last executing test programs:

57.992783173s ago: executing program 0 (id=854):
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x89a0, &(0x7f0000000040)={'syzkaller0\x00'})
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'syzkaller0\x00', <r1=>0x0})
setsockopt$packet_add_memb(r0, 0x107, 0x1, &(0x7f0000000100)={r1, 0x2, 0x6}, 0x10)
r2 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x89a1, &(0x7f00000002c0)={'syzkaller0\x00'})

57.568033001s ago: executing program 0 (id=858):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x4e21, @rand_addr=0x64010102}]}, &(0x7f00000002c0)=0x10)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={<r3=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f00000001c0)={r3, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x0, 0x0, 0xd4}, 0x9c)

56.428690081s ago: executing program 0 (id=864):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x800, &(0x7f0000000440)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x1, 0x0, 0x0)
read$FUSE(r0, &(0x7f0000002880)={0x2020, 0x0, <r1=>0x0}, 0x2020)
stat(&(0x7f0000000240)='./file0/file0\x00', 0x0)
mount$bpf(0x0, &(0x7f0000000180)='./file0/file1\x00', 0x0, 0x2010800, 0x0)
write$FUSE_LK(r0, &(0x7f00000000c0)={0x28, 0x0, r1, {{0xfffffffffffffc00, 0x10000, 0x2, 0xffffffffffffffff}}}, 0x28)

56.042176036s ago: executing program 0 (id=867):
syz_mount_image$udf(&(0x7f0000000080), &(0x7f00000000c0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x4040, &(0x7f00000015c0)=ANY=[], 0x2, 0xc2d, &(0x7f00000001c0)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIhRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2KEmV9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr96+qz7PwA8Vq76/38AAAAAAAAAAAAAADjoUhTxZKSYu7KWxqv3HfXL7b5bt8eGhrevdiRVNQ9V5cuf+pmz585/6YXBC9283J75gPr322fjtdGrlxovz96cm59aWJiabIzNtCdmJ6d2vYe91t/qZHUCGjdfvzV5/fpC4+zz5zZ9fHvg/f4njg9cHHz21DPdsmNDw8OjG0XqveVr99yQjp1meByOIk5Fiue+99PUiogi9n4u6g927Lc6UnXiZNWJsaHhqiPT7dbMYvnhSPdEFBGNnkrN7jnafiyi1vdA+7CzZsRS2fyywSfL7o3OteZb16anGiOt+cX2Ynt2ZiR1Wlv2pxFFXEgRyxGx2n/37vqiiFqk+M6xtXQtIg51z8MXq4nBO7ej2Mc+7kLZzkZfxHLxCIzZAdYfRbwaKX72zomYyNeZ6lrzhYhXy/xBxFtlvhSRyi/G+Yj3tvke8WiqRRF/WY7/xbU0WV0PuteVy19rfGXm+mxP2e515SPeH+66Ujyk+8ORLflgHPBrUz2KaFVX/LV077/ZAQAAAAAAAAAAAAAAAOB+OxJFfCZSvPIff1LNK45qXvqxi4N/OPCrvXPGn/6Q/ZRln4+IpWJ3c3IP54mBI2kkpYc8l/hxVo8i/jTP//vWw24MAAAAAAAAAAAAAAAAAADAY62In0SKF989kZajd03x9syNxtXWtenOqrDdtX+7a6avr6+vN1InmznHcy7lXM65knM1ZxS5fs5mzvGcSzmXc67kXM0Zh3L9nM2c4zmXci7nXMm5mjNquX7OZs7xnEs5l3Ou5FzNGQdk7V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgI+TIor4RaT49jfWUqSIaEaMRydX+h926wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAUn8q4vuRovFHzTvbahGRqn87TpS/nI/m4TI/Gc3BMl+K5qWcrSprzW89hPazN32piB9Hiv7623cGPI9/X+fdna9BvPXNjXefrXXyUPfDgff7nzh+7OLg8G88vdPrtF0DTl5uz9y63RgbGh4e7dlcy0f/ZM+2gXzc4v50nYhYeOPN11vT01Pz9/6i/Arsofoj9CLVHpeeelG9iNqBaMbD6TuPgfL+/16k+N13/7N7w+/c/+vxK513d+7w8fM/27j/v7h1R7u8/9e21sv3//Kevt39/8mebS/m34301SLqizfn+o5H1BfeePNU+2brxtSNqZnzp09/eXDwy+dO9x2OqF9vT0/1vLovpwsAAAAAAAAAAAAAAADgwUlF/H6kaP14LTUi4nY1X2vg4uCzp545FIeq+Vab5m2/Nnr1UuPl2Ztz81MLC1OTjbGZ9sTs5NRuD1evpnuNDQ3vS2c+1JF9bv+R+suzc2/Mt2/88eK2nx+tX7q2sDjfmtj+4zgSRUSzd8vJqsFjQ8NVo6fbrZmq6si2k+k/ur5UxH9FionzjfT5vC3P/986w3/T/P+lrTvap/n/n+jZVh4zpSJ+Hil+56+ejs9X7Twad52zXO7vIsXJC5/L5eJwWa7bhs5zBTozA8uy/xcp/ukXm8t250M+uVH2zK5P7COiHP9jkeL7f/Hd+M28bfPzH7Yf/6Nbd7RP4/9Uz7ajm55XsOeuk8f/VKR46cm347fytg96/kf32RsncuE7z+fYp/H/VM+2gXzc374/XQcAAAAAAAAAAHik9aUi/j5S/HC4ll7I23bz9/8mt+5on/7+16d7tk3en/WKPvTFnk8qAAAAABwQfamIn0SKG4tv35lDvXn+d8/8z9/bmP85lLZ8Wv05369Vzw24n3/+12sgH3d8790GAAAAAAAAAAAAAAAAAACAAyWlIl7I66mPV/P5J3dcT30lUrzyP8/lcul4Wa67DvxA9Wv9yuzMqUvT07MTrcXWtempxuhca2KqrPtUpFj728/lukW1vnp3vfnOGu8ba7HPR4rhf+iW7azF3l2b/KmNsmfKsp+IFP/9j5vLdtex/tRG2bNl2b+JFF//l+3LHt8oe64s+91I8aOvN7plj5Zlu89H/fRG2ecnZot9GBUAAAAAAAAAAAAAAAAAAAAeN32piD+PFP97c/nOXP68/n9fz9vKW9/sWe9/i9vVOv8D1fr/O72+l/X/q+cKLO10VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HhKUcSbkWLuylpa6S/fd9Qvt2du3R4bGt6+2pFU1TxUlS9/6mfOnjv/pRcGL3Tzg+vfb5+J10avXmq8PHtzbn5qYWFqsjE2056YnZza9R72Wn+rk9UJaNx8/dbk9esLjbPPn9v08e2B9/ufOD5wcfDZU890y44NDQ+P9pSp9d3z0e+Sdth+OIr460jx3Pd+mn7YH1HE3s/Fh3x39tuRqhMnq06MDQ1XHZlut2YWyw9HuieiiGj0VGp2z9EDGIs9aUYslc0vG3yy7N7oXGu+dW16qjHSml9sL7ZnZ0ZSp7VlfxpRxIUUsRwRq/13764ving9Unzn2Fr61/6IQ93z8MUro189fXbndhT72MddKNvZ6ItYLh6BMTvA+qOIf44UP3vnRPxbf0QtOj/xhYhXy/xBxFvRGe9UfjHOR7y3zfeIR1Mtivj/cvwvrqV3+svrQfe6cvlrja/MXJ/tKdu9rjzy94cH6YBfm+pRxI+qK/5a+nf/XQMAAAAAAAAAAAAAAAAcIEX8eqR48d0TqZoffGdOcXvmRuNq69p0Z1pfd+5fd870+vr6eiN1splzPOdSzuWcKzlXc0aR6+dslllfXx/P75dyLudcybmaMw7l+jmbOcdzLuVczrmSczVn1HL9nM2c4zmXci7nXMm5mjMOyNw9AAAAAAAAAAAAAAAAAADg46Wo/knx7W+spfX+zvrS49HJFeuBfuz9MgAA//8hX/ir")
creat(&(0x7f0000000100)='./bus\x00', 0x44)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x301400, 0x0)
r0 = open(&(0x7f00000005c0)='./bus\x00', 0x64842, 0x49)
pwritev2(r0, &(0x7f0000000240)=[{&(0x7f0000000000)="85", 0x78c00}], 0x1, 0x7a00, 0x0, 0x3)
unlinkat(0xffffffffffffff9c, &(0x7f0000000200)='./file0/file0\x00', 0x0)

