last executing test programs:

3m10.667598042s ago: executing program 2 (id=6635):
r0 = syz_usb_connect(0x0, 0x3d7, &(0x7f00000007c0)=ANY=[@ANYBLOB="120100004cefc008e10593085bfd010203010902c50301000000000904"], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000440)={0x44, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

3m8.719516338s ago: executing program 2 (id=6662):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newlink={0x3c, 0x10, 0x49920d862a92153b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0xc27, 0x8003}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bond={{0x9}, {0x4}}}, @IFLA_NUM_RX_QUEUES={0x8, 0x20, 0xffffff60}]}, 0x3c}}, 0x0)

3m8.489913893s ago: executing program 2 (id=6667):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a03000000000000000000070000000900010073797a300000000078000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a300000000008000540000000213c0011800a0001006c696d69740000002c0002800c00024000000000000000030c000140000000000000010108000540400000010800044000000001"], 0xc0}}, 0x0)

3m8.306263547s ago: executing program 2 (id=6670):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$nfs(&(0x7f00000001c0)='..\x00', &(0x7f0000000240)='./file0\x00', 0x0, 0x85000, 0x0)

3m8.06352453s ago: executing program 2 (id=6673):
r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
getsockopt(r0, 0xff, 0x1, 0x0, 0x0)

3m7.582331075s ago: executing program 2 (id=6680):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
ioctl$BLKZEROOUT(r0, 0x127f, &(0x7f0000000240)={0x2000, 0x1000000})

3m7.093412061s ago: executing program 32 (id=6680):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x1, 0x0)
ioctl$BLKZEROOUT(r0, 0x127f, &(0x7f0000000240)={0x2000, 0x1000000})

2.511112513s ago: executing program 6 (id=9541):
r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x84, 0x0)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_PREFER_SUBDEVICE(r0, 0x40045542, 0x0)

2.272621564s ago: executing program 6 (id=9545):
r0 = openat$vicodec1(0xffffffffffffff9c, &(0x7f00000007c0), 0x2, 0x0)
ioctl$VIDIOC_G_FREQUENCY(r0, 0xc02c5638, &(0x7f00000008c0)={0xf, 0x1, 0x379576b2})

2.140586521s ago: executing program 6 (id=9549):
capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xfffffdff})
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x3, 0x4, 0x4, 0xffffffff}, 0x50)

1.936375387s ago: executing program 6 (id=9552):
r0 = syz_open_dev$dri(&(0x7f0000000440), 0x1, 0x0)
ioctl$DRM_IOCTL_GET_CAP(r0, 0xc010640c, &(0x7f0000000000)={0x8})

1.736894491s ago: executing program 6 (id=9557):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x4000, &(0x7f0000000140)=ANY=[@ANYBLOB="696f636861727365743d6d616363726f617469616e2c646973636172643d3078303030303030303030303030303030332c6e6f646973636172642c6572726f72733d636f6e74696e75652c696f636861727365743d6d6163637972696c6c69632c0067add4ceeca11a757cb8702b1b4a0ff322839e69b507d7478e0706b00408dc59283f5cf8e6972cdb3f50680fc9602ed27c1f6b47a91f941f154ae205d34a9b7a7c67efa0c0e2a70251d664fce12a0000800100000000b7672c4e1566a61a0ade4b6c9d78151053d9fb31fd2cfc77f269f873e14e5fe3c46c0acbb22d40391ae31d2025dcd947adf76739ae4ecbe39b131cab48d99bd1b630040b37e2b09d7816e0b93981de1147532cf2f46d4d4904f68fb43cd165b9", @ANYRES16=0x0, @ANYRES16], 0x1, 0x6246, &(0x7f0000006740)="$eJzs3c2OHFfZB/Cn+ms+/MaxsojyWghNEgMJIf4MxhAgyQIWbFggb5GtySSycADZBjmRhceaDQsuAoTEEhBLVlxAFmzZcQFYspGArFKoPOeMa5pu99jOdPXM+f2kcdVTp2r6lP5d092uqj4BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMT3vvuDM1VEXPp5WnAs4v+iH9GLWGnqtYhYWTuW1x9ExAvxoDmej4jhUkSVG5+NeCMiPj4ace/+rfVm0dk99uM7f/zbb3945Pt//f3w1L//dKP/5rT1bt781b/+fPvJ9xcAAABKVNd1XaWP+cfT5/te150CAOYiv/7XSV6uXrh6c8H6o1arD3w9XLD+qOdRt9WT3W4XEbHZ3qZ5z+B0PAAcMJvxSdddoEPyL9ogIo503QlgoVVdd4B9ce/+rfUq5Vu1Xw/WttvztSC78t+sdu7vmDadZfwak3k9v7aiH89N6c/KnPqwSHL+vfH8L223j9J6+53/vEzLf7R961Nxcv798fzHHJ78exPzL1XOf/BY+fflDwAAAAAACyz///+xjs//Lj39ruzJo87/rs2pDwAAAAAAAADwWXva8f92VMb/AwAAgEXVfFZv/Prow2XTvoutWX6xinhmbH2gMOlmmdWu+wEAAAAAAAAAAAAAJRlsX8N7sYoYRsQzq6t1XTc/beP143ra7Q+60vcfStb1H3kAANj28dGxe/mriOWIuJi+62+4urpa18srq/VqvbKU38+Olpbrldbn2jxtli2N9vCGeDCqm1+23Nqubdbn5Vnt47+veaxR3d9Dx+ajw8ABICK2X43ueUU6ZOr62ej6XQ4Hg+P/8HH8sxddP08BAACA/VfXdV2lr/M+ns7597ruFAAwF/n1f/y8gFqtVqvV6sNXt9WT3W4XEbHZ3qZ5z2A4fgA4YDbjk667QIfkX7RBRLzQdSeAhVZ13QH2xb37t9arlG/Vfj1I47vna0F25b9ZPdgubz9pOsv4NSbzen5tRT+em9Kf5+fUh0WS8++N539pu32U1tvv/OdlWv7Nfh7roD9dy/n3x/Mfc3jy703Mv1Q5/8Fj5d+XPwAAAAAALLD8///HFur87+hJd2emR53/Xdu3RwUAAAAAAACA/XXv/q31fN9rPv//uQnruf/zcMr5V/IvUs4/3f+/c+HNK2Pr9Vvzd995mP8/799a/92Nf/x/nu41/6U8U6VnVpWeEVV6pGqQpk+4Y1NsDfuj5pGGVa8/SNf81MP34kpcjY04vWvdXjoeHraf2dXe9HT4oL3ub7ef3dU+2GnP25/b1T5MVzrVK7n9ZKzHT+JqvPugvWlbmrH/yzPa6xntOf++479IOf9B66fJfzW1V2PTxt07vf857tvTSY/z9pXP//L0/u/OTFtxZ+LyZv9emntvYvsvzpFR/Oz6xrWTNy/fuHHtTKTJrqVnI00+Yzn/YfrJ+b/y8nZ7/rvfPl7v3hk9dv6LYisGO8/ttib/l1vzzf6+Oue+dSHnP0o/Of93U/vk4/8g59+fmv9rHfQHAAAAAAAAAAAAAAAAHqWu6we3iL4dEefT/T9d3ZsJAMxXfv2vk7x8XnX/Sbf/w+796Kr/avWc62rB+jPX+tN6sfqjXsj6PwvWn4Wr2+rJ3moXEfGX9jbNe4ZfTPplAMAi+zQi/t51J+iM/AuWv++vmZ7oujPAXF3/8KMfXb56dePa9a57AgAAAAAAAAA8qTz+51pr/OcTdV3fHltv1/iv78Ta047/OcgzOwOMThmouv/4+/QoW71Rv9cabvzFmDb+93Bn7lHjfw9mPN5wRvtoRvvSjPblGe0Tb/Royfm/2Brv/EREHB8bfr2E8V/Hx7wvQc7/pdbzucn/S2PrtfOvf3OQ8+/tyv/UjQ9+eur6hx+9fuWDy+9vvL/x43Nnzpw+d/78hQsXTr135erG6e1/O+zx/sr557GvXQdalpx/zlz+Zcn5fyHV8i9Lzv+LqZZ/WXL++f2e/MuS88+ffeRflpz/q6mWf1ly/l9OtfzLkvN/LdXyL0vO/yupln9Zcv6vp1r+Zcn5n0y1/MuS8z+V6j3mv7Lf/WI+cv75DJfjvyw5/3xlg/zLkvM/m2r5lyXnfy7V8i9Lzv+NVMu/LDn/r6Za/mXJ+Z9PtfzLkvP/WqrlX5ac/4VUy78sOf+vp1r+Zcn5fyPV8i9Lzv/NVMu/LDn/b6Za/mXJ+X8r1fIvS87/26mWf1ly/m+lWv5lefj9/2lmOcaXmDFjpriZrv8yAQAAAAAAAAAAAADj5nE5cdf7CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwH/ZgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwg4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRX27i1Grru+A/iZvXnjQGIgpE5qwsYxwTib7PoSX2hdTLg23EpCKPSC7XrXZsE3vHYJNKodBUokjIoq2oaHtoBQm5cKq+KBVoDygFpVqkTaB/qCqFB5iKqAAlJVWgFbzZz//78zs7Mzu97x+sw5n48U/7wzZ+acOXNmdr/efOcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADN7nzD7KdqWZbVarX8gk1Z9qL6vGFiU+OS117f7QMAAADW7ueNP1+4OV1waAU3alrmn+749lcXFhYWsvcN/+no5xYW0hUTWTa6Icsa10VXvv/+WvMywRPZeG2o6euhHqsf7nH9SI/rR3tcP9bj+g09rh/vcf2SHbDEDVkt3dm2xl835bs0uyUbbVy3rcOtnqhtGKrvu3TbrNa4zcLo8WwuO5nNZtMty+fL1hrLf/3O+rremsV1DTWta0v9CPnxY8fiNtTCPt7Wsq7F+4x++Pps4ic/fuzYX59//rZOs+duaLm/fDu3b61v5yfCJfm21rINaZ/E7Rxq2s4tHZ6T4ZbtrDVuV/97+3a+sMLtHF7czHXV/pyPZ0ONvz/b2E8jtazDftoSLvvpXVmWXVrc7PZllqwrG8o2tlwytPj8jOdHZP0+6ofSS7ORVR2nd67gOK3PmW2tx2n7ayI+/3eG240ssw3NT9MPHx9ret5/tnA1x2lUf9TLvVbaj8F+v1aKcgzG4+LZxoN+suMxuC08/sfuXv4Y7HjsdDgG0+NuOga39joGh8aGG9ucnoRa4zaLx+DOluWHG2uqNeZzd3c/BqfOnzo7Nf+xj987d+roidkTs6d379w5vXvv3v37908dnzs5O53/eZV7u/g2ZkPpNbA17Lv4Gnh127LNh+rCF8eWvP9e7etwvMvrcFPbsv1+HY60P7ja+rwglx7T+WvjPfWdPn55KFvmNdZ4fnas/XWYHnfT63Ck6XXY8XtKh9fhyApeh/Vlzu5Y2c8sI03/ddqG5b8XrO0Y3NR0DLb/PNJ+DPb755GiHIPj4bj47o7lvxdsCdv75ORqfx4ZXnIMpocb3nvql6Sf98f3N0an4/L2+hU3jmUX5mfP3ffo0fPnz+3MwlgXL2s6VtqP141NjylbcrwOrfp4PTR3x5O3d7h8U9hX4/fW/xhf9rmqL7Pnvu7PVeO7W+f92XLpriyMPlvv/dnpu3l9f45l2ee/9fhD33js829Ydn/W8+Ynptb+s3jKpU3vv6PLvP/G3P+LfH3prp4YHh3JX7/Dae+Mtrwftz5VI433rlpj3S9Mrez9eDT8t97vx7d0eT/e3LZsv9+PR9sfXHw/rvX61461aX8+x8NxcnK6+/txfZnNu1Z7TI50fT++K8xa2P+vCUkh5aKmY2e54zata2RkNDyukbiG1uN0d8vyoyGb1df19K6rO06335Xf13B6dIvW6zidaFu238dp+rev5Y7TWq9/fbs67c/neDgubtnd/TitL/PMnrW/d94Q/9r03jnW6xgcHR6rb/NoOggb7/fZwg3xGLwvO5adyU5mM41rxxrHU62xrsn7V3YMjoX/1vu9cnOXY3B727L9PgbT97Hljr3ayNIH3wftz+d4OC6eur/7MVhf5o37+vuz6/ZwSVqm6WfX9n9fW+7fvG5v203X6lgZCdv5rX3d/222vszJ/avNmd330z3hkhs77Kf21+9yr6mZbH320+awnc/vX34/1benvsznDqzweDqUZdnFjzzw7Nb6U5//fuXvLnznqy2/d+n0O52LH3ngRy8+/o+r2X4ABt8v8rEx/17X9Juplfz+HwAAABgIMfcPhZnI/wAAAFAaMffH/ys8kf8BAACgNGLuHwkzqUj+3/zG5+d+cTFLzfyFIF6fdsOD+XKx4zodvp5YWFS//IEvz/73P1xc2bqHsiz72YN/0HH5zQ/G7cpNhO288qbWy5f46r0rWveRRy6m9Tb3178Q7j8+npUeBp0quNNZln395s801jPx/suN+cyDRxrzoUtPPlFf5oUD+dfx9s+9LF/+L0L599Dxoy23fy7shx+EOf22zvsj3u4rl1+zZd97F9cXb1fbelPjYT/1gfx+4+fkfPaJfPm4n5fb/m98+umv1Jd/9FWdt//iUOftfzrc75fD/N9X5Ms3Pwf1r+PtPhm2P64v3u6+L32z4/Zf+VS+/Nk358sdCTOuf3v4etubn59r3l+P1o62PK7sLflycf3T3/njxvXx/uL9t2//+OHLLfuj/fh45t/y+5lqWz5eHtcT/X3b+uv303x8xvU//UdHWvZzr/Vfeei5V9Tvt33997Qtd/YjOxrrX7y/1k9s+stPfqbj+uL2HPrbsy2P59C7w+s4rP+pD4TjMVz/f1fy+2v/dIUj7259/4nLf2HTxZbHE731J/n6r7zuRGNuGL9h440vevFNl15Z33dZ9uyG/P56rf/EX51p2f4v3prvj3h97Oi3r385cf3nPjp5+sz8hbmZtFcfu7nx2Tlvz7cnbu/N4b21/evDZ85/cPbcxPTEdJZNlPcj9K7al8L8UT4udV96Yck76I5HwvN5+59/fePd//rpePm/vye//PLb8u9brw7LfTZcvik8f6tb/1JP3Xlr4/VdeyZs4cLSzwteiy3b/mv/ihYMj7/954J4vJ99+Qcb+6F+XeP7Rnxdr3H7vzeT38/Xwn5dCJ/MvPXWxfU1Lx8/G+Hyw/nrfc37L7zNxef1b8Lz/Y4f5Pcftys+3u+Fn2O+ubn1/S4eH1+7ONR+/41P8bgU3k+yS/n1cam4vy+/cGvHzYufQ5Jduq3x9Z+k+7ltVQ9zOfMfm586OXf6wqNT52fnz0/Nf+zjh0+duXD6/OHGZ3ke/lCv2y++P21svD/NzO7dkzXerc7k4xq73tt/9pFjM/um756ZPX70wvHzj5ydPXfi2Pz8sdmZ+buPHj8++9Fet5+bObhz14Hd+3ZNnpibObj/wIHdBybnTp+pb0a+UT3snf7w5Olzhxs3mT+458DO++/fMz156szM7MF909OTF3rdvvG9abJ+69+fPDd78uj5uVOzk/NzH589uPPA3r27en4a4Kmzx+cnps5dOD11YX723FT+WCbONy6uf+/rdXvKaf4/8p9n29XyD+LL3nXP3vT5rHVffnzZu8oXafsA0efDZ9H880vO7l/J1zH3j4aZVCT/AwAAQBXE3D8WZiL/AwAAQGnE3L8hzET+BwAAgNKIuX88zKQi+b90/f/NF1e0fv3/vvT/Fy7q/+v/D2L//+Gi9f/z9wv9//5Ya/9e/z/Q/9f/1//X/9f/pw+K1v+Puf+GLKtk/gcAAIAqiLl/Y5iJ/A8AAAClEXP/jWEm8j8AAACURsz9LwozqUj+1//X/3f+f/1//f/O69f/H0z6/93p//eg/z+VVav/f6mf26//r//PUkXr/8fc/+Iwk4rkfwAAAKiCmPtvCjOR/wEAAKA0Yu6/OcxE/gcAAIDSiLl/U5hJRfK//r/+v/6//r/+f+f16/8PJv3/7vT/e9D/d/5//X/9f/qqaP3/mPtfEmZSkfwPAAAAVRBz/0vDTOR/AAAAKJ6Rq7tZzP0vCzNZkv+vcgUAAADAdRdz/y1ZWxG8Ir//1//X/y9+/39Duk7/X/8/K2T/fzjT/y8O/f/u9P970P/X/9f/1/+nr4rW/2/k/mw8e3mYSUXyPwAAAFRBzP23hpnI/wAAAFAaMff/UpiJ/A8AAAClEXP/5jCTiuR//X/9/+L3/53/X/+/6P1/5/8vEv3/7vT/e9D/1//X/9f/p6+K1v+Puf+2MJOK5H8AAACogpj7bw8zkf8BAACgNGLu/+UwE/kfAAAASiPm/i1hJhXJ//r/Be//x+ao/r/+v/6//r/+/4ro/3en/9+D/r/+v/6//j99VbT+f8z9rwgzqUj+BwAAgCqIuf+OMBP5HwAAAEoj5v5XhpnI/wAAAFAaMfdPhJlUJP/r/xe8/5/34Mec/1//X/9f/1//f2X0/7vT/+9B/1//vy/9/4WLHfr/G3rdXv+fMipa/z/m/jvDTCqS/wEAAKAKYu7fGmYi/wMAAEBpxNx/V5iJ/A8AAAClEXP/tjCTiuR//f+B6P9n+v/6//r/+v/6/yuj/9+d/n8P+v/6/87/r/9PXxWt/x9z/6vCTCqS/wEAAKAKYu6/O8xE/gcAAIDSiLn/1WEm8j8AAACURsz928NMKpL/9f/1//X/9f/1/zuvX/9/MK21f1//UUD/X/9f/1//X/9f/5/+KFr/P+b+14SZVCT/AwAAQBXE3L8jzET+BwAAgNKIuf+eMBP5HwAAAEoj5v7JMJOK5H/9f/1//X/9f/3/zuvX/x9Mzv/fnf5/D/r/+v/6//r/9FXR+v8x998bZlKR/A8AAABVEHP/fWEm8j8AAACURsz9U2Em8j8AAACURsz902EmFcn/+v/6//r/+v+r6v+/cvF+9f9z+v/Fov/fnf5/DyXp/4+u6kEvut79+bW63tvfn/7/qP4/pVK0/n/M/TvDTCqS/wEAAKAKYu7fFWYi/wMAAEBpxNy/O8xE/gcAAIDSiLl/T5hJRfK//r/+v/6//r/z/3dev/7/YNL/767//f/4EPX/i9T/v1rXuz8/6Nvv/P/6/yxVtP5/zP33h5lUJP8DAABAFcTcvzfMRP4HAACA0oi5f1+YifwPAAAApRFz//4wk4rkf/1//f/r2f/Pskv6//r/+v/6/32l/9+d8//3oP+v/6//r//PGj38h81fFa3/H3P/gTCTiuR/AAAAqIKY+18bZiL/AwAAQGnE3P8rYSbyPwAAAJRGzP2/GmZSkfyv/9/SPa8/XP1/5//X/9f/b9D/H0z6/93p//eg/6//r/+v/09fLdv/D9F7vfv/MfcfDDOpSP4HAACAKoi5/9fCTOR/AAAAKI2Y+18XZiL/AwAAQGnE3H8ozKQi+V//f/DO/x/rM/r/+v/6/+Xq/4/F+9X/X5M19O8bT63+f6D/r/+v/6//r/9PHxTt/P8x978+zKQi+R8AAACqIOb+B8JM5H8AAAAojZj73xBmIv8DAABAacTc/8Ywk4rkf/3/wev/O/+//r/+f65s/X/n/+8P5//vTv+/B/1//X/9f/1/+qpo/f+Y+98UZlKR/A8AAABVEHP/m8NM5H8AAAAojZj73xJmIv8DAABAacTc/9Ywk4rk/3Xv/zcVhfX/9f/1//X/9f/1//tt7f3/n4U9rf+v/6//r/+v/6//z1oVrf8fc/+vh5lUJP8DAABAFcTc/2CYifwPAAAApRFz/9vCTOR/AAAAKI2Y+98eZlKR/O/8//r/+v/6//r/ndev/z+YnP+/uwHr///8pnC5/n9O/7/Y27/a/v9I29fXpP///eX6/wsb2m+v/8+1ULT+f8z97wgzqUj+BwAAgCqIuf+dYSbyPwAAAJRGzP3vCjOR/wEAAKA0Yu7/jTCTiuR//f/6diy2l/X/y9r/H9L/1//X/68I/f/uBqz/Pwjn/x/W/1+k/+/8//r/tCta/z/m/neHmVQk/wMAAEAVxNz/UJiJ/A8AAAClEXP/w2Em8j8AAACURsz97wkzqUj+1/93/v9q9P+d/z/T/9f/rwj9/+70/3tw/n/9/6L1//9T/5/BVrT+f8z9j4SZVCT/AwAAQBXE3P/eMBP5HwAAAEoj5v7fDDOR/wEAAKA0Yu5/X5hJRfK//v+g9P8nBrT//7j+/zXs/99xU76c/r/+P4v0/7vT/+9B/1//v2j9f+f/Z8AVrf8fc//7w0xWnv/HV7wkAAAAcF3E3P9bYSYV+f0/AAAAVEHM/b8dZiL/AwAAQGnE3P87YSYVyf/6/4PS/3f+/0z/3/n/2x6P/r/+fyfr1/+P7zz6//r/+v+R/r/+v/4/7YrW/4+5/3fDTCqS/wEAAKAKYu7/QJiJ/A8AAAADodP/k90u5v7DYSbyPwAAAJRGzP1Hwkwqkv/1//X/9f8L2v//s63/8t1vv/PITv1//X/9/1VZ1/P/11/8zv+v/6//n+j/6//r/9OuaP3/mPuPhplUJP8DAABAFcTc/3thJvI/AAAAlEbM/cfCTOR/AAAAKI2Y+2fCTCqS//X/9f/1/wva/x/g8//H/aH/36pv/f/4pqv/31Hev09H0bXt/793sSeu/7/a/v9Yx0v1//X/B3n79f/1/1mqaP3/mPtnw0wqkv8BAACgCkLuHzqez8Ur5H8AAAAojZj7T4SZyP8AAABQGjH3fzDMpCL5X/9f/1//X//f+f87r79b/7824vz/RZX69z9tvFD0/9sUp//fmf6//v8gb7/+v/4/SxWt/x9z/1yYSUXyPwAAAFRBzP0fCjOR/wEAAKA0Yu7/cJiJ/A8AAAClEXP/yTCTiuR//X/9f/1//X/9/87rL+z5//X/u1pr/17/P9D/r3b//3/0//X/9f/pj6L1/2PuPxVm8v/s3UeTZfV5x/Hb9uDpKbzwzgtvXOWlXwILe22/AC+88cZVLi9wwDbODMY5YCEJZQmBckABBAIkgXIAJSSUQRLKOaCERqJGRffzPNPh9LndM7dvn/P/fz6LeUx7mntFTc3wm54vp5P9DwAAAD3I3X9l3GL/AwAAQDNy9/9Z3GL/AwAAQDNy9/953NLJ/tf/X0r/f6FS1v/vfv+T6P9/R/9/0Ovr//X/LdP/j9P/L6H/9/x//b/+n5WaWv+fu/8v4pZO9j8AAAD0IHf/X8Yt9j8AAAA0I3f/VXGL/Q8AAADNyN3/V3FLJ/t/T/+/seiz/8+M1/P/W+r/Pf//wNfX/+v/W7be/v/aJ3/m0//r//X/Qf9/qP7/9EGfr/+nRVPr/3P3/3Xc0sn+BwAAgB7k7v+buMX+BwAAgGbk7r86brH/AQAAoBm5+/82bulk/6/u+f9ntj4+0/6/6P/1/1sf0P/r//X/s+X5/+N66v+veujyKx+78zfuOsrr6//1/57/f7T+f+d/zED/z5Cp9f+5+/8ubulk/wMAAEAPcvf/fdxi/wMAAEAzcvf/Q9xi/wMAAEAzcvf/Y9zSyf5fXf8/6+f/F/2//n/rA/p//b/+f7b0/+N66v8v5vX1//p//b/n/7NaU+v/c/f/U9zSyf4HAACAHuTu/+e4xf4HAACAZuTuvyZusf8BAACgGbn7z8Ytnex//f/x9/9P6P/1/3H1//p//f/x0/+P0/8vof/X/+v/9f+s1NT6/9z918Ytnex/AAAA6EHu/n+JW+x/AAAAaEbu/uviFvsfAAAAmpG7/1/jlk72v/7f8//1//p//f/w6+v/50n/P07/v4T+/1L7+cv0//p//T87HbH/Pzfy0/ZK+v/c/f8Wt3Sy/wEAAKAHufv/PW6x/wEAAKAZufv/I26x/wEAAKAZufv/M27pZP/r//X/+n/9/0X3//t/6G3R/w/T/6+H/n/cZPr/jVODH9b/z77/9/x//b/+n12m9vz/3P3/Fbd0sv8BAACgB7n7/ztuGdn/R/7NfAAAAOBE5e7/n7jF1/8BAABg9rI6y93/v3FLJ/tf/6//1//r/z3/f/j1x/r/u3a8P/3/tOj/x02m/z+A/l//P+f3r//X/7Pf1Pr/3P3/F7d0sv8BAACgB7n7r49b7H8AAABoRu7+/49b7H8AAABoRu7+p8Qtnez/4f7/wv9f/384+v/d71//P/zjY1X9f/4d9f+j/f/vev5/n/T/49bf/5/W/+/+++v/j9FJv//G+/8zyz5f/8+QqfX/uftviFs62f8AAADQg9z9T41b7H8AAABoRu7+p8Ut9j8AAAA0I3f/0+OWTva/5//r//X/8+v/Pf9/20k+/3+x9v7/lP7/kPT/4zz/fwn9v/5f/+/5/6zU1Pr/3P03xi2d7H8AAADowY2PL7Z2/zMWC/sfAAAA5mjnnx3Y+wdKQ+7+Z8Yt9j8AAAA0I3f/s+KWTva//l//r//X/+v/h19/Wv2/5/8flv5/3Fz6/zP6/8G3N9P+/1Rj/f9NB33+FPr/a/T/TMyu/v/eCx8/qf4/d/+z45ZO9j8AAAD0IHf/c+IW+x8AAACakbv/uXGL/Q8AAADNyN3/vLilk/1/7P3/mYNfW/+v/9f/6//1//r/VdP/j5tL/+/5/031/57/7/n/+v+OXej/d/98eFL9f+7+58ctnex/AAAA6EHu/hfELfY/AAAANCN3/01xi/0PAAAAzcjd/8K4pZP97/n/+n/9v/5f/z/8+vr/edL/j9P/L6H/1//r//X/rNSu5//vcFL9f+7+m+OWTvY/AAAA9CB3/y1xi/0PAAAAzcjd/6K4xf4HAACAZuTuf3Hc0sn+1/8fb/+fH9f/6/8X+n/9v/5/Lbrt/zeGfiXa74D+/4E/Ofv7uz+i/9f/6//1//p/VmAS/f/5C/92mbv/JXFLJ/sfAAAAepC7/6Vxi/0PAAAAzcjd/7K4xf4HAACAZuTuf3nccsT9/2srfVfro//3/H/9v/5f/z/8+vr/eeq2/z8kz/9fQv+v/9f/6/9ZqUn0/zv+Onf/K+IWX/8HAACAZuTuf2XcYv8DAABAM3L3vypusf8BAACgGbn7Xx23dLL/9f/6f/2//l//P/z6R+//t38kbi6G6f/XQ/8/Tv+/hP5f/6//1/+zUlPr/3P33xq3dLL/AQAAoAe5+18Tt9j/AAAA0Izc/a+NW+x/AAAAaEbu/tfFLZ3sf/2//l//r//X/w+/vuf/z5P+f5z+f7FY3DbyBob6//On9f/6f/2//p+LNLX+P3f/6+OWTvY/AAAA9CB3/21xi/0PAAAAzcjdf3vcYv8DAABAM3L3vyFu6WT/6//1//p//b/+f/j19f/zpP8fp/9fwvP/9f/6f/0/KzW1/j93/x1xSyf7HwAAAHqQu//OuMX+BwAAgGbk7n9j3GL/AwAAQDNy998Vt3Sy//X/+n/9v/7/WPr/s/r/vfT/63F8/f9C/6//1/8vof/X/+v/2Wtd/f+5+Pl+Wf+fu//uuKWT/Q8AAAA9yN1/T9xi/wMAAEAzcve/KW6x/wEAAKAZufvfHLd0sv/1//p//b/+3/P/h19f/z9Pnv8/Tv+/hP5f/6//1/+zUuvq/w/q/ff+de7+t8Qtnex/AAAA6EHu/nvjFvsfAAAAmpG7/764xf4HAACAZuTuf2vc0sn+1//r/3f3/4uF/l//r//ftob+f3Oh/185/f84/f8S+v82+/9fWjTU/5858PP1/0zR1Pr/3P1vi1s62f8AAADQg9z9b49b7H8AAABoRu7+d8Qt9j8AAAA0I3f/O+OWlvb/Ewenb/Pv/0/v+UT9/2KxePhqz//X/4+8vv5/Mv1//VPV/6+O/n+c/n8J/X+b/b/n/+v/OTFT6/9z978rbmlp/wMAAEDncve/O26x/wEAAKAZufvfE7fY/wAAANCM3P3vjVs62f/z7//3fqL+f3FJz//X/299QP+v/9f/z9al9vc3b8avafp//b/+f7Cf3zjg33sW+n/9v/6fAVPr/3P3vy9u6WT/AwAAQA9y998ft9j/AAAA0Izc/Q/ELfY/AAAANCN3//vjlk72v/5f/6//n2f/v6n/1//r/wdN5fn/V1zxew/q//X/Lfb/Y/T/+n/9P3tNrf/P3f+BuKWT/Q8AAAA9yN3/wbjF/gcAAIBm5O7/UNxi/wMAAEAzcvd/OG7pZP/v7/8vW2wXqtuG+v9o1PT/O+j/d79//f/wjw/P/9f/6/+P31T6/2k8/3//r076/yX0//r/dfX/v7n/8/X/tGhq/X/u/gfjlk72PwAAAPQgd/9H4hb7HwAAAJqRu/+jcYv9DwAAAM3I3f9Q3NLJ/vf8f/2//l//r/8ffn39/zzp/8fp/5fQ/196P58/q+r/5/v8/1/W/7M6U+v/c/d/LG7ZGn6/9asX+T8TAAAAmJDc/R+PWzr5+j8AAAD0IHf/J+IW+x8AAACakbv/k3FLJ/tf/6//1//r//X/w6+v/58n/f84/f8S/fT/m0MfPOl+/lKd9Ptvpv/3/H9WaGr9f+7+T8Utnex/AAAAaNvjW9/m7v903GL/AwAAQDNy938mbrH/AQAAoBm5+x+OWzrZ//p//X/7/f8f6f/3vL7+f+39/3V36//XRv+fv6IP0/8v0U//P+ik+/m5v3/9v/6f/abW/+fufyRu6WT/AwAAQA9y9382brH/AQAAoBm5+z8Xt9j/AAAA0Izc/Z+PWzrZ//r/vvr/jUWP/b/n/+v/T7z/36L/X4/59P+3nBr6qOf/6//1//N9//p//T/7Ta3/z93/6MapLvc/AAAAzNUf/PafPnLY7/vo1rebiy/ELfY/AAAANCN3/xfjFvsfAAAAmpG7/0txSyf7X//fV//f5/P/9f/6f/1/T+bT/w/T/+v/9f/zff/6f/0/+02t/8/d/+W4ZcfwG/wP9AAAAAAn51eO9t1z938lbunk6/8AAADQg9z9X41b9u3/84f8U+0AAADA1OTu/1rc0snX//X/E+//F8fU/8f30/9v0//r/4deX/8/T/r/cZfY/5/f0P/r/0fo//X/+n/2mlr/n7v/njsWXe5/AAAAaNSu31H4+ta3m4tvxC32PwAAADQjd/834xb7HwAAAJqRu/9bcUsn+1//P/H+/6Ke/3+m/i/P/++8/79+c/D19f/6/5bp/8d5/v8S+n/9v/5f/89KHaH/3xqkx93/5+7/dtzSyf4HAACAHuTu/07cYv8DAABAM3L3fzdusf8BAACgGbn7vxe3dLL/9f8n0P/fcHqxONb+/xDP/9f/99H/H/D67fT/v3752fv/8I9vv1X/zwXr7P/zx4L+X/+v/9+m/9f/6//Za2rP/8/d//24pZP9DwAAAD3I3f9Y3GL/AwAAQDNy9/8gbnly/993Uu8KAAAAWKXc/T+MWzr5+r/+v8Xn/8+z/89/1ifQ/5+dX/+fTXHv/b/n/+v/9/P8/3H6/yX0//p//b/+n5WaWv+fu/9HcUsn+x8AAAB6kLv/x3FL7v+NI//WPQAAADAxuft/Erf4+j8AAAA0I3f/43FLJ/t/jv3/uT3vcfcn6v8XM+3/k+f/X/g8z//fpv/X/x+F/n+c/n8J/b/+X/+v/2elptb/5+7/adzSyf4HAACAHuTuPxe32P8AAADQjNz9P4tb7H8AAABoRu7+n8ctnez/Ofb/nv+v/9f/6/8X+n/9/wH0/+P0/0vo//X/+n/9Pys1tf4/d/8vAgAA///bQndU")
open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x20)

1.576025736s ago: executing program 1 (id=9562):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000003c0)={0x6, 0x5, &(0x7f0000000100)=ANY=[@ANYBLOB="180000000000000000000000000000001850000000000020000000000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffff0, 0x0, 0x0, 0x0, &(0x7f0000000080)}, 0x9a)

1.392073062s ago: executing program 4 (id=9563):
r0 = syz_open_dev$dvb_frontend(&(0x7f0000000080), 0x0, 0x2)
ioctl$FE_SET_PROPERTY(r0, 0x40106f52, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x1e, '\x00', @data=0x63, 0x14}]})

1.387011829s ago: executing program 0 (id=9564):
r0 = timerfd_create(0x7, 0x0)
timerfd_gettime(r0, &(0x7f0000001200))

1.352000587s ago: executing program 5 (id=9565):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000c00)=@ipv6_delrule={0x1c, 0x21, 0x1, 0x70bd2d, 0x25dfdbf9, {0xa, 0x0, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x1, 0x1}}, 0x1c}, 0x1, 0x0, 0x0, 0x40000d1}, 0x20040000)

1.295401443s ago: executing program 1 (id=9566):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f00000000c0)="d800000018008103e00312ba0d8105040a600300ff0f040b067c55a1bc000900b80006990700000004000500fef32702d3001500030001400200000901ac040098007f6f94007100a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4b11602b2a10c11ce1b14d6d930dfe1d9d322fe04000000730d7a5025ccca262f3d40fad95667e04adcdf634c1f215ce3bb9ad809d5e1cace81ed0b66bce0b42a9ecbee5de6ccd40dd6e4edef3d93452a92307f00000e970300"/216, 0xd8}], 0x1}, 0x48002)

1.238281256s ago: executing program 3 (id=9567):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=ANY=[@ANYBLOB="9800000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="0552060000d9000028001280090001007665746800000000180002801400010000000000", @ANYRES32=0x0, @ANYBLOB="0d0202000000000008000400c16aef"], 0x98}, 0x1, 0x0, 0x0, 0x84}, 0x0)

1.236727672s ago: executing program 4 (id=9568):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_DELETE(r0, &(0x7f0000002400)={0x0, 0x0, &(0x7f00000023c0)={&(0x7f0000000880)={0x24, 0x2, 0x1, 0x301, 0x0, 0x0, {0x1, 0x0, 0xa}, [@CTA_STATUS_MASK={0x8, 0x1a, 0x1, 0x0, 0xfffff5a3}, @CTA_MARK={0x8, 0x8, 0x1, 0x0, 0x3ff}]}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x20000004)

1.203874293s ago: executing program 0 (id=9569):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x1e, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000071171c00000000009500000000000000"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000080)={r0, 0x0, 0x24, 0x10, @void}, 0x10)

1.124322037s ago: executing program 5 (id=9570):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/sysvipc/sem\x00', 0x0, 0x0)
mmap$IORING_OFF_CQ_RING(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0xd, 0x8010, r0, 0x8000000)

1.037601807s ago: executing program 0 (id=9571):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000e00)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000740)=ANY=[@ANYBLOB="240000001900010029bd7000ffdbdf2580200009ff04000500000000080001"], 0x24}, 0x1, 0x0, 0x0, 0x80}, 0x4000)

1.010294619s ago: executing program 4 (id=9572):
r0 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000005c0)=ANY=[@ANYBLOB="480000001000ffff26bd7000fbdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="01000000a12000001c00128009000100766c616e000000000c000280060005"], 0x48}, 0x1, 0x0, 0x0, 0x1}, 0x8000002)

1.008255521s ago: executing program 1 (id=9573):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$IOMMU_HWPT_INVALIDATE$TEST(r0, 0x3b8d, &(0x7f0000000280)={0x20, 0x0, 0x0, 0xdeadbeef, 0x8, 0x0, 0x3f})

963.704998ms ago: executing program 3 (id=9574):
r0 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000000700)="0022040000ffffebfffffffeffffff0700000000ff0002078307eb1317b208feefaf234b4ff8b4cc4c39bdc8451792b903f4b7d8c8cf2153622652328c19ef68234f905557c4070000008735e9ab2f77c62e0a5cdd2cf9984c070400000000000003ff23353d8b2fc6a3ae1ebfcb49004a3ccd3560ae01010000079c60ed7449", 0x80)

878.880325ms ago: executing program 5 (id=9575):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000000)="1800000015006b05c84e21000ab16d6e230675f802000000440002", 0x1b}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)

860.833255ms ago: executing program 0 (id=9576):
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/sys/net/ipv4/vs/drop_packet\x00', 0x2, 0x0)
write$cgroup_int(r0, &(0x7f0000000040)=0x3, 0x12)

781.405559ms ago: executing program 4 (id=9577):
r0 = shmget(0x0, 0x2000, 0x200, &(0x7f0000ffb000/0x2000)=nil)
shmctl$IPC_RMID(r0, 0x0)

740.356195ms ago: executing program 3 (id=9578):
r0 = openat$autofs(0xffffffffffffff9c, &(0x7f00000003c0), 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r0, 0xc0189374, &(0x7f0000000240)={{0x1, 0x1, 0x5f, 0xffffffffffffffff, {0x29}}, './file0\x00'})

722.298693ms ago: executing program 1 (id=9579):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
ioctl$FS_IOC_GETFSLABEL(r0, 0x800452d2, &(0x7f0000000100))

607.772359ms ago: executing program 0 (id=9580):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000980)=@newsa={0x160, 0x10, 0x1, 0x100000, 0x25dfdbff, {{@in=@multicast1, @in6=@empty}, {@in6=@private0, 0x0, 0x32}, @in=@multicast2, {0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x8}, {0x0, 0x40000, 0x0, 0x80}, {0x6}, 0xffffffff, 0x0, 0xa, 0x0, 0x0, 0xaf}, [@replay_esn_val={0x1c, 0x17, {0x0, 0x0, 0x70bd2a, 0x10400000}}, @algo_auth_trunc={0x4c, 0x14, {{'digest_null\x00'}}}, @XFRMA_IF_ID={0x8, 0x1f, 0x1}]}, 0x160}, 0x1, 0x0, 0x0, 0x44}, 0x0)

597.135601ms ago: executing program 5 (id=9581):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=@newsa={0x16c, 0x10, 0x713, 0x0, 0x25dfdbfc, {{@in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @in6=@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x0, 0x4e21, 0x2, 0xa, 0x0, 0x0, 0x6c, 0x0, 0xee00}, {@in6=@private1, 0xfe, 0x32}, @in6=@ipv4={'\x00', '\xff\xff', @remote}, {0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x5, 0x543}, {0x7, 0x7fffffffffffffff}, {}, 0x70bd2c, 0x3500, 0xa, 0x4, 0x0, 0x50}, [@algo_aead={0x60, 0x12, {{'rfc4106(gcm(aes))\x00'}, 0xa0, 0x60, "210466d38547aa140db9a200000000c538c7cb7a"}}, @encap={0x1c, 0x4, {0x2, 0x4e24, 0x4e24, @in6=@dev={0xfe, 0x80, '\x00', 0x2e}}}]}, 0x16c}, 0x1, 0x0, 0x0, 0x881}, 0x0)

589.892995ms ago: executing program 4 (id=9582):
r0 = syz_open_dev$midi(&(0x7f0000000040), 0x2, 0x0)
ioctl$SNDRV_RAWMIDI_IOCTL_INFO(r0, 0x810c5701, 0x0)

496.324855ms ago: executing program 3 (id=9583):
r0 = fsopen(&(0x7f00000000c0)='sysfs\x00', 0x0)
fsconfig$FSCONFIG_SET_PATH(r0, 0x3, 0x0, 0x0, 0xffffffffffffff9c)

423.147916ms ago: executing program 1 (id=9584):
r0 = syz_open_dev$cec(&(0x7f0000000340), 0x0, 0x0)
ioctl$CEC_DQEVENT(r0, 0xc0506107, &(0x7f0000000540))

327.007374ms ago: executing program 5 (id=9585):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000007800)={0x0, 0x0, &(0x7f00000077c0)={&(0x7f0000006580)={0x14, 0x3a, 0x51eb40323bf4c37b, 0x70bd2d, 0x25dfdbfd, {0x3}}, 0x14}}, 0x4000)

320.15139ms ago: executing program 4 (id=9586):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x64, 0x6, 0x658, 0x0, 0x1b8, 0x428, 0x428, 0x0, 0x588, 0x588, 0x588, 0x588, 0x588, 0x6, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x0, 0x80}}}, {{@ipv6={@mcast1, @local, [0xffff00], [], 'macvtap0\x00', 'ip6tnl0\x00', {}, {}, 0x11, 0x0, 0x1}, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@broadcast}}}, {{@ipv6={@empty, @loopback, [], [], 'veth0_to_team\x00', 'syzkaller0\x00'}, 0x0, 0x100, 0x128, 0x0, {}, [@common=@unspec=@connmark={{0x30}}, @common=@inet=@socket1={{0x28}}]}, @common=@unspec=@MARK={0x28}}, {{@uncond, 0x0, 0x120, 0x148, 0x0, {}, [@common=@frag={{0x30}}, @common=@hbh={{0x48}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffff], 0x10}}]}, @inet=@DSCP={0x28, 'DSCP\x00', 0x0, {0xfd}}}, {{@uncond, 0x0, 0x138, 0x160, 0x0, {}, [@common=@dst={{0x48}, {0x0, 0x0, 0x0, [0x0, 0x6, 0xa]}}, @common=@dst={{0x48}, {0x0, 0x0, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7]}}]}, @inet=@DSCP={0x28, 'DSCP\x00', 0x0, {0x2f}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x6b8)

190.923325ms ago: executing program 1 (id=9587):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000000c0)=ANY=[@ANYBLOB="4c00000010007c0000000000006000000300000a2400000072527932bb263796000000000a0000020900010073797a310000ddff03000380140001"], 0x4c}}, 0x40)

190.804714ms ago: executing program 3 (id=9588):
r0 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$VIDIOC_ENUM_FRAMESIZES(r0, 0xc02c564a, &(0x7f0000000180)={0x9, 0x34565348, 0x2, @discrete={0x400, 0x8}})

150.126666ms ago: executing program 0 (id=9589):
r0 = socket(0xa, 0x3, 0x87)
sendmsg(r0, &(0x7f0000000700)={&(0x7f0000000080)=@l2tp6={0xa, 0x0, 0x9, @remote, 0x7, 0x4}, 0x80, &(0x7f0000000640)=[{&(0x7f0000000740)="fcf387b1d0e74da46156bd7dfffcae162564842044e3b46a454689ceec813509db31dad67621b4a713d0acb58f51532ff4c6fa6c1384ff7c74e73f4d546f5d279acdd278321509afeb97a602a749f20420089d654efa98b1dfaee5e233219d33f580ec9af4fc3823bc475dd5816b4836320abec434f44feef0ecde03efa73fa31eefef11de2d9b64025e29c59e677f840e407b4938f68e79cd7c6fdc04842eaa8269861f41dcef68df", 0xa9}, {&(0x7f0000001240)="b502cc32777261c912c661dff21ff7d2dc3073e49046f97b459a2326a3cc6d579d114ffad40ea787e4985475bcd0fa24c43f20edd8073e35639c21011870b09753677f7159bd6cbf55b0f9806b7244e20f2a60332da8fd21559235d531125b62cd0144dc9d6b437fcfffb91e2115e6e282f342ca62e023e6a7ea48cd1ca293eb69c16fba02b8c12a335f8f33e12a358203496ac61a2783f28224a9393e49e0b8773759a8b22fb082599c588b88edbe3d415089a391a6f1d6c1da9faeaaeb2a01b4b3f6d969f60e4d1ce06e1ebfe3e914437a648ae1bceafda3672f0b47a7f03210f3b2ffa847f72d8176cbe27f3a6b2d185969853ca0011931e40b39e8c6c85482a2f3220757a062dcec4e016aa62ff2b8ee602e6e740e6dd1d83689024f199c6cc33df4028e6b4b0b72a7fbf61c4c95605a171e8f83b8a37a6c49245d0a755c7b82bc20ea871e6499e7bc65e4ccdbf6dddc356bf38fc747f12f876fa11f1a57b2bbdfef8580d7f1e74ffe4859308fcf490d4f984bfb93dd4ca178eb342ac5d27a29f6ea1454e444ee445097c8b453729a4fa3a2dba0ebb7ab20fa832f1a4df1c9601eeb31625eb5fc41e8de2e8e38d1a4553a484ff1d3ce7148ad37b82451c09b6a16280b112a00163d23d8a53865f87d238ffb5e98a191b6a3ffb0fbaf4bc892e3dbdcb1ce16ab5c7ddcdc91d00eb820b58368ddb2d7276ff5cb457e9529900d991cb7165fd7230f1c56031adb1a1d89dfa843629a10abb86d77f73c4fd4ba840df7913d37f542401bc7016ba5cb02210ce79d7b8fdf03bf2ce61812d66016525c22a885fe49589d122372dd003daafd26c705b11bc8ce3cb8afe558411291f9aa0fadde5559d90e520f7a8e99f1f688269f70357ffc1d8c0a75a115c6882de1990723a6f2837776a01735bc2e4f89119b17cff2528a48e00f466808784ca6da19c1fd60485f4067a4a065f674fc5c1c2a944c942f84b34732161af089f005d2e932d8b49370a2ce2a67ce4c9f07d4b3de3578082ef7d1eb5f0b3f7a3824cebaecdd92b31fc3d4f046d7e1da30314f12fcaaf50434c099d005b71a25728985f0795e35988d3430c4c88054323dd26be0973dae5d083598fdafca00ef45dcced080b9123a71e82d8b268c37da25641835e898d84e283599aa70270ea85cd8dbf6d30b90e473bc60798a0e66537d047870bce25f4987177a3ca94c0b39a655c04df148ce5d527da5ba8aba1a8c8833cb7f59d87d21edc22ab244db11c9a8355eb9c51ba2ffa1ca079033066cbd615ce987f9b896a75f96fde3bfc5743f318bcb0ccebb025610b623309c742b35e46e29820f85b48c278f5170ee14418410ccaf17fc1919cc6c216c03457b704b7f593a1222817dd44771bd4346169bf9117181feaac84acded73e5163bf7d3f4ceabbe1d5e8fb8329fd66ef4ebca06fb2722fbb031e8db5862e9bddab9e3e6a95d432edb2bc2ae276b5ba57871ff397984fe6ed5f7bf48bf88094cd620876f39543e5af2607b18aadb029ed08bd788e726eef7fb10c549a664d39116864cb8dfb714f891793ce942bc9a2b5645d08dfc7c0e12128d74f9be20aa269693ac67e753c4dea0f635aa696dfd35123281f66a6042b8d976ea15", 0x484}], 0x2}, 0x0)

148.614348ms ago: executing program 6 (id=9590):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000780)={{0x14}, [@NFT_MSG_NEWTABLE={0x14, 0x0, 0xa, 0x7, 0x0, 0x0, {0x3}}, @NFT_MSG_DELSET={0x20, 0xb, 0xa, 0x201, 0x0, 0x0, {0x1, 0x0, 0x2}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}]}], {0x14}}, 0x5c}}, 0x0)

69.25075ms ago: executing program 5 (id=9591):
syz_mount_image$ext4(&(0x7f0000000700)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x8002, &(0x7f00000000c0), 0x7, 0x4a9, &(0x7f0000000b40)="$eJzs3E9sFNUfAPDv7B9a4MeP/vghCqIW0dhobKGgcPCC0cSDJkY86LFpC0EKNbQmQoiWxODRkHg3Hr168KrejCcTr3jwYGJIiOECeBozuzPtdv+0tGy74H4+ydL3Zt7se99982bfztslgL41nP2TRPwnIq5HxM56dnmB4fqfO7cuT969dXkyFtL05F9JrdztLJ8rjtueZ0ZKEaXPkqYnrJu7eOnsxMzM9IU8PzZ/7sOxuYuXXjxzbuL09Onp8+PHjx89cvjYy+MvrT2oNvVlcd3e98ns/r1vvH/trclKsX0w/9sYR7cMx3C7ptQ82+3KemxHQzqp9LAhrEl2/pcjolob/zujHDoP+kWapulA590LabMrLVuAh1YSvW4B0BvFG332+bd4bNLU44Fw80RE9pEni/tO/qjvqUQpL1Nt+nzbTcMR8d7C319lj1jpPsTvG9QAAKDv/HCimAk2z/9Ksaeh3H/zNZShiPhfROyKiP9HxO6IeCSiVvbRiHisuYIkIl2h/t1N+db5T+nG/cS3mmz+90q+trV8/lfM/mKonOd2RBQT5ulD+WsyEtWBU2dmpg+vUMePr/36Rad9jfO/7JHVX8wF83bcqDTdoJuamJ9Yd8BNbl6J2Fdpjj+pZB1XrAQkEbE3Ivat4XmHGtJnnv9m/2Kmurzc6vHXpG3X0bqwVJF+HfFcvf8XYln/L9WYrLw+OTYYM9OHxrKz4FDbOn7+5erbnepfNf7v/mg+5PVj35+837AXZf2/reH8j2L9din+oSQiWVyvnVt7HVd/+7z2vMMHW/et9/zfkrxbS2/Jt308MT9/4XDEluTN1u3jS8cW+aJ8Fv/Iwfbjf1d+TPZKPB4R2Un8REQ8GRFP5W0/EBFPR0Sb0Bb99OozH3Tad4/n/4bJ4p9qe/1b1v9L6/XrSJTPHrh+t8PF4976/2gtNZJvaX/9S5ZdIu61gV14CQEAAOCBV4rad/9Lo4vpUml0tH4PaHdsK83Mzs2/cGr2o/NT9d8IDEW1VNzpqt8PribF/c+hhvx4U/5Ift/4y/LWWn50cnZmqtfBQ5/bXhvzScv4z/xZ7nXrgA3nJz/Qv1Yb/3uubVJDgE3n/R/6V8P4X+hQZME3ZeDfyfs/9K924//TdRwDPFxSYxn6mvEP/asS7yymSz1tCbDZvP9DX7qf3/WvnkgH2u8ajNbCMbgxzdjapq6eJLKZVU9q37qeo4r/TaFjmSit7QkHonVXObodcjUiVi18ek/XT/40/658t3vw200Zp+0SPbkcAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdN0/AQAA///SQd2t")
renameat2(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000480)='./file7\x00', 0x5)

0s ago: executing program 3 (id=9592):
r0 = syz_open_procfs(0x0, &(0x7f0000000300)='net/icmp\x00')
pread64(r0, &(0x7f00000024c0)=""/239, 0xef, 0x35)

kernel console output (not intermixed with test programs):

_tagged: read failed, block=256, location=256
[  738.406346][T24117] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  738.686337][ T5925] usb 6-1: new high-speed USB device number 88 using dummy_hcd
[  738.896966][ T5925] usb 6-1: Using ep0 maxpacket: 32
[  738.905621][ T5925] usb 6-1: unable to get BOS descriptor or descriptor too short
[  738.947075][ T5925] usb 6-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid maxpacket 1032, setting to 1024
[  738.975961][ T5925] usb 6-1: New USB device found, idVendor=0582, idProduct=0025, bcdDevice= 0.40
[  739.000632][ T5925] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  739.022673][ T5925] usb 6-1: Product: syz
[  739.026875][ T5925] usb 6-1: Manufacturer: syz
[  739.075757][ T5925] usb 6-1: SerialNumber: syz
[  739.543583][ T5925] usb 6-1: USB disconnect, device number 88
[  739.767622][ T6261] udevd[6261]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  739.793827][T24163] vim2m vim2m.0: Fourcc format (0x42474752) invalid.
[  739.852894][T24136] loop0: detected capacity change from 0 to 32768
[  739.893571][T24136] JBD2: Ignoring recovery information on journal
[  740.015367][T24172] loop4: detected capacity change from 0 to 512
[  740.085919][T24136] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  740.159929][T24172] EXT4-fs (loop4): orphan cleanup on readonly fs
[  740.238523][T24172] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.7923: bg 0: block 63: padding at end of block bitmap is not set
[  740.261903][T24182] netlink: 'syz.6.7924': attribute type 10 has an invalid length.
[  740.269758][T24182] netlink: 2 bytes leftover after parsing attributes in process `syz.6.7924'.
[  740.329966][T24172] loop4: lost filesystem error report for type 5 error -117
[  740.336382][    C1] EXT4-fs (loop4): error count since last fsck: 1
[  740.350142][    C1] EXT4-fs (loop4): initial error at time 1772892472: ext4_validate_block_bitmap:441
[  740.359584][    C1] EXT4-fs (loop4): last error at time 1772892472: ext4_validate_block_bitmap:441
[  740.371895][T24172] EXT4-fs warning (device loop4): ext4_expand_extra_isize_ea:2858: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  740.392023][T24182] bond0: entered promiscuous mode
[  740.399932][T24172] EXT4-fs error (device loop4): ext4_xattr_inode_update_ref:1037: inode #11: comm syz.4.7923: EA inode 11 ref wraparound: ref_count=0 ref_change=-1
[  740.418896][T24172] loop4: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[  740.421552][T24172] EXT4-fs warning (device loop4): ext4_xattr_inode_dec_ref_all:1231: inode #11: comm syz.4.7923: ea_inode dec ref err=-117
[  740.436835][T24182] bond_slave_0: entered promiscuous mode
[  740.451168][T24172] EXT4-fs (loop4): 1 orphan inode deleted
[  740.461165][T24172] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  740.476408][ T5825] ocfs2: Unmounting device (7,0) on (node local)
[  740.510220][T24182] bond_slave_1: entered promiscuous mode
[  740.529474][T24182] bridge0: port 3(bond0) entered blocking state
[  740.535869][T24182] bridge0: port 3(bond0) entered disabled state
[  740.586542][T24182] bond0: entered allmulticast mode
[  740.591704][T24182] bond_slave_0: entered allmulticast mode
[  740.665416][T24182] bond_slave_1: entered allmulticast mode
[  740.674348][ T5823] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  740.693532][T24182] bridge0: port 3(bond0) entered blocking state
[  740.700012][T24182] bridge0: port 3(bond0) entered forwarding state
[  741.587589][T24224] loop5: detected capacity change from 0 to 512
[  741.666526][T24228] loop0: detected capacity change from 0 to 256
[  741.719020][T24224] Quota error (device loop5): find_tree_dqentry: Cycle in quota tree detected: block 3 index 0
[  741.776877][T24224] Quota error (device loop5): qtree_read_dquot: Can't read quota structure for id 0
[  741.838368][T24224] EXT4-fs error (device loop5): ext4_acquire_dquot:7001: comm syz.5.7947: Failed to acquire dquot type 1
[  741.858978][T24224] loop5: lost filesystem error report for type 5 error -5
[  741.865147][    C1] EXT4-fs (loop5): error count since last fsck: 1
[  741.878776][    C1] EXT4-fs (loop5): last error at time 1772892474: ext4_acquire_dquot:7001
[  741.899232][T24224] EXT4-fs (loop5): 1 truncate cleaned up
[  741.906835][T24224] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  741.950139][T24224] ext4 filesystem being mounted at /1359/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  742.022112][T24239] loop0: detected capacity change from 0 to 256
[  742.091146][T24241] netlink: 8 bytes leftover after parsing attributes in process `syz.3.7955'.
[  742.127448][T24199] loop1: detected capacity change from 0 to 32768
[  742.149026][T24199] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.7935 (24199)
[  742.169126][T24239] FAT-fs (loop0): Directory bread(block 64) failed
[  742.228134][T24239] FAT-fs (loop0): Directory bread(block 65) failed
[  742.242152][ T5829] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  742.303833][T24239] FAT-fs (loop0): Directory bread(block 66) failed
[  742.310401][T24239] FAT-fs (loop0): Directory bread(block 67) failed
[  742.319479][T24199] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  742.360572][T24239] FAT-fs (loop0): Directory bread(block 68) failed
[  742.371277][T24199] BTRFS info (device loop1): using sha256 checksum algorithm
[  742.399284][T24239] FAT-fs (loop0): Directory bread(block 69) failed
[  742.433837][T24239] FAT-fs (loop0): Directory bread(block 70) failed
[  742.463998][T24239] FAT-fs (loop0): Directory bread(block 71) failed
[  742.516077][T24239] FAT-fs (loop0): Directory bread(block 72) failed
[  742.554593][T24254] bridge2: entered promiscuous mode
[  742.565041][T24254] bridge2: entered allmulticast mode
[  742.575135][T24239] FAT-fs (loop0): Directory bread(block 73) failed
[  742.610561][T24257] tmpfs: Bad value for 'usrquota_block_hardlimit'
[  742.678140][T24199] BTRFS info (device loop1): enabling ssd optimizations
[  742.725812][T24199] BTRFS info (device loop1): turning on async discard
[  742.777938][T24199] BTRFS info (device loop1): enabling free space tree
[  743.032857][ T5826] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  743.165169][T24281] netdevsim netdevsim0 netdevsim0: entered allmulticast mode
[  743.204348][T24281] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  743.246222][T24230] loop6: detected capacity change from 0 to 32768
[  743.388143][T24230] XFS (loop6): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  743.556391][T24300] netlink: 4 bytes leftover after parsing attributes in process `syz.3.7973'.
[  743.565293][T24230] XFS (loop6): Ending clean mount
[  743.572536][T24230] XFS (loop6): Quotacheck needed: Please wait.
[  743.688172][T24230] XFS (loop6): Quotacheck: Done.
[  743.921417][T24311] loop3: detected capacity change from 0 to 8
[  744.020391][T21254] XFS (loop6): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  744.514570][T24326] loop5: detected capacity change from 0 to 64
[  744.649784][T24332] overlayfs: empty lowerdir
[  744.792549][T24335] netlink: 'syz.6.7978': attribute type 21 has an invalid length.
[  744.826512][T24335] netlink: 128 bytes leftover after parsing attributes in process `syz.6.7978'.
[  744.881083][T24335] netlink: 'syz.6.7978': attribute type 4 has an invalid length.
[  744.904572][T24335] netlink: 'syz.6.7978': attribute type 5 has an invalid length.
[  744.923923][T24335] netlink: 3 bytes leftover after parsing attributes in process `syz.6.7978'.
[  745.074488][T24344] loop5: detected capacity change from 0 to 2048
[  745.083663][T24347] netlink: 16 bytes leftover after parsing attributes in process `syz.4.7993'.
[  745.108087][T24344] NILFS (loop5): broken superblock, retrying with spare superblock (blocksize = 1024)
[  745.195545][T24342] loop3: detected capacity change from 0 to 4096
[  745.210404][T24353] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  745.243819][T24342] ntfs3(loop3): Different NTFS sector size (4096) and media sector size (512).
[  745.437169][T24360] netlink: 1010 bytes leftover after parsing attributes in process `syz.6.8000'.
[  745.469837][T24342] ntfs3(loop3): ino=19, mi_enum_attr
[  745.475389][T24342] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  745.511805][T24360] bridge: RTM_NEWNEIGH bridge0 without NUD_PERMANENT
[  745.607335][T24342] ntfs3(loop3): failed to convert "c46c" to cp950
[  745.633700][T24342] ntfs3(loop3): ino=20, mi_enum_attr
[  745.633880][T24366] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  745.702496][T24367] block device autoloading is deprecated and will be removed.
[  745.853045][ T6006] usb 1-1: new high-speed USB device number 91 using dummy_hcd
[  745.983096][T24377] netlink: 'syz.1.8009': attribute type 1 has an invalid length.
[  746.004659][T24377] netlink: 2096 bytes leftover after parsing attributes in process `syz.1.8009'.
[  746.028012][T24377] netlink: 5 bytes leftover after parsing attributes in process `syz.1.8009'.
[  746.061707][ T6006] usb 1-1: Using ep0 maxpacket: 16
[  746.090102][ T6006] usb 1-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[  746.131979][ T6006] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  746.157557][ T6006] usb 1-1: Product: syz
[  746.161765][ T6006] usb 1-1: Manufacturer: syz
[  746.191895][ T6006] usb 1-1: SerialNumber: syz
[  746.229137][ T6006] usb 1-1: config 0 descriptor??
[  746.272151][ T6006] visor 1-1:0.0: Sony Clie 3.5 converter detected
[  746.409450][T24398] netlink: 56 bytes leftover after parsing attributes in process `syz.4.8018'.
[  746.490263][ T6006] usb 1-1: clie_3_5_startup: get config number bad return length: 0
[  746.517872][ T6006] visor 1-1:0.0: probe with driver visor failed with error -5
[  746.633323][ T5887] usb 4-1: new high-speed USB device number 71 using dummy_hcd
[  746.778010][ T6006] usb 1-1: USB disconnect, device number 91
[  746.826525][ T5887] usb 4-1: Using ep0 maxpacket: 8
[  746.838085][ T5887] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 7
[  746.867298][ T5887] usb 4-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[  746.884952][ T5887] usb 4-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[  746.895556][ T5887] usb 4-1: Product: syz
[  746.900760][ T5887] usb 4-1: Manufacturer: syz
[  746.919484][ T5887] usb 4-1: SerialNumber: syz
[  747.095019][T24423] netdevsim netdevsim6 netdevsim0: entered allmulticast mode
[  747.127207][T24423] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  747.175868][ T5887] usb 4-1: Handspring Visor / Palm OS: No valid connect info available
[  747.204603][ T5887] usb 4-1: Handspring Visor / Palm OS: port 208, is for unknown use
[  747.246473][ T5887] usb 4-1: Handspring Visor / Palm OS: port 187, is for Console use
[  747.270873][ T5887] usb 4-1: Handspring Visor / Palm OS: Number of ports: 2
[  747.390509][ T5887] usb 4-1: palm_os_3_probe - error -71 getting bytes available request
[  747.416465][ T5887] visor 4-1:1.0: Handspring Visor / Palm OS converter detected
[  747.451669][ T5887] usb 4-1: Handspring Visor / Palm OS converter now attached to ttyUSB0
[  747.510285][ T5887] usb 4-1: Handspring Visor / Palm OS converter now attached to ttyUSB1
[  747.526150][T24438] netlink: 'syz.5.8038': attribute type 1 has an invalid length.
[  747.559364][ T5887] usb 4-1: USB disconnect, device number 71
[  747.617306][ T5887] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0
[  747.658804][ T5887] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1
[  747.691151][ T5887] visor 4-1:1.0: device disconnected
[  747.809424][T24448] siw: device registration error -23
[  748.070396][T24463] netlink: 32 bytes leftover after parsing attributes in process `syz.4.8049'.
[  748.103716][T24463] netlink: 32 bytes leftover after parsing attributes in process `syz.4.8049'.
[  748.450670][ T5887] usb 1-1: new high-speed USB device number 92 using dummy_hcd
[  748.621815][ T5887] usb 1-1: Using ep0 maxpacket: 16
[  748.633926][ T5887] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  748.648788][ T5887] usb 1-1: config 0 has no interface number 0
[  748.667977][ T5887] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0xC has an invalid bInterval 0, changing to 7
[  748.719615][ T5887] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0xC has invalid wMaxPacketSize 0
[  748.745720][ T5887] usb 1-1: New USB device found, idVendor=1a86, idProduct=752d, bcdDevice=2d.4d
[  748.782052][ T5887] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  748.803422][ T5887] usb 1-1: Product: syz
[  748.807629][ T5887] usb 1-1: Manufacturer: syz
[  748.836317][ T5887] usb 1-1: SerialNumber: syz
[  748.850654][ T5887] usb 1-1: config 0 descriptor??
[  748.873503][T24492] pci 0000:00:05.0: vgaarb: VGA decodes changed: olddecodes=none,decodes=io+mem:owns=io+mem
[  748.887700][ T5887] usb 1-1: Quirk or no altset; falling back to MIDI 1.0
[  749.103574][T24501] xt_TPROXY: Can be used only with -p tcp or -p udp
[  749.128101][ T5887] usb 1-1: USB disconnect, device number 92
[  749.153909][T24498] loop3: detected capacity change from 0 to 1024
[  749.229281][T24498] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  749.310918][ T5822] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  749.359777][ T5925] usb 2-1: new high-speed USB device number 90 using dummy_hcd
[  749.551792][ T5925] usb 2-1: Using ep0 maxpacket: 32
[  749.552912][T24516] loop5: detected capacity change from 0 to 512
[  749.560442][ T5925] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 102, changing to 10
[  749.608775][T24516] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  749.628825][ T5925] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24624, setting to 1024
[  749.653976][T24516] ext4 filesystem being mounted at /1382/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  749.683890][ T5925] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  749.752608][T24522] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  749.772478][ T5925] usb 2-1: New USB device found, idVendor=05ac, idProduct=020f, bcdDevice= 0.22
[  749.785491][ T5829] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  749.808841][ T5925] usb 2-1: New USB device strings: Mfr=1, Product=130, SerialNumber=131
[  749.851448][ T5925] usb 2-1: Product: syz
[  749.855684][ T5925] usb 2-1: Manufacturer: syz
[  749.867468][ T5925] usb 2-1: SerialNumber: syz
[  749.900165][ T5925] input: appletouch as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/input/input37
[  749.931766][T24528] loop3: detected capacity change from 0 to 512
[  749.987958][T24528] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  750.034217][T24530] netlink: 36 bytes leftover after parsing attributes in process `syz.5.8078'.
[  750.075037][T24530] netlink: 16 bytes leftover after parsing attributes in process `syz.5.8078'.
[  750.104099][T24528] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 0, start 22000003)
[  750.276858][T24536] (syz.5.8085,24536,1):ocfs2_get_sector:1714 ERROR: status = -5
[  750.305558][T24536] (syz.5.8085,24536,0):ocfs2_sb_probe:753 ERROR: status = -5
[  750.306128][ T5950] usb 2-1: USB disconnect, device number 90
[  750.315741][T24536] (syz.5.8085,24536,0):ocfs2_fill_super:989 ERROR: superblock probe failed!
[  750.329914][T24536] (syz.5.8085,24536,0):ocfs2_fill_super:1177 ERROR: status = -5
[  750.456400][ T5950] appletouch 2-1:1.0: input: appletouch disconnected
[  750.582722][T24549] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8091'.
[  750.799066][T24555] xt_l2tp: v2 tid > 0xffff: 262144
[  750.799387][T24556] tmpfs: Bad value for 'mpol'
[  750.816048][T24558] loop5: detected capacity change from 0 to 256
[  750.837958][T24558] FAT-fs (loop5): Directory bread(block 1285) failed
[  750.858650][T24558] FAT-fs (loop5): Directory bread(block 1286) failed
[  750.866004][T24558] FAT-fs (loop5): Directory bread(block 1287) failed
[  750.899302][T24558] FAT-fs (loop5): Directory bread(block 1288) failed
[  750.925765][T24558] FAT-fs (loop5): Directory bread(block 1285) failed
[  750.943983][T24558] FAT-fs (loop5): Directory bread(block 1286) failed
[  750.950789][T24558] FAT-fs (loop5): Directory bread(block 1287) failed
[  751.016392][T24558] FAT-fs (loop5): Directory bread(block 1288) failed
[  751.023180][T24558] FAT-fs (loop5): Directory bread(block 1285) failed
[  751.086566][T24558] FAT-fs (loop5): Directory bread(block 1286) failed
[  751.292471][T24574] kAFS: unable to lookup cell 'syz0'
[  751.455149][ T6004] usb 5-1: new full-speed USB device number 86 using dummy_hcd
[  751.664021][ T6004] usb 5-1: config 0 has an invalid interface number: 8 but max is 0
[  751.690930][ T6004] usb 5-1: config 0 has no interface number 0
[  751.701548][ T6004] usb 5-1: config 0 interface 8 altsetting 0 has an endpoint descriptor with address 0x9F, changing to 0x8F
[  751.750859][ T6004] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  751.773375][ T6004] usb 5-1: config 0 interface 8 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  751.803450][ T6004] usb 5-1: New USB device found, idVendor=0d8c, idProduct=000e, bcdDevice=8e.8f
[  751.814922][ T6004] usb 5-1: New USB device strings: Mfr=0, Product=24, SerialNumber=3
[  751.844431][ T6004] usb 5-1: Product: syz
[  751.861192][ T6004] usb 5-1: SerialNumber: syz
[  751.881967][ T6004] usb 5-1: config 0 descriptor??
[  751.918490][ T6004] cm109 5-1:0.8: invalid payload size 0, expected 4
[  751.980701][ T6004] input: CM109 USB driver as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.8/input/input38
[  752.035287][T24597] C: renamed from team_slave_0 (while UP)
[  752.081640][T24597] netlink: 'syz.3.8114': attribute type 1 has an invalid length.
[  752.091580][T24568] loop0: detected capacity change from 0 to 32768
[  752.181181][T24597] netlink: 152 bytes leftover after parsing attributes in process `syz.3.8114'.
[  752.196955][    C0] cm109 5-1:0.8: cm109_urb_ctl_callback: usb_submit_urb (urb_irq) failed -90
[  752.246830][T24597] A link change request failed with some changes committed already. Interface C may have been left with an inconsistent configuration, please check.
[  752.311966][T24579] loop5: detected capacity change from 0 to 32768
[  752.352919][T24579] (syz.5.8105,24579,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  752.420716][T24579] (syz.5.8105,24579,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  752.443770][ T5925] usb 5-1: USB disconnect, device number 86
[  752.497817][ T5925] cm109 5-1:0.8: cm109_toggle_buzzer_sync: usb_control_msg() failed -19
[  752.551109][T24579] JBD2: Ignoring recovery information on journal
[  752.561861][T24609] nvme_fabrics: unknown parameter or missing value '' in ctrl creation request
[  752.692303][T24579] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  752.766798][T24615] netlink: 'syz.3.8121': attribute type 10 has an invalid length.
[  752.800190][T24615] netlink: 232 bytes leftover after parsing attributes in process `syz.3.8121'.
[  753.025529][T24623] loop0: detected capacity change from 0 to 256
[  753.096432][ T5829] ocfs2: Unmounting device (7,5) on (node local)
[  753.110588][T24623] FAT-fs (loop0): Directory bread(block 64) failed
[  753.166610][T24623] FAT-fs (loop0): Directory bread(block 65) failed
[  753.185218][T24623] FAT-fs (loop0): Directory bread(block 66) failed
[  753.233234][T24623] FAT-fs (loop0): Directory bread(block 67) failed
[  753.287922][T24623] FAT-fs (loop0): Directory bread(block 68) failed
[  753.325537][T24623] FAT-fs (loop0): Directory bread(block 69) failed
[  753.332193][T24623] FAT-fs (loop0): Directory bread(block 70) failed
[  753.411065][T24623] FAT-fs (loop0): Directory bread(block 71) failed
[  753.417716][T24623] FAT-fs (loop0): Directory bread(block 72) failed
[  753.464839][T24637] netlink: 8 bytes leftover after parsing attributes in process `syz.4.8133'.
[  753.482936][T24623] FAT-fs (loop0): Directory bread(block 73) failed
[  753.710518][T24643] netlink: 16 bytes leftover after parsing attributes in process `syz.1.8135'.
[  753.839549][T24648] netlink: 72 bytes leftover after parsing attributes in process `syz.0.8136'.
[  753.847751][T24650] netlink: zone id is out of range
[  753.874989][T24650] netlink: zone id is out of range
[  753.882696][T24648] netlink: 12 bytes leftover after parsing attributes in process `syz.0.8136'.
[  753.897070][T24650] netlink: zone id is out of range
[  753.917995][T24650] netlink: zone id is out of range
[  753.935090][T24648] netlink: 16 bytes leftover after parsing attributes in process `syz.0.8136'.
[  753.936851][T24650] netlink: zone id is out of range
[  753.967638][T24650] netlink: zone id is out of range
[  753.979958][T24650] netlink: zone id is out of range
[  753.995104][T24654] netlink: 20 bytes leftover after parsing attributes in process `syz.1.8138'.
[  754.009857][T24650] netlink: zone id is out of range
[  754.421406][T24668] loop0: detected capacity change from 0 to 1024
[  754.455976][T24668] EXT4-fs: Ignoring removed orlov option
[  754.502404][T24670] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8146'.
[  754.580850][T24668] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  754.850992][ T5825] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  754.928007][T24634] loop3: detected capacity change from 0 to 40427
[  754.980101][T24634] F2FS-fs (loop3): Invalid log sectorsize (14)
[  754.986840][T24634] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  755.007765][T24634] F2FS-fs (loop3): build fault injection rate: 14
[  755.014340][T24634] F2FS-fs (loop3): build fault injection type: 0x1
[  755.030444][T24634] F2FS-fs (loop3): invalid crc value
[  755.053891][T24634] F2FS-fs (loop3): inject kmalloc in f2fs_kmalloc of f2fs_build_segment_manager+0x3165/0x4a80
[  755.093907][T24634] F2FS-fs (loop3): Failed to initialize F2FS segment manager (-12)
[  755.255530][T24698] netlink: 8 bytes leftover after parsing attributes in process `syz.5.8158'.
[  755.756870][T24718] net_ratelimit: 13 callbacks suppressed
[  755.756895][T24718] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  755.993447][T24685] loop6: detected capacity change from 0 to 40427
[  756.053849][T24685] F2FS-fs (loop6): invalid crc value
[  756.363013][T24685] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  756.400814][T24685] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  756.462917][T24735] loop3: detected capacity change from 0 to 4096
[  756.513610][T24735] ntfs3(loop3): Different NTFS sector size (2048) and media sector size (512).
[  756.627361][T24735] ntfs3(loop3): Failed to initialize $Extend/$ObjId.
[  756.974799][T24762] Sensor B: =================  START STATUS  =================
[  756.999976][T24762] Sensor B: Test Pattern: 75% Colorbar
[  757.033983][T24762] Sensor B: Show Information: All
[  757.094723][T24762] Sensor B: Vertical Flip: false
[  757.110298][T24762] Sensor B: Horizontal Flip: false
[  757.142252][T24762] Sensor B: Brightness: 128
[  757.168998][T24762] Sensor B: Contrast: 128
[  757.182623][T24762] Sensor B: Hue: 0
[  757.195704][T24762] Sensor B: Saturation: 128
[  757.209362][T24762] Sensor B: ==================  END STATUS  ==================
[  757.683820][T24792] __nla_validate_parse: 1 callbacks suppressed
[  757.683843][T24792] netlink: 148 bytes leftover after parsing attributes in process `syz.0.8201'.
[  757.915695][T24792] netlink: 148 bytes leftover after parsing attributes in process `syz.0.8201'.
[  758.250313][T24823] loop4: detected capacity change from 0 to 1024
[  758.464811][T24830] openvswitch: netlink: IP tunnel TTL not specified.
[  758.604229][   T49] hfsplus: b-tree write err: -5, ino 25
[  758.624675][   T49] hfsplus: b-tree write err: -5, ino 4
[  758.671061][   T49] hfsplus: b-tree write err: -5, ino 2
[  758.729555][T24837] loop5: detected capacity change from 0 to 4096
[  758.780712][T24837] ntfs3(loop5): Different NTFS sector size (2048) and media sector size (512).
[  758.874393][T24837] ntfs3(loop5): Failed to initialize $Extend/$ObjId.
[  758.995838][T24837] ntfs3: Cannot use different iocharset when remounting!
[  759.771011][T24838] loop3: detected capacity change from 0 to 32768
[  759.808535][T24838] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.8222 (24838)
[  759.831990][T24838] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  759.832031][T24838] BTRFS info (device loop3): using sha256 checksum algorithm
[  760.009374][T24838] BTRFS info (device loop3): enabling ssd optimizations
[  760.009407][T24838] BTRFS info (device loop3): turning on async discard
[  760.009429][T24838] BTRFS info (device loop3): enabling free space tree
[  760.238218][ T5822] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  760.463481][T24850] loop0: detected capacity change from 0 to 32768
[  760.585588][T24850] XFS (loop0): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  760.726595][T24920] netlink: 72 bytes leftover after parsing attributes in process `syz.6.8255'.
[  760.804072][T24920] netlink: 72 bytes leftover after parsing attributes in process `syz.6.8255'.
[  760.833226][T24928] loop5: detected capacity change from 0 to 1024
[  760.851716][T24850] XFS (loop0): Ending clean mount
[  760.874801][T24928] EXT4-fs: Ignoring removed orlov option
[  760.903601][T24928] EXT4-fs (loop5): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  761.038683][ T5825] XFS (loop0): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  761.056845][T24928] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  761.372673][ T5829] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  761.604703][T24919] loop1: detected capacity change from 0 to 32768
[  761.701406][T24919] JBD2: Ignoring recovery information on journal
[  761.715201][T24944] netdevsim netdevsim3 netdevsim0: entered allmulticast mode
[  761.746058][T24948] netlink: 'syz.0.8260': attribute type 1 has an invalid length.
[  761.754543][T24948] netlink: 16 bytes leftover after parsing attributes in process `syz.0.8260'.
[  761.792810][T24944] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  761.819244][T24951] netlink: 8 bytes leftover after parsing attributes in process `syz.0.8268'.
[  761.917611][T24919] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  761.955523][T24957] misc userio: No port type given on /dev/userio
[  762.040127][T24951] bond3 (unregistering): Released all slaves
[  762.290713][ T5826] ocfs2: Unmounting device (7,1) on (node local)
[  762.440550][T24929] loop4: detected capacity change from 0 to 40427
[  762.488462][T24929] F2FS-fs: heap/no_heap options were deprecated
[  762.546744][T24929] F2FS-fs (loop4): build fault injection rate: 19
[  762.563622][T24977] netlink: 4 bytes leftover after parsing attributes in process `syz.5.8280'.
[  762.572517][T24977] openvswitch: netlink: Invalid VLAN frame
[  762.576764][T24929] F2FS-fs (loop4): build fault injection type: 0x77e8c
[  762.591097][T24974] m1Ie5nè‹: entered promiscuous mode
[  762.613013][T24929] F2FS-fs (loop4): invalid crc value
[  762.633211][T24929] F2FS-fs (loop4): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_ra_meta_pages+0x21c/0xd60
[  762.710026][T24929] F2FS-fs (loop4): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_submit_page_bio+0x18f/0xaa0
[  762.788747][T24982] loop6: detected capacity change from 0 to 1024
[  762.806860][    C0] F2FS-fs (loop4): inject read IO error in f2fs_read_end_io of blk_update_request+0x57e/0xe60
[  763.091433][T24929] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  763.109904][ T6006] usb 6-1: new full-speed USB device number 89 using dummy_hcd
[  763.157837][T24929] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  763.198743][T24929] F2FS-fs (loop4): inject dquot initialize in f2fs_dquot_initialize of f2fs_new_inode+0x525/0xff0
[  763.323527][ T6006] usb 6-1: config 27 has an invalid descriptor of length 0, skipping remainder of the config
[  763.347948][ T6006] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  763.391786][ T6006] usb 6-1: config 27 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  763.429174][    C0] F2FS-fs (loop4): inject write IO error in f2fs_write_end_io of blk_update_request+0x57e/0xe60
[  763.440517][    C0] CPU: 0 UID: 0 PID: 15 Comm: ksoftirqd/0 Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  763.440555][    C0] Tainted: [L]=SOFTLOCKUP
[  763.440565][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  763.440580][    C0] Call Trace:
[  763.440590][    C0]  <TASK>
[  763.440601][    C0]  dump_stack_lvl+0xe8/0x150
[  763.440642][    C0]  f2fs_handle_critical_error+0x37c/0x540
[  763.440678][    C0]  f2fs_write_end_io+0xcdb/0xff0
[  763.440712][    C0]  ? blk_update_request+0x57e/0xe60
[  763.440765][    C0]  blk_update_request+0x57e/0xe60
[  763.440814][    C0]  blk_mq_end_request+0x3e/0x70
[  763.440849][    C0]  blk_flush_complete_seq+0x678/0xcc0
[  763.440894][    C0]  flush_end_io+0xbaa/0xe60
[  763.440943][    C0]  __blk_mq_end_request+0x4f8/0x630
[  763.440984][    C0]  blk_done_softirq+0x10a/0x160
[  763.441016][    C0]  ? smpboot_thread_fn+0x4d/0xa50
[  763.441062][    C0]  handle_softirqs+0x22a/0x870
[  763.441098][    C0]  ? schedule+0x90/0x360
[  763.441132][    C0]  ? run_ksoftirqd+0x36/0x60
[  763.441176][    C0]  ? smpboot_thread_fn+0x4d/0xa50
[  763.441212][    C0]  run_ksoftirqd+0x36/0x60
[  763.441247][    C0]  smpboot_thread_fn+0x541/0xa50
[  763.441285][    C0]  ? smpboot_thread_fn+0x4d/0xa50
[  763.441332][    C0]  kthread+0x388/0x470
[  763.441357][    C0]  ? __pfx_smpboot_thread_fn+0x10/0x10
[  763.441391][    C0]  ? __pfx_kthread+0x10/0x10
[  763.441416][    C0]  ret_from_fork+0x51e/0xb90
[  763.441453][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  763.441484][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  763.441513][    C0]  ? __switch_to+0xc7d/0x1450
[  763.441546][    C0]  ? __pfx_kthread+0x10/0x10
[  763.441572][    C0]  ret_from_fork_asm+0x1a/0x30
[  763.441630][    C0]  </TASK>
[  763.441640][    C0] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  763.613997][ T5823] F2FS-fs (loop4): do_checkpoint failed err:-5, stop checkpoint
[  763.627464][ T6006] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  763.636941][ T6006] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  763.698117][ T6006] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  763.901776][ T6006] snd-usb-audio 6-1:27.0: probe with driver snd-usb-audio failed with error -2
[  763.941376][   T30] audit: type=1326 audit(1772892494.975:294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25021 comm="syz.1.8299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d8ff9c799 code=0x7ffc0000
[  764.015804][ T6279] udevd[6279]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  764.020386][ T6006] usb 6-1: USB disconnect, device number 89
[  764.058876][   T30] audit: type=1326 audit(1772892495.003:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25021 comm="syz.1.8299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d8ff9c799 code=0x7ffc0000
[  764.148140][   T30] audit: type=1326 audit(1772892495.003:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25021 comm="syz.1.8299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=208 compat=0 ip=0x7f7d8ff9c799 code=0x7ffc0000
[  764.240877][   T30] audit: type=1326 audit(1772892495.003:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25021 comm="syz.1.8299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d8ff9c799 code=0x7ffc0000
[  764.383674][   T30] audit: type=1326 audit(1772892495.003:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25021 comm="syz.1.8299" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d8ff9c799 code=0x7ffc0000
[  765.168167][T25077] netlink: 20 bytes leftover after parsing attributes in process `syz.3.8321'.
[  765.226865][T25077] netlink: 276 bytes leftover after parsing attributes in process `syz.3.8321'.
[  765.372560][T25083] loop6: detected capacity change from 0 to 512
[  765.517559][T25083] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  765.553964][T25083] ext4 filesystem being mounted at /205/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  765.636289][T25096] program syz.1.8330 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  765.815802][T25103] loop4: detected capacity change from 0 to 128
[  765.860064][T25103] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  765.888209][T21254] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  765.958400][T25103] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  766.075840][T25111] loop5: detected capacity change from 0 to 764
[  766.138510][T25111] Symlink component flag not implemented
[  766.178849][T25111] Symlink component flag not implemented (15)
[  766.420482][T25130] xt_connbytes: Forcing CT accounting to be enabled
[  766.486073][T25130] x_tables: ip_tables: DNAT target: used from hooks POSTROUTING, but only usable from PREROUTING/OUTPUT
[  766.533036][T25135] loop1: detected capacity change from 0 to 1024
[  766.643265][T25136] loop5: detected capacity change from 0 to 4096
[  766.744001][T25136] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  766.777875][  T185] hfsplus: b-tree write err: -5, ino 25
[  766.783915][  T185] hfsplus: b-tree write err: -5, ino 4
[  766.805313][  T185] hfsplus: b-tree write err: -5, ino 2
[  766.908080][T25154] netlink: 'syz.6.8352': attribute type 2 has an invalid length.
[  766.948746][T25154] netlink: 228 bytes leftover after parsing attributes in process `syz.6.8352'.
[  767.080589][ T5829] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  767.340998][ T6006] usb 2-1: new full-speed USB device number 91 using dummy_hcd
[  767.538238][ T6006] usb 2-1: New USB device found, idVendor=041e, idProduct=0005, bcdDevice= 0.40
[  767.581684][ T6006] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  767.618653][ T6006] usb 2-1: Product: syz
[  767.658578][ T6006] usb 2-1: Manufacturer: syz
[  767.669747][ T6006] usb 2-1: SerialNumber: syz
[  768.017054][ T6006] usb 2-1: USB disconnect, device number 91
[  768.420524][T25160] loop3: detected capacity change from 0 to 32768
[  768.501781][T25160] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  768.634222][T25160] XFS (loop3): Ending clean mount
[  768.735232][T25160] XFS (loop3): Quotacheck needed: Please wait.
[  768.877090][T25160] XFS (loop3): Quotacheck: Done.
[  769.046638][ T6006] usb 5-1: new high-speed USB device number 87 using dummy_hcd
[  769.130223][ T5822] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  769.308239][ T6006] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  769.340044][ T6006] usb 5-1: config 0 interface 0 has no altsetting 0
[  769.349573][ T6006] usb 5-1: New USB device found, idVendor=10fd, idProduct=1513, bcdDevice=b1.f9
[  769.355871][ T5887] usb 2-1: new full-speed USB device number 92 using dummy_hcd
[  769.369255][ T6006] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  769.436370][ T6006] usb 5-1: Product: syz
[  769.446994][ T6006] usb 5-1: Manufacturer: syz
[  769.451612][ T6006] usb 5-1: SerialNumber: syz
[  769.495124][ T6006] usb 5-1: config 0 descriptor??
[  769.547988][ T5887] usb 2-1: config 0 has an invalid interface number: 146 but max is 0
[  769.551226][ T6006] dvb-usb: found a 'MSI DIGI VOX mini II DVB-T USB2.0' in warm state.
[  769.585691][ T6006] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  769.586624][ T5887] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  769.616383][ T6006] dvbdev: DVB: registering new adapter (MSI DIGI VOX mini II DVB-T USB2.0)
[  769.641048][ T6006] usb 5-1: media controller created
[  769.662507][ T5887] usb 2-1: config 0 has no interface number 0
[  769.677345][ T6006] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  769.704523][ T5887] usb 2-1: config 0 interface 146 altsetting 0 has an endpoint descriptor with address 0x1C, changing to 0xC
[  769.740877][ T5887] usb 2-1: config 0 interface 146 altsetting 0 endpoint 0xC has invalid wMaxPacketSize 0
[  769.777814][ T5887] usb 2-1: config 0 interface 146 altsetting 0 has an endpoint descriptor with address 0xE3, changing to 0x83
[  769.833794][ T5887] usb 2-1: config 0 interface 146 altsetting 0 endpoint 0x83 has invalid maxpacket 33307, setting to 64
[  769.874585][ T5887] usb 2-1: config 0 interface 146 altsetting 0 has an endpoint descriptor with address 0xF2, changing to 0x82
[  769.893673][T25251] loop0: detected capacity change from 0 to 4096
[  769.906686][ T5887] usb 2-1: config 0 interface 146 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  769.910938][ T6006] DVB: Unable to find symbol tda10046_attach()
[  769.947490][T25251] ntfs3(loop0): Different NTFS sector size (4096) and media sector size (512).
[  769.957858][ T6006] dvb-usb: no frontend was attached by 'MSI DIGI VOX mini II DVB-T USB2.0'
[  769.960501][ T5887] usb 2-1: New USB device found, idVendor=05da, idProduct=009a, bcdDevice=62.95
[  770.006606][ T6006] dvb-usb: MSI DIGI VOX mini II DVB-T USB2.0 successfully initialized and connected.
[  770.008456][ T5887] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  770.066707][ T5887] usb 2-1: Product: syz
[  770.082276][T25251] ntfs3(loop0): ino=3, ntfs_set_state failed, -22.
[  770.085306][ T5887] usb 2-1: Manufacturer: syz
[  770.111169][ T5887] usb 2-1: SerialNumber: syz
[  770.131491][T25251] ntfs3(loop0): Failed to initialize $Extend/$Reparse.
[  770.159229][ T5887] usb 2-1: config 0 descriptor??
[  770.192795][T25233] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  770.203504][ T5887] microtek usb (rev 0.4.3): will this work? Command EP is not usually 12
[  770.244022][ T5887] microtek usb (rev 0.4.3): will this work? Response EP is not usually 3
[  770.265403][  T185] ntfs3(loop0): ino=3, ntfs3_write_inode failed, -22.
[  770.272991][ T6006] dvb_usb_m920x 5-1:0.0: probe with driver dvb_usb_m920x failed with error -71
[  770.285007][ T5887] microtek usb (rev 0.4.3): will this work? Image data EP is not usually 2
[  770.297149][ T5825] ntfs3(loop0): ino=3, ntfs_set_state failed, -22.
[  770.309742][ T5825] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  770.324446][ T5825] ntfs3(loop0): ino=3, ntfs_set_state failed, -22.
[  770.337131][ T6006] usb 5-1: USB disconnect, device number 87
[  770.348389][   T13] ntfs3(loop0): ino=3, ntfs3_write_inode failed, -22.
[  770.382460][ T5887] scsi host1: microtekX6
[  770.408851][  T185] microtek usb (rev 0.4.3): error -90 submitting URB
[  770.438135][T25272] netlink: 68 bytes leftover after parsing attributes in process `syz.5.8403'.
[  770.468914][ T5887] usb 2-1: USB disconnect, device number 92
[  770.487267][ T2254] microtek usb (rev 0.4.3): error -19 submitting URB
[  770.515546][T25274] loop6: detected capacity change from 0 to 512
[  770.522132][ T2254] microtek usb (rev 0.4.3): error -19 submitting URB
[  770.569858][ T2254] microtek usb (rev 0.4.3): error -19 submitting URB
[  770.613738][T25274] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  770.644964][T25274] ext4 filesystem being mounted at /222/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  770.813885][T25287] SET target dimension over the limit!
[  770.910915][T21254] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  771.226278][T25299] pimreg: entered allmulticast mode
[  771.613101][T25311] overlayfs: conflicting options: nfs_export=on,index=off
[  771.744451][T25319] loop1: detected capacity change from 0 to 256
[  771.772431][T25319] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  771.849956][T25319] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  771.865169][T25323] vlan0: entered promiscuous mode
[  771.961909][T25282] loop3: detected capacity change from 0 to 32768
[  772.008216][T25282] JBD2: Ignoring recovery information on journal
[  772.174378][T25282] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  772.226580][T25336] loop6: detected capacity change from 0 to 512
[  772.262551][T25336] EXT4-fs (loop6): Test dummy encryption mode enabled
[  772.278469][T25336] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  772.343181][T25336] EXT4-fs error (device loop6): ext4_orphan_get:1417: comm syz.6.8430: bad orphan inode 131083
[  772.354791][T25336] loop6: lost filesystem error report for type 5 error -117
[  772.362774][T25336] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  772.408431][T25282] syz.3.8405 (25282) used greatest stack depth: 18080 bytes left
[  772.545909][T25352] loop5: detected capacity change from 0 to 1764
[  772.556816][T21254] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  772.656754][T25352] iso9660: Corrupted directory entry in block 14 of inode 1920
[  772.714873][ T5822] ocfs2: Unmounting device (7,3) on (node local)
[  772.946520][T25363] loop0: detected capacity change from 0 to 8
[  773.002801][T25363] SQUASHFS error: lzo decompression failed, data probably corrupt
[  773.047998][T25363] SQUASHFS error: Failed to read block 0x0: -5
[  773.097686][T25363] SQUASHFS error: lzo decompression failed, data probably corrupt
[  773.134975][T25363] SQUASHFS error: Failed to read block 0x0: -5
[  773.182849][   T30] audit: type=1800 audit(1772892503.628:299): pid=25363 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.8445" name="file2" dev="loop0" ino=3 res=0 errno=0
[  773.524780][T25384] SET target dimension over the limit!
[  773.682469][T25392] openvswitch: netlink: IP tunnel dst address not specified
[  773.690048][T25382] loop0: detected capacity change from 0 to 4096
[  773.809146][ T6006] usb 4-1: new high-speed USB device number 72 using dummy_hcd
[  774.001154][ T6006] usb 4-1: Using ep0 maxpacket: 8
[  774.029896][ T6006] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 7
[  774.048766][T25402] netlink: 'syz.6.8464': attribute type 10 has an invalid length.
[  774.064284][ T6006] usb 4-1: New USB device found, idVendor=082d, idProduct=0100, bcdDevice=70.4b
[  774.095822][ T6006] usb 4-1: New USB device strings: Mfr=44, Product=2, SerialNumber=3
[  774.129576][ T6006] usb 4-1: Product: syz
[  774.135084][ T6006] usb 4-1: Manufacturer: syz
[  774.144678][ T6006] usb 4-1: SerialNumber: syz
[  774.281585][T25410] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  774.428881][ T6006] usb 4-1: Handspring Visor / Palm OS: No valid connect info available
[  774.452448][ T6006] usb 4-1: Handspring Visor / Palm OS: port 0, is for Generic use
[  774.477250][ T6006] usb 4-1: Handspring Visor / Palm OS: port 0, is for Generic use
[  774.494796][ T6006] usb 4-1: Handspring Visor / Palm OS: Number of ports: 2
[  774.647760][ T6006] usb 4-1: palm_os_3_probe - error -71 getting bytes available request
[  774.696244][ T6006] visor 4-1:1.0: Handspring Visor / Palm OS converter detected
[  774.741709][ T6006] usb 4-1: Handspring Visor / Palm OS converter now attached to ttyUSB0
[  774.770119][ T6006] usb 4-1: Handspring Visor / Palm OS converter now attached to ttyUSB1
[  774.797442][ T6006] usb 4-1: USB disconnect, device number 72
[  774.826500][ T6006] visor ttyUSB0: Handspring Visor / Palm OS converter now disconnected from ttyUSB0
[  774.877448][ T6006] visor ttyUSB1: Handspring Visor / Palm OS converter now disconnected from ttyUSB1
[  774.918355][ T6006] visor 4-1:1.0: device disconnected
[  775.321984][T25450] bond0: (slave ipvlan0): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  775.358987][T25451] ALSA: mixer_oss: invalid OSS volume ''
[  775.374544][T25450] bond0: (slave ipvlan0): The slave device specified does not support setting the MAC address
[  775.415916][T25450] bond0: (slave ipvlan0): Error -95 calling set_mac_address
[  775.455786][T25460] netdevsim netdevsim5 : renamed from netdevsim0 (while UP)
[  775.769496][ T1294] ieee802154 phy1 wpan1: encryption failed: -22
[  776.041099][T25489] ip6t_srh: unknown srh match flags  4000
[  776.281438][T25499] loop0: detected capacity change from 0 to 8
[  776.329278][T25499] SQUASHFS error: Unable to read inode 0xa7
[  776.772490][T25518] loop4: detected capacity change from 0 to 64
[  776.973422][ T5838] usb 1-1: new high-speed USB device number 93 using dummy_hcd
[  777.110310][T25491] loop1: detected capacity change from 0 to 32768
[  777.162446][T25491] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.8507 (25491)
[  777.188794][ T5838] usb 1-1: unable to get BOS descriptor or descriptor too short
[  777.198350][ T5838] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2
[  777.208748][ T5838] usb 1-1: config 1 interface 0 altsetting 247 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  777.239531][T25491] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  777.261883][ T5838] usb 1-1: config 1 interface 0 has no altsetting 1
[  777.282782][T25491] BTRFS info (device loop1): using sha256 checksum algorithm
[  777.316247][ T5838] usb 1-1: New USB device found, idVendor=2040, idProduct=b990, bcdDevice=f6.75
[  777.325387][ T5838] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  777.358019][ T5838] usb 1-1: Product: syz
[  777.364164][ T5838] usb 1-1: Manufacturer: syz
[  777.392878][ T5838] usb 1-1: SerialNumber: syz
[  777.436067][ T5838] smsusb:smsusb_probe: board id=8, interface number 0
[  777.485528][T25491] BTRFS info (device loop1): rebuilding free space tree
[  777.556557][T25491] BTRFS info (device loop1): disabling free space tree
[  777.580393][T25491] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  777.632887][T25491] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  777.664396][ T5838] smsusb:smsusb_probe: Device initialized with return code -19
[  777.698917][T25491] BTRFS info (device loop1): enabling ssd optimizations
[  777.741695][T25491] BTRFS info (device loop1): turning on async discard
[  777.764311][T25491] BTRFS info (device loop1): force clearing of disk cache
[  777.784581][T25491] BTRFS info (device loop1): enabling auto defrag
[  777.800115][T25491] BTRFS info (device loop1): max_inline set to 4096
[  777.911633][ T5838] usb 1-1: USB disconnect, device number 93
[  777.939314][T25491] BTRFS info (device loop1 state M): max_inline set to 4096
[  778.009410][T25520] loop3: detected capacity change from 0 to 32768
[  778.044189][T25520] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.8522 (25520)
[  778.102163][ T5826] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  778.113649][T25526] loop4: detected capacity change from 0 to 32768
[  778.131483][T25520] BTRFS info (device loop3): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  778.157776][T25520] BTRFS info (device loop3): using sha256 checksum algorithm
[  778.184999][T25520] BTRFS warning (device loop3): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  778.227104][T25526] JBD2: Ignoring recovery information on journal
[  778.236914][T25561] loop5: detected capacity change from 0 to 128
[  778.260678][T25561] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[  778.474855][T25561] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  778.491686][T25526] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  778.558070][T25520] BTRFS info (device loop3): rebuilding free space tree
[  778.663605][T25526] OCFS2: ERROR (device loop4): int ocfs2_xattr_find_entry(struct inode *, int, const char *, struct ocfs2_xattr_search *): corrupted xattr entries
[  778.663681][T25526] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  778.743666][T25520] BTRFS info (device loop3): disabling free space tree
[  778.764213][T25526] OCFS2: File system is now read-only.
[  778.795767][T25520] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  778.808037][T25526] (syz.4.8525,25526,1):ocfs2_calc_xattr_init:642 ERROR: status = -117
[  778.854796][T25526] (syz.4.8525,25526,1):ocfs2_mknod:338 ERROR: status = -117
[  778.854932][T25520] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  778.894343][T25526] (syz.4.8525,25526,1):ocfs2_mknod:506 ERROR: status = -117
[  778.951022][T25526] (syz.4.8525,25526,0):ocfs2_mkdir:662 ERROR: status = -117
[  778.969892][T25520] BTRFS info (device loop3): checking UUID tree
[  778.984566][T25588] i2c i2c-0: Frontend requested software zigzag, but didn't set the frequency step size
[  779.023574][T25590] netlink: 'syz.5.8539': attribute type 7 has an invalid length.
[  779.044571][T25520] BTRFS info (device loop3): setting nodatasum
[  779.061784][T25590] netlink: 'syz.5.8539': attribute type 8 has an invalid length.
[  779.069709][   T30] audit: type=1326 audit(1772892509.128:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25592 comm="syz.6.8540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b6219c799 code=0x7ffc0000
[  779.089864][T25590] netlink: 'syz.5.8539': attribute type 13 has an invalid length.
[  779.099932][T25520] BTRFS info (device loop3): setting nodatacow
[  779.117344][T25520] BTRFS info (device loop3): enabling ssd optimizations
[  779.150508][T25520] BTRFS info (device loop3): turning on async discard
[  779.172135][   T30] audit: type=1326 audit(1772892509.137:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25592 comm="syz.6.8540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b6219c799 code=0x7ffc0000
[  779.195908][T25520] BTRFS info (device loop3): enabling disk space caching
[  779.236093][T25520] BTRFS info (device loop3): force clearing of disk cache
[  779.266206][ T5823] ocfs2: Unmounting device (7,4) on (node local)
[  779.283328][   T30] audit: type=1326 audit(1772892509.137:302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25592 comm="syz.6.8540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b6219c799 code=0x7ffc0000
[  779.409658][   T30] audit: type=1326 audit(1772892509.137:303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25592 comm="syz.6.8540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=198 compat=0 ip=0x7f3b6219c799 code=0x7ffc0000
[  779.515435][   T30] audit: type=1326 audit(1772892509.137:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25592 comm="syz.6.8540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b6219c799 code=0x7ffc0000
[  779.538722][   T30] audit: type=1326 audit(1772892509.137:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25592 comm="syz.6.8540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b6219c799 code=0x7ffc0000
[  779.609116][ T5822] BTRFS info (device loop3): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  779.633941][   T30] audit: type=1326 audit(1772892509.137:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25592 comm="syz.6.8540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f3b6219c799 code=0x7ffc0000
[  779.736271][   T30] audit: type=1326 audit(1772892509.137:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25592 comm="syz.6.8540" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f3b6219c799 code=0x7ffc0000
[  779.753856][T25603] loop0: detected capacity change from 0 to 1024
[  780.046796][   T30] audit: type=1326 audit(1772892510.007:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25614 comm="syz.3.8546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fe8f9c799 code=0x7ffc0000
[  780.149717][T25612] bond2: Unable to set down delay as MII monitoring is disabled
[  780.163851][   T30] audit: type=1326 audit(1772892510.007:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=25614 comm="syz.3.8546" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5fe8f9c799 code=0x7ffc0000
[  780.163931][ T1038] hfsplus: b-tree write err: -5, ino 25
[  780.230285][T25621] netlink: 'syz.5.8552': attribute type 1 has an invalid length.
[  780.250225][T25612] bond2 (unregistering): Released all slaves
[  780.265910][T25621] netlink: 96 bytes leftover after parsing attributes in process `syz.5.8552'.
[  780.274899][T25621] netlink: 658 bytes leftover after parsing attributes in process `syz.5.8552'.
[  780.284995][ T1038] hfsplus: b-tree write err: -5, ino 4
[  780.306268][ T1038] hfsplus: b-tree write err: -5, ino 2
[  780.343264][T25621] netlink: 1 bytes leftover after parsing attributes in process `syz.5.8552'.
[  780.802646][T25640] dlm: no locking on control device
[  781.221750][T25654] xt_time: unknown flags 0xc
[  781.808980][T25681] loop3: detected capacity change from 0 to 256
[  781.941929][T25681] FAT-fs (loop3): Directory bread(block 64) failed
[  781.992990][T25681] FAT-fs (loop3): Directory bread(block 65) failed
[  782.030508][T25681] FAT-fs (loop3): Directory bread(block 66) failed
[  782.080554][T25681] FAT-fs (loop3): Directory bread(block 67) failed
[  782.088621][T25693] loop6: detected capacity change from 0 to 128
[  782.113063][T25681] FAT-fs (loop3): Directory bread(block 68) failed
[  782.147764][T25681] FAT-fs (loop3): Directory bread(block 69) failed
[  782.154397][T25681] FAT-fs (loop3): Directory bread(block 70) failed
[  782.225884][T25681] FAT-fs (loop3): Directory bread(block 71) failed
[  782.260662][T25681] FAT-fs (loop3): Directory bread(block 72) failed
[  782.293071][T25681] FAT-fs (loop3): Directory bread(block 73) failed
[  782.333866][T25699] loop5: detected capacity change from 0 to 1024
[  782.657049][T25711] openvswitch: netlink: IP tunnel dst address not specified
[  782.760388][T25672] loop1: detected capacity change from 0 to 32768
[  782.831783][T25672] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.8574 (25672)
[  782.894207][T25672] BTRFS info (device loop1): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  782.934203][T25672] BTRFS info (device loop1): using xxhash64 checksum algorithm
[  782.965137][T25672] BTRFS warning (device loop1): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  783.273450][T25672] BTRFS info (device loop1): rebuilding free space tree
[  783.382074][T25672] BTRFS info (device loop1): disabling free space tree
[  783.425676][T25672] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  783.462470][T16032] Bluetooth: hci3: command 0x0406 tx timeout
[  783.474302][T25672] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  783.504992][T25672] BTRFS info (device loop1): setting nodatasum
[  783.511863][T25672] BTRFS info (device loop1): allowing degraded mounts
[  783.538260][T25672] BTRFS info (device loop1): turning on async discard
[  783.567236][T25672] BTRFS info (device loop1): enabling disk space caching
[  783.574802][T25672] BTRFS info (device loop1): force clearing of disk cache
[  783.582078][T25672] BTRFS info (device loop1): force zlib compression, level 3
[  783.740724][T25672] BTRFS info (device loop1): balance: start -f
[  783.758307][T25672] BTRFS info (device loop1): balance: ended with status: 0
[  783.994709][ T5826] BTRFS info (device loop1): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  784.614216][T25803] cgroup: Unexpected value for 'nofavordynmods'
[  785.675202][T25847] Option '    ' to dns_resolver key: bad/missing value
[  785.901603][T25860] netlink: 72 bytes leftover after parsing attributes in process `syz.6.8660'.
[  785.935577][T25860] A link change request failed with some changes committed already. Interface veth1_macvtap may have been left with an inconsistent configuration, please check.
[  786.028438][ T6004] usb 2-1: new high-speed USB device number 93 using dummy_hcd
[  786.210029][ T6004] usb 2-1: Using ep0 maxpacket: 32
[  786.217450][ T6004] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x82 has invalid wMaxPacketSize 0
[  786.239586][ T6004] usb 2-1: config 0 interface 0 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 0
[  786.261082][ T6004] usb 2-1: config 0 interface 0 has no altsetting 0
[  786.268529][ T5838] usb 1-1: new full-speed USB device number 94 using dummy_hcd
[  786.296678][ T6004] usb 2-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  786.324817][ T6004] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  786.346428][ T6004] usb 2-1: Product: syz
[  786.357229][ T6004] usb 2-1: Manufacturer: syz
[  786.372880][ T6004] usb 2-1: SerialNumber: syz
[  786.389542][ T6004] usb 2-1: config 0 descriptor??
[  786.463606][ T5838] usb 1-1: config 8 has an invalid interface number: 223 but max is 0
[  786.474931][T25883] unsupported nla_type 142
[  786.483318][ T5838] usb 1-1: config 8 contains an unexpected descriptor of type 0x2, skipping
[  786.498490][ T5838] usb 1-1: config 8 has an invalid descriptor of length 0, skipping remainder of the config
[  786.520111][ T5838] usb 1-1: config 8 has no interface number 0
[  786.526287][ T5838] usb 1-1: config 8 interface 223 altsetting 0 endpoint 0x7 has invalid maxpacket 512, setting to 64
[  786.545820][ T5838] usb 1-1: config 8 interface 223 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  786.571999][ T5838] usb 1-1: New USB device found, idVendor=a6da, idProduct=7458, bcdDevice=2d.4d
[  786.582066][ T5838] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  786.603275][ T5838] usb 1-1: Product: syz
[  786.618504][ T6004] gs_usb 2-1:0.0: Couldn't send data format (err=-71)
[  786.627013][ T6006] usb 6-1: new full-speed USB device number 90 using dummy_hcd
[  786.647122][ T5838] usb 1-1: Manufacturer: syz
[  786.652412][ T6004] gs_usb 2-1:0.0: probe with driver gs_usb failed with error -71
[  786.662579][ T5838] usb 1-1: SerialNumber: syz
[  786.679104][ T6004] usb 2-1: USB disconnect, device number 93
[  786.846530][ T6006] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  786.882270][ T6006] usb 6-1: New USB device found, idVendor=134c, idProduct=0002, bcdDevice=ec.7e
[  786.895584][T25891] netlink: 4 bytes leftover after parsing attributes in process `syz.3.8676'.
[  786.924009][ T6006] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  786.947166][ T5838] usb 1-1: USB disconnect, device number 94
[  786.954030][ T6006] usb 6-1: Product: syz
[  786.970817][ T6006] usb 6-1: Manufacturer: syz
[  786.986402][ T6006] usb 6-1: SerialNumber: syz
[  787.001935][ T6006] usb 6-1: config 0 descriptor??
[  787.031961][ T6006] hub 6-1:0.0: bad descriptor, ignoring hub
[  787.049917][ T6006] hub 6-1:0.0: probe with driver hub failed with error -5
[  787.090549][ T6006] input: syz syz as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input39
[  787.358883][T25901] netlink: 16 bytes leftover after parsing attributes in process `syz.1.8681'.
[  787.539622][T25885] loop6: detected capacity change from 0 to 32768
[  787.576969][T25885] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.8673 (25885)
[  787.603752][T25908] loop1: detected capacity change from 0 to 16
[  787.605579][T25909] netlink: 21 bytes leftover after parsing attributes in process `syz.0.8685'.
[  787.641609][T25908] erofs (device loop1): mounted with root inode @ nid 36.
[  787.677621][T25885] BTRFS info (device loop6): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  787.696326][T25908] erofs (device loop1): readahead error at folio 2 @ nid 89
[  787.714523][T25885] BTRFS info (device loop6): using sha256 checksum algorithm
[  787.715019][T25909] gretap0: entered promiscuous mode
[  787.728294][T25908] erofs (device loop1): readahead error at folio 1 @ nid 89
[  787.728322][T25908] erofs (device loop1): readahead error at folio 0 @ nid 89
[  787.728355][T25908] erofs (device loop1): read error -117 @ 0 of nid 89
[  787.749555][   T30] kauditd_printk_skb: 7 callbacks suppressed
[  787.749582][   T30] audit: type=1800 audit(1772892517.238:317): pid=25908 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.8684" name="file2" dev="loop1" ino=89 res=0 errno=0
[  788.056780][T25885] BTRFS info (device loop6): enabling ssd optimizations
[  788.073181][T25934] tmpfs: Bad value for 'nr_blocks'
[  788.146251][T25885] BTRFS info (device loop6): turning on async discard
[  788.153069][T25885] BTRFS info (device loop6): enabling free space tree
[  788.257742][T25942] netlink: 144 bytes leftover after parsing attributes in process `syz.0.8693'.
[  788.445309][T21254] BTRFS info (device loop6): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  788.482156][T25948] loop4: detected capacity change from 0 to 2048
[  788.534986][T25952] loop5: detected capacity change from 0 to 256
[  788.582481][T25948] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  788.634515][T25954] loop0: detected capacity change from 0 to 64
[  789.019849][T25965] netlink: 48 bytes leftover after parsing attributes in process `syz.3.8706'.
[  789.064039][T25965] netlink: 28 bytes leftover after parsing attributes in process `syz.3.8706'.
[  789.131675][T25965] netlink: 28 bytes leftover after parsing attributes in process `syz.3.8706'.
[  789.192294][T25965] netlink: 24 bytes leftover after parsing attributes in process `syz.3.8706'.
[  789.434212][T25982] xt_AUDIT: Audit type out of range (valid range: 0..2)
[  790.279748][T26018] netlink: 'syz.0.8731': attribute type 8 has an invalid length.
[  790.487899][T26029] usb usb8: usbfs: process 26029 (syz.3.8737) did not claim interface 0 before use
[  790.593899][T26035] geneve3: entered promiscuous mode
[  790.634407][  T185] netdevsim netdevsim0 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  790.657269][  T185] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  790.681948][  T185] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  790.716199][  T185] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  790.873826][T26031] loop1: detected capacity change from 0 to 4096
[  790.927150][ T5838] usb 6-1: USB disconnect, device number 90
[  790.967367][T26031] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512).
[  791.168060][T26059] loop4: detected capacity change from 0 to 1024
[  791.220372][T26031] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  791.250594][T26059] hfsplus: inconsistency in B*Tree (128,1,255,1,0)
[  791.279248][T26061] netlink: 'syz.3.8753': attribute type 9 has an invalid length.
[  791.287032][T26061] netlink: 'syz.3.8753': attribute type 7 has an invalid length.
[  791.292281][T26059] syz.4.8750: attempt to access beyond end of device
[  791.292281][T26059] loop4: rw=8388608, sector=917504, nr_sectors = 2 limit=1024
[  791.321418][T26031] ntfs3(loop1): ino=1e, mi_enum_attr
[  791.327356][T26031] ntfs3(loop1): ino=1e, mi_enum_attr
[  791.348367][T26061] netlink: 'syz.3.8753': attribute type 8 has an invalid length.
[  791.361442][T26031] ntfs3(loop1): ino=1e, "file1" mi_enum_attr
[  791.386786][T26031] ntfs3(loop1): ino=1e, "file1" The size of extended attributes must not exceed 64KiB
[  791.405980][T26059] Buffer I/O error on dev loop4, logical block 458752, async page read
[  791.414461][T26059] syz.4.8750: attempt to access beyond end of device
[  791.414461][T26059] loop4: rw=8388608, sector=917504, nr_sectors = 2 limit=1024
[  791.515375][T26059] Buffer I/O error on dev loop4, logical block 458752, async page read
[  791.858798][T26077] sd 0:0:1:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x20 ascq=0x0
[  792.020672][T26084] loop3: detected capacity change from 0 to 1024
[  792.135338][T26095] loop0: detected capacity change from 0 to 128
[  792.139287][T26084] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  792.313539][T26084] EXT4-fs error (device loop3): ext4_empty_dir:3107: inode #11: block 623: comm syz.3.8764: Attempting to read directory block (623) that is past i_size (638464)
[  792.496311][T26104] netlink: 'syz.0.8771': attribute type 22 has an invalid length.
[  792.509329][T26103] SET target dimension over the limit!
[  792.565398][ T5822] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  793.034851][T26079] loop4: detected capacity change from 0 to 32768
[  793.080885][T26079] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.8762 (26079)
[  793.176535][T26079] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  793.221585][T26079] BTRFS info (device loop4): using sha256 checksum algorithm
[  793.344819][   T30] audit: type=1326 audit(1772892522.476:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26138 comm="syz.6.8788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b6219c799 code=0x7ffc0000
[  793.412269][T26079] BTRFS info (device loop4): enabling ssd optimizations
[  793.426035][   T29] usb 1-1: new high-speed USB device number 95 using dummy_hcd
[  793.435467][T26079] BTRFS info (device loop4): turning on async discard
[  793.468899][T26079] BTRFS info (device loop4): enabling free space tree
[  793.518332][   T30] audit: type=1326 audit(1772892522.513:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26138 comm="syz.6.8788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=296 compat=0 ip=0x7f3b6219c799 code=0x7ffc0000
[  793.608727][   T29] usb 1-1: Using ep0 maxpacket: 8
[  793.639684][   T30] audit: type=1326 audit(1772892522.513:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26138 comm="syz.6.8788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b6219c799 code=0x7ffc0000
[  793.651062][   T29] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  793.673568][   T30] audit: type=1326 audit(1772892522.513:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26138 comm="syz.6.8788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b6219c799 code=0x7ffc0000
[  793.833396][   T29] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  793.847865][ T5823] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  793.899647][   T29] usb 1-1: New USB device found, idVendor=0af0, idProduct=6751, bcdDevice=75.8b
[  793.910586][   T29] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  793.951969][   T29] usb 1-1: SerialNumber: syz
[  793.963181][   T29] usb 1-1: config 0 descriptor??
[  793.999034][   T29] hso 1-1:0.0: Can't find BULK IN endpoint
[  794.221928][ T5838] usb 1-1: USB disconnect, device number 95
[  794.293016][T26171] bridge1: entered allmulticast mode
[  794.536277][T26182] netlink: 12 bytes leftover after parsing attributes in process `syz.3.8803'.
[  794.827719][T26160] loop6: detected capacity change from 0 to 32768
[  794.903547][ T5838] usb 5-1: new high-speed USB device number 88 using dummy_hcd
[  794.958572][T26160] XFS (loop6): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  795.083274][ T5838] usb 5-1: Using ep0 maxpacket: 16
[  795.107745][T26211] __vm_enough_memory: pid: 26211, comm: syz.0.8814, bytes: 21199856001024 not enough memory for the allocation
[  795.135345][ T5838] usb 5-1: config 0 has an invalid interface number: 1 but max is 0
[  795.156631][ T5838] usb 5-1: config 0 has no interface number 0
[  795.177672][ T5838] usb 5-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[  795.198373][ T5838] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  795.227084][T26160] XFS (loop6): Ending clean mount
[  795.245204][ T5838] usb 5-1: Product: syz
[  795.249577][ T5838] usb 5-1: Manufacturer: syz
[  795.269868][ T5838] usb 5-1: SerialNumber: syz
[  795.283655][ T5838] usb 5-1: config 0 descriptor??
[  795.295636][ T5838] gspca_main: spca1528-2.14.0 probing 04fc:1528
[  795.498019][T26221] netlink: 'syz.5.8819': attribute type 46 has an invalid length.
[  795.529401][T21254] XFS (loop6): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  795.743355][ T5838] gspca_spca1528: reg_w err -71
[  795.786581][ T5838] spca1528 5-1:0.1: probe with driver spca1528 failed with error -71
[  795.856443][ T5838] usb 5-1: USB disconnect, device number 88
[  795.915153][T26231] netlink: 'syz.3.8825': attribute type 21 has an invalid length.
[  796.274077][T26239] loop3: detected capacity change from 0 to 2048
[  796.369544][T26239] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  796.471247][T26250] netlink: 20 bytes leftover after parsing attributes in process `syz.1.8832'.
[  796.530013][T26250] netlink: 8 bytes leftover after parsing attributes in process `syz.1.8832'.
[  796.604395][T26219] loop0: detected capacity change from 0 to 32768
[  796.661714][T26255] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  796.711068][T26219] XFS (loop0): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  796.727701][T26264] netlink: 16 bytes leftover after parsing attributes in process `syz.1.8839'.
[  796.809416][T26219] XFS (loop0): Ending clean mount
[  797.058238][ T5825] XFS (loop0): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  797.988355][   T30] audit: type=1107 audit(1772892526.826:322): pid=26308 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[  798.265258][T26287] loop3: detected capacity change from 0 to 32768
[  798.348147][T26287] ERROR: (device loop3): diNewExt: no free extents
[  798.348147][T26287] 
[  798.399176][T26287] ERROR: (device loop3): remounting filesystem as read-only
[  798.442959][T26287] ialloc: diAlloc returned -5!
[  798.541968][T26328] loop6: detected capacity change from 0 to 256
[  798.552842][T26327] loop4: detected capacity change from 0 to 512
[  798.637265][T26336] netlink: 16 bytes leftover after parsing attributes in process `syz.1.8871'.
[  798.642363][T26327] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  798.722657][T26328] FAT-fs (loop6): Directory bread(block 64) failed
[  798.770891][T26328] FAT-fs (loop6): Directory bread(block 65) failed
[  798.803493][T26328] FAT-fs (loop6): Directory bread(block 66) failed
[  798.842604][T26328] FAT-fs (loop6): Directory bread(block 67) failed
[  798.875718][T26328] FAT-fs (loop6): Directory bread(block 68) failed
[  798.906459][ T5823] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  798.923737][T26328] FAT-fs (loop6): Directory bread(block 69) failed
[  798.953208][T26328] FAT-fs (loop6): Directory bread(block 70) failed
[  798.959768][T26328] FAT-fs (loop6): Directory bread(block 71) failed
[  799.003968][T26328] FAT-fs (loop6): Directory bread(block 72) failed
[  799.041789][T26343] netlink: 'syz.5.8874': attribute type 10 has an invalid length.
[  799.056011][T26328] FAT-fs (loop6): Directory bread(block 73) failed
[  799.081831][T26343] netlink: 40 bytes leftover after parsing attributes in process `syz.5.8874'.
[  799.134254][T26343] dummy0: entered promiscuous mode
[  799.177761][T26343] dummy0: entered allmulticast mode
[  799.189066][T26343] bridge0: port 3(dummy0) entered blocking state
[  799.244005][T26343] bridge0: port 3(dummy0) entered disabled state
[  799.331236][T26343] bridge0: port 3(dummy0) entered blocking state
[  799.337785][T26343] bridge0: port 3(dummy0) entered forwarding state
[  799.916533][T26378] IPv6: NLM_F_CREATE should be specified when creating new route
[  800.239819][T26394] SET target dimension over the limit!
[  800.415713][T26399] loop3: detected capacity change from 0 to 512
[  800.447545][T26401] IPv6: sit1: Disabled Multicast RS
[  800.496506][T26401] sit1: entered allmulticast mode
[  800.496948][T26399] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  800.590847][T26399] ext4 filesystem being mounted at /1501/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  800.872025][ T5822] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  800.915069][T26422] batadv0: entered allmulticast mode
[  800.920962][T26422] A link change request failed with some changes committed already. Interface batadv0 may have been left with an inconsistent configuration, please check.
[  801.212514][T26433] netlink: 8 bytes leftover after parsing attributes in process `syz.6.8917'.
[  801.296665][T26433] netlink: 8 bytes leftover after parsing attributes in process `syz.6.8917'.
[  801.347815][T26433] netlink: 48 bytes leftover after parsing attributes in process `syz.6.8917'.
[  801.446683][T26441] loop5: detected capacity change from 0 to 1024
[  801.477097][T26441] hfsplus: b-tree write err: -5, ino 2
[  801.498679][T26444] loop4: detected capacity change from 0 to 256
[  801.550393][T26445] loop3: detected capacity change from 0 to 64
[  801.611797][ T1038] hfsplus: b-tree write err: -5, ino 25
[  801.633832][ T1038] hfsplus: b-tree write err: -5, ino 4
[  801.652364][T26444] FAT-fs (loop4): Directory bread(block 64) failed
[  801.668574][ T1038] hfsplus: b-tree write err: -5, ino 2
[  801.695961][ T1038] hfsplus: b-tree write err: -5, ino 26
[  801.710717][T26444] FAT-fs (loop4): Directory bread(block 65) failed
[  801.748940][T26444] FAT-fs (loop4): Directory bread(block 66) failed
[  801.781859][T26444] FAT-fs (loop4): Directory bread(block 67) failed
[  801.830656][T26444] FAT-fs (loop4): Directory bread(block 68) failed
[  801.860638][T26419] loop1: detected capacity change from 0 to 32768
[  801.867224][T26444] FAT-fs (loop4): Directory bread(block 69) failed
[  801.920470][T26444] FAT-fs (loop4): Directory bread(block 70) failed
[  801.932018][T26419] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.8911 (26419)
[  801.955394][T26444] FAT-fs (loop4): Directory bread(block 71) failed
[  802.006410][T26444] FAT-fs (loop4): Directory bread(block 72) failed
[  802.031145][T26419] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  802.046543][T26444] FAT-fs (loop4): Directory bread(block 73) failed
[  802.079373][T26419] BTRFS info (device loop1): using sha256 checksum algorithm
[  802.215124][T26472] netlink: 4 bytes leftover after parsing attributes in process `syz.0.8932'.
[  802.354708][T26419] BTRFS info (device loop1): enabling ssd optimizations
[  802.416868][T26419] BTRFS info (device loop1): turning on async discard
[  802.451228][T26419] BTRFS info (device loop1): enabling free space tree
[  802.722469][T26491] openvswitch: netlink: Unexpected mask (mask=440, allowed=10048)
[  802.745333][ T5826] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  802.761599][T26494] loop5: detected capacity change from 0 to 128
[  802.819222][T26494] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  802.865141][T26494] ext4 filesystem being mounted at /1545/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  802.990214][T26499] loop6: detected capacity change from 0 to 2048
[  803.043754][T26499] UDF-fs: error (device loop6): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  803.075765][T26504] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  803.130175][T26499] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  803.276933][ T5829] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  803.314553][T26511] netlink: 92 bytes leftover after parsing attributes in process `syz.0.8949'.
[  803.363629][T26511] netlink: 92 bytes leftover after parsing attributes in process `syz.0.8949'.
[  803.473780][   T30] audit: type=1326 audit(1772892531.961:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26513 comm="syz.6.8951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b6219c799 code=0x7ffc0000
[  803.598012][   T30] audit: type=1326 audit(1772892531.961:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26513 comm="syz.6.8951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b6219c799 code=0x7ffc0000
[  803.733701][   T30] audit: type=1326 audit(1772892531.961:325): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26513 comm="syz.6.8951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b6219c799 code=0x7ffc0000
[  803.827738][   T30] audit: type=1326 audit(1772892531.970:326): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26513 comm="syz.6.8951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b6219c799 code=0x7ffc0000
[  803.986911][   T30] audit: type=1326 audit(1772892531.970:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26513 comm="syz.6.8951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=442 compat=0 ip=0x7f3b6219c799 code=0x7ffc0000
[  804.110984][   T30] audit: type=1326 audit(1772892531.970:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26513 comm="syz.6.8951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b6219c799 code=0x7ffc0000
[  804.166187][T26539] netlink: 'syz.1.8961': attribute type 1 has an invalid length.
[  804.181332][   T30] audit: type=1326 audit(1772892531.970:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26513 comm="syz.6.8951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b6219c799 code=0x7ffc0000
[  804.256036][T26541] loop3: detected capacity change from 0 to 16
[  804.263393][T26541] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  804.273190][   T30] audit: type=1326 audit(1772892531.970:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26513 comm="syz.6.8951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b6219c799 code=0x7ffc0000
[  804.382714][   T30] audit: type=1326 audit(1772892531.970:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26513 comm="syz.6.8951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f3b6219c799 code=0x7ffc0000
[  804.504629][   T30] audit: type=1326 audit(1772892531.970:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26513 comm="syz.6.8951" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f3b6219c799 code=0x7ffc0000
[  804.549917][T26554] netlink: 'syz.4.8968': attribute type 62 has an invalid length.
[  804.921485][T26574] ieee802154 phy1 wpan1: encryption failed: -22
[  805.334242][T26596] loop4: detected capacity change from 0 to 1764
[  805.541611][ T5887] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  805.714810][T26609] loop0: detected capacity change from 0 to 164
[  805.734007][ T5887] usb 7-1: Using ep0 maxpacket: 8
[  805.754363][ T5887] usb 7-1: config 252 has an invalid interface number: 115 but max is 0
[  805.773612][ T5887] usb 7-1: config 252 has no interface number 0
[  805.780835][T26609] iso9660: Corrupted directory entry in block 2 of inode 1920
[  805.795297][ T5887] usb 7-1: too many endpoints for config 252 interface 115 altsetting 116: 101, using maximum allowed: 30
[  805.830851][ T5887] usb 7-1: config 252 interface 115 altsetting 116 has 0 endpoint descriptors, different from the interface descriptor's value: 101
[  805.867310][T26613] loop1: detected capacity change from 0 to 128
[  805.896708][ T5887] usb 7-1: config 252 interface 115 has no altsetting 0
[  805.907913][ T5887] usb 7-1: New USB device found, idVendor=0ccd, idProduct=0039, bcdDevice=90.7b
[  805.948602][ T5887] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  805.983663][T26613] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  806.017872][ T5887] pvrusb2: Hardware description: Terratec Grabster AV400
[  806.065108][T26613] ext4 filesystem being mounted at /1511/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  806.099786][ T5887] pvrusb2: **********
[  806.103817][ T5887] pvrusb2: ***WARNING*** Support for this device (Terratec Grabster AV400) is experimental.
[  806.150331][ T5887] pvrusb2: Important functionality might not be entirely working.
[  806.154380][ T5826] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  806.177694][ T5887] pvrusb2: Please consider contacting the driver author to help with further stabilization of the driver.
[  806.219894][ T5887] pvrusb2: **********
[  806.242004][ T5887] usb 7-1: selecting invalid altsetting 0
[  806.276260][ T2339] pvrusb2: Invalid write control endpoint
[  806.292281][ T5887] usb 7-1: USB disconnect, device number 4
[  806.358368][T26631] loop3: detected capacity change from 0 to 2048
[  806.426805][T26631] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  806.444706][ T2339] pvrusb2: Invalid write control endpoint
[  806.460792][T26631] ext4 filesystem being mounted at /1519/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  806.479300][ T6004] usb 5-1: new full-speed USB device number 89 using dummy_hcd
[  806.514393][ T2339] pvrusb2: ***WARNING*** Detected a wedged cx25840 chip; the device will not work.
[  806.610588][ T2339] pvrusb2: ***WARNING*** Try power cycling the pvrusb2 device.
[  806.656634][ T2339] pvrusb2: ***WARNING*** Disabling further access to the device to prevent other foul-ups.
[  806.669822][ T6004] usb 5-1: too many endpoints for config 1 interface 0 altsetting 0: 255, using maximum allowed: 30
[  806.677459][ T2339] pvrusb2: Device being rendered inoperable
[  806.709207][ T6004] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  806.748547][ T2339] cx25840 2-0044: Unable to detect h/w, assuming cx23887
[  806.764284][ T6004] usb 5-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 255
[  806.788997][ T2339] cx25840 2-0044: cx23887 A/V decoder found @ 0x88 (pvrusb2_b)
[  806.813693][ T5822] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  806.837052][ T2339] pvrusb2: Attached sub-driver cx25840
[  806.842546][ T2339] pvrusb2: ***WARNING*** pvrusb2 device hardware appears to be jammed and I can't clear it.
[  806.863320][ T6004] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  806.887488][ T6004] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  806.895534][ T6004] usb 5-1: SerialNumber: syz
[  806.929863][ T2339] pvrusb2: You might need to power cycle the pvrusb2 device in order to recover.
[  807.126535][T26654] netlink: 'syz.0.9015': attribute type 1 has an invalid length.
[  807.218815][ T6004] cdc_acm 5-1:1.0: ttyACM0: USB ACM device
[  807.293402][ T6004] usb 5-1: USB disconnect, device number 89
[  807.804931][ T6004] usb 6-1: new high-speed USB device number 91 using dummy_hcd
[  808.008665][ T6004] usb 6-1: Using ep0 maxpacket: 8
[  808.049992][ T6004] usb 6-1: unable to get BOS descriptor or descriptor too short
[  808.081855][ T6004] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  808.122593][ T6004] usb 6-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  808.144246][T26697] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[  808.160792][ T6004] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  808.183269][ T6004] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  808.191590][T26697] overlayfs: option "index=on" is useless in a non-upper mount, ignore
[  808.199861][T26697] overlayfs: missing 'lowerdir'
[  808.215788][ T6004] usb 6-1: Product: syz
[  808.235662][ T6004] usb 6-1: Manufacturer: syz
[  808.257579][ T6004] usb 6-1: SerialNumber: syz
[  808.568492][ T6004] usb 6-1: found format II with max.bitrate = 2, frame size=7
[  808.603641][ T6004] usb 6-1: 1:1 : invalid UAC_FORMAT_TYPE desc
[  808.630638][ T6004] usb 6-1: 2:1 : UAC_AS_GENERAL descriptor not found
[  808.675015][ T6004] usb 6-1: unit 1 not found!
[  808.758338][ T5887] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  808.814153][ T6004] usb 6-1: USB disconnect, device number 91
[  808.870608][T26720] loop4: detected capacity change from 0 to 4096
[  808.898268][ T6279] udevd[6279]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  808.926553][T26720] ntfs3(loop4): Different NTFS sector size (4096) and media sector size (512).
[  808.944144][ T5887] usb 7-1: Using ep0 maxpacket: 16
[  808.975662][ T5887] usb 7-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice=10.00
[  808.985399][ T5887] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  809.006477][ T5887] usb 7-1: Product: syz
[  809.060381][ T5887] usb 7-1: Manufacturer: syz
[  809.071035][T26720] ntfs3(loop4): ino=19, mi_enum_attr
[  809.080091][ T5887] usb 7-1: SerialNumber: syz
[  809.086699][T26720] ntfs3(loop4): Mark volume as dirty due to NTFS errors
[  809.100804][ T5887] usb 7-1: config 0 descriptor??
[  809.109797][ T5887] ftdi_sio 7-1:0.0: FTDI USB Serial Device converter detected
[  809.123001][ T5887] usb 7-1: Detected FT-X
[  809.248709][T26734] netlink: 'syz.0.9055': attribute type 1 has an invalid length.
[  809.295282][T26734] netlink: 'syz.0.9055': attribute type 2 has an invalid length.
[  809.567259][ T5887] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  809.588315][ T5887] ftdi_sio 7-1:0.0: GPIO initialisation failed: -71
[  809.638833][ T5887] usb 7-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  809.703021][ T5887] usb 7-1: USB disconnect, device number 5
[  809.763955][ T5887] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  809.820832][ T5887] ftdi_sio 7-1:0.0: device disconnected
[  810.324253][T26772] netlink: 28 bytes leftover after parsing attributes in process `syz.4.9074'.
[  810.381727][T26779] Non-string source
[  810.385643][T26742] loop5: detected capacity change from 0 to 32768
[  810.520750][T26742] JBD2: Ignoring recovery information on journal
[  810.583153][T26742] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  810.740694][T26742] OCFS2: ERROR (device loop5): int ocfs2_validate_gd_self(struct super_block *, struct buffer_head *, int): Group descriptor #17056 has bit count 2061 but max bitmap bits of 2048
[  810.819979][T26742] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  810.846606][T26792] loop6: detected capacity change from 0 to 164
[  810.869503][T26742] OCFS2: File system is now read-only.
[  810.891149][T26742] (syz.5.9058,26742,0):ocfs2_search_chain:1888 ERROR: status = -30
[  810.926726][T26792] iso9660: Corrupted directory entry in block 2 of inode 1920
[  810.958716][T26742] (syz.5.9058,26742,1):ocfs2_search_chain:2011 ERROR: status = -30
[  811.024976][T26742] (syz.5.9058,26742,1):ocfs2_claim_suballoc_bits:2098 ERROR: status = -30
[  811.077571][T26742] (syz.5.9058,26742,0):ocfs2_claim_suballoc_bits:2151 ERROR: status = -30
[  811.086213][T26742] (syz.5.9058,26742,0):ocfs2_claim_new_inode:2392 ERROR: status = -30
[  811.092575][T26798] A link change request failed with some changes committed already. Interface veth1_to_bond may have been left with an inconsistent configuration, please check.
[  811.107835][T26742] (syz.5.9058,26742,0):ocfs2_claim_new_inode:2407 ERROR: status = -30
[  811.178382][T26804] loop4: detected capacity change from 0 to 16
[  811.185970][T26742] (syz.5.9058,26742,0):ocfs2_mknod_locked:642 ERROR: status = -30
[  811.204759][T26742] (syz.5.9058,26742,0):ocfs2_mknod:389 ERROR: status = -30
[  811.212445][T26742] (syz.5.9058,26742,0):ocfs2_mknod:506 ERROR: status = -30
[  811.238672][T26804] erofs (device loop4): mounted with root inode @ nid 36.
[  811.278058][T26742] (syz.5.9058,26742,0):ocfs2_create:679 ERROR: status = -30
[  811.326099][T26808] netlink: 64 bytes leftover after parsing attributes in process `syz.3.9090'.
[  811.526780][ T5829] ocfs2: Unmounting device (7,5) on (node local)
[  811.697422][T26822] loop1: detected capacity change from 0 to 64
[  811.951184][T26830] loop4: detected capacity change from 0 to 16
[  812.010649][T26830] erofs (device loop4): mounted with root inode @ nid 36.
[  812.057304][T26830] syz.4.9100: attempt to access beyond end of device
[  812.057304][T26830] loop4: rw=524288, sector=4718600, nr_sectors = 8 limit=16
[  812.133839][T26830] syz.4.9100: attempt to access beyond end of device
[  812.133839][T26830] loop4: rw=0, sector=4718600, nr_sectors = 8 limit=16
[  812.227564][T26830] erofs (device loop4): read error -5 @ 0 of nid 89
[  812.260104][   T30] kauditd_printk_skb: 9 callbacks suppressed
[  812.260125][   T30] audit: type=1800 audit(1772892540.174:342): pid=26830 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.9100" name="file3" dev="loop4" ino=89 res=0 errno=0
[  812.320793][T26844] netlink: 80 bytes leftover after parsing attributes in process `syz.0.9107'.
[  812.343922][T26846] netlink: 'syz.5.9110': attribute type 1 has an invalid length.
[  812.539655][T26857] loop5: detected capacity change from 0 to 8
[  812.617719][T26857] SQUASHFS error: Failed to read block 0x6de: -5
[  812.660274][T26857] SQUASHFS error: Unable to read metadata cache entry [6dc]
[  812.690628][T26857] SQUASHFS error: Unable to read directory block [26067d:ffff]
[  813.105893][T26880] netlink: 40 bytes leftover after parsing attributes in process `syz.6.9126'.
[  813.171639][ T5887] usb 5-1: new high-speed USB device number 90 using dummy_hcd
[  813.342853][ T5887] usb 5-1: Using ep0 maxpacket: 8
[  813.366844][ T5887] usb 5-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 64
[  813.402020][ T5887] usb 5-1: config 1 interface 0 altsetting 0 has an endpoint descriptor with address 0x6C, changing to 0xC
[  813.453452][   T30] audit: type=1326 audit(1772892541.296:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26892 comm="syz.5.9132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b9779c799 code=0x7ffc0000
[  813.454039][ T5887] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0xC has an invalid bInterval 0, changing to 7
[  813.563780][   T30] audit: type=1326 audit(1772892541.296:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26892 comm="syz.5.9132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b9779c799 code=0x7ffc0000
[  813.567102][ T5887] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0xC has invalid maxpacket 8306, setting to 1024
[  813.674673][   T30] audit: type=1326 audit(1772892541.296:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26892 comm="syz.5.9132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b9779c799 code=0x7ffc0000
[  813.716523][ T5887] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  813.743560][T26905] netlink: 'syz.0.9138': attribute type 4 has an invalid length.
[  813.759640][   T30] audit: type=1326 audit(1772892541.296:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26892 comm="syz.5.9132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b9779c799 code=0x7ffc0000
[  813.775279][ T5887] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a3, bcdDevice= 0.40
[  813.829437][ T5887] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  813.851189][   T30] audit: type=1326 audit(1772892541.324:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26892 comm="syz.5.9132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=27 compat=0 ip=0x7f3b9779c799 code=0x7ffc0000
[  813.877167][ T5887] usb 5-1: Product: syz
[  813.888797][ T5887] usb 5-1: Manufacturer: syz
[  813.899395][ T5887] usb 5-1: SerialNumber: syz
[  813.932080][T26908] loop6: detected capacity change from 0 to 4096
[  813.940888][T26873] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  813.948769][   T30] audit: type=1326 audit(1772892541.324:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26892 comm="syz.5.9132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b9779c799 code=0x7ffc0000
[  813.987495][T26908] ntfs3(loop6): Different NTFS sector size (4096) and media sector size (512).
[  814.005133][   T30] audit: type=1326 audit(1772892541.324:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26892 comm="syz.5.9132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b9779c799 code=0x7ffc0000
[  814.051853][T26908] ntfs3(loop6): Mark volume as dirty due to NTFS errors
[  814.072435][ T5887] cdc_ether 5-1:1.0: probe with driver cdc_ether failed with error -22
[  814.072943][T26908] ntfs3(loop6): Failed to load $Extend (-22).
[  814.103569][T26914] loop5: detected capacity change from 0 to 512
[  814.115249][ T5887] usbtest 5-1:1.0: Linux user mode ISO test driver
[  814.121051][T26908] ntfs3(loop6): Failed to initialize $Extend.
[  814.132337][   T30] audit: type=1326 audit(1772892541.324:350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26892 comm="syz.5.9132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3b9779c799 code=0x7ffc0000
[  814.154512][ T5887] usbtest 5-1:1.0: high-speed {control bulk-in iso-out} tests (+alt)
[  814.173192][T26914] EXT4-fs (loop5): orphan cleanup on readonly fs
[  814.226409][ T5887] usb 5-1: USB disconnect, device number 90
[  814.233096][T26914] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz.5.9142: bg 0: block 63: padding at end of block bitmap is not set
[  814.263444][T26914] loop5: lost filesystem error report for type 5 error -117
[  814.264611][T26914] EXT4-fs error (device loop5): ext4_xattr_inode_update_ref:1037: inode #11: comm syz.5.9142: EA inode 11 ref wraparound: ref_count=0 ref_change=-1
[  814.270072][   T30] audit: type=1326 audit(1772892541.324:351): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=26892 comm="syz.5.9132" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f3b9779c799 code=0x7ffc0000
[  814.294006][    C0] EXT4-fs (loop5): error count since last fsck: 1
[  814.315809][    C0] EXT4-fs (loop5): initial error at time 1772892542: ext4_validate_block_bitmap:441
[  814.325279][    C0] EXT4-fs (loop5): last error at time 1772892542: ext4_validate_block_bitmap:441
[  814.358552][T26914] loop5: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[  814.364763][T26914] EXT4-fs warning (device loop5): ext4_xattr_inode_dec_ref_all:1231: inode #11: comm syz.5.9142: ea_inode dec ref err=-117
[  814.371911][T26923] netlink: 68 bytes leftover after parsing attributes in process `syz.0.9146'.
[  814.395902][T26914] EXT4-fs (loop5): 1 orphan inode deleted
[  814.397957][T26914] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  814.591639][T26927] loop3: detected capacity change from 0 to 512
[  814.639169][T26927] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  814.658269][ T5829] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  814.731275][T26927] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c842e02c, mo2=0002]
[  814.775915][T26927] EXT4-fs (loop3): orphan cleanup on readonly fs
[  814.784377][T26927] EXT4-fs error (device loop3): ext4_orphan_get:1417: comm syz.3.9148: bad orphan inode 3
[  814.815729][T26927] loop3: lost filesystem error report for type 5 error -117
[  814.817871][    C0] EXT4-fs (loop3): error count since last fsck: 1
[  814.831660][    C0] EXT4-fs (loop3): initial error at time 1772892542: ext4_orphan_get:1417
[  814.840243][    C0] EXT4-fs (loop3): last error at time 1772892542: ext4_orphan_get:1417
[  814.864489][T26927] EXT4-fs (loop3): Remounting filesystem read-only
[  814.945391][T26927] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000007 ro without journal. Quota mode: none.
[  815.240978][ T5822] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000007.
[  815.338052][T26956] loop0: detected capacity change from 0 to 16
[  815.385954][T26956] erofs (device loop0): mounted with root inode @ nid 36.
[  815.414504][T26956] erofs (device loop0): inconsistent algorithmtype 1 for nid 89
[  815.459821][T26956] erofs (device loop0): readahead error at folio 1 @ nid 89
[  815.540102][T26956] erofs (device loop0): inconsistent algorithmtype 1 for nid 89
[  815.609171][T26956] erofs (device loop0): inconsistent algorithmtype 1 for nid 89
[  815.630805][T26956] erofs (device loop0): read error -117 @ 1 of nid 89
[  816.001366][T26985] netlink: 'syz.0.9174': attribute type 1 has an invalid length.
[  816.067057][T26985] netlink: 56 bytes leftover after parsing attributes in process `syz.0.9174'.
[  816.242235][T26996] netlink: 288 bytes leftover after parsing attributes in process `syz.5.9181'.
[  816.617919][T27013] loop1: detected capacity change from 0 to 164
[  816.675136][T27016] bridge4: entered promiscuous mode
[  816.740620][T27018] loop6: detected capacity change from 0 to 512
[  816.828846][T27024] netlink: 'syz.0.9196': attribute type 62 has an invalid length.
[  817.304663][T27037] bad cache= option: no%e
[  817.304663][T27037] 
[  817.325168][T27037] CIFS: VFS: bad cache= option: no%e
[  817.389618][T27042] loop1: detected capacity change from 0 to 512
[  817.446417][T27042] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  817.487995][T27048] netlink: 10 bytes leftover after parsing attributes in process `syz.6.9208'.
[  817.534451][T27042] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  817.545165][T27054] netlink: 16 bytes leftover after parsing attributes in process `syz.3.9209'.
[  817.558510][T27042] ext4 filesystem being mounted at /1554/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  817.669016][T27060] loop0: detected capacity change from 0 to 256
[  817.688158][ T5826] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  817.706583][   T29] usb 6-1: new high-speed USB device number 92 using dummy_hcd
[  817.740158][T27055] bond2: option tlb_dynamic_lb: invalid value (255)
[  817.757264][T27064] netlink: 'syz.3.9215': attribute type 10 has an invalid length.
[  817.770672][T27055] bond2 (unregistering): Released all slaves
[  817.875902][T27064] veth1_vlan: entered allmulticast mode
[  817.882920][   T29] usb 6-1: Using ep0 maxpacket: 32
[  817.900673][   T29] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  817.915481][T27064] team0: Device veth1_vlan failed to register rx_handler
[  817.973230][   T29] usb 6-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  817.973268][   T29] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  817.973322][   T29] usb 6-1: Product: syz
[  817.973342][   T29] usb 6-1: Manufacturer: syz
[  817.973361][   T29] usb 6-1: SerialNumber: syz
[  817.982442][   T29] usb 6-1: config 0 descriptor??
[  817.988622][   T29] quatech2 6-1:0.0: Quatech 2nd gen USB to Serial Driver converter detected
[  818.207028][   T29] usb 6-1: qt2_setup_urbs - submit read urb failed -8
[  818.207273][   T29] quatech2 6-1:0.0: probe with driver quatech2 failed with error -8
[  818.404028][T27082] cgroup: none used incorrectly
[  818.421481][ T5950] usb 6-1: USB disconnect, device number 92
[  818.484845][   T29] usb 1-1: new high-speed USB device number 96 using dummy_hcd
[  818.593177][   T30] kauditd_printk_skb: 2 callbacks suppressed
[  818.593198][   T30] audit: type=1326 audit(1772892546.095:354): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27087 comm="syz.1.9225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d8ff9c799 code=0x7ffc0000
[  818.677267][   T30] audit: type=1326 audit(1772892546.095:355): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27087 comm="syz.1.9225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d8ff9c799 code=0x7ffc0000
[  818.738170][   T29] usb 1-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  818.748458][T27093] loop4: detected capacity change from 0 to 512
[  818.795278][   T30] audit: type=1326 audit(1772892546.142:356): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27087 comm="syz.1.9225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f7d8ff9c799 code=0x7ffc0000
[  818.818352][   T29] usb 1-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18
[  818.847421][T27093] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  818.851543][   T29] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  818.860449][T27093] ext4 filesystem being mounted at /1533/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  818.891043][   T30] audit: type=1326 audit(1772892546.142:357): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27087 comm="syz.1.9225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d8ff9c799 code=0x7ffc0000
[  818.934169][   T30] audit: type=1326 audit(1772892546.142:358): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=27087 comm="syz.1.9225" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7d8ff9c799 code=0x7ffc0000
[  818.990752][   T29] gspca_main: stv0680-2.14.0 probing 041e:4007
[  819.119305][T27106] netlink: 28 bytes leftover after parsing attributes in process `syz.6.9235'.
[  819.131247][T27106] netlink: 28 bytes leftover after parsing attributes in process `syz.6.9235'.
[  819.144645][ T5823] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  819.455110][T27113] loop5: detected capacity change from 0 to 2048
[  819.507211][T27113] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  819.711123][T27127] netlink: 20 bytes leftover after parsing attributes in process `syz.1.9245'.
[  819.811554][T27133] netlink: 156 bytes leftover after parsing attributes in process `syz.6.9244'.
[  819.814012][T27132] loop3: detected capacity change from 0 to 1024
[  819.908485][T27132] syz.3.9247: attempt to access beyond end of device
[  819.908485][T27132] loop3: rw=8388608, sector=917504, nr_sectors = 2 limit=1024
[  819.975019][T27139] x_tables: duplicate underflow at hook 4
[  819.980999][T27132] Buffer I/O error on dev loop3, logical block 458752, async page read
[  820.012161][T27132] syz.3.9247: attempt to access beyond end of device
[  820.012161][T27132] loop3: rw=8388608, sector=917504, nr_sectors = 2 limit=1024
[  820.072596][   T29] stv0680 1-1:4.0: STV(e): camera ping failed!!
[  820.080949][T27132] Buffer I/O error on dev loop3, logical block 458752, async page read
[  820.229968][T27146] netlink: 8 bytes leftover after parsing attributes in process `syz.5.9253'.
[  820.291942][   T29] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71
[  820.323814][   T29] stv0680 1-1:4.0: last error: 86,  command = 0x17
[  820.366767][   T29] usb 1-1: USB disconnect, device number 96
[  820.541091][T27159] netlink: 8 bytes leftover after parsing attributes in process `syz.4.9258'.
[  820.961562][T27168] loop1: detected capacity change from 0 to 4096
[  821.025555][T27168] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  821.090636][T27168] ntfs3(loop1): Failed to load $Extend (-22).
[  821.125534][T27168] ntfs3(loop1): Failed to initialize $Extend.
[  821.279446][T27191] netlink: 'syz.6.9275': attribute type 8 has an invalid length.
[  821.559838][T27202] loop5: detected capacity change from 0 to 256
[  821.582391][T27202] FAT-fs (loop5): Directory bread(block 64) failed
[  821.592898][T27202] FAT-fs (loop5): Directory bread(block 65) failed
[  821.600240][T27202] FAT-fs (loop5): Directory bread(block 66) failed
[  821.629349][T27202] FAT-fs (loop5): Directory bread(block 67) failed
[  821.647651][T27202] FAT-fs (loop5): Directory bread(block 68) failed
[  821.707665][T27211] loop1: detected capacity change from 0 to 512
[  821.737044][T27202] FAT-fs (loop5): Directory bread(block 69) failed
[  821.743728][T27202] FAT-fs (loop5): Directory bread(block 70) failed
[  821.820282][T27202] FAT-fs (loop5): Directory bread(block 71) failed
[  821.826940][T27202] FAT-fs (loop5): Directory bread(block 72) failed
[  821.861123][T27202] FAT-fs (loop5): Directory bread(block 73) failed
[  821.956568][T27202] syz.5.9280: attempt to access beyond end of device
[  821.956568][T27202] loop5: rw=8912896, sector=1160, nr_sectors = 4 limit=256
[  822.016988][T27217] netlink: 'syz.3.9288': attribute type 12 has an invalid length.
[  822.053100][T27202] syz.5.9280: attempt to access beyond end of device
[  822.053100][T27202] loop5: rw=8388608, sector=1160, nr_sectors = 4 limit=256
[  822.087652][T27217] netlink: 'syz.3.9288': attribute type 4 has an invalid length.
[  822.135576][   T30] audit: type=1800 audit(1772892549.406:359): pid=27202 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.9280" name="file0" dev="loop5" ino=1048684 res=0 errno=0
[  822.385868][T27230] netlink: 'syz.4.9296': attribute type 1 has an invalid length.
[  822.483066][T27235] Unsupported ieee802154 address type: 0
[  822.551977][T27237] loop6: detected capacity change from 0 to 64
[  822.849409][T27251] loop3: detected capacity change from 0 to 512
[  822.909701][T27251] EXT4-fs error (device loop3): ext4_do_update_inode:5569: inode #3: comm syz.3.9305: corrupted inode contents
[  822.943031][T27255] loop4: detected capacity change from 0 to 2048
[  822.949614][T27251] loop3: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117
[  822.953422][    C0] EXT4-fs (loop3): error count since last fsck: 1
[  822.968998][    C0] EXT4-fs (loop3): initial error at time 1772892550: ext4_do_update_inode:5569: inode 3
[  822.978981][    C0] EXT4-fs (loop3): last error at time 1772892550: ext4_do_update_inode:5569: inode 3
[  822.998875][T27251] EXT4-fs error (device loop3): ext4_dirty_inode:6450: inode #3: comm syz.3.9305: mark_inode_dirty error
[  823.050162][T27251] loop3: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117
[  823.062591][T27251] EXT4-fs error (device loop3): ext4_do_update_inode:5569: inode #3: comm syz.3.9305: corrupted inode contents
[  823.096610][T27258] loop5: detected capacity change from 0 to 4096
[  823.116238][T27251] loop3: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117
[  823.130013][T27251] EXT4-fs error (device loop3): __ext4_ext_dirty:207: inode #3: comm syz.3.9305: mark_inode_dirty error
[  823.152680][T27255] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  823.182244][T27258] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  823.207182][T27271] PKCS8: Unsupported PKCS#8 version
[  823.220988][T27251] loop3: lost file I/O error report for ino 3 type 5 pos 0x0 len 0x0 error -117
[  823.247159][T27251] Quota error (device loop3): write_blk: dquota write failed
[  823.263975][T27251] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  823.273944][T27251] EXT4-fs error (device loop3): ext4_acquire_dquot:7001: comm syz.3.9305: Failed to acquire dquot type 0
[  823.285965][T27251] loop3: lost filesystem error report for type 5 error -117
[  823.298596][T27251] EXT4-fs error (device loop3): ext4_do_update_inode:5569: inode #16: comm syz.3.9305: corrupted inode contents
[  823.349205][T27251] loop3: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[  823.354905][T27251] EXT4-fs error (device loop3): ext4_dirty_inode:6450: inode #16: comm syz.3.9305: mark_inode_dirty error
[  823.413352][T27251] loop3: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[  823.413837][T27251] EXT4-fs error (device loop3): ext4_do_update_inode:5569: inode #16: comm syz.3.9305: corrupted inode contents
[  823.529196][T27251] loop3: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[  823.529623][T27251] EXT4-fs error (device loop3): __ext4_ext_dirty:207: inode #16: comm syz.3.9305: mark_inode_dirty error
[  823.572528][ T5829] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  823.614665][T27251] loop3: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[  823.625724][T27251] EXT4-fs error (device loop3): ext4_do_update_inode:5569: inode #16: comm syz.3.9305: corrupted inode contents
[  823.703959][T27251] loop3: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[  823.708881][T27251] EXT4-fs error (device loop3) in ext4_orphan_del:303: Corrupt filesystem
[  823.776647][T27251] loop3: lost filesystem error report for type 5 error -117
[  823.807391][T27251] EXT4-fs error (device loop3): ext4_do_update_inode:5569: inode #16: comm syz.3.9305: corrupted inode contents
[  823.906812][T27251] loop3: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[  823.919691][T27251] EXT4-fs error (device loop3): ext4_truncate:4587: inode #16: comm syz.3.9305: mark_inode_dirty error
[  824.014996][T27251] EXT4-fs error (device loop3) in ext4_process_orphan:345: Corrupt filesystem
[  824.043893][T27251] loop3: lost filesystem error report for type 5 error -117
[  824.060849][T27251] EXT4-fs (loop3): 1 truncate cleaned up
[  824.137197][T27251] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  824.150639][T27251] ext4 filesystem being mounted at /1575/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  824.266587][T27301] netlink: 'syz.5.9327': attribute type 2 has an invalid length.
[  824.276076][T27251] EXT4-fs warning (device loop3): ext4_es_cache_extent:1082: inode #3: comm syz.3.9305: ES cache extent failed: add [1,1,41,0x1] conflict with existing [1,-2,576460752303423487,0x18]
[  824.276076][T27251] 
[  824.345595][T27301] netlink: 'syz.5.9327': attribute type 1 has an invalid length.
[  824.372442][T27301] netlink: 'syz.5.9327': attribute type 1 has an invalid length.
[  824.485688][ T5822] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  824.506066][ T1038] Quota error (device loop3): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  824.539557][ T1038] EXT4-fs error (device loop3): ext4_release_dquot:7037: comm kworker/u8:7: Failed to release dquot type 1
[  824.578510][ T1038] loop3: lost filesystem error report for type 5 error -117
[  824.970015][T27331] loop3: detected capacity change from 0 to 1024
[  825.040316][T27331] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  825.160784][T27341] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  825.222045][ T5822] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  825.422601][T27349] loop3: detected capacity change from 0 to 1764
[  825.583490][T27319] Bluetooth: hci0: Opcode 0x0c20 failed: -4
[  825.593379][T27353] loop0: detected capacity change from 0 to 736
[  825.601303][T27321] Bluetooth: hci1: Opcode 0x0c1a failed: -4
[  825.622964][T27321] Bluetooth: hci5: Opcode 0x0c1a failed: -4
[  825.648032][T27321] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[  825.659625][T27356] __nla_validate_parse: 3 callbacks suppressed
[  825.659644][T27356] netlink: 4 bytes leftover after parsing attributes in process `syz.3.9353'.
[  825.659713][T27321] Bluetooth: hci3: Opcode 0x0c1a failed: -4
[  825.665943][T27356] bridge_slave_1: left allmulticast mode
[  825.678671][T27321] Bluetooth: hci3: Opcode 0x0406 failed: -4
[  825.692966][T27356] bridge_slave_1: left promiscuous mode
[  825.715437][T27356] bridge0: port 2(bridge_slave_1) entered disabled state
[  825.796225][T27359] netlink: 4 bytes leftover after parsing attributes in process `syz.4.9355'.
[  825.801579][T27356] bridge_slave_0: left allmulticast mode
[  825.827989][T27356] bridge_slave_0: left promiscuous mode
[  825.830211][T27359] openvswitch: netlink: Missing key (keys=200040, expected=2000)
[  825.838762][T27356] bridge0: port 1(bridge_slave_0) entered disabled state
[  825.972921][T27363] xt_policy: input policy not valid in POSTROUTING and OUTPUT
[  826.053832][   T29] usb 6-1: new high-speed USB device number 93 using dummy_hcd
[  826.204466][T27372] Device name not specified.
[  826.204466][T27372] 
[  826.256435][   T29] usb 6-1: config 0 has an invalid interface number: 69 but max is 0
[  826.278246][   T29] usb 6-1: config 0 has no interface number 0
[  826.284394][   T29] usb 6-1: config 0 interface 69 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 1023
[  826.327747][   T29] usb 6-1: config 0 interface 69 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  826.378771][   T29] usb 6-1: New USB device found, idVendor=0c4b, idProduct=0100, bcdDevice=d7.ca
[  826.404966][   T29] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  826.441334][   T29] usb 6-1: Product: syz
[  826.481616][   T29] usb 6-1: Manufacturer: syz
[  826.486273][   T29] usb 6-1: SerialNumber: syz
[  826.557790][   T29] usb 6-1: config 0 descriptor??
[  826.563689][T27327] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  826.574055][   T29] cyberjack 6-1:0.69: Reiner SCT Cyberjack USB card reader converter detected
[  826.590104][T27389] vim2m vim2m.0: Fourcc format (0x47524247) invalid.
[  826.621363][   T29] usb 6-1: Reiner SCT Cyberjack USB card reader converter now attached to ttyUSB0
[  826.908704][T27403] loop0: detected capacity change from 0 to 256
[  826.964304][T27403] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  826.995209][ T5839] Bluetooth: hci1: command 0x0c1a tx timeout
[  827.049025][ T5950] usb 6-1: USB disconnect, device number 93
[  827.059232][T27403] exFAT-fs (loop0): start_clu is invalid cluster(0xffffffff)
[  827.084514][ T5950] cyberjack ttyUSB0: Reiner SCT Cyberjack USB card reader converter now disconnected from ttyUSB0
[  827.155317][ T5950] cyberjack 6-1:0.69: device disconnected
[  827.219614][T27412] Cannot find del_set index 65531 as target
[  827.525067][T27424] loop6: detected capacity change from 0 to 512
[  827.642742][T27424] EXT4-fs (loop6): 1 orphan inode deleted
[  827.668372][ T1138] Quota error (device loop6): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  827.688219][T27434] cgroup: noprefix used incorrectly
[  827.755384][ T1138] EXT4-fs error (device loop6): ext4_release_dquot:7037: comm kworker/u8:8: Failed to release dquot type 1
[  827.767267][ T5839] Bluetooth: hci5: command 0x0c1a tx timeout
[  827.775931][T27424] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  827.806997][ T1138] loop6: lost filesystem error report for type 5 error -117
[  827.844318][T27424] ext4 filesystem being mounted at /399/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  827.862276][ T5839] Bluetooth: hci3: command 0x0406 tx timeout
[  827.870064][ T5839] Bluetooth: hci2: command 0x0c1a tx timeout
[  828.096550][T21254] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  830.084093][T27444] Bluetooth: hci3: command 0x0406 tx timeout
[  830.099471][T27519] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  830.385927][T27532] netlink: 40 bytes leftover after parsing attributes in process `syz.4.9433'.
[  830.413236][T27534] netlink: 12 bytes leftover after parsing attributes in process `syz.3.9432'.
[  830.466489][T27534] netlink: 12 bytes leftover after parsing attributes in process `syz.3.9432'.
[  830.656588][T27544] netlink: 8 bytes leftover after parsing attributes in process `syz.5.9439'.
[  830.731967][T27544] netlink: 16 bytes leftover after parsing attributes in process `syz.5.9439'.
[  830.775238][T27544] netlink: 540 bytes leftover after parsing attributes in process `syz.5.9439'.
[  830.886359][ T6006] usb 5-1: new high-speed USB device number 91 using dummy_hcd
[  831.110469][ T6006] usb 5-1: config 4 has an invalid descriptor of length 0, skipping remainder of the config
[  831.120092][T27560] loop1: detected capacity change from 0 to 24
[  831.142722][ T6006] usb 5-1: New USB device found, idVendor=041e, idProduct=4007, bcdDevice=5d.18
[  831.151834][ T6006] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  831.234040][T27560] romfs: read error for inode 0x8000
[  831.257609][ T6006] gspca_main: stv0680-2.14.0 probing 041e:4007
[  831.439085][T27570] loop5: detected capacity change from 0 to 64
[  831.496891][T27574] netlink: 1047 bytes leftover after parsing attributes in process `syz.3.9454'.
[  831.537691][T27574] bridge_slave_1: default FDB implementation only supports local addresses
[  832.200631][T27594] loop1: detected capacity change from 0 to 4096
[  832.227215][T27594] ntfs3(loop1): Different NTFS sector size (4096) and media sector size (512).
[  832.289332][T27594] ntfs3(loop1): Failed to initialize $Extend/$Reparse.
[  832.314237][T27598] loop6: detected capacity change from 0 to 4096
[  832.333665][T27594] ntfs3(loop1): ino=1b, mi_enum_attr
[  832.343474][T27598] ntfs3(loop6): Different NTFS sector size (4096) and media sector size (512).
[  832.352781][T27594] ntfs3(loop1): Mark volume as dirty due to NTFS errors
[  832.388785][ T6006] stv0680 5-1:4.0: STV(e): camera ping failed!!
[  832.412461][T27598] ntfs3(loop6): ino=19, mi_enum_attr
[  832.433212][T27598] ntfs3(loop6): Mark volume as dirty due to NTFS errors
[  832.565974][T27598] ntfs3(loop6): failed to convert "c46c" to cp775
[  832.609564][T27598] ntfs3(loop6): ino=20, mi_enum_attr
[  832.615942][ T6006] gspca_stv0680: usb_control_msg error 0, request = 0x80, error = -71
[  832.659818][ T6006] stv0680 5-1:4.0: last error: 0,  command = 0x0
[  832.662088][T27606] loop5: detected capacity change from 0 to 4096
[  832.686610][ T6006] usb 5-1: USB disconnect, device number 91
[  832.723613][T27606] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512).
[  832.860360][T27606] ntfs3(loop5): ino=19, mi_enum_attr
[  832.954762][T27614] program syz.0.9475 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  833.771310][T27648] loop1: detected capacity change from 0 to 2048
[  833.801265][T27648] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=2361, location=2361
[  833.873653][T27648] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  833.935094][T27648] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 160: 0xd2 != 0xd4
[  833.977988][T27648] UDF-fs: error (device loop1): udf_read_tagged: tag checksum failed, block 2016: 0x5c != 0x1b
[  834.013661][T27648] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  834.400810][T27674] loop4: detected capacity change from 0 to 2048
[  834.445832][T27674] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  834.593190][T27682] loop0: detected capacity change from 0 to 256
[  834.667392][T27687] loop3: detected capacity change from 0 to 128
[  834.711982][T27687] EXT4-fs (loop3): Test dummy encryption mode enabled
[  834.744916][T27682] FAT-fs (loop0): Directory bread(block 64) failed
[  834.751095][T27687] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a806c018, mo2=0042]
[  834.766624][T27682] FAT-fs (loop0): Directory bread(block 65) failed
[  834.812335][T27687] System zones: 1-3, 19-19, 35-36
[  834.835404][T27687] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  834.840265][T27682] FAT-fs (loop0): Directory bread(block 66) failed
[  834.884706][T27687] ext4 filesystem being mounted at /1608/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  834.925892][T27682] FAT-fs (loop0): Directory bread(block 67) failed
[  834.982333][T27682] FAT-fs (loop0): Directory bread(block 68) failed
[  835.003100][T27682] FAT-fs (loop0): Directory bread(block 69) failed
[  835.011557][T27697] netlink: 16 bytes leftover after parsing attributes in process `syz.5.9514'.
[  835.023892][T27698] netlink: 'syz.6.9515': attribute type 1 has an invalid length.
[  835.049079][T27682] FAT-fs (loop0): Directory bread(block 70) failed
[  835.078493][T27682] FAT-fs (loop0): Directory bread(block 71) failed
[  835.095247][T27682] FAT-fs (loop0): Directory bread(block 72) failed
[  835.107636][ T5822] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  835.109226][T27682] FAT-fs (loop0): Directory bread(block 73) failed
[  835.333300][ T5950] usb 2-1: new high-speed USB device number 94 using dummy_hcd
[  835.493373][T27716] netlink: 12 bytes leftover after parsing attributes in process `syz.5.9523'.
[  835.532692][ T5950] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid wMaxPacketSize 0
[  835.546128][T27716] netlink: 12 bytes leftover after parsing attributes in process `syz.5.9523'.
[  835.564401][ T5950] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8E has invalid maxpacket 0
[  835.601404][ T5950] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0xA has invalid wMaxPacketSize 0
[  835.634993][ T5950] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0xA has invalid maxpacket 0
[  835.670182][ T5950] usb 2-1: New USB device found, idVendor=05ab, idProduct=0301, bcdDevice= 1.00
[  835.690270][ T5950] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  835.726200][ T5950] usb 2-1: Product: syz
[  835.752892][ T5950] usb 2-1: Manufacturer: syz
[  835.757524][ T5950] usb 2-1: SerialNumber: syz
[  835.795403][ T5950] usb 2-1: config 0 descriptor??
[  835.802951][T27727] netlink: 10 bytes leftover after parsing attributes in process `syz.5.9529'.
[  835.824374][ T5950] ums-isd200 2-1:0.0: USB Mass Storage device detected
[  836.114106][ T5950] ums-isd200 2-1:0.0: probe with driver ums-isd200 failed with error -22
[  836.253222][ T6004] usb 2-1: USB disconnect, device number 94
[  836.343827][T27748] netlink: 8 bytes leftover after parsing attributes in process `syz.5.9539'.
[  836.651372][T27765] loop3: detected capacity change from 0 to 512
[  836.711684][T27765] EXT4-fs error (device loop3): ext4_orphan_get:1391: inode #15: comm syz.3.9547: inode has both inline data and extents flags
[  836.787199][T27765] fserror_report: 1 callbacks suppressed
[  836.787221][T27765] loop3: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  836.797784][    C1] EXT4-fs (loop3): error count since last fsck: 1
[  836.813497][    C1] EXT4-fs (loop3): initial error at time 1772892563: ext4_orphan_get:1391: inode 15
[  836.822956][    C1] EXT4-fs (loop3): last error at time 1772892563: ext4_orphan_get:1391: inode 15
[  836.846320][T27765] EXT4-fs error (device loop3): ext4_orphan_get:1396: comm syz.3.9547: couldn't read orphan inode 15 (err -117)
[  836.926067][T27765] loop3: lost filesystem error report for type 5 error -117
[  836.938317][T27765] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  837.153597][ T5822] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  837.232288][T27791] netlink: 'syz.0.9558': attribute type 309 has an invalid length.
[  837.241859][T27792] netlink: 16 bytes leftover after parsing attributes in process `syz.5.9560'.
[  837.642823][T27809] netlink: 72 bytes leftover after parsing attributes in process `syz.3.9567'.
[  837.849886][T27817] netlink: 12 bytes leftover after parsing attributes in process `syz.4.9572'.
[  838.204634][T27786] loop6: detected capacity change from 0 to 32768
[  838.293488][T27786] 
[  838.293488][T27786]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  838.293488][T27786] 
[  838.397045][T27786] ERROR: (device loop6): xtSearch: xt_getpage: xtree page corrupt
[  838.397045][T27786] 
[  838.475245][T27786] xtLookup: xtSearch returned -5
[  838.485439][T27786] ERROR: (device loop6): xtTruncate: xt_getpage: xtree page corrupt
[  838.485439][T27786] 
[  838.624570][   T12] 
[  838.624570][   T12]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  838.624570][   T12] 
[  838.658039][   T12] 
[  838.658039][   T12]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  838.658039][   T12] 
[  838.729070][T27853] netlink: 'syz.1.9587': attribute type 1 has an invalid length.
[  838.751834][T21254] 
[  838.751834][T21254]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  838.751834][T21254] 
[  838.766388][T21254] 
[  838.766388][T21254]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  838.766388][T21254] 
[  838.782893][T27855] loop5: detected capacity change from 0 to 512
[  838.818424][  T111] ==================================================================
[  838.826538][  T111] BUG: KASAN: slab-use-after-free in _raw_spin_lock_irqsave+0x40/0x60
[  838.834729][  T111] Read of size 1 at addr ffff8880506448d8 by task jfsCommit/111
[  838.842361][  T111] 
[  838.844685][  T111] CPU: 1 UID: 0 PID: 111 Comm: jfsCommit Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  838.844716][  T111] Tainted: [L]=SOFTLOCKUP
[  838.844725][  T111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  838.844739][  T111] Call Trace:
[  838.844748][  T111]  <TASK>
[  838.844758][  T111]  dump_stack_lvl+0xe8/0x150
[  838.844792][  T111]  print_report+0xba/0x230
[  838.844819][  T111]  ? _raw_spin_lock_irqsave+0x40/0x60
[  838.844852][  T111]  kasan_report+0x117/0x150
[  838.844881][  T111]  ? _raw_spin_lock_irqsave+0x40/0x60
[  838.844918][  T111]  __kasan_check_byte+0x2a/0x40
[  838.844944][  T111]  lock_acquire+0x79/0x2e0
[  838.844974][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  838.845001][  T111]  ? rcu_is_watching+0x15/0xb0
[  838.845035][  T111]  _raw_spin_lock_irqsave+0x40/0x60
[  838.845066][  T111]  ? __mutex_lock+0x3cb/0x1300
[  838.845088][  T111]  __mutex_lock+0x3cb/0x1300
[  838.845109][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  838.845142][  T111]  ? jfs_syncpt+0x25/0x90
[  838.845179][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  838.845205][  T111]  ? do_raw_spin_lock+0x12b/0x2f0
[  838.845229][  T111]  ? __pfx___mutex_lock+0x10/0x10
[  838.845255][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  838.845282][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  838.845313][  T111]  jfs_syncpt+0x25/0x90
[  838.845345][  T111]  txEnd+0x2e5/0x530
[  838.845368][  T111]  jfs_lazycommit+0x5b8/0xaa0
[  838.845394][  T111]  ? __pfx_jfs_lazycommit+0x10/0x10
[  838.845417][  T111]  ? __pfx_default_wake_function+0x10/0x10
[  838.845446][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  838.845473][  T111]  ? __kthread_parkme+0x7a/0x1f0
[  838.845503][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  838.845534][  T111]  kthread+0x388/0x470
[  838.845555][  T111]  ? __pfx_jfs_lazycommit+0x10/0x10
[  838.845577][  T111]  ? __pfx_kthread+0x10/0x10
[  838.845598][  T111]  ret_from_fork+0x51e/0xb90
[  838.845630][  T111]  ? __pfx_ret_from_fork+0x10/0x10
[  838.845657][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  838.845683][  T111]  ? __switch_to+0xc7d/0x1450
[  838.845710][  T111]  ? __pfx_kthread+0x10/0x10
[  838.845731][  T111]  ret_from_fork_asm+0x1a/0x30
[  838.845774][  T111]  </TASK>
[  838.845782][  T111] 
[  839.060653][  T111] Allocated by task 27786:
[  839.065060][  T111]  kasan_save_track+0x3e/0x80
[  839.069743][  T111]  __kasan_kmalloc+0x93/0xb0
[  839.074331][  T111]  __kmalloc_cache_noprof+0x31c/0x660
[  839.079703][  T111]  lmLogOpen+0x2d1/0xfa0
[  839.083949][  T111]  jfs_mount_rw+0xee/0x670
[  839.088365][  T111]  jfs_fill_super+0x754/0xd80
[  839.093041][  T111]  get_tree_bdev_flags+0x431/0x4f0
[  839.098151][  T111]  vfs_get_tree+0x92/0x2a0
[  839.102559][  T111]  do_new_mount+0x341/0xd30
[  839.107055][  T111]  __se_sys_mount+0x31d/0x420
[  839.111726][  T111]  do_syscall_64+0x14d/0xf80
[  839.116316][  T111]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  839.122204][  T111] 
[  839.124511][  T111] Freed by task 21254:
[  839.128559][  T111]  kasan_save_track+0x3e/0x80
[  839.133234][  T111]  kasan_save_free_info+0x46/0x50
[  839.138258][  T111]  __kasan_slab_free+0x5c/0x80
[  839.143101][  T111]  kfree+0x1c1/0x630
[  839.147006][  T111]  lmLogClose+0x297/0x520
[  839.151344][  T111]  jfs_umount+0x2ef/0x3c0
[  839.155691][  T111]  jfs_put_super+0x8c/0x190
[  839.160198][  T111]  generic_shutdown_super+0x13d/0x2d0
[  839.165582][  T111]  kill_block_super+0x44/0x90
[  839.170263][  T111]  deactivate_locked_super+0xbc/0x130
[  839.175641][  T111]  cleanup_mnt+0x437/0x4d0
[  839.180048][  T111]  task_work_run+0x1d9/0x270
[  839.184632][  T111]  exit_to_user_mode_loop+0xed/0x480
[  839.189922][  T111]  do_syscall_64+0x32d/0xf80
[  839.194506][  T111]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  839.200391][  T111] 
[  839.202706][  T111] The buggy address belongs to the object at ffff888050644800
[  839.202706][  T111]  which belongs to the cache kmalloc-1k of size 1024
[  839.216783][  T111] The buggy address is located 216 bytes inside of
[  839.216783][  T111]  freed 1024-byte region [ffff888050644800, ffff888050644c00)
[  839.230671][  T111] 
[  839.232993][  T111] The buggy address belongs to the physical page:
[  839.239392][  T111] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0xffff888050645800 pfn:0x50640
[  839.249456][  T111] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  839.257998][  T111] flags: 0xfff00000000240(workingset|head|node=0|zone=1|lastcpupid=0x7ff)
[  839.266498][  T111] page_type: f5(slab)
[  839.270485][  T111] raw: 00fff00000000240 ffff88813fea8dc0 ffffea0001ffd610 ffffea0001ef1610
[  839.279061][  T111] raw: ffff888050645800 000000080010000f 00000000f5000000 0000000000000000
[  839.287640][  T111] head: 00fff00000000240 ffff88813fea8dc0 ffffea0001ffd610 ffffea0001ef1610
[  839.296315][  T111] head: ffff888050645800 000000080010000f 00000000f5000000 0000000000000000
[  839.304981][  T111] head: 00fff00000000003 ffffea0001419001 00000000ffffffff 00000000ffffffff
[  839.313645][  T111] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  839.322298][  T111] page dumped because: kasan: bad access detected
[  839.328706][  T111] page_owner tracks the page as allocated
[  839.334408][  T111] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x52820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP), pid 49, tgid 49 (kworker/u8:3), ts 95269886788, free_ts 20972574732
[  839.353782][  T111]  post_alloc_hook+0x231/0x280
[  839.358553][  T111]  get_page_from_freelist+0x24dc/0x2580
[  839.364095][  T111]  __alloc_frozen_pages_noprof+0x18d/0x380
[  839.369905][  T111]  alloc_pages_mpol+0x232/0x4a0
[  839.374764][  T111]  allocate_slab+0x83/0x660
[  839.379272][  T111]  ___slab_alloc+0x150/0x6b0
[  839.383861][  T111]  __kmalloc_noprof+0x18a/0x760
[  839.388703][  T111]  ___neigh_create+0x6d5/0x2280
[  839.393553][  T111]  ip6_finish_output2+0x729/0x13e0
[  839.398667][  T111]  ip6_output+0x340/0x550
[  839.402999][  T111]  ndisc_send_skb+0xbaa/0x14e0
[  839.407750][  T111]  addrconf_dad_completed+0x909/0xe60
[  839.413135][  T111]  addrconf_dad_work+0xc5e/0x14c0
[  839.418206][  T111]  process_scheduled_works+0xb02/0x1830
[  839.423754][  T111]  worker_thread+0xa50/0xfc0
[  839.428344][  T111]  kthread+0x388/0x470
[  839.432435][  T111] page last free pid 1 tgid 1 stack trace:
[  839.438249][  T111]  __free_frozen_pages+0xc2b/0xdb0
[  839.443381][  T111]  free_contig_range+0xbb/0x170
[  839.448240][  T111]  destroy_args+0x4e5/0x570
[  839.452734][  T111]  debug_vm_pgtable+0x3f8/0x410
[  839.457585][  T111]  do_one_initcall+0x250/0x8d0
[  839.462348][  T111]  do_initcall_level+0x104/0x190
[  839.467280][  T111]  do_initcalls+0x59/0xa0
[  839.471598][  T111]  kernel_init_freeable+0x2a6/0x3e0
[  839.476792][  T111]  kernel_init+0x1d/0x1d0
[  839.481118][  T111]  ret_from_fork+0x51e/0xb90
[  839.485705][  T111]  ret_from_fork_asm+0x1a/0x30
[  839.490469][  T111] 
[  839.492772][  T111] Memory state around the buggy address:
[  839.498389][  T111]  ffff888050644780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  839.506457][  T111]  ffff888050644800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  839.514512][  T111] >ffff888050644880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  839.522555][  T111]                                                     ^
[  839.529494][  T111]  ffff888050644900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  839.537560][  T111]  ffff888050644980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  839.545609][  T111] ==================================================================
[  839.553660][  T111] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  839.560848][  T111] CPU: 1 UID: 0 PID: 111 Comm: jfsCommit Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  839.571516][  T111] Tainted: [L]=SOFTLOCKUP
[  839.575821][  T111] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  839.586038][  T111] Call Trace:
[  839.589313][  T111]  <TASK>
[  839.592253][  T111]  vpanic+0x56c/0xa60
[  839.596251][  T111]  ? __pfx_vpanic+0x10/0x10
[  839.600758][  T111]  panic+0xc5/0xd0
[  839.604476][  T111]  ? __pfx_panic+0x10/0x10
[  839.608931][  T111]  ? _raw_spin_lock_irqsave+0x40/0x60
[  839.614319][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  839.619958][  T111]  ? rcu_is_watching+0x15/0xb0
[  839.624733][  T111]  ? _raw_spin_lock_irqsave+0x40/0x60
[  839.630110][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  839.635833][  T111]  ? _raw_spin_lock_irqsave+0x40/0x60
[  839.641218][  T111]  check_panic_on_warn+0x89/0xb0
[  839.646163][  T111]  ? _raw_spin_lock_irqsave+0x40/0x60
[  839.651546][  T111]  end_report+0x73/0x180
[  839.655787][  T111]  ? _raw_spin_lock_irqsave+0x40/0x60
[  839.661163][  T111]  kasan_report+0x128/0x150
[  839.665668][  T111]  ? _raw_spin_lock_irqsave+0x40/0x60
[  839.671044][  T111]  __kasan_check_byte+0x2a/0x40
[  839.675890][  T111]  lock_acquire+0x79/0x2e0
[  839.680313][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  839.685953][  T111]  ? rcu_is_watching+0x15/0xb0
[  839.690732][  T111]  _raw_spin_lock_irqsave+0x40/0x60
[  839.695932][  T111]  ? __mutex_lock+0x3cb/0x1300
[  839.700691][  T111]  __mutex_lock+0x3cb/0x1300
[  839.705280][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  839.710927][  T111]  ? jfs_syncpt+0x25/0x90
[  839.715268][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  839.720895][  T111]  ? do_raw_spin_lock+0x12b/0x2f0
[  839.725922][  T111]  ? __pfx___mutex_lock+0x10/0x10
[  839.730952][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  839.736596][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  839.742245][  T111]  jfs_syncpt+0x25/0x90
[  839.746405][  T111]  txEnd+0x2e5/0x530
[  839.750297][  T111]  jfs_lazycommit+0x5b8/0xaa0
[  839.754970][  T111]  ? __pfx_jfs_lazycommit+0x10/0x10
[  839.760159][  T111]  ? __pfx_default_wake_function+0x10/0x10
[  839.765963][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  839.771596][  T111]  ? __kthread_parkme+0x7a/0x1f0
[  839.776541][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  839.782180][  T111]  kthread+0x388/0x470
[  839.786251][  T111]  ? __pfx_jfs_lazycommit+0x10/0x10
[  839.791445][  T111]  ? __pfx_kthread+0x10/0x10
[  839.796031][  T111]  ret_from_fork+0x51e/0xb90
[  839.800642][  T111]  ? __pfx_ret_from_fork+0x10/0x10
[  839.805749][  T111]  ? srso_alias_return_thunk+0x5/0xfbef5
[  839.811381][  T111]  ? __switch_to+0xc7d/0x1450
[  839.816072][  T111]  ? __pfx_kthread+0x10/0x10
[  839.820653][  T111]  ret_from_fork_asm+0x1a/0x30
[  839.825438][  T111]  </TASK>
[  839.828728][  T111] Kernel Offset: disabled
[  839.833035][  T111] Rebooting in 86400 seconds..