc+0xd9c/0x1940
[  352.215671][T10265]  __slab_alloc.constprop.0+0x56/0xb0
[  352.221073][T10265]  kmem_cache_alloc_noprof+0xef/0x3b0
[  352.226484][T10265]  gfs2_glock_get+0x1e5/0x1230
[  352.231284][T10265]  gfs2_inode_lookup+0x277/0x8a0
[  352.236263][T10265]  gfs2_lookup_root+0x57/0x130
[  352.241054][T10265]  init_sb+0xae5/0x10d0
[  352.245234][T10265]  gfs2_fill_super+0x1967/0x2d30
[  352.250204][T10265]  get_tree_bdev_flags+0x38c/0x620
[  352.255354][T10265]  gfs2_get_tree+0x4e/0x280
[  352.259924][T10265]  vfs_get_tree+0x8e/0x340
[  352.264367][T10265] page last free pid 8421 tgid 8421 stack trace:
[  352.270700][T10265]  __free_frozen_pages+0x7fe/0x1180
[  352.275949][T10265]  __folio_put+0x329/0x450
[  352.280403][T10265]  vhost_dev_cleanup+0x7bf/0x1030
[  352.285470][T10265]  vhost_vsock_dev_release+0x2d6/0x400
[  352.291006][T10265]  __fput+0x402/0xb70
[  352.295012][T10265]  task_work_run+0x150/0x240
[  352.299626][T10265]  exit_to_user_mode_loop+0xeb/0x110
[  352.304937][T10265]  do_syscall_64+0x3f6/0x4c0
[  352.309565][T10265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  352.315481][T10265] 
[  352.317805][T10265] Memory state around the buggy address:
[  352.323445][T10265]  ffff88807ba82d00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  352.331522][T10265]  ffff88807ba82d80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  352.339867][T10265] >ffff88807ba82e00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  352.347940][T10265]                       ^
[  352.352329][T10265]  ffff88807ba82e80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  352.360409][T10265]  ffff88807ba82f00: fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  352.368486][T10265] ==================================================================
[  352.391144][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[  352.398310][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[  352.443208][ T5941] usbhid 4-1:0.0: can't add hid device: -71
[  352.463250][T10137] chnl_net:caif_netlink_parms(): no params data found
[  352.472253][ T5865] Bluetooth: hci5: command tx timeout
[  352.532907][ T5941] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  352.573685][T10278] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  352.594089][T10265] ==================================================================
[  352.602207][T10265] BUG: KASAN: slab-use-after-free in move_to_new_folio+0x5e9/0x760
[  352.610134][T10265] Read of size 8 at addr ffff88807ba82e00 by task syz.6.1628/10265
[  352.618052][T10265] 
[  352.620393][T10265] CPU: 1 UID: 0 PID: 10265 Comm: syz.6.1628 Tainted: G    B               6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(full) 
[  352.620449][T10265] Tainted: [B]=BAD_PAGE
[  352.620463][T10265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  352.620484][T10265] Call Trace:
[  352.620496][T10265]  <TASK>
[  352.620510][T10265]  dump_stack_lvl+0x116/0x1f0
[  352.620562][T10265]  print_report+0xcd/0x630
[  352.620617][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  352.620661][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  352.620704][T10265]  ? __phys_addr+0xe8/0x180
[  352.620751][T10265]  ? move_to_new_folio+0x5e9/0x760
[  352.620786][T10265]  kasan_report+0xe0/0x110
[  352.620843][T10265]  ? move_to_new_folio+0x5e9/0x760
[  352.620884][T10265]  move_to_new_folio+0x5e9/0x760
[  352.620922][T10265]  migrate_pages_batch+0x201d/0x31a0
[  352.620963][T10265]  ? __pfx_compaction_free+0x10/0x10
[  352.621010][T10265]  ? __pfx_migrate_pages_batch+0x10/0x10
[  352.621048][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  352.621092][T10265]  ? __lock_acquire+0x622/0x1c90
[  352.621133][T10265]  migrate_pages_sync+0x12d/0x8a0
[  352.621170][T10265]  ? lock_acquire+0x179/0x350
[  352.621208][T10265]  ? __pfx_compaction_alloc+0x10/0x10
[  352.621247][T10265]  ? __pfx_compaction_free+0x10/0x10
[  352.621288][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  352.621334][T10265]  ? __pfx_migrate_pages_sync+0x10/0x10
[  352.621371][T10265]  ? do_raw_spin_unlock+0x172/0x230
[  352.621415][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  352.621463][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  352.621511][T10265]  migrate_pages+0x1b67/0x23b0
[  352.621551][T10265]  ? __pfx_compaction_alloc+0x10/0x10
[  352.621593][T10265]  ? __pfx_compaction_free+0x10/0x10
[  352.621638][T10265]  ? __pfx_migrate_pages+0x10/0x10
[  352.621681][T10265]  ? __pfx_isolate_migratepages_block+0x10/0x10
[  352.621726][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  352.621769][T10265]  ? pfn_to_online_page+0x1de/0x560
[  352.621821][T10265]  compact_zone+0x2023/0x4760
[  352.621869][T10265]  ? __lock_acquire+0xb8a/0x1c90
[  352.621914][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  352.621959][T10265]  ? __pfx_compact_zone+0x10/0x10
[  352.622000][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  352.622050][T10265]  compact_node+0x1a4/0x2d0
[  352.622092][T10265]  ? __pfx_compact_node+0x10/0x10
[  352.622155][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  352.622208][T10265]  ? __lru_add_drain_all+0xe7/0x6f0
[  352.622268][T10265]  sysctl_compaction_handler+0x141/0x210
[  352.622316][T10265]  proc_sys_call_handler+0x440/0x570
[  352.622362][T10265]  ? __pfx_proc_sys_call_handler+0x10/0x10
[  352.622406][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  352.622450][T10265]  ? splice_from_pipe_next+0x1f8/0x5d0
[  352.622508][T10265]  iter_file_splice_write+0x91f/0x1150
[  352.622573][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  352.622618][T10265]  ? __pfx_iter_file_splice_write+0x10/0x10
[  352.622677][T10265]  ? __pfx_copy_splice_read+0x10/0x10
[  352.622737][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  352.622782][T10265]  ? __pfx_iter_file_splice_write+0x10/0x10
[  352.622838][T10265]  direct_splice_actor+0x192/0x6c0
[  352.622893][T10265]  splice_direct_to_actor+0x345/0xa30
[  352.622946][T10265]  ? __pfx_direct_splice_actor+0x10/0x10
[  352.623003][T10265]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  352.623058][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  352.623105][T10265]  do_splice_direct+0x174/0x240
[  352.623155][T10265]  ? __pfx_do_splice_direct+0x10/0x10
[  352.623212][T10265]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  352.623266][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  352.623309][T10265]  ? rw_verify_area+0xcf/0x680
[  352.623355][T10265]  do_sendfile+0xb06/0xe50
[  352.623405][T10265]  ? __pfx_do_sendfile+0x10/0x10
[  352.623461][T10265]  __x64_sys_sendfile64+0x154/0x220
[  352.623497][T10265]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  352.623534][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  352.623582][T10265]  do_syscall_64+0xcd/0x4c0
[  352.623633][T10265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  352.623670][T10265] RIP: 0033:0x7fa18118e9a9
[  352.623698][T10265] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  352.623733][T10265] RSP: 002b:00007fa1820ba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  352.623767][T10265] RAX: ffffffffffffffda RBX: 00007fa1813b5fa0 RCX: 00007fa18118e9a9
[  352.623792][T10265] RDX: 00002000000000c0 RSI: 0000000000000003 RDI: 0000000000000004
[  352.623814][T10265] RBP: 00007fa181210d69 R08: 0000000000000000 R09: 0000000000000000
[  352.623836][T10265] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000000
[  352.623859][T10265] R13: 0000000000000000 R14: 00007fa1813b5fa0 R15: 00007ffe38333a88
[  352.623893][T10265]  </TASK>
[  352.623905][T10265] 
[  353.090183][T10265] Allocated by task 8795:
[  353.094530][T10265]  kasan_save_stack+0x33/0x60
[  353.099247][T10265]  kasan_save_track+0x14/0x30
[  353.103958][T10265]  __kasan_slab_alloc+0x89/0x90
[  353.108845][T10265]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[  353.114342][T10265]  gfs2_glock_get+0x1e5/0x1230
[  353.119137][T10265]  gfs2_inode_lookup+0x277/0x8a0
[  353.124104][T10265]  gfs2_dir_search+0x22a/0x2e0
[  353.128892][T10265]  gfs2_lookupi+0x4b7/0x6e0
[  353.133422][T10265]  init_inodes+0x869/0x2eb0
[  353.138053][T10265]  gfs2_fill_super+0x1be2/0x2d30
[  353.143018][T10265]  get_tree_bdev_flags+0x38c/0x620
[  353.148163][T10265]  gfs2_get_tree+0x4e/0x280
[  353.152691][T10265]  vfs_get_tree+0x8e/0x340
[  353.157138][T10265]  path_mount+0x1482/0x1fd0
[  353.161666][T10265]  __x64_sys_mount+0x28d/0x310
[  353.166467][T10265]  do_syscall_64+0xcd/0x4c0
[  353.171006][T10265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  353.176926][T10265] 
[  353.179250][T10265] Freed by task 15:
[  353.183057][T10265]  kasan_save_stack+0x33/0x60
[  353.187766][T10265]  kasan_save_track+0x14/0x30
[  353.192476][T10265]  kasan_save_free_info+0x3b/0x60
[  353.197528][T10265]  __kasan_slab_free+0x51/0x70
[  353.202330][T10265]  kmem_cache_free+0x2d1/0x4d0
[  353.207159][T10265]  gfs2_glock_dealloc+0xd0/0x150
[  353.212129][T10265]  rcu_core+0x79c/0x14e0
[  353.216407][T10265]  handle_softirqs+0x219/0x8e0
[  353.221203][T10265]  run_ksoftirqd+0x3a/0x60
[  353.225651][T10265]  smpboot_thread_fn+0x3f7/0xae0
[  353.230626][T10265]  kthread+0x3c5/0x780
[  353.234825][T10265]  ret_from_fork+0x5d7/0x6f0
[  353.239428][T10265]  ret_from_fork_asm+0x1a/0x30
[  353.244220][T10265] 
[  353.246544][T10265] Last potentially related work creation:
[  353.252260][T10265]  kasan_save_stack+0x33/0x60
[  353.256974][T10265]  kasan_record_aux_stack+0xa7/0xc0
[  353.262207][T10265]  __call_rcu_common.constprop.0+0xa5/0xa10
[  353.268134][T10265]  gfs2_glock_free+0x35/0x90
[  353.272758][T10265]  glock_work_func+0x396/0x4d0
[  353.277532][T10265]  process_one_work+0x9cf/0x1b70
[  353.282492][T10265]  worker_thread+0x6c8/0xf10
[  353.287103][T10265]  kthread+0x3c5/0x780
[  353.291207][T10265]  ret_from_fork+0x5d7/0x6f0
[  353.295817][T10265]  ret_from_fork_asm+0x1a/0x30
[  353.300606][T10265] 
[  353.302928][T10265] Second to last potentially related work creation:
[  353.309515][T10265]  kasan_save_stack+0x33/0x60
[  353.314230][T10265]  kasan_record_aux_stack+0xa7/0xc0
[  353.319451][T10265]  insert_work+0x36/0x230
[  353.323803][T10265]  __queue_work+0x97e/0x10f0
[  353.328416][T10265]  __queue_delayed_work+0x35b/0x460
[  353.333644][T10265]  queue_delayed_work_on+0x1b5/0x200
[  353.338975][T10265]  gfs2_glock_queue_work+0x75/0x120
[  353.344210][T10265]  clear_glock+0xa7/0xe0
[  353.348485][T10265]  glock_hash_walk+0x12c/0x1c0
[  353.353272][T10265]  gfs2_gl_hash_clear+0x103/0x780
[  353.358328][T10265]  gfs2_fill_super+0x2524/0x2d30
[  353.363318][T10265]  get_tree_bdev_flags+0x38c/0x620
[  353.368467][T10265]  gfs2_get_tree+0x4e/0x280
[  353.372990][T10265]  vfs_get_tree+0x8e/0x340
[  353.377428][T10265]  path_mount+0x1482/0x1fd0
[  353.381944][T10265]  __x64_sys_mount+0x28d/0x310
[  353.386727][T10265]  do_syscall_64+0xcd/0x4c0
[  353.391268][T10265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  353.397181][T10265] 
[  353.399511][T10265] The buggy address belongs to the object at ffff88807ba82a40
[  353.399511][T10265]  which belongs to the cache gfs2_glock(aspace) of size 1224
[  353.414273][T10265] The buggy address is located 960 bytes inside of
[  353.414273][T10265]  freed 1224-byte region [ffff88807ba82a40, ffff88807ba82f08)
[  353.428178][T10265] 
[  353.430509][T10265] The buggy address belongs to the physical page:
[  353.436921][T10265] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88807ba824f8 pfn:0x7ba80
[  353.447000][T10265] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  353.455513][T10265] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  353.463075][T10265] page_type: f5(slab)
[  353.467074][T10265] raw: 00fff00000000040 ffff888020f38140 dead000000000122 0000000000000000
[  353.475698][T10265] raw: ffff88807ba824f8 00000000800c0002 00000000f5000000 0000000000000000
[  353.484300][T10265] head: 00fff00000000040 ffff888020f38140 dead000000000122 0000000000000000
[  353.492989][T10265] head: ffff88807ba824f8 00000000800c0002 00000000f5000000 0000000000000000
[  353.501678][T10265] head: 00fff00000000002 ffffea0001eea001 00000000ffffffff 00000000ffffffff
[  353.510367][T10265] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  353.519046][T10265] page dumped because: kasan: bad access detected
[  353.525575][T10265] page_owner tracks the page as allocated
[  353.531352][T10265] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 8485, tgid 8484 (syz.2.1006), ts 256914562029, free_ts 253660529634
[  353.551979][T10265]  post_alloc_hook+0x1c0/0x230
[  353.556781][T10265]  get_page_from_freelist+0x1321/0x3890
[  353.562404][T10265]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  353.568341][T10265]  alloc_pages_mpol+0x1fb/0x550
[  353.573234][T10265]  new_slab+0x23b/0x330
[  353.577415][T10265]  ___slab_alloc+0xd9c/0x1940
[  353.582127][T10265]  __slab_alloc.constprop.0+0x56/0xb0
[  353.587533][T10265]  kmem_cache_alloc_noprof+0xef/0x3b0
[  353.592940][T10265]  gfs2_glock_get+0x1e5/0x1230
[  353.597737][T10265]  gfs2_inode_lookup+0x277/0x8a0
[  353.602703][T10265]  gfs2_lookup_root+0x57/0x130
[  353.607484][T10265]  init_sb+0xae5/0x10d0
[  353.611659][T10265]  gfs2_fill_super+0x1967/0x2d30
[  353.616619][T10265]  get_tree_bdev_flags+0x38c/0x620
[  353.621766][T10265]  gfs2_get_tree+0x4e/0x280
[  353.626292][T10265]  vfs_get_tree+0x8e/0x340
[  353.630733][T10265] page last free pid 8421 tgid 8421 stack trace:
[  353.637065][T10265]  __free_frozen_pages+0x7fe/0x1180
[  353.642340][T10265]  __folio_put+0x329/0x450
[  353.646827][T10265]  vhost_dev_cleanup+0x7bf/0x1030
[  353.651890][T10265]  vhost_vsock_dev_release+0x2d6/0x400
[  353.657399][T10265]  __fput+0x402/0xb70
[  353.661425][T10265]  task_work_run+0x150/0x240
[  353.666046][T10265]  exit_to_user_mode_loop+0xeb/0x110
[  353.671358][T10265]  do_syscall_64+0x3f6/0x4c0
[  353.675985][T10265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  353.681897][T10265] 
[  353.684224][T10265] Memory state around the buggy address:
[  353.689860][T10265]  ffff88807ba82d00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  353.697935][T10265]  ffff88807ba82d80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  353.706018][T10265] >ffff88807ba82e00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  353.714088][T10265]                    ^
[  353.718183][T10265]  ffff88807ba82e80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  353.726259][T10265]  ffff88807ba82f00: fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  353.734333][T10265] ==================================================================
[  353.751414][ T5941] usb 4-1: USB disconnect, device number 13
[  353.800156][ T8498] udevd[8498]: symlink '../../loop1' '/dev/disk/by-diskseq/611.tmp-b7:1' failed: Read-only file system
[  353.831292][ T8498] udevd[8498]: symlink '../../loop1' '/dev/disk/by-uuid/3b59f4fc-a790-4a4c-9011-25a8178ccefa.tmp-b7:1' failed: Read-only file system
[  353.882463][T10265] ==================================================================
[  353.890589][T10265] BUG: KASAN: slab-use-after-free in do_raw_spin_lock+0x26f/0x2b0
[  353.898452][T10265] Read of size 4 at addr ffff88807ba82e1c by task syz.6.1628/10265
[  353.906373][T10265] 
[  353.909191][T10265] CPU: 0 UID: 0 PID: 10265 Comm: syz.6.1628 Tainted: G    B               6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(full) 
[  353.909264][T10265] Tainted: [B]=BAD_PAGE
[  353.909276][T10265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  353.909299][T10265] Call Trace:
[  353.909311][T10265]  <TASK>
[  353.909325][T10265]  dump_stack_lvl+0x116/0x1f0
[  353.909381][T10265]  print_report+0xcd/0x630
[  353.909440][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  353.909543][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  353.909608][T10265]  ? __phys_addr+0xe8/0x180
[  353.909679][T10265]  ? do_raw_spin_lock+0x26f/0x2b0
[  353.909745][T10265]  kasan_report+0xe0/0x110
[  353.909832][T10265]  ? do_raw_spin_lock+0x26f/0x2b0
[  353.909907][T10265]  do_raw_spin_lock+0x26f/0x2b0
[  353.909972][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  353.910040][T10265]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  353.910105][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  353.910174][T10265]  ? const_folio_flags+0x5b/0x100
[  353.910307][T10265]  __buffer_migrate_folio+0x40b/0x6d0
[  353.910372][T10265]  move_to_new_folio+0x1e7/0x760
[  353.910425][T10265]  ? __pfx_buffer_migrate_folio_norefs+0x10/0x10
[  353.910517][T10265]  migrate_pages_batch+0x201d/0x31a0
[  353.910585][T10265]  ? __pfx_compaction_free+0x10/0x10
[  353.910658][T10265]  ? __pfx_migrate_pages_batch+0x10/0x10
[  353.910718][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  353.910772][T10265]  ? __lock_acquire+0x622/0x1c90
[  353.910829][T10265]  migrate_pages_sync+0x12d/0x8a0
[  353.910884][T10265]  ? lock_acquire+0x179/0x350
[  353.910934][T10265]  ? __pfx_compaction_alloc+0x10/0x10
[  353.910993][T10265]  ? __pfx_compaction_free+0x10/0x10
[  353.911058][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  353.911129][T10265]  ? __pfx_migrate_pages_sync+0x10/0x10
[  353.911185][T10265]  ? do_raw_spin_unlock+0x172/0x230
[  353.911268][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  353.911344][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  353.911419][T10265]  migrate_pages+0x1b67/0x23b0
[  353.911474][T10265]  ? __pfx_compaction_alloc+0x10/0x10
[  353.911529][T10265]  ? __pfx_compaction_free+0x10/0x10
[  353.911588][T10265]  ? __pfx_migrate_pages+0x10/0x10
[  353.911644][T10265]  ? __pfx_isolate_migratepages_block+0x10/0x10
[  353.911704][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  353.911762][T10265]  ? pfn_to_online_page+0x1de/0x560
[  353.911832][T10265]  compact_zone+0x2023/0x4760
[  353.911906][T10265]  ? __lock_acquire+0xb8a/0x1c90
[  353.911967][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  353.912028][T10265]  ? __pfx_compact_zone+0x10/0x10
[  353.912082][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  353.912149][T10265]  compact_node+0x1a4/0x2d0
[  353.912218][T10265]  ? __pfx_compact_node+0x10/0x10
[  353.912286][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  353.912332][T10265]  ? __lru_add_drain_all+0xe7/0x6f0
[  353.912397][T10265]  sysctl_compaction_handler+0x141/0x210
[  353.912451][T10265]  proc_sys_call_handler+0x440/0x570
[  353.912502][T10265]  ? __pfx_proc_sys_call_handler+0x10/0x10
[  353.912546][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  353.912595][T10265]  ? splice_from_pipe_next+0x1f8/0x5d0
[  353.912657][T10265]  iter_file_splice_write+0x91f/0x1150
[  353.912728][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  353.912777][T10265]  ? __pfx_iter_file_splice_write+0x10/0x10
[  353.912841][T10265]  ? __pfx_copy_splice_read+0x10/0x10
[  353.912907][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  353.912956][T10265]  ? __pfx_iter_file_splice_write+0x10/0x10
[  353.913017][T10265]  direct_splice_actor+0x192/0x6c0
[  353.913077][T10265]  splice_direct_to_actor+0x345/0xa30
[  353.913136][T10265]  ? __pfx_direct_splice_actor+0x10/0x10
[  353.913205][T10265]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  353.913264][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  353.913314][T10265]  do_splice_direct+0x174/0x240
[  353.913369][T10265]  ? __pfx_do_splice_direct+0x10/0x10
[  353.913424][T10265]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  353.913483][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  353.913530][T10265]  ? rw_verify_area+0xcf/0x680
[  353.913581][T10265]  do_sendfile+0xb06/0xe50
[  353.913638][T10265]  ? __pfx_do_sendfile+0x10/0x10
[  353.913700][T10265]  __x64_sys_sendfile64+0x154/0x220
[  353.913739][T10265]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  353.913779][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  353.913831][T10265]  do_syscall_64+0xcd/0x4c0
[  353.913886][T10265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  353.913924][T10265] RIP: 0033:0x7fa18118e9a9
[  353.913954][T10265] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  353.913994][T10265] RSP: 002b:00007fa1820ba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  353.914030][T10265] RAX: ffffffffffffffda RBX: 00007fa1813b5fa0 RCX: 00007fa18118e9a9
[  353.914057][T10265] RDX: 00002000000000c0 RSI: 0000000000000003 RDI: 0000000000000004
[  353.914082][T10265] RBP: 00007fa181210d69 R08: 0000000000000000 R09: 0000000000000000
[  353.914108][T10265] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000000
[  353.914132][T10265] R13: 0000000000000000 R14: 00007fa1813b5fa0 R15: 00007ffe38333a88
[  353.914170][T10265]  </TASK>
[  353.914184][T10265] 
[  354.419640][T10265] Allocated by task 8795:
[  354.423983][T10265]  kasan_save_stack+0x33/0x60
[  354.428706][T10265]  kasan_save_track+0x14/0x30
[  354.433511][T10265]  __kasan_slab_alloc+0x89/0x90
[  354.438405][T10265]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[  354.443913][T10265]  gfs2_glock_get+0x1e5/0x1230
[  354.448715][T10265]  gfs2_inode_lookup+0x277/0x8a0
[  354.453688][T10265]  gfs2_dir_search+0x22a/0x2e0
[  354.458482][T10265]  gfs2_lookupi+0x4b7/0x6e0
[  354.463019][T10265]  init_inodes+0x869/0x2eb0
[  354.467547][T10265]  gfs2_fill_super+0x1be2/0x2d30
[  354.472514][T10265]  get_tree_bdev_flags+0x38c/0x620
[  354.477663][T10265]  gfs2_get_tree+0x4e/0x280
[  354.482192][T10265]  vfs_get_tree+0x8e/0x340
[  354.486640][T10265]  path_mount+0x1482/0x1fd0
[  354.491164][T10265]  __x64_sys_mount+0x28d/0x310
[  354.495951][T10265]  do_syscall_64+0xcd/0x4c0
[  354.500496][T10265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  354.506515][T10265] 
[  354.508843][T10265] Freed by task 15:
[  354.512688][T10265]  kasan_save_stack+0x33/0x60
[  354.517409][T10265]  kasan_save_track+0x14/0x30
[  354.522129][T10265]  kasan_save_free_info+0x3b/0x60
[  354.527187][T10265]  __kasan_slab_free+0x51/0x70
[  354.531998][T10265]  kmem_cache_free+0x2d1/0x4d0
[  354.536806][T10265]  gfs2_glock_dealloc+0xd0/0x150
[  354.541773][T10265]  rcu_core+0x79c/0x14e0
[  354.546050][T10265]  handle_softirqs+0x219/0x8e0
[  354.550942][T10265]  run_ksoftirqd+0x3a/0x60
[  354.555400][T10265]  smpboot_thread_fn+0x3f7/0xae0
[  354.560389][T10265]  kthread+0x3c5/0x780
[  354.564575][T10265]  ret_from_fork+0x5d7/0x6f0
[  354.569182][T10265]  ret_from_fork_asm+0x1a/0x30
[  354.574005][T10265] 
[  354.576336][T10265] Last potentially related work creation:
[  354.582059][T10265]  kasan_save_stack+0x33/0x60
[  354.586782][T10265]  kasan_record_aux_stack+0xa7/0xc0
[  354.592018][T10265]  __call_rcu_common.constprop.0+0xa5/0xa10
[  354.598036][T10265]  gfs2_glock_free+0x35/0x90
[  354.602665][T10265]  glock_work_func+0x396/0x4d0
[  354.607451][T10265]  process_one_work+0x9cf/0x1b70
[  354.612509][T10265]  worker_thread+0x6c8/0xf10
[  354.617144][T10265]  kthread+0x3c5/0x780
[  354.621242][T10265]  ret_from_fork+0x5d7/0x6f0
[  354.625850][T10265]  ret_from_fork_asm+0x1a/0x30
[  354.630773][T10265] 
[  354.633105][T10265] Second to last potentially related work creation:
[  354.639689][T10265]  kasan_save_stack+0x33/0x60
[  354.644503][T10265]  kasan_record_aux_stack+0xa7/0xc0
[  354.649731][T10265]  insert_work+0x36/0x230
[  354.654092][T10265]  __queue_work+0x97e/0x10f0
[  354.658710][T10265]  __queue_delayed_work+0x35b/0x460
[  354.664024][T10265]  queue_delayed_work_on+0x1b5/0x200
[  354.669337][T10265]  gfs2_glock_queue_work+0x75/0x120
[  354.674573][T10265]  clear_glock+0xa7/0xe0
[  354.678859][T10265]  glock_hash_walk+0x12c/0x1c0
[  354.683743][T10265]  gfs2_gl_hash_clear+0x103/0x780
[  354.688845][T10265]  gfs2_fill_super+0x2524/0x2d30
[  354.693825][T10265]  get_tree_bdev_flags+0x38c/0x620
[  354.699014][T10265]  gfs2_get_tree+0x4e/0x280
[  354.703543][T10265]  vfs_get_tree+0x8e/0x340
[  354.707990][T10265]  path_mount+0x1482/0x1fd0
[  354.712537][T10265]  __x64_sys_mount+0x28d/0x310
[  354.717324][T10265]  do_syscall_64+0xcd/0x4c0
[  354.721863][T10265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  354.727877][T10265] 
[  354.730207][T10265] The buggy address belongs to the object at ffff88807ba82a40
[  354.730207][T10265]  which belongs to the cache gfs2_glock(aspace) of size 1224
[  354.745116][T10265] The buggy address is located 988 bytes inside of
[  354.745116][T10265]  freed 1224-byte region [ffff88807ba82a40, ffff88807ba82f08)
[  354.759056][T10265] 
[  354.761476][T10265] The buggy address belongs to the physical page:
[  354.767908][T10265] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88807ba824f8 pfn:0x7ba80
[  354.778003][T10265] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  354.786613][T10265] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  354.794188][T10265] page_type: f5(slab)
[  354.798194][T10265] raw: 00fff00000000040 ffff888020f38140 dead000000000122 0000000000000000
[  354.806808][T10265] raw: ffff88807ba824f8 00000000800c0002 00000000f5000000 0000000000000000
[  354.815424][T10265] head: 00fff00000000040 ffff888020f38140 dead000000000122 0000000000000000
[  354.824125][T10265] head: ffff88807ba824f8 00000000800c0002 00000000f5000000 0000000000000000
[  354.832821][T10265] head: 00fff00000000002 ffffea0001eea001 00000000ffffffff 00000000ffffffff
[  354.841515][T10265] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  354.850207][T10265] page dumped because: kasan: bad access detected
[  354.856632][T10265] page_owner tracks the page as allocated
[  354.862355][T10265] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 8485, tgid 8484 (syz.2.1006), ts 256914562029, free_ts 253660529634
[  354.883088][T10265]  post_alloc_hook+0x1c0/0x230
[  354.887903][T10265]  get_page_from_freelist+0x1321/0x3890
[  354.893528][T10265]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  354.899554][T10265]  alloc_pages_mpol+0x1fb/0x550
[  354.904455][T10265]  new_slab+0x23b/0x330
[  354.908642][T10265]  ___slab_alloc+0xd9c/0x1940
[  354.913441][T10265]  __slab_alloc.constprop.0+0x56/0xb0
[  354.918865][T10265]  kmem_cache_alloc_noprof+0xef/0x3b0
[  354.924276][T10265]  gfs2_glock_get+0x1e5/0x1230
[  354.929125][T10265]  gfs2_inode_lookup+0x277/0x8a0
[  354.934102][T10265]  gfs2_lookup_root+0x57/0x130
[  354.938894][T10265]  init_sb+0xae5/0x10d0
[  354.943071][T10265]  gfs2_fill_super+0x1967/0x2d30
[  354.948069][T10265]  get_tree_bdev_flags+0x38c/0x620
[  354.953311][T10265]  gfs2_get_tree+0x4e/0x280
[  354.957839][T10265]  vfs_get_tree+0x8e/0x340
[  354.962282][T10265] page last free pid 8421 tgid 8421 stack trace:
[  354.968612][T10265]  __free_frozen_pages+0x7fe/0x1180
[  354.973853][T10265]  __folio_put+0x329/0x450
[  354.978304][T10265]  vhost_dev_cleanup+0x7bf/0x1030
[  354.983362][T10265]  vhost_vsock_dev_release+0x2d6/0x400
[  354.989145][T10265]  __fput+0x402/0xb70
[  354.993144][T10265]  task_work_run+0x150/0x240
[  354.997770][T10265]  exit_to_user_mode_loop+0xeb/0x110
[  355.003083][T10265]  do_syscall_64+0x3f6/0x4c0
[  355.007703][T10265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  355.013616][T10265] 
[  355.015938][T10265] Memory state around the buggy address:
[  355.021578][T10265]  ffff88807ba82d00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  355.029654][T10265]  ffff88807ba82d80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  355.037730][T10265] >ffff88807ba82e00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  355.045800][T10265]                             ^
[  355.050660][T10265]  ffff88807ba82e80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  355.058738][T10265]  ffff88807ba82f00: fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  355.066807][T10265] ==================================================================
[  355.076618][T10265] ==================================================================
[  355.084709][T10265] BUG: KASAN: slab-use-after-free in do_raw_spin_lock+0x27f/0x2b0
[  355.092552][T10265] Read of size 8 at addr ffff88807ba82e28 by task syz.6.1628/10265
[  355.100466][T10265] 
[  355.102809][T10265] CPU: 0 UID: 0 PID: 10265 Comm: syz.6.1628 Tainted: G    B               6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(full) 
[  355.102866][T10265] Tainted: [B]=BAD_PAGE
[  355.102879][T10265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  355.102901][T10265] Call Trace:
[  355.102912][T10265]  <TASK>
[  355.102925][T10265]  dump_stack_lvl+0x116/0x1f0
[  355.102977][T10265]  print_report+0xcd/0x630
[  355.103032][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  355.103077][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  355.103120][T10265]  ? __phys_addr+0xe8/0x180
[  355.103167][T10265]  ? do_raw_spin_lock+0x27f/0x2b0
[  355.103211][T10265]  kasan_report+0xe0/0x110
[  355.103268][T10265]  ? do_raw_spin_lock+0x27f/0x2b0
[  355.103317][T10265]  do_raw_spin_lock+0x27f/0x2b0
[  355.103360][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  355.103404][T10265]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  355.103453][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  355.103496][T10265]  ? const_folio_flags+0x5b/0x100
[  355.103560][T10265]  __buffer_migrate_folio+0x40b/0x6d0
[  355.103601][T10265]  move_to_new_folio+0x1e7/0x760
[  355.103635][T10265]  ? __pfx_buffer_migrate_folio_norefs+0x10/0x10
[  355.103676][T10265]  migrate_pages_batch+0x201d/0x31a0
[  355.103719][T10265]  ? __pfx_compaction_free+0x10/0x10
[  355.103766][T10265]  ? __pfx_migrate_pages_batch+0x10/0x10
[  355.103804][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  355.103848][T10265]  ? __lock_acquire+0x622/0x1c90
[  355.103888][T10265]  migrate_pages_sync+0x12d/0x8a0
[  355.103926][T10265]  ? lock_acquire+0x179/0x350
[  355.103960][T10265]  ? __pfx_compaction_alloc+0x10/0x10
[  355.103998][T10265]  ? __pfx_compaction_free+0x10/0x10
[  355.104040][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  355.104086][T10265]  ? __pfx_migrate_pages_sync+0x10/0x10
[  355.104123][T10265]  ? do_raw_spin_unlock+0x172/0x230
[  355.104166][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  355.104215][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  355.104263][T10265]  migrate_pages+0x1b67/0x23b0
[  355.104302][T10265]  ? __pfx_compaction_alloc+0x10/0x10
[  355.104346][T10265]  ? __pfx_compaction_free+0x10/0x10
[  355.104391][T10265]  ? __pfx_migrate_pages+0x10/0x10
[  355.104438][T10265]  ? __pfx_isolate_migratepages_block+0x10/0x10
[  355.104484][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  355.104527][T10265]  ? pfn_to_online_page+0x1de/0x560
[  355.104580][T10265]  compact_zone+0x2023/0x4760
[  355.104627][T10265]  ? __lock_acquire+0xb8a/0x1c90
[  355.104672][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  355.104718][T10265]  ? __pfx_compact_zone+0x10/0x10
[  355.104759][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  355.104809][T10265]  compact_node+0x1a4/0x2d0
[  355.104850][T10265]  ? __pfx_compact_node+0x10/0x10
[  355.104914][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  355.104957][T10265]  ? __lru_add_drain_all+0xe7/0x6f0
[  355.105014][T10265]  sysctl_compaction_handler+0x141/0x210
[  355.105062][T10265]  proc_sys_call_handler+0x440/0x570
[  355.105107][T10265]  ? __pfx_proc_sys_call_handler+0x10/0x10
[  355.105152][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  355.105195][T10265]  ? splice_from_pipe_next+0x1f8/0x5d0
[  355.105254][T10265]  iter_file_splice_write+0x91f/0x1150
[  355.105319][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  355.105364][T10265]  ? __pfx_iter_file_splice_write+0x10/0x10
[  355.105424][T10265]  ? __pfx_copy_splice_read+0x10/0x10
[  355.105488][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  355.105533][T10265]  ? __pfx_iter_file_splice_write+0x10/0x10
[  355.105590][T10265]  direct_splice_actor+0x192/0x6c0
[  355.105644][T10265]  splice_direct_to_actor+0x345/0xa30
[  355.105698][T10265]  ? __pfx_direct_splice_actor+0x10/0x10
[  355.105756][T10265]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  355.105811][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  355.105858][T10265]  do_splice_direct+0x174/0x240
[  355.105910][T10265]  ? __pfx_do_splice_direct+0x10/0x10
[  355.105962][T10265]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  355.106016][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  355.106059][T10265]  ? rw_verify_area+0xcf/0x680
[  355.106106][T10265]  do_sendfile+0xb06/0xe50
[  355.106157][T10265]  ? __pfx_do_sendfile+0x10/0x10
[  355.106212][T10265]  __x64_sys_sendfile64+0x154/0x220
[  355.106249][T10265]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  355.106286][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  355.106335][T10265]  do_syscall_64+0xcd/0x4c0
[  355.106388][T10265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  355.106424][T10265] RIP: 0033:0x7fa18118e9a9
[  355.106457][T10265] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  355.106494][T10265] RSP: 002b:00007fa1820ba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  355.106527][T10265] RAX: ffffffffffffffda RBX: 00007fa1813b5fa0 RCX: 00007fa18118e9a9
[  355.106552][T10265] RDX: 00002000000000c0 RSI: 0000000000000003 RDI: 0000000000000004
[  355.106575][T10265] RBP: 00007fa181210d69 R08: 0000000000000000 R09: 0000000000000000
[  355.106597][T10265] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000000
[  355.106620][T10265] R13: 0000000000000000 R14: 00007fa1813b5fa0 R15: 00007ffe38333a88
[  355.106654][T10265]  </TASK>
[  355.106666][T10265] 
[  355.610935][T10265] Allocated by task 8795:
[  355.615294][T10265]  kasan_save_stack+0x33/0x60
[  355.620014][T10265]  kasan_save_track+0x14/0x30
[  355.624728][T10265]  __kasan_slab_alloc+0x89/0x90
[  355.629637][T10265]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[  355.635130][T10265]  gfs2_glock_get+0x1e5/0x1230
[  355.639952][T10265]  gfs2_inode_lookup+0x277/0x8a0
[  355.644934][T10265]  gfs2_dir_search+0x22a/0x2e0
[  355.649727][T10265]  gfs2_lookupi+0x4b7/0x6e0
[  355.654262][T10265]  init_inodes+0x869/0x2eb0
[  355.658789][T10265]  gfs2_fill_super+0x1be2/0x2d30
[  355.663765][T10265]  get_tree_bdev_flags+0x38c/0x620
[  355.668927][T10265]  gfs2_get_tree+0x4e/0x280
[  355.673467][T10265]  vfs_get_tree+0x8e/0x340
[  355.677912][T10265]  path_mount+0x1482/0x1fd0
[  355.682459][T10265]  __x64_sys_mount+0x28d/0x310
[  355.687265][T10265]  do_syscall_64+0xcd/0x4c0
[  355.691837][T10265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  355.697758][T10265] 
[  355.700099][T10265] Freed by task 15:
[  355.703909][T10265]  kasan_save_stack+0x33/0x60
[  355.708708][T10265]  kasan_save_track+0x14/0x30
[  355.713423][T10265]  kasan_save_free_info+0x3b/0x60
[  355.718483][T10265]  __kasan_slab_free+0x51/0x70
[  355.723288][T10265]  kmem_cache_free+0x2d1/0x4d0
[  355.728085][T10265]  gfs2_glock_dealloc+0xd0/0x150
[  355.733052][T10265]  rcu_core+0x79c/0x14e0
[  355.737412][T10265]  handle_softirqs+0x219/0x8e0
[  355.742210][T10265]  run_ksoftirqd+0x3a/0x60
[  355.746654][T10265]  smpboot_thread_fn+0x3f7/0xae0
[  355.751627][T10265]  kthread+0x3c5/0x780
[  355.755712][T10265]  ret_from_fork+0x5d7/0x6f0
[  355.760460][T10265]  ret_from_fork_asm+0x1a/0x30
[  355.765255][T10265] 
[  355.767582][T10265] Last potentially related work creation:
[  355.773294][T10265]  kasan_save_stack+0x33/0x60
[  355.778005][T10265]  kasan_record_aux_stack+0xa7/0xc0
[  355.783228][T10265]  __call_rcu_common.constprop.0+0xa5/0xa10
[  355.789143][T10265]  gfs2_glock_free+0x35/0x90
[  355.793766][T10265]  glock_work_func+0x396/0x4d0
[  355.798543][T10265]  process_one_work+0x9cf/0x1b70
[  355.803502][T10265]  worker_thread+0x6c8/0xf10
[  355.808290][T10265]  kthread+0x3c5/0x780
[  355.812374][T10265]  ret_from_fork+0x5d7/0x6f0
[  355.816975][T10265]  ret_from_fork_asm+0x1a/0x30
[  355.821762][T10265] 
[  355.824088][T10265] Second to last potentially related work creation:
[  355.830676][T10265]  kasan_save_stack+0x33/0x60
[  355.835385][T10265]  kasan_record_aux_stack+0xa7/0xc0
[  355.840605][T10265]  insert_work+0x36/0x230
[  355.844953][T10265]  __queue_work+0x97e/0x10f0
[  355.849565][T10265]  __queue_delayed_work+0x35b/0x460
[  355.854790][T10265]  queue_delayed_work_on+0x1b5/0x200
[  355.860103][T10265]  gfs2_glock_queue_work+0x75/0x120
[  355.865336][T10265]  clear_glock+0xa7/0xe0
[  355.869609][T10265]  glock_hash_walk+0x12c/0x1c0
[  355.874394][T10265]  gfs2_gl_hash_clear+0x103/0x780
[  355.879450][T10265]  gfs2_fill_super+0x2524/0x2d30
[  355.884412][T10265]  get_tree_bdev_flags+0x38c/0x620
[  355.889644][T10265]  gfs2_get_tree+0x4e/0x280
[  355.894175][T10265]  vfs_get_tree+0x8e/0x340
[  355.898647][T10265]  path_mount+0x1482/0x1fd0
[  355.903162][T10265]  __x64_sys_mount+0x28d/0x310
[  355.907942][T10265]  do_syscall_64+0xcd/0x4c0
[  355.912474][T10265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  355.918390][T10265] 
[  355.920714][T10265] The buggy address belongs to the object at ffff88807ba82a40
[  355.920714][T10265]  which belongs to the cache gfs2_glock(aspace) of size 1224
[  355.935478][T10265] The buggy address is located 1000 bytes inside of
[  355.935478][T10265]  freed 1224-byte region [ffff88807ba82a40, ffff88807ba82f08)
[  355.949466][T10265] 
[  355.951791][T10265] The buggy address belongs to the physical page:
[  355.958209][T10265] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88807ba824f8 pfn:0x7ba80
[  355.968305][T10265] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  355.976821][T10265] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  355.984491][T10265] page_type: f5(slab)
[  355.988487][T10265] raw: 00fff00000000040 ffff888020f38140 dead000000000122 0000000000000000
[  355.997091][T10265] raw: ffff88807ba824f8 00000000800c0002 00000000f5000000 0000000000000000
[  356.005692][T10265] head: 00fff00000000040 ffff888020f38140 dead000000000122 0000000000000000
[  356.014380][T10265] head: ffff88807ba824f8 00000000800c0002 00000000f5000000 0000000000000000
[  356.023092][T10265] head: 00fff00000000002 ffffea0001eea001 00000000ffffffff 00000000ffffffff
[  356.031808][T10265] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  356.040486][T10265] page dumped because: kasan: bad access detected
[  356.046900][T10265] page_owner tracks the page as allocated
[  356.052706][T10265] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 8485, tgid 8484 (syz.2.1006), ts 256914562029, free_ts 253660529634
[  356.073323][T10265]  post_alloc_hook+0x1c0/0x230
[  356.078122][T10265]  get_page_from_freelist+0x1321/0x3890
[  356.083703][T10265]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  356.089640][T10265]  alloc_pages_mpol+0x1fb/0x550
[  356.094618][T10265]  new_slab+0x23b/0x330
[  356.098829][T10265]  ___slab_alloc+0xd9c/0x1940
[  356.103530][T10265]  __slab_alloc.constprop.0+0x56/0xb0
[  356.108931][T10265]  kmem_cache_alloc_noprof+0xef/0x3b0
[  356.114336][T10265]  gfs2_glock_get+0x1e5/0x1230
[  356.119131][T10265]  gfs2_inode_lookup+0x277/0x8a0
[  356.124120][T10265]  gfs2_lookup_root+0x57/0x130
[  356.128905][T10265]  init_sb+0xae5/0x10d0
[  356.133078][T10265]  gfs2_fill_super+0x1967/0x2d30
[  356.138041][T10265]  get_tree_bdev_flags+0x38c/0x620
[  356.143186][T10265]  gfs2_get_tree+0x4e/0x280
[  356.147706][T10265]  vfs_get_tree+0x8e/0x340
[  356.152143][T10265] page last free pid 8421 tgid 8421 stack trace:
[  356.158562][T10265]  __free_frozen_pages+0x7fe/0x1180
[  356.163801][T10265]  __folio_put+0x329/0x450
[  356.168293][T10265]  vhost_dev_cleanup+0x7bf/0x1030
[  356.173455][T10265]  vhost_vsock_dev_release+0x2d6/0x400
[  356.179042][T10265]  __fput+0x402/0xb70
[  356.183045][T10265]  task_work_run+0x150/0x240
[  356.187661][T10265]  exit_to_user_mode_loop+0xeb/0x110
[  356.192973][T10265]  do_syscall_64+0x3f6/0x4c0
[  356.197604][T10265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  356.203519][T10265] 
[  356.205850][T10265] Memory state around the buggy address:
[  356.211570][T10265]  ffff88807ba82d00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  356.219734][T10265]  ffff88807ba82d80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  356.227809][T10265] >ffff88807ba82e00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  356.235882][T10265]                                   ^
[  356.241257][T10265]  ffff88807ba82e80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  356.249330][T10265]  ffff88807ba82f00: fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  356.257401][T10265] ==================================================================
[  356.266055][T10265] ==================================================================
[  356.274250][T10265] BUG: KASAN: slab-use-after-free in do_raw_spin_lock+0x265/0x2b0
[  356.282360][T10265] Read of size 4 at addr ffff88807ba82e20 by task syz.6.1628/10265
[  356.290304][T10265] 
[  356.292649][T10265] CPU: 0 UID: 0 PID: 10265 Comm: syz.6.1628 Tainted: G    B               6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(full) 
[  356.292709][T10265] Tainted: [B]=BAD_PAGE
[  356.292723][T10265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  356.292747][T10265] Call Trace:
[  356.292759][T10265]  <TASK>
[  356.292772][T10265]  dump_stack_lvl+0x116/0x1f0
[  356.292827][T10265]  print_report+0xcd/0x630
[  356.292885][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  356.292932][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  356.292979][T10265]  ? __phys_addr+0xe8/0x180
[  356.293031][T10265]  ? do_raw_spin_lock+0x265/0x2b0
[  356.293076][T10265]  kasan_report+0xe0/0x110
[  356.293138][T10265]  ? do_raw_spin_lock+0x265/0x2b0
[  356.293192][T10265]  do_raw_spin_lock+0x265/0x2b0
[  356.293239][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  356.293288][T10265]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  356.293336][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  356.293383][T10265]  ? const_folio_flags+0x5b/0x100
[  356.293456][T10265]  __buffer_migrate_folio+0x40b/0x6d0
[  356.293502][T10265]  move_to_new_folio+0x1e7/0x760
[  356.293538][T10265]  ? __pfx_buffer_migrate_folio_norefs+0x10/0x10
[  356.293584][T10265]  migrate_pages_batch+0x201d/0x31a0
[  356.293631][T10265]  ? __pfx_compaction_free+0x10/0x10
[  356.293682][T10265]  ? __pfx_migrate_pages_batch+0x10/0x10
[  356.293725][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  356.293771][T10265]  ? __lock_acquire+0x622/0x1c90
[  356.293814][T10265]  migrate_pages_sync+0x12d/0x8a0
[  356.293856][T10265]  ? lock_acquire+0x179/0x350
[  356.293891][T10265]  ? __pfx_compaction_alloc+0x10/0x10
[  356.293932][T10265]  ? __pfx_compaction_free+0x10/0x10
[  356.293977][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  356.294024][T10265]  ? __pfx_migrate_pages_sync+0x10/0x10
[  356.294064][T10265]  ? do_raw_spin_unlock+0x172/0x230
[  356.294108][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  356.294160][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  356.294211][T10265]  migrate_pages+0x1b67/0x23b0
[  356.294253][T10265]  ? __pfx_compaction_alloc+0x10/0x10
[  356.294294][T10265]  ? __pfx_compaction_free+0x10/0x10
[  356.294344][T10265]  ? __pfx_migrate_pages+0x10/0x10
[  356.294390][T10265]  ? __pfx_isolate_migratepages_block+0x10/0x10
[  356.294445][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  356.294491][T10265]  ? pfn_to_online_page+0x1de/0x560
[  356.294547][T10265]  compact_zone+0x2023/0x4760
[  356.294595][T10265]  ? __lock_acquire+0xb8a/0x1c90
[  356.294645][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  356.294694][T10265]  ? __pfx_compact_zone+0x10/0x10
[  356.294740][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  356.294794][T10265]  compact_node+0x1a4/0x2d0
[  356.294840][T10265]  ? __pfx_compact_node+0x10/0x10
[  356.294910][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  356.294956][T10265]  ? __lru_add_drain_all+0xe7/0x6f0
[  356.295019][T10265]  sysctl_compaction_handler+0x141/0x210
[  356.295072][T10265]  proc_sys_call_handler+0x440/0x570
[  356.295121][T10265]  ? __pfx_proc_sys_call_handler+0x10/0x10
[  356.295169][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  356.295216][T10265]  ? splice_from_pipe_next+0x1f8/0x5d0
[  356.295280][T10265]  iter_file_splice_write+0x91f/0x1150
[  356.295351][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  356.295401][T10265]  ? __pfx_iter_file_splice_write+0x10/0x10
[  356.295471][T10265]  ? __pfx_copy_splice_read+0x10/0x10
[  356.295537][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  356.295587][T10265]  ? __pfx_iter_file_splice_write+0x10/0x10
[  356.295648][T10265]  direct_splice_actor+0x192/0x6c0
[  356.295708][T10265]  splice_direct_to_actor+0x345/0xa30
[  356.295766][T10265]  ? __pfx_direct_splice_actor+0x10/0x10
[  356.295829][T10265]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  356.295890][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  356.295941][T10265]  do_splice_direct+0x174/0x240
[  356.295997][T10265]  ? __pfx_do_splice_direct+0x10/0x10
[  356.296055][T10265]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  356.296114][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  356.296161][T10265]  ? rw_verify_area+0xcf/0x680
[  356.296213][T10265]  do_sendfile+0xb06/0xe50
[  356.296269][T10265]  ? __pfx_do_sendfile+0x10/0x10
[  356.296330][T10265]  __x64_sys_sendfile64+0x154/0x220
[  356.296370][T10265]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  356.296411][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  356.296469][T10265]  do_syscall_64+0xcd/0x4c0
[  356.296527][T10265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  356.296567][T10265] RIP: 0033:0x7fa18118e9a9
[  356.296596][T10265] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  356.296637][T10265] RSP: 002b:00007fa1820ba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  356.296673][T10265] RAX: ffffffffffffffda RBX: 00007fa1813b5fa0 RCX: 00007fa18118e9a9
[  356.296700][T10265] RDX: 00002000000000c0 RSI: 0000000000000003 RDI: 0000000000000004
[  356.296726][T10265] RBP: 00007fa181210d69 R08: 0000000000000000 R09: 0000000000000000
[  356.296751][T10265] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000000
[  356.296776][T10265] R13: 0000000000000000 R14: 00007fa1813b5fa0 R15: 00007ffe38333a88
[  356.296815][T10265]  </TASK>
[  356.296828][T10265] 
[  356.800702][T10265] Allocated by task 8795:
[  356.805036][T10265]  kasan_save_stack+0x33/0x60
[  356.809752][T10265]  kasan_save_track+0x14/0x30
[  356.814468][T10265]  __kasan_slab_alloc+0x89/0x90
[  356.819531][T10265]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[  356.825027][T10265]  gfs2_glock_get+0x1e5/0x1230
[  356.829826][T10265]  gfs2_inode_lookup+0x277/0x8a0
[  356.834796][T10265]  gfs2_dir_search+0x22a/0x2e0
[  356.839592][T10265]  gfs2_lookupi+0x4b7/0x6e0
[  356.844129][T10265]  init_inodes+0x869/0x2eb0
[  356.848658][T10265]  gfs2_fill_super+0x1be2/0x2d30
[  356.853625][T10265]  get_tree_bdev_flags+0x38c/0x620
[  356.858770][T10265]  gfs2_get_tree+0x4e/0x280
[  356.863294][T10265]  vfs_get_tree+0x8e/0x340
[  356.867739][T10265]  path_mount+0x1482/0x1fd0
[  356.872274][T10265]  __x64_sys_mount+0x28d/0x310
[  356.877057][T10265]  do_syscall_64+0xcd/0x4c0
[  356.881605][T10265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  356.887522][T10265] 
[  356.889848][T10265] Freed by task 15:
[  356.893659][T10265]  kasan_save_stack+0x33/0x60
[  356.898392][T10265]  kasan_save_track+0x14/0x30
[  356.903204][T10265]  kasan_save_free_info+0x3b/0x60
[  356.908258][T10265]  __kasan_slab_free+0x51/0x70
[  356.913060][T10265]  kmem_cache_free+0x2d1/0x4d0
[  356.917861][T10265]  gfs2_glock_dealloc+0xd0/0x150
[  356.922918][T10265]  rcu_core+0x79c/0x14e0
[  356.927216][T10265]  handle_softirqs+0x219/0x8e0
[  356.932009][T10265]  run_ksoftirqd+0x3a/0x60
[  356.936464][T10265]  smpboot_thread_fn+0x3f7/0xae0
[  356.941448][T10265]  kthread+0x3c5/0x780
[  356.945547][T10265]  ret_from_fork+0x5d7/0x6f0
[  356.950155][T10265]  ret_from_fork_asm+0x1a/0x30
[  356.954945][T10265] 
[  356.957272][T10265] Last potentially related work creation:
[  356.962992][T10265]  kasan_save_stack+0x33/0x60
[  356.967704][T10265]  kasan_record_aux_stack+0xa7/0xc0
[  356.972928][T10265]  __call_rcu_common.constprop.0+0xa5/0xa10
[  356.978846][T10265]  gfs2_glock_free+0x35/0x90
[  356.983474][T10265]  glock_work_func+0x396/0x4d0
[  356.988251][T10265]  process_one_work+0x9cf/0x1b70
[  356.993217][T10265]  worker_thread+0x6c8/0xf10
[  356.997831][T10265]  kthread+0x3c5/0x780
[  357.001919][T10265]  ret_from_fork+0x5d7/0x6f0
[  357.006522][T10265]  ret_from_fork_asm+0x1a/0x30
[  357.011343][T10265] 
[  357.013766][T10265] Second to last potentially related work creation:
[  357.020445][T10265]  kasan_save_stack+0x33/0x60
[  357.025154][T10265]  kasan_record_aux_stack+0xa7/0xc0
[  357.030465][T10265]  insert_work+0x36/0x230
[  357.034812][T10265]  __queue_work+0x97e/0x10f0
[  357.039425][T10265]  __queue_delayed_work+0x35b/0x460
[  357.044662][T10265]  queue_delayed_work_on+0x1b5/0x200
[  357.050008][T10265]  gfs2_glock_queue_work+0x75/0x120
[  357.055244][T10265]  clear_glock+0xa7/0xe0
[  357.059524][T10265]  glock_hash_walk+0x12c/0x1c0
[  357.064316][T10265]  gfs2_gl_hash_clear+0x103/0x780
[  357.069376][T10265]  gfs2_fill_super+0x2524/0x2d30
[  357.074343][T10265]  get_tree_bdev_flags+0x38c/0x620
[  357.079488][T10265]  gfs2_get_tree+0x4e/0x280
[  357.084010][T10265]  vfs_get_tree+0x8e/0x340
[  357.088453][T10265]  path_mount+0x1482/0x1fd0
[  357.092969][T10265]  __x64_sys_mount+0x28d/0x310
[  357.097748][T10265]  do_syscall_64+0xcd/0x4c0
[  357.102281][T10265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  357.108191][T10265] 
[  357.110513][T10265] The buggy address belongs to the object at ffff88807ba82a40
[  357.110513][T10265]  which belongs to the cache gfs2_glock(aspace) of size 1224
[  357.125288][T10265] The buggy address is located 992 bytes inside of
[  357.125288][T10265]  freed 1224-byte region [ffff88807ba82a40, ffff88807ba82f08)
[  357.139198][T10265] 
[  357.141524][T10265] The buggy address belongs to the physical page:
[  357.147935][T10265] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88807ba824f8 pfn:0x7ba80
[  357.158015][T10265] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  357.166525][T10265] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  357.174083][T10265] page_type: f5(slab)
[  357.178082][T10265] raw: 00fff00000000040 ffff888020f38140 dead000000000122 0000000000000000
[  357.186684][T10265] raw: ffff88807ba824f8 00000000800c0002 00000000f5000000 0000000000000000
[  357.195286][T10265] head: 00fff00000000040 ffff888020f38140 dead000000000122 0000000000000000
[  357.203976][T10265] head: ffff88807ba824f8 00000000800c0002 00000000f5000000 0000000000000000
[  357.212670][T10265] head: 00fff00000000002 ffffea0001eea001 00000000ffffffff 00000000ffffffff
[  357.221359][T10265] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  357.230035][T10265] page dumped because: kasan: bad access detected
[  357.236452][T10265] page_owner tracks the page as allocated
[  357.242165][T10265] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 8485, tgid 8484 (syz.2.1006), ts 256914562029, free_ts 253660529634
[  357.262790][T10265]  post_alloc_hook+0x1c0/0x230
[  357.267679][T10265]  get_page_from_freelist+0x1321/0x3890
[  357.273297][T10265]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  357.279229][T10265]  alloc_pages_mpol+0x1fb/0x550
[  357.284122][T10265]  new_slab+0x23b/0x330
[  357.288309][T10265]  ___slab_alloc+0xd9c/0x1940
[  357.293009][T10265]  __slab_alloc.constprop.0+0x56/0xb0
[  357.298408][T10265]  kmem_cache_alloc_noprof+0xef/0x3b0
[  357.303811][T10265]  gfs2_glock_get+0x1e5/0x1230
[  357.308608][T10265]  gfs2_inode_lookup+0x277/0x8a0
[  357.313578][T10265]  gfs2_lookup_root+0x57/0x130
[  357.318365][T10265]  init_sb+0xae5/0x10d0
[  357.322540][T10265]  gfs2_fill_super+0x1967/0x2d30
[  357.327498][T10265]  get_tree_bdev_flags+0x38c/0x620
[  357.332642][T10265]  gfs2_get_tree+0x4e/0x280
[  357.337161][T10265]  vfs_get_tree+0x8e/0x340
[  357.341600][T10265] page last free pid 8421 tgid 8421 stack trace:
[  357.347929][T10265]  __free_frozen_pages+0x7fe/0x1180
[  357.353156][T10265]  __folio_put+0x329/0x450
[  357.357609][T10265]  vhost_dev_cleanup+0x7bf/0x1030
[  357.362667][T10265]  vhost_vsock_dev_release+0x2d6/0x400
[  357.368161][T10265]  __fput+0x402/0xb70
[  357.372163][T10265]  task_work_run+0x150/0x240
[  357.376909][T10265]  exit_to_user_mode_loop+0xeb/0x110
[  357.382220][T10265]  do_syscall_64+0x3f6/0x4c0
[  357.386840][T10265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  357.392751][T10265] 
[  357.395073][T10265] Memory state around the buggy address:
[  357.400705][T10265]  ffff88807ba82d00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  357.408778][T10265]  ffff88807ba82d80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  357.416849][T10265] >ffff88807ba82e00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  357.424915][T10265]                                ^
[  357.430116][T10265]  ffff88807ba82e80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  357.438204][T10265]  ffff88807ba82f00: fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  357.446271][T10265] ==================================================================
[  357.457402][T10265] ==================================================================
[  357.465482][T10265] BUG: KASAN: slab-use-after-free in do_raw_spin_lock+0x11d/0x2b0
[  357.465980][ T5865] Bluetooth: hci5: command tx timeout
[  357.473306][T10265] Write of size 4 at addr ffff88807ba82e18 by task syz.6.1628/10265
[  357.473340][T10265] 
[  357.489007][T10265] CPU: 0 UID: 0 PID: 10265 Comm: syz.6.1628 Tainted: G    B               6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(full) 
[  357.489063][T10265] Tainted: [B]=BAD_PAGE
[  357.489076][T10265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  357.489098][T10265] Call Trace:
[  357.489109][T10265]  <TASK>
[  357.489122][T10265]  dump_stack_lvl+0x116/0x1f0
[  357.489173][T10265]  print_report+0xcd/0x630
[  357.489234][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  357.489278][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  357.489321][T10265]  ? __phys_addr+0xe8/0x180
[  357.489369][T10265]  ? do_raw_spin_lock+0x11d/0x2b0
[  357.489411][T10265]  kasan_report+0xe0/0x110
[  357.489469][T10265]  ? do_raw_spin_lock+0x11d/0x2b0
[  357.489517][T10265]  kasan_check_range+0x100/0x1b0
[  357.489557][T10265]  do_raw_spin_lock+0x11d/0x2b0
[  357.489599][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  357.489643][T10265]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  357.489686][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  357.489736][T10265]  __buffer_migrate_folio+0x40b/0x6d0
[  357.489777][T10265]  move_to_new_folio+0x1e7/0x760
[  357.489811][T10265]  ? __pfx_buffer_migrate_folio_norefs+0x10/0x10
[  357.489852][T10265]  migrate_pages_batch+0x201d/0x31a0
[  357.489894][T10265]  ? __pfx_compaction_free+0x10/0x10
[  357.489940][T10265]  ? __pfx_migrate_pages_batch+0x10/0x10
[  357.489979][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  357.490023][T10265]  ? __lock_acquire+0x622/0x1c90
[  357.490064][T10265]  migrate_pages_sync+0x12d/0x8a0
[  357.490102][T10265]  ? lock_acquire+0x179/0x350
[  357.490135][T10265]  ? __pfx_compaction_alloc+0x10/0x10
[  357.490173][T10265]  ? __pfx_compaction_free+0x10/0x10
[  357.490224][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  357.490270][T10265]  ? __pfx_migrate_pages_sync+0x10/0x10
[  357.490306][T10265]  ? do_raw_spin_unlock+0x172/0x230
[  357.490350][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  357.490399][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  357.490446][T10265]  migrate_pages+0x1b67/0x23b0
[  357.490486][T10265]  ? __pfx_compaction_alloc+0x10/0x10
[  357.490524][T10265]  ? __pfx_compaction_free+0x10/0x10
[  357.490570][T10265]  ? __pfx_migrate_pages+0x10/0x10
[  357.490612][T10265]  ? __pfx_isolate_migratepages_block+0x10/0x10
[  357.490657][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  357.490700][T10265]  ? pfn_to_online_page+0x1de/0x560
[  357.490752][T10265]  compact_zone+0x2023/0x4760
[  357.490799][T10265]  ? __lock_acquire+0xb8a/0x1c90
[  357.490845][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  357.490890][T10265]  ? __pfx_compact_zone+0x10/0x10
[  357.490930][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  357.490980][T10265]  compact_node+0x1a4/0x2d0
[  357.491022][T10265]  ? __pfx_compact_node+0x10/0x10
[  357.491085][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  357.491127][T10265]  ? __lru_add_drain_all+0xe7/0x6f0
[  357.491190][T10265]  sysctl_compaction_handler+0x141/0x210
[  357.491238][T10265]  proc_sys_call_handler+0x440/0x570
[  357.491283][T10265]  ? __pfx_proc_sys_call_handler+0x10/0x10
[  357.491327][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  357.491371][T10265]  ? splice_from_pipe_next+0x1f8/0x5d0
[  357.491429][T10265]  iter_file_splice_write+0x91f/0x1150
[  357.491495][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  357.491540][T10265]  ? __pfx_iter_file_splice_write+0x10/0x10
[  357.491599][T10265]  ? __pfx_copy_splice_read+0x10/0x10
[  357.491659][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  357.491704][T10265]  ? __pfx_iter_file_splice_write+0x10/0x10
[  357.491760][T10265]  direct_splice_actor+0x192/0x6c0
[  357.491815][T10265]  splice_direct_to_actor+0x345/0xa30
[  357.491869][T10265]  ? __pfx_direct_splice_actor+0x10/0x10
[  357.491926][T10265]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  357.491980][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  357.492027][T10265]  do_splice_direct+0x174/0x240
[  357.492079][T10265]  ? __pfx_do_splice_direct+0x10/0x10
[  357.492130][T10265]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  357.492190][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  357.492234][T10265]  ? rw_verify_area+0xcf/0x680
[  357.492280][T10265]  do_sendfile+0xb06/0xe50
[  357.492331][T10265]  ? __pfx_do_sendfile+0x10/0x10
[  357.492387][T10265]  __x64_sys_sendfile64+0x154/0x220
[  357.492423][T10265]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  357.492460][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  357.492508][T10265]  do_syscall_64+0xcd/0x4c0
[  357.492560][T10265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  357.492597][T10265] RIP: 0033:0x7fa18118e9a9
[  357.492625][T10265] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  357.492661][T10265] RSP: 002b:00007fa1820ba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  357.492695][T10265] RAX: ffffffffffffffda RBX: 00007fa1813b5fa0 RCX: 00007fa18118e9a9
[  357.492719][T10265] RDX: 00002000000000c0 RSI: 0000000000000003 RDI: 0000000000000004
[  357.492742][T10265] RBP: 00007fa181210d69 R08: 0000000000000000 R09: 0000000000000000
[  357.492764][T10265] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000000
[  357.492786][T10265] R13: 0000000000000000 R14: 00007fa1813b5fa0 R15: 00007ffe38333a88
[  357.492822][T10265]  </TASK>
[  357.492833][T10265] 
[  357.996738][T10265] Allocated by task 8795:
[  358.001073][T10265]  kasan_save_stack+0x33/0x60
[  358.005816][T10265]  kasan_save_track+0x14/0x30
[  358.010542][T10265]  __kasan_slab_alloc+0x89/0x90
[  358.015443][T10265]  kmem_cache_alloc_noprof+0x1cb/0x3b0
[  358.020946][T10265]  gfs2_glock_get+0x1e5/0x1230
[  358.025755][T10265]  gfs2_inode_lookup+0x277/0x8a0
[  358.030726][T10265]  gfs2_dir_search+0x22a/0x2e0
[  358.035524][T10265]  gfs2_lookupi+0x4b7/0x6e0
[  358.040057][T10265]  init_inodes+0x869/0x2eb0
[  358.044585][T10265]  gfs2_fill_super+0x1be2/0x2d30
[  358.049549][T10265]  get_tree_bdev_flags+0x38c/0x620
[  358.054703][T10265]  gfs2_get_tree+0x4e/0x280
[  358.059229][T10265]  vfs_get_tree+0x8e/0x340
[  358.063672][T10265]  path_mount+0x1482/0x1fd0
[  358.068200][T10265]  __x64_sys_mount+0x28d/0x310
[  358.072985][T10265]  do_syscall_64+0xcd/0x4c0
[  358.077521][T10265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  358.083440][T10265] 
[  358.085773][T10265] Freed by task 15:
[  358.089583][T10265]  kasan_save_stack+0x33/0x60
[  358.094316][T10265]  kasan_save_track+0x14/0x30
[  358.099028][T10265]  kasan_save_free_info+0x3b/0x60
[  358.104076][T10265]  __kasan_slab_free+0x51/0x70
[  358.108878][T10265]  kmem_cache_free+0x2d1/0x4d0
[  358.113679][T10265]  gfs2_glock_dealloc+0xd0/0x150
[  358.118647][T10265]  rcu_core+0x79c/0x14e0
[  358.122924][T10265]  handle_softirqs+0x219/0x8e0
[  358.127717][T10265]  run_ksoftirqd+0x3a/0x60
[  358.132165][T10265]  smpboot_thread_fn+0x3f7/0xae0
[  358.137142][T10265]  kthread+0x3c5/0x780
[  358.141229][T10265]  ret_from_fork+0x5d7/0x6f0
[  358.145830][T10265]  ret_from_fork_asm+0x1a/0x30
[  358.150619][T10265] 
[  358.152945][T10265] Last potentially related work creation:
[  358.158667][T10265]  kasan_save_stack+0x33/0x60
[  358.163471][T10265]  kasan_record_aux_stack+0xa7/0xc0
[  358.168701][T10265]  __call_rcu_common.constprop.0+0xa5/0xa10
[  358.174634][T10265]  gfs2_glock_free+0x35/0x90
[  358.179255][T10265]  glock_work_func+0x396/0x4d0
[  358.184037][T10265]  process_one_work+0x9cf/0x1b70
[  358.189001][T10265]  worker_thread+0x6c8/0xf10
[  358.193641][T10265]  kthread+0x3c5/0x780
[  358.197734][T10265]  ret_from_fork+0x5d7/0x6f0
[  358.202341][T10265]  ret_from_fork_asm+0x1a/0x30
[  358.207146][T10265] 
[  358.209473][T10265] Second to last potentially related work creation:
[  358.216058][T10265]  kasan_save_stack+0x33/0x60
[  358.220770][T10265]  kasan_record_aux_stack+0xa7/0xc0
[  358.225995][T10265]  insert_work+0x36/0x230
[  358.230781][T10265]  __queue_work+0x97e/0x10f0
[  358.235395][T10265]  __queue_delayed_work+0x35b/0x460
[  358.240623][T10265]  queue_delayed_work_on+0x1b5/0x200
[  358.245935][T10265]  gfs2_glock_queue_work+0x75/0x120
[  358.251169][T10265]  clear_glock+0xa7/0xe0
[  358.255453][T10265]  glock_hash_walk+0x12c/0x1c0
[  358.260242][T10265]  gfs2_gl_hash_clear+0x103/0x780
[  358.265317][T10265]  gfs2_fill_super+0x2524/0x2d30
[  358.270286][T10265]  get_tree_bdev_flags+0x38c/0x620
[  358.275436][T10265]  gfs2_get_tree+0x4e/0x280
[  358.279967][T10265]  vfs_get_tree+0x8e/0x340
[  358.284494][T10265]  path_mount+0x1482/0x1fd0
[  358.289013][T10265]  __x64_sys_mount+0x28d/0x310
[  358.293796][T10265]  do_syscall_64+0xcd/0x4c0
[  358.298331][T10265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  358.304243][T10265] 
[  358.306574][T10265] The buggy address belongs to the object at ffff88807ba82a40
[  358.306574][T10265]  which belongs to the cache gfs2_glock(aspace) of size 1224
[  358.321445][T10265] The buggy address is located 984 bytes inside of
[  358.321445][T10265]  freed 1224-byte region [ffff88807ba82a40, ffff88807ba82f08)
[  358.335445][T10265] 
[  358.337781][T10265] The buggy address belongs to the physical page:
[  358.344221][T10265] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff88807ba824f8 pfn:0x7ba80
[  358.354299][T10265] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  358.362811][T10265] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  358.370367][T10265] page_type: f5(slab)
[  358.374398][T10265] raw: 00fff00000000040 ffff888020f38140 dead000000000122 0000000000000000
[  358.383010][T10265] raw: ffff88807ba824f8 00000000800c0002 00000000f5000000 0000000000000000
[  358.391614][T10265] head: 00fff00000000040 ffff888020f38140 dead000000000122 0000000000000000
[  358.400397][T10265] head: ffff88807ba824f8 00000000800c0002 00000000f5000000 0000000000000000
[  358.409093][T10265] head: 00fff00000000002 ffffea0001eea001 00000000ffffffff 00000000ffffffff
[  358.417830][T10265] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004
[  358.426515][T10265] page dumped because: kasan: bad access detected
[  358.432935][T10265] page_owner tracks the page as allocated
[  358.438664][T10265] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd2040(__GFP_IO|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 8485, tgid 8484 (syz.2.1006), ts 256914562029, free_ts 253660529634
[  358.459323][T10265]  post_alloc_hook+0x1c0/0x230
[  358.464127][T10265]  get_page_from_freelist+0x1321/0x3890
[  358.469711][T10265]  __alloc_frozen_pages_noprof+0x261/0x23f0
[  358.475655][T10265]  alloc_pages_mpol+0x1fb/0x550
[  358.480572][T10265]  new_slab+0x23b/0x330
[  358.484765][T10265]  ___slab_alloc+0xd9c/0x1940
[  358.489477][T10265]  __slab_alloc.constprop.0+0x56/0xb0
[  358.494879][T10265]  kmem_cache_alloc_noprof+0xef/0x3b0
[  358.500290][T10265]  gfs2_glock_get+0x1e5/0x1230
[  358.505089][T10265]  gfs2_inode_lookup+0x277/0x8a0
[  358.510066][T10265]  gfs2_lookup_root+0x57/0x130
[  358.514853][T10265]  init_sb+0xae5/0x10d0
[  358.519061][T10265]  gfs2_fill_super+0x1967/0x2d30
[  358.524048][T10265]  get_tree_bdev_flags+0x38c/0x620
[  358.529210][T10265]  gfs2_get_tree+0x4e/0x280
[  358.533737][T10265]  vfs_get_tree+0x8e/0x340
[  358.538183][T10265] page last free pid 8421 tgid 8421 stack trace:
[  358.544515][T10265]  __free_frozen_pages+0x7fe/0x1180
[  358.549750][T10265]  __folio_put+0x329/0x450
[  358.554207][T10265]  vhost_dev_cleanup+0x7bf/0x1030
[  358.559266][T10265]  vhost_vsock_dev_release+0x2d6/0x400
[  358.564764][T10265]  __fput+0x402/0xb70
[  358.568767][T10265]  task_work_run+0x150/0x240
[  358.573383][T10265]  exit_to_user_mode_loop+0xeb/0x110
[  358.578792][T10265]  do_syscall_64+0x3f6/0x4c0
[  358.583431][T10265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  358.589360][T10265] 
[  358.591688][T10265] Memory state around the buggy address:
[  358.597332][T10265]  ffff88807ba82d00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  358.605410][T10265]  ffff88807ba82d80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  358.613499][T10265] >ffff88807ba82e00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  358.621576][T10265]                             ^
[  358.626443][T10265]  ffff88807ba82e80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  358.634526][T10265]  ffff88807ba82f00: fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  358.642604][T10265] ==================================================================
[  358.653811][T10265] Kernel panic - not syncing: kasan.fault=panic_on_write set ...
[  358.661575][T10265] CPU: 0 UID: 0 PID: 10265 Comm: syz.6.1628 Tainted: G    B               6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(full) 
[  358.674920][T10265] Tainted: [B]=BAD_PAGE
[  358.679109][T10265] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  358.689200][T10265] Call Trace:
[  358.692508][T10265]  <TASK>
[  358.695465][T10265]  dump_stack_lvl+0x3d/0x1f0
[  358.700115][T10265]  panic+0x71c/0x800
[  358.704050][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  358.709746][T10265]  ? __pfx_panic+0x10/0x10
[  358.714204][T10265]  ? trace_irq_enable.constprop.0+0xd4/0x120
[  358.720254][T10265]  ? trace_irq_enable.constprop.0+0x2f/0x120
[  358.726281][T10265]  ? do_raw_spin_lock+0x11d/0x2b0
[  358.731430][T10265]  end_report+0x159/0x170
[  358.735812][T10265]  kasan_report+0xee/0x110
[  358.740274][T10265]  ? do_raw_spin_lock+0x11d/0x2b0
[  358.745334][T10265]  kasan_check_range+0x100/0x1b0
[  358.750316][T10265]  do_raw_spin_lock+0x11d/0x2b0
[  358.755198][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  358.760864][T10265]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  358.766271][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  358.771948][T10265]  __buffer_migrate_folio+0x40b/0x6d0
[  358.777355][T10265]  move_to_new_folio+0x1e7/0x760
[  358.782344][T10265]  ? __pfx_buffer_migrate_folio_norefs+0x10/0x10
[  358.788723][T10265]  migrate_pages_batch+0x201d/0x31a0
[  358.794051][T10265]  ? __pfx_compaction_free+0x10/0x10
[  358.799384][T10265]  ? __pfx_migrate_pages_batch+0x10/0x10
[  358.805054][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  358.810721][T10265]  ? __lock_acquire+0x622/0x1c90
[  358.815694][T10265]  migrate_pages_sync+0x12d/0x8a0
[  358.820749][T10265]  ? lock_acquire+0x179/0x350
[  358.825468][T10265]  ? __pfx_compaction_alloc+0x10/0x10
[  358.830954][T10265]  ? __pfx_compaction_free+0x10/0x10
[  358.836265][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  358.841930][T10265]  ? __pfx_migrate_pages_sync+0x10/0x10
[  358.847502][T10265]  ? do_raw_spin_unlock+0x172/0x230
[  358.852734][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  358.858404][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  358.864085][T10265]  migrate_pages+0x1b67/0x23b0
[  358.868878][T10265]  ? __pfx_compaction_alloc+0x10/0x10
[  358.874318][T10265]  ? __pfx_compaction_free+0x10/0x10
[  358.879636][T10265]  ? __pfx_migrate_pages+0x10/0x10
[  358.884790][T10265]  ? __pfx_isolate_migratepages_block+0x10/0x10
[  358.891068][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  358.896758][T10265]  ? pfn_to_online_page+0x1de/0x560
[  358.902030][T10265]  compact_zone+0x2023/0x4760
[  358.906767][T10265]  ? __lock_acquire+0xb8a/0x1c90
[  358.911753][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  358.917522][T10265]  ? __pfx_compact_zone+0x10/0x10
[  358.922589][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  358.928267][T10265]  compact_node+0x1a4/0x2d0
[  358.932810][T10265]  ? __pfx_compact_node+0x10/0x10
[  358.937942][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  358.943610][T10265]  ? __lru_add_drain_all+0xe7/0x6f0
[  358.948862][T10265]  sysctl_compaction_handler+0x141/0x210
[  358.954536][T10265]  proc_sys_call_handler+0x440/0x570
[  358.959860][T10265]  ? __pfx_proc_sys_call_handler+0x10/0x10
[  358.965704][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  358.971372][T10265]  ? splice_from_pipe_next+0x1f8/0x5d0
[  358.976972][T10265]  iter_file_splice_write+0x91f/0x1150
[  358.982494][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  358.988167][T10265]  ? __pfx_iter_file_splice_write+0x10/0x10
[  358.994127][T10265]  ? __pfx_copy_splice_read+0x10/0x10
[  358.999558][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  359.005230][T10265]  ? __pfx_iter_file_splice_write+0x10/0x10
[  359.011177][T10265]  direct_splice_actor+0x192/0x6c0
[  359.016342][T10265]  splice_direct_to_actor+0x345/0xa30
[  359.021763][T10265]  ? __pfx_direct_splice_actor+0x10/0x10
[  359.027451][T10265]  ? __pfx_splice_direct_to_actor+0x10/0x10
[  359.033399][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  359.039167][T10265]  do_splice_direct+0x174/0x240
[  359.044241][T10265]  ? __pfx_do_splice_direct+0x10/0x10
[  359.049657][T10265]  ? __pfx_direct_file_splice_eof+0x10/0x10
[  359.055594][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  359.061258][T10265]  ? rw_verify_area+0xcf/0x680
[  359.066060][T10265]  do_sendfile+0xb06/0xe50
[  359.070526][T10265]  ? __pfx_do_sendfile+0x10/0x10
[  359.075516][T10265]  __x64_sys_sendfile64+0x154/0x220
[  359.080741][T10265]  ? __pfx___x64_sys_sendfile64+0x10/0x10
[  359.086484][T10265]  ? srso_alias_return_thunk+0x5/0xfbef5
[  359.092159][T10265]  do_syscall_64+0xcd/0x4c0
[  359.096736][T10265]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  359.102659][T10265] RIP: 0033:0x7fa18118e9a9
[  359.107264][T10265] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  359.126909][T10265] RSP: 002b:00007fa1820ba038 EFLAGS: 00000246 ORIG_RAX: 0000000000000028
[  359.135363][T10265] RAX: ffffffffffffffda RBX: 00007fa1813b5fa0 RCX: 00007fa18118e9a9
[  359.143358][T10265] RDX: 00002000000000c0 RSI: 0000000000000003 RDI: 0000000000000004
[  359.151354][T10265] RBP: 00007fa181210d69 R08: 0000000000000000 R09: 0000000000000000
[  359.159351][T10265] R10: 0000000000000005 R11: 0000000000000246 R12: 0000000000000000
[  359.167356][T10265] R13: 0000000000000000 R14: 00007fa1813b5fa0 R15: 00007ffe38333a88
[  359.175368][T10265]  </TASK>
[  359.178699][T10265] Kernel Offset: disabled
[  359.183042][T10265] Rebooting in 86400 seconds..