55.008541267s ago: executing program 0 (id=873):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x3)
ioctl$UI_SET_ABSBIT(r0, 0x40045567, 0x0)
write$uinput_user_dev(r0, &(0x7f0000000ec0)={'syz0\x00', {0x0, 0x0, 0x0, 0x9}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x1, 0x7, 0x0, 0x0, 0x0, 0x5, 0x1, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff], [0x0, 0x0, 0x8, 0xb16, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x2, 0x0, 0x9, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd, 0x1000, 0x0, 0xf, 0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffe, 0x4, 0x1, 0x0, 0x0, 0x0, 0xfffffffd, 0xfffffffd, 0x0, 0xfffffffa, 0x0, 0x80000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0xe], [0x7, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0xfffffffc, 0xff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xe, 0x1, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x7, 0x4], [0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc045, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x80, 0x0, 0x3, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0xfffffffe, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x4, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5]}, 0x45c)
ioctl$UI_DEV_CREATE(r0, 0x5501)
write$uinput_user_dev(r0, &(0x7f0000000a40)={'syz1\x00', {0xfffd, 0xd}, 0x4d, [0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x1, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x7ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x3, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, 0x0, 0xfffffffe, 0xffff, 0x0, 0x0, 0x120, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2], [0xffffffff, 0x3, 0x3, 0x0, 0x0, 0x6, 0x0, 0xfffffffb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x400000, 0x1, 0x0, 0xfffffffc, 0xfffffffe, 0x0, 0x4, 0x0, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfd5], [0x0, 0x80000000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x200000, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x7ff, 0x3, 0x7fffffc, 0x0, 0x0, 0x7fff, 0x0, 0x3, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x6, 0x2], [0x81, 0x0, 0x5d30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xfc2, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xe58b, 0xe, 0x0, 0x3, 0x0, 0x1, 0x1ff]}, 0x45c)

54.443894557s ago: executing program 0 (id=875):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, &(0x7f00000000c0)={0x0, 0x328000, 0x800}, 0x20)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0xb, 0x2, &(0x7f0000006680))
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

54.064536081s ago: executing program 32 (id=875):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
setsockopt$XDP_UMEM_REG(0xffffffffffffffff, 0x11b, 0x4, &(0x7f00000000c0)={0x0, 0x328000, 0x800}, 0x20)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0xb, 0x2, &(0x7f0000006680))
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

3.983868218s ago: executing program 4 (id=1156):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000400)=[{0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)="f7", 0x1}], 0x1, &(0x7f0000000a40)=ANY=[@ANYBLOB="1800000000000000170100000300000001"], 0x18}], 0x1, 0x0)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1}, 0x0)

3.891117846s ago: executing program 4 (id=1157):
symlink(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='./file0\x00')
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x28bd, 0x71, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x3ff}}}}}]}}]}}, 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_control_io(r1, &(0x7f0000000040)={0x2c, &(0x7f0000000c40)=ANY=[@ANYBLOB='\x00\x00W'], 0x0, 0x0, 0x0, 0x0}, 0x0)

3.472016553s ago: executing program 2 (id=1162):
r0 = inotify_init1(0x0)
r1 = inotify_add_watch(r0, &(0x7f0000000200)='.\x00', 0x400)
r2 = dup(r0)
read$FUSE(r2, 0x0, 0x0)
read$FUSE(r2, &(0x7f0000004980)={0x2020}, 0x2020)
inotify_rm_watch(r2, r1)

3.376076662s ago: executing program 1 (id=1163):
recvmsg(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)=[{0x0}], 0x1}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=@newqdisc={0x24, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
socket$isdn(0x22, 0x2, 0x11)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000080)=ANY=[@ANYBLOB="7800000010000304000000000000000000007400", @ANYRES32=0x0, @ANYBLOB="00000000600000005800128008000100677470004c00028008000100", @ANYRES32, @ANYBLOB="08000100", @ANYRES32, @ANYBLOB="0800030002000000080007006401010108000700ac1414bb0800020003"], 0x78}}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r0, &(0x7f00000002c0), 0x40000000000009f, 0x0)

3.355144924s ago: executing program 3 (id=1164):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000440)={0x0, 0xfffffffc, 0xffdffff8, 0xffffffff, 0x0, "ff0000bb719b98fb73e53a0000000600"})
ioctl$TCSETS(r0, 0x5402, &(0x7f00000000c0)={0xd, 0xb, 0xf, 0x3, 0x16, "43db4c9554938a92b052134851317440023bd9"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000740)=0x1004af)
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000000)=0x13)

3.176928549s ago: executing program 2 (id=1165):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000006c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x4004000)
r2 = syz_open_procfs(0x0, &(0x7f0000000200)='task\x00')
close_range(r2, 0xffffffffffffffff, 0x0)
recvmsg$unix(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000080), 0x100}, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)

3.16525731s ago: executing program 3 (id=1166):
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, 0x0, 0x0)
r1 = openat$comedi(0xffffff9c, &(0x7f0000000040)='/dev/comedi2\x00', 0xa400, 0x0)
ioctl$COMEDI_DEVCONFIG(r1, 0x40946400, &(0x7f0000000140)={'dt2814\x00', [0x181f, 0x401, 0xe2, 0x5, 0x88d7, 0x80000001, 0x1007, 0x800001, 0x1002, 0xffffffff, 0x200, 0x7, 0x10000007, 0x1, 0x5, 0x9, 0x8, 0x3, 0x1, 0x9, 0x10c, 0x4001, 0x2, 0xa, 0x2, 0x1, 0xb0c0, 0xe, 0xff, 0x400002, 0x4000004]})

3.148001592s ago: executing program 1 (id=1167):
sendmsg$SMC_PNETID_GET(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f00000000c0)='veth1_to_team\x00', 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x0, 0x0, &(0x7f0000000300)='GPL\x00', 0x8}, 0x94)
sendto$inet(r0, 0x0, 0x0, 0x804, &(0x7f0000000080)={0x2, 0x4e22, @multicast1}, 0x10)
recvmmsg(r0, &(0x7f0000000340)=[{{0x0, 0x0, 0x0}, 0x28008a}], 0x4000054, 0x40000022, 0x0)

2.979088757s ago: executing program 2 (id=1168):
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r0 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x20080, 0x0)
syz_usb_connect$lan78xx(0x5, 0x0, 0x0, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000080)=0x80000003)
r1 = dup2(r0, r0)
read$FUSE(r1, &(0x7f0000001300)={0x2020}, 0x2020)

2.977009337s ago: executing program 1 (id=1169):
syz_mount_image$reiserfs(&(0x7f0000000000), &(0x7f00000000c0)='./file1\x00', 0x8488, &(0x7f0000000780), 0xfe, 0x10fd, &(0x7f0000001140)="$eJzs2T9rFEEYBvBnds8/3cqmXwQtLCQknF8ghcK1ttqIpDJVrlL8OH4cTWUf0msRsF9Zb/dO5UTwTm1+PzjmvYd9Z2fKmQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMZsmnkhxUSTtlVZKSdN3F4ipJN+V33tdVSp6eLpaPz+dPlknqb4+XZ0kZuoa2tMf3brfzdt4et48OTu5/WL5+8+rF2dnp+ThNSZfL6/1vpYzrAQAAAH7U76z5z+8HAAAAfmdvFwkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAf6hvNnU7FVWSknTdxeIqSbel78Y/Wh8AAACwu5Iqz5tt+eoaYONhPjZlnQ/jlzLUR3m3pR8AAAD4pf7WWHz/fb3c3JzHH2S2PpcP2d3Mcni4+j8O+XyS1EmOfpr88vrty+lX+vpv7wUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgK/swLEAAAAAgDB/6zQ6NgAAAAAAAAAAAAAAAAAAAPYKAAD///F61s8=")
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x21c0, 0x103)
mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file4\x00', 0x11c0, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000180)='./file5\x00', 0x61c0, 0x700)
renameat2(0xffffffffffffff9c, &(0x7f0000000a00)='./file5\x00', 0xffffffffffffff9c, &(0x7f0000000a40)='./file7\x00', 0x0)

2.456139353s ago: executing program 1 (id=1170):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=ANY=[@ANYBLOB="5800000010000d04000000000000000000009d73", @ANYRES32=0x0, @ANYBLOB="0000000008000000240012800c0001006d6163766c616e001400028008000100040000000800090001"], 0x58}}, 0x8000)
r0 = syz_open_dev$loop(&(0x7f0000000100), 0x5, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='blkio.bfq.io_service_time_recursive\x00', 0x275a, 0x0)
write$binfmt_misc(r1, &(0x7f0000000000)="180c4552", 0x4)
write$binfmt_misc(r1, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f0000000400)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x800000000000208, 0x0, 0x0, 0x2, 0xc, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100000000020000ffffffffff00", "2809e8dbe108598948224ad54afac11d875397bd3c5240f45f819e01177d2d458dd4992861ac00", "90be8b1c55080021000c547d03d8a0f4bd00", [0x0, 0x6]}})

2.025597901s ago: executing program 3 (id=1171):
r0 = socket(0x1d, 0x2, 0x6)
r1 = epoll_create(0x2)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000001840)={0x90000001})
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vxcan0\x00', <r2=>0x0})
bind$can_j1939(r0, &(0x7f0000000380)={0x1d, r2, 0x2, {0x2, 0x0, 0x2}}, 0x18)
sendmsg$GTP_CMD_GETPDP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x500}, 0x1, 0x0, 0x0, 0x40}, 0x80)

2.024238411s ago: executing program 1 (id=1179):
r0 = socket(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1, 0xf, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=ANY=[@ANYBLOB="540000001400b59500000000000000000a000000", @ANYRES32=r1, @ANYBLOB="140001000040000000000000000000000000000014000200fe8000000000000000000000000000aa140006"], 0x54}, 0x1, 0x0, 0x0, 0x800}, 0x80)
sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000140)=ANY=[], 0x50}}, 0x4)
sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0x0)

1.943750508s ago: executing program 4 (id=1172):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller0\x00', 0x2})
r1 = socket$netlink(0x10, 0x3, 0x0)
preadv(r0, &(0x7f0000000300)=[{&(0x7f0000000380)=""/183, 0xb7}], 0x1, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)

1.937845359s ago: executing program 1 (id=1173):
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x0)
openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x8041, 0x0)
r0 = socket$phonet_pipe(0x23, 0x5, 0x2)
r1 = syz_usb_connect(0x5, 0x2d, &(0x7f0000000140)={{0x12, 0x1, 0x0, 0x41, 0x3f, 0x5f, 0x20, 0x61d, 0xc150, 0xce6f, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x0, 0x0, 0x10, 0x0, [{{0x9, 0x4, 0x33, 0x0, 0x1, 0x18, 0x70, 0xfd, 0x0, [], [{{0x9, 0x5, 0x82, 0x2, 0x200, 0x0, 0x4}}]}}]}}]}}, 0x0)
syz_usb_control_io$printer(r1, 0x0, 0x0)
syz_usb_ep_write$ath9k_ep1(r1, 0x82, 0x12, &(0x7f0000000040)=ANY=[@ANYBLOB="a200004ef3b11f948ef66b0ee0b3d41b1b", @ANYRES32=r0])

1.655742874s ago: executing program 4 (id=1174):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000440)={0x0, 0xfffffffc, 0xffdffff8, 0xffffffff, 0x0, "ff0000bb719b98fb73e53a0000000600"})
ioctl$TCSETS(r0, 0x5402, &(0x7f00000000c0)={0xd, 0xb, 0xf, 0x3, 0x16, "43db4c9554938a92b052134851317440023bd9"})
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000740)=0x1004af)
r1 = syz_open_pts(r0, 0x0)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000000)=0x13)

1.655549004s ago: executing program 3 (id=1175):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_X86_SET_MSR_FILTER(r1, 0x4188aec6, &(0x7f0000000380)={0x1, [{0x2, 0x0, 0x76, 0x0}, {0x1, 0x8, 0x4, &(0x7f0000000340)="b5"}, {0x0, 0x0, 0x7f, 0x0}, {0x1, 0x0, 0x208, 0x0}, {0x2, 0x0, 0xffff6f56, 0x0}, {0x3, 0x0, 0xffffc5bb, 0x0}, {0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0x10000009, 0x0}, {0x2, 0x0, 0x3, 0x0}, {0x0, 0x0, 0x2ff, 0x0}, {0x1, 0x0, 0x4ed, 0x0}, {0x0, 0x0, 0x10, 0x0}, {0x0, 0x0, 0x9, 0x0}, {0x0, 0x0, 0x0, 0x0}, {0x0, 0x0, 0xb, 0x0}, {0x2, 0x0, 0x0, 0x0}]})
r2 = syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000b6b000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$x86(r2, &(0x7f0000000140)={0x0, &(0x7f0000000040)=[@nested_create_vm={0x12d, 0x18, 0x3}, @nested_amd_clgi={0x17f, 0x1}, @cpuid={0x64, 0x18, {0x0, 0x6}}, @nested_intel_vmwrite_mask={0x154, 0x38, {0x8000000000, @ro_nat=0x6402, 0xc, 0x6, 0xcfe}}, @nested_amd_clgi={0x17f, 0x10}, @in_dx={0x69, 0x20, {0xbdb3, 0x2}}, @nested_amd_invlpga={0x17d, 0x20, {0x5000, 0x790e}}, @nested_amd_set_intercept={0x181, 0x30, {0x3, 0xfffffffffffffff3, 0x100000001}}], 0xf8})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

1.536062775s ago: executing program 4 (id=1176):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000005d40)='./file0\x00', 0x4000, &(0x7f0000001e40)=ANY=[@ANYBLOB="71756f74612c646973636172642c646973636172642c696f636861727365743d6b6f69382d72752c646973636172642c00f4193eb3ba2a0d5ff2cd7374288ff89ec513a53e007345decb720900f8312da2463eb0edf52fad1a00ebd41c14b3ce75d0cffefd379624b16f7260c835713b263352e03b5cb8fa0c042bd1225ed4ded2b62e12fea4d7e61b738e40781e58d5fff112364ac140f419e5dafecd283b3fab6b142ddbc893b35a81fe9265591ef35fa2928e095fee4c10b22e4212378de59bca0307cc644b9620b63f0000007bbbd422d87856b71348b8f45398b9660b6b3e8ee8a8c32f3234cb46e2cd827ec25c1ca4d046bc004f8df7b1ee690a5e50510700d80c7fa65fa724d0e1b4369f1b64fe249a0312010000004ac983de925f52d735b03fea941b1e948ad8d19cfda5b799325fd69d14fcf6cdde7700a63150eb3699e5314e0827750e244150ec19f3f3f1d8be542c084b5e40bfaa8ad206d2a33b0ddbd7f8e07dc7d17174a4549ffaf5976949cb69658c42ec7cd9fe8ad82852cefb04646edb3a41eb514eb6a772b3ee9f21e25822b54ec33e592d5c040946721101d53aff21f90351c95aa0f73f1853d6afcbf9448b220e988466066fa5c09e6198fc4520d199b93bdedee87c4043815aa05668a06f8da96680ccc1a139ade90f5c79af46208f9762f54e7c29088d9de69bd2d51c6b9c42209ddc3880051303b855853407d959a5777dce25201c5ea1faa084c36e3e349915ebec53435eb2910c59394ee84ba3baf9c440ae5833c23f46b0eaac543ce0c80ba0603213e53ea59755070b18bc10b9224aa082d96700e63d51c5bffa4f712c2d7fafb9cf506c06e1ddad4fc19038407786fedb9afdfb11a5f182676dd84c919f71d5eee2f3b740b68ee7f6518eb9d8baa26f1c3871f863b134ee942eb3af92d19e70d8268839cd7b4637f0627299f99b1873ca165e410f8bd421e1a4859fd9bd6bb34d25c07e1a52b9668a530b10b8585d797124a6975a71aedbe557a17b06bbfe547aa553c3d08b8921a4b0d938c03687bd48a9a387b4c066c056f457fba5738775b900a1e82a89aae1494b05c4bb0fc8ed1a93688bf850a4f7b0942eda1f16ecf043efa6b8c1f9e0fba31f4a58ed0031180fb1b8a00e4a86826b030000002dd1272a3d1609bed545b86ca7a6bf569ed35d0000ca23b0de742f6008fdf20928370d88f8c04bc3b97b9a9e0062e8fc5fd2337d85a66bd20730f3153db2459fb34c134c06c19364e9645e83040dd16ee08f18f0ba69ac9ca3e25e15442b07000000d30d38a64613b535fa808a9b3bae00bc371271d45db200a5cbf433e2f6dd03b7c7fcc040781e5151c9badb787e7e1e2f39d60998919aa8dbd156f31a5b7fa5f9e5ec01e8c799edc322703c7fc4a81ab9bc02dd96714ee9d7e75d28d040ff3566404fd6db547a4b553197c1f316d20ea54f9459cd81351a510d101e90eabe6dc6c6ac3ffa189c073a5fb3fc382df620bf5af9e638819c77a051e6875866a849f6f578c068c0e4c7cfbc15033997efa853c96297b3201dd30ea40dc94d010a0c33da9f63a10b8f813dc789b80be3bb3f00ee58b30d5c03a6ddbf418ac1b3d4a13839e4b273c4f914bed13f8806295495d41609478798396aeec06e8d342efd8ac6b422f6c23a011b1400000000000000bc2a02094e19a1ee8bb3c3c0c088ae8efaf68c85001faf7cf5426fb7c5c367ed93eb25c48a293549d15b91b59f1b574b3f6171f8e56a402ec56bdf51d90312b3ca5398f4050000007504be21456ec953bf06f12fff20c31e7c8b55fee5c49aa939830b09995ff149258118f9aae29206f9731288b56b10de51525665fdb4e289b1c177df97af3085f82045fbd012f1dde94ffecd90b7b63d8197d9c24a6fe5915ac7d7240847f6d0bf9099ee117c83e363f2ad36a4a9f4faa5734afe9770c38c565cae87a408d0acbb2db7db9174acab60a344814ee643fa82ba41706d2360269ed276e13dd83abbc258f07b0d58ab0b65200b18b7f9f871bcb43fec5a2e3789ecd0c1069d2da80b93c86dff8933e70c2108346003ddf6b60379eee63b66e7341cdd8f87ed9f11894c9ae040976321d87405b492f419ebfa77eb367ca6e360b808451102f54893d7d1695c24bcc184b1e7d19940a2b6931ade8638dd2b85a86dc511dbb97f5035d07ca024076e8581db332b1c5f135fe6b2e9d2c18c9d5d5a524d3d5b2657e4b28f1a09696bd5b076a1471c8b2ab2ca3ba57843af1d03590f4e8985e1c463c781bb03ad7ec816ea70bbe06411aae001e0ca72ee7e828ad14bb7a092d883ad000554bf7f00000000000075cc01f8a2e1802192f09e77bc488b3bd3f08a9ce88ba2e2bcc23cf5d7372b339ce1f5003db0ad70fa6e93aa908a2ced81f5514e23e2f94ff03c1c02f5a9195f4735563efd0a1fc7dafcfb3dae043fe0c172ec3a12747d7abf4382bf7453c13df994641017a0f461add956ef8f834b762af30408af6a61f317fd3c7b0816236a768601b7c6606ba52ff126eb13d33c915c5da99d118db488da3f3d7783a608282a93fcbe0910f0389c3ef91de7c84e23daa6554c42b2b3e9f70a9f790f29011a0b5101b23bfeba6e52877ed8a188958e39375dd203d434bef4dc82cc8a21fc40c6e6e6a2475f70bf1503beb9555036e63bdc937f8a4d61b21d06a9d3239d1df6f2e9ef16dee590b15ac028c6d873bb2965374b733d8e11ba763ab157ed91dd871b098c0543dcbba4cf67db8c83c84369dc67735fa4faa0fdcf34b1c6a862ccae9fe4fa28746504643b57f02623a2ef34ea90f2e7f7dd771f8f75217c799d978a3533fcfab6c6f5391b626d61b400f08172fc675e2a062d06c31b85452804f7b125c291f60a02a5d62271e96fe70d64bae36e28b42e197259169ebee8f64355544fb4d8b83c1c8fad02cd1a2e56a6f6e82ec7719a48a1bea803546b8af7a89faf7cef94d8ada45fc0a98a79ba90c95262f0110725c6bf7c81237534dcd6a8a113bd8ac48b7db5526ab762cec103674742476cd6b92b8c7abcfb1f8e08f0a05c1b209187049f3206bd545e8c20f8db6d8a7cdd0c9ecbb9011b611a013cd581521dfcb028d59d5c69d286fb93e4c498b3aaff7e0cdcf1f41fec65ebdbe4c2bf453140251cdd94c32b87c4634d6500000000000000000000000000000000816e6c33f92dca3e03c400"/2303], 0xff, 0x5e5c, &(0x7f0000005d80)="$eJzs3U9vHGcdB/Df/vH6T2kbVagKEQc3hdJSmv8JlH9NOXCAA0ioZxK5bhVIASUB0SoirnJAXICXAJdeOPQt8AL6GhAvgEg2px4og8Z+nmQ8XmcdEu/s+vl8JGfmN8+O95l8PZ5dz8w+AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADED77/k7O9iLjym7TgWMTnYhDRj1iu69WoZy7nxw8j4nhsN8fzETFYjKjX3/7n2YgLEfHJMxGbW7fX6sXnDtiPi2du3fjsh9/7x+//dPf4z97+6Uft9h9//vzHf7gTcexHr3/82Z0ns+0AAABQiqqqql56m38ivb/vd90pAGAq8vG/SvJytVqtVj/R+o/92eqPutC6qRrvTrOIiI3mOvVrBqfjAWDObMSnXXeBDsm/aMOIeKrrTgAzrdd1BzgUm1u313op317zeLC6057/Trkr/43e/fs79ptO0r7GZFo/X3djEM/t05/lKfVhluT8++38r+y0j9LjDjv/adkv/9HOrU/FyfkP2vm37Mr/zxExt/n3x+Zfqpz/8FHy3xjM8f4vfwAAAAAAjr789/9jHZ//XXz8TTmQh53/XZ1SHwAAAAAAAADgSXvc8f/uM/4fAAAAzKz6vXrtL888WLbfZ7HVy9/qRTzdejxQmNXGhwMCAAAAAAAAAAAAANMxjFhJ1/UvRMTTKytVVdVfTe36UT3u+vOu9O2HknX9Sx4AAHZ88kzrXv5exFJEvJU+629hZWWlqpaWV6qVankxv54dLS5Vy433tXlaL1scHeAF8XBU1d9sqbFe06T3y5Pa29+vfq5RNThAx6ajw8ABICJ2jkabjkhHTFU9G12/ymE+2P+PHvs/B9H1zykAAABw+Kqqqnrp47xPpHP+/a47BQBMRT7+t88LqNVqtVqtPnp1UzXenWYRERvNderXDIbjB4A5sxGfdt0FOiT/og0j4njXnQBmWq/rDnAoNrdur/VSvr3m8WB1pz1fC7Ir/43e9np5/XHTSdrXmEzr5+tuDOK5ffrz/JT6MEty/v12/ld22vMQ/4ed/7Tsl3+9ncc66E/Xcv6Ddv4tRyf//tj8S5XzHz5S/gP5AwAAAADADMt//z/m/G/eZAAAAAAAAACYO5tbt9fyfa/5/P8Xxzyu15xz/+eRkfPvHTh/9/8eJTn/fjv/1gU5g8b8vTcf5P/vrdtrH9361xfydObzXxiM6ude6PUHw3TNT7XwTlyL67EeZ/Y8frir/eye9oVd7ecmtJ/f0z6q25dz+6lYi1/G9Xj7fvvihAujlia0VxPac/4D+3+Rcv7Dxled/0pq77WmtXsf9vfs983puOe5/Lf/vLR375q+uzG4v21N9fad7KA/2/8nT43i1zfXb5z67dVbt26cjTTZtfRcpMkTlvNfSF85/5df3GnPv/eb++u9D0ePnP+suBvDffN/sTFfb+8rU+5bF3L+o/SV889HoPH7/zznv//+/2oH/QEAAAAAAAAAAAAAAICHqapq+xbRyxFxKd3/09W9mQDAdOXjf5Xk5Wq1Wq1Wq49e3VSN90aziIi/N9epXzP8btw3AwBm2X8j4p9dd4LOyL9g+fP+6umXuu4MMFU33//g51evX1+/cbPrngAAAAAAAAAA/688/udqY/zn7euAWuNG7xr/9c1YndvxP/ujwfZY52mDXoiHj/99Mh4+/vdwwvMtTGgfTWhfnNC+NKF97I0eDTn/F1LGOf8TacNKGv/15Q7607Wc/8k01nPO/yutxzXzr/46z/n3d+V/+tZ7vzp98/0PXrv23tV3199d/8XZM5cunL944fzFi6ffuXZ9/czOvx32+HDl/PPY164DLUvOP2cu/7Lk/L+cavmXJef/UqrlX5acf369J/+y5Pzzex/5lyXn/0qq5V+WnP9XUy3/suT8X021/MuS8/9aquVflpz/a6mWf1ly/qdSLf+y5PxPp1r+Zcn55zNc8i9Lzj9f2SD/suT8z6Va/mXJ+Z9PtfzLkvO/kGr5lyXnfzHV8i9Lzv9SquVflpz/11Mt/7Lk/L+RavmXJef/eqrlX5ac/zdTLf+y5Py/lWr5lyXn/+1Uy78sOf/vpFr+Zcn5fzfV8i9Lzv+NVMu/LA8+/9+MGTNm8kzXv5kAAAAAAAAAAAAAgLZpXE7c9TYCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPA/duBAAAAAAADI/7URqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrADBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFvXuLkbO87wf+7sleGwL+hzNxwDYnAwu76xM4xGCSkD8lPVAS0qYlNY69Nk58qnfNSahsCm2JglSk9oJeNCVRGkVqK1AVqalEI6RGau+aq0bcRK3EhS+gclBSNVVgq3fmeR7PzM7OrLHHnnmfzyfCP3vmfWeeeeed2f1u9J0FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGq3/5MyfDBVFUf5X+2NNUVxY/n1VsbP85/y2871CAAAA4Ey9V/vzby9OF+xcxk4N2/zLNf/2vYWFhYXiS++eeP/PFhbSFeuKYmRlUdSui/71Fz9faNwmeK4YHxpu+Pdwl7sf6XL9aJfrx7pcv6LL9Su7XD/e5fpFB2CRVfWfx9Ru7PraX9fUD2lxaTFWu+76Nns9N7RyeDj+LKdmqLbPwti+4kBxsJgpphbtM1T7X1G8vr68r/uLeF/DDfe1tiiKkz99Zk9cw1A4xtcXTXdW0/jcvXNvse7dnz6z5ztzb1/VbnY9DItWWhQbN5TrfL4oTv24qhgqVqZjEtc53LDOtW3WOdK0zqHafuXfW9d5cpnrjI97PKzzRx3WuTZc9uR1RVHMF0tu0+q5YrhY3XKv6XiP18+I8jbKp/LDxehpnSfrl3GelPu8dV3zedJ6Tsbjvz4ck9El1tD4dLzz1RWLjvsHPU/KR90P52p52w+Wdzo+3vij1aZztdzmmRuWPgfaPndtzoF0LjecAxu6nQPDK0Zq58DwqTVvaDoHphftM1wM1e7rxA2dz4HJuUNHJ2efevq2A4d275/ZP3N4emrbls1bt2zeunVy34GDM1P1P0/vkA6Q1cVwOgc3hPeaeA7e1LJt4ym58M2z9zoY75PXQfnYP3djuaALh4slzvFym+c3nvnrIH3db3gdjDa8Dtq+p7Z5HYwu43VQbnNy4/K+Zo42/NduDb16L1zTcA6cz6+H5X0+cvPS74Vrw7peuOV0vx6OLDoH4sMaCq+98pL0/d74neG4LD4vri6vuGBFcXx25tjtT+6emzs2XYRxTlzS8Fy1ni+rGx5Tseh8GT7t82Xn3/zyxqvbXL4mHKvxWzs/V+U2WyY6P1e1d/f2x7Pp0k1FGGfZuT6e7b6alcczZYkOx7Pc5vnbzvx7wZRLGt7/xrq9/42Mjdbf/0bS0Rhrev9b/NSM1FZWFCdvW97731j471y//13aJ+9/5bF65PbO50C5zQuTp3sOjHZ8/7suzKGwnptDYhhvyP3v166fr5+mDc9l1/NmdHQsnDej8R6bz5vNi/Ypb628741TH+y82Xhd83PV9H1LBc+b8lj9+VTn86bc5o3pM3/vWBX/2vDesaLbOTA2sqJc71g6Cervdwur4jlwe7GnOFIcLPamfcpnubyviU3LOwdWhP/O9XvHlX1yDpTH6uVNnc+Bcpsfbj673zttDJekbRq+d2r9+cJSmf/q0VO313rYznbmL9f5qS2dfzZUbvP2ltPNGZ2P063hkgvaHKfW189S5/Te4twcpyvDOg9u7fyzqXKbS7ct83zaWRTFm9Nv1n7eFX6++/fH//17TT/3bfcz5Ten33xg8qEfn876AQD44N6v/Tm/ov69ZsP/Y72c//8fAAAAGAgx9w+Hmcj/AAAAUBkx94+Emcj/AAAAUBkx94+GmWSS/x+7c/ur7z1bpE8DXAji9fEwPHh3fbvY8Z4P/163cEp5+Se+Pfbq155d3n0PF0Xxywc+0nb7x+6O66o7Gtf5sebLF7ny2mXd/6MPn9qu8fMTTm6v3358PMs9DWJX+fXJTbXbXffUdG2+8UBRmw/Nv/Bc/fbr/47bn9hc3/4vw4eW7Nw31LT/xrCe68NcFz5T5sGdp45DOeN+r6695p8v+fyp+4v7DW24qPYwX/6D+u3Gz4h66ZL69vFxL7X+f/r6d18tt3/yhvbrf3a4/fpPhNt9K8xf7Khv33jMv9aw/j8K64/3F/e7/Vs/aLv+166ob/9aOC9eCbN1/ff+6Uffa/d8xfvZeVd9v3j/U/+9pbZfvL14+63rH392uul4tN7+G+/Wb2fH4z8badw+Xh7vJ3r0rubzeyg8v0098qIovvvHRdNxLj5e3+8fW9Yfb+/oXe3Xf2vLOo8OXVvb/9TjWdP0uL7x15vaPt64np1/t6bp8bx0Xzh+707+sLzdEw+F8zFc/78/qt9e62eZvnZf8/tN3P6VNfXXbby9yZb1v9Sy/vlry2PXff33v1tf/2v3rGxa/85Ph/Pp/vrstv79f3Vx0/7f/E79+Tj2xMThI7PHD+xtOKqNr+OV46tWX3Dhhy66OLyXtv5715G5x2aOrZtaN1UU6wbwIwN7vf5vhflf9TF/9u+h7sc/q593L36m/nXrpp/X//1SuPzR8HzGr4/f+IuxpvO19Xmfv6c+z3T9t4R1LNcVX//Pa5e14Ykvvn78H/7w7dbvC+LjOXrZeO3xvbz+8tp1Q2/Ur299v+rmPy5rfl3/ZHSqNr8fjutC+GTmDZfX76/19uNnk7z42frrN34nF/cvWj5PZM1I8+M40/X/JHwf84Mrm9//4vnx/WdbPs15TTFULmE+vD8U8/Xr41bxeL948vK29xc/h6eYv+p0lrmk2admJw8eOHz8ycm5mdm5ydmnnt516Mjxw3O7ap9duuvL3fY/9fpeXXt9753ZtqWovdqP1EePne/1H314z947pm7cO7Nv9/F9cw8fnTm2f8/s7J6ZvbM37t63b+aJbvsf2LtjetP2zXdsmth/YO+OO7dv37x94sDhI+Uy6ovqYtvUVyYOH9tV22V2x5bt01u3bpmaOHRk78yOO6amJo5327/2tWmi3PvxiWMzB3fPHTg0MzF74OmZHdPbt23b1PXTHw8d3Te7bvLY8cOTx2dnjk3WH8u6udrF5de+bvuTh9kj4f2uxVD47vwLt25Ln49b+vZXl7yp+ibN354W74TPgopf37r9O+b+sTCTTPI/AAAA5CDm/vDB/6eukP8BAACgMmLuXxlmIv8DAABAZcTcPx5mkkn+1//X/9f/1//X/9f/7yX9f/3/TvT/9f8Hef36//r/dNdv/f+Y+1cVRZb5HwAAAHIQc//qMBP5HwAAACoj5v4LwkzkfwAAAKiMmPsvDDPJI/+Ptf5V/1//X/+/sf8ft9X/L/T/9f8/IP1//f9O9P/1/wd5/X3Y/1+l/0+/6bf+f8z9HwozySP/AwAAQBZi7r8ozET+BwAAgMqIuf/iMBP5HwAAACoj5v41YSaZ5H+//1//X//f7//X/9f/P8uaDrH+v/5/J/r/+v+DvP4+7P/7/f/0nX7r/8fc///CTDLJ/wAAAJCDmPs/HGYi/wMAAEBlxNx/SZiJ/A8AAACVEXP/pWEmmeR//X/9f/1//X/9f/3/XtL/1//vRP9f/3+Q16//r/9Pd/3W/4+5/7Iwk0zyPwAAAOQg5v7Lw0zkfwAAAKiMmPuvCDOR/wEAAKAyYu6/Mswkk/yv/6//r/+v/6//r//fS/r/+v+d6P/r/w/y+vX/9f/prt/6/zH3XxVmkkn+BwAAgBzE3H91mIn8DwAAAJURc/9HwkzkfwAAAKiMmPvXhplkkv/1//X/9f/1//X/9f97abD6/8NLXqP/X6f/30z/X/9f/1//n876rf8fc/9Hw0wyyf8AAACQg5j7rwkzkf8BAACgMmLuvzbMRP4HAACAyoi5f12YSSb5X/9f/1//X/9f/1//v5cGq/+/NP3/Ov3/Zvr/+v/6//r/dNZv/f+Y+9eHmWSS/wEAACAHMfdvCDOR/wEAAKAyYu6/LsxE/gcAAIDKiLn/+jCTTPK//r/+v/6//r/+v/5/L+n/6/93ov+v/z/I69f/X17/f0W3G6LS+q3/H3P/DWEmmeR/AAAAyEHM/TeGmcj/AAAAUBkx998UZiL/AwAAQGXE3L8xzCST/K//r/+v/6//r/+v/99L+v+L+v9v/U+h/x/p/+v/D/L69f/9/n+667f+f8z9N4eZZJL/AQAAIAcx998SZiL/AwAAQGXE3H9rmIn8DwAAAJURc/9EmEkm+V//X/9f/1//X/9f/7+Xqtr/T++jfv+//r/+v/6//r/+P0vqt/5/zP23hZlkkv8BAAAgBzH33x5mIv8DAABAZcTcPxlmIv8DAABAZcTcPxVmkkn+1//X/9f/1//X/9f/76Wq9v/P4Pf/6/830P/X/x/k9ev/6//TXb/1/2Punw4zyST/AwAAQA5i7t8UZiL/AwAAQGXE3L85zET+BwAAgMqIuX9LmEkm+V//X/9f/1//X/9f/7+X9P/1/zvR/9f/H+T16//r/9NsuM1l/db/j7l/a5hJJvkfAAAAchBz/7YwE/kfAAAAKiPm/jvCTOR/AAAAqIyY++8MM8kk/+v/6//r/+v/6//r//eS/r/+fyf6//r/g7x+/X/9f7rrt/5/zP3bw0wyyf8AAACQg5j7PxZmIv8DAABAZcTcf1eYifwPAAAAA6Xd7yGMYu7/eJhJJvlf/7/q/f+Flfr/+v/6/53Xr//fW/r/+v+d6P/r/w/y+vX/9f/prt/6/zH37wgzyST/AwAAQA5i7r87zET+BwAAgMqIuf+eMBP5HwAAACoj5v6dYSaZ5H/9/6r3//3+f/1//f9u69f/7y39f/3/TvT/B7P/H75t0f8/N/3/8aX2b+z/l+eQ/j/9qN/6/zH33xtmkkn+BwAAgBzE3P+JMBP5HwAAACoj5v5PhpnI/wAAAFAZMfd/Kswkk/yv/6//r/+v/6//r//fS/r/+v+d6P8PZv8/0v/3+//1/+mm3/r/MfffF2aSSf4HAACAHMTc/+kwE/kfAAAAKiPm/v8fZiL/AwAAQGXE3H9/mEkm+V//X/9f/1//X/9f/7+X9P/1/zvR/9f/H+T16//r/9Ndv/X/Y+7/lTCTTPI/AAAA5CDm/gfCTOR/AAAAqIyY+z8TZiL/AwAAQGXE3P+rYSaZ5H/9/3PT/x9Ot6//r/+v/6//r/9/Nun/6/8X+v8f2Pnuzw/6+vX/9f/prt/6/zH3/1qYSSb5HwAAAHIQc/+vh5nI/wAAAFAZMff/RpiJ/A8AAACVEXP/g2EmmeR//X+//1//X/9f/1//v5f0//X/O9H/1/8f5PXr/+v/012/9f9j7v/NMJNM8j8AAADkIOb+h8JM5H8AAACojJj7PxtmIv8DAABAZcTc/7kwk0zyv/6//r/+v/6//r/+fy/p/+v/d6L/r/8/yOvX/9f/p7t+6//H3P9wmEkm+R8AAAByEHP/58NM5H8AAACojJj7fyvMRP4HAACAyoi5/7fDTDLJ//r/+v/6//r/+v/6/72k/7+4/1++h53P/v+K5Wyo/78s+v/6//r/+v901m/9/5j7vxBmkkn+BwAAgBzE3P87YSbyPwAAAFRGzP2/G2Yi/wMAAEBlxNz/SJhJJvlf/1//X/9f/1//X/+/l/T//f7/TvT/9f8Hef36//r/dNdv/f+Y+78YZpJJ/gcAAIAcxNz/e2Em8j8AAABURsz9u8JM5H8AAACojJj7Hw0zyST/6//r/+v/6//r/+v/95L+v/5/J/r/+v+DvH79f/1/uuu3/n/M/bvDTDLJ/wAAAJCDmPu/FGYi/wMAAEBlxNy/J8xE/gcAAIDKiLl/b5hJJvlf/1//X/9f/1//X/+/l/T/9f870f/X/x/k9ev/6//TXb/1/2PunwkzyST/AwAAQA5i7t8XZiL/AwAAQGXE3L8/zET+BwAAgMqIuf+xMJNM8r/+v/6//r/+v/6//n8v6f/r/3ei/6//P8jr1//X/6e7fuv/x9x/IMwkk/wPAAAAOYi5/8thJvI/AAAAVEbM/V8JM5H/AQAAoDJi7j8YZpJJ/tf/1//X/9f/1//X/+8l/X/9/070//X/B3n9+v/6/3TXb/3/mPsPhZlkkv8BAAAgBzH3Hw4zkf8BAACgMmLuPxJmIv8DAABAZcTcfzTMJJP8r/+v/6//r/+v/6//30v6//r/nej/6/8P8vr1//X/6a7f+v8x9/9+mEkm+R8AAAByEHP/sTAT+R8AAAAqI+b+2TAT+R8AAAAqI+b+uTCTTPK//r/+v/6//r/+v/5/L+n/6/93ov+v/z/I69f/1/+nu37r/8fcfzzMJJP8DwAAADmIuf/xMBP5HwAAACoj5v4nwkzkfwAAAKiMmPufDDPJJP/r/+v/6/+f6v+/sr9++Xnq/9d7fv/H3l3vanZWcRx/y2SAhBCuhSvgErgGLgN3Ke7u7u7u7u7uUCiuSUmYtdaB6XTvc9529332sz6ff1bamUyfdpImv0y+2fp//b/+/0L0//r/g/7/aKfu5/f+fv2//p91o/X/ufvvHbc02f8AAADQQe7++8Qt9j8AAABMI3f/feMW+x8AAACmkbv/fnFLk/2v/9f/6/99/1//r//fkv5f/79E/6//3/P79f/6f9aN1v/n7r9/3NJk/wMAAEAHufsfELfY/wAAADCN3P0PjFvsfwAAAJhG7v4HxS1N9r/+X/+v/9f/6//1/1vS/+v/l+j/9f97fr/+X//PutH6/9z9D45bmux/AAAA6CB3/0PiFvsfAAAAppG7/6Fxi/0PAAAA08jd/7C4pcn+1//r//X/+n/9v/5/S/p//f8S/b/+f8/v1//r/1k3Wv+fu//hcUuT/Q8AAAAd5O5/RNxi/wMAAMA0cvc/Mm6x/wEAAGAaufsfFbc02f/6f/2//l//r//X/29J/6//X6L/1//v+f36f/0/6zbv/+95/X/vefv/3P3Xxy1N9j8AAAB0kLv/0XGL/Q8AAADTyN3/mLjF/gcAAIBp5O5/bNzSZP/r//X/Z/3/Tdfp//X/+v+zv6//v23o//X/S/T/o/b/5/svof/X/+v/WbN5/7/S+1/917n7Hxe3NNn/AAAA0EHu/sfHLfY/AAAATCN3/xPiFvsfAAAAppG7/4lxS5P9r//X//v+v/5f/6//35L+X/+/RP8/av/v+/+3tv+/xzner/+ng9H6/9z9T4pbmux/AAAA6CB3/5PjFvsfAAAAppG7/ylxi/0PAAAA08jd/9S4pcn+1//r//X/+n/9v/5/S/p//f8S/b/+f8/v9/1//T/rRuv/c/c/LW5psv8BAACgg9z9T49b7H8AAACYRu7+Z8Qt9j8AAABMI3f/M+OWJvtf/6//1//r/29V/39J/6//X6b/1/8v0f/r//f8fv2//p91o/X/ufufFbc02f8AAADQQe7+Z8ct9j8AAABMI3f/c+IW+x8AAACmkbv/uXFLk/2v/9f/6//1/77/r//fkv5/uv7/Ov3/Gf2//l//r/9n2Wj9f+7+58UtTfY/AAAAdJC7//lxi/0PAAAA08jd/4K4xf4HAACAaeTuf2Hc0mT/6//1//p//b/+X/+/Jf3/dP2/7///D/2//l//r/9n2Wj9f+7+F8Uta8Pv8sqPAwAAAMPI3f/iuKXJn/8DAABAB7n7XxK32P8AAAAwjdz9L41bmux//b/+X/+v/9f/6/+3pP/X/y/R/1+7/7/zLfzz9P9jvV//r/9n3Wj9f+7+l8UtTfY/AAAAdJC7/+Vxi/0PAAAA08jd/4q4xf4HAACAaeTuf2Xc0mT/31L/f+Ndrvy4/v989P/Xfr/+X/+v/9f/6//1/0v0/77/v+f36//1/6wbrf/P3f+quKXJ/gcAAIAOcve/Om6x/wEAAGAauftfE7fY/wAAADCN3P2vjVua7H/f/9f/6//1//p//f+W9P/6/yX6f/3/nt+v/9f/s260/j93/+vilib7HwAAADrI3f/6uMX+BwAAgGnk7n9D3GL/AwAAwDRy978xbmmy//X/+v+T9/930P8n/X/8vur/9f8XoP/X/x/0/0c7dT+/9/fr//X/rBut/8/d/6a4pcn+BwAAgA5y9785brH/AQAAYBq5+98St9j/AAAAMI3c/W+NW5rsf/2//v/k/b/v/xf9f/y+6v/1/xeg/9f/H/T/Rzt1P7/39+v/9f+sG63/z93/trilyf4HAACADnL3vz1usf8BAABgGrn73xG32P8AAAAwjdz974xbmux//b/+X/+v/9f/6/+3pP/X/y/R/+v/9/x+/b/+n3Wj9f+5+98VtzTZ/wAAANBB7v53xy32PwAAAEwjd/974hb7HwAAAKaRu/+9cUuT/a//33v/f68b4gX6f/2//l//PyT9v/5/if5f/7/n9+v/9f+sG63/z93/vrilyf4HAACADnL3vz9usf8BAABgGrn7PxC32P8AAAAwjdz9H4xbmuz/Hv3/5Zv9tHn6f9//1//r//X/Y9P/6/+X6P/1/3t+v/5f/8+60fr/3P0filua7H8AAADoIHf/h+MW+x8AAACmkbv/I3GL/Q8AAADTyN3/0bilyf7v0f/fXIP+P/+1bt/+/6a76f/1/0X/r/8/6P/1/yv0//r/Pb9f/6//Z91o/X/u/o/FLU32PwAAAHSQu//jcYv9DwAAANPI3f+JuMX+BwAAgGnk7v9k3HD3u57uSbcr/f+0/b/v/+v/9f/6/yHo//X/S/T/+v89v1//r/9n3Wj9f+7+T8Ut/vwfAAAAppG7/9Nxi/0PAAAA08jd/5m4xf4HAACAaeTu/2zc0mT/6//1//p//b/+X/+/Jf2//n+J/l//v+f36//1/6wbrf/P3f+5uKXJ/gcAAIAOcvd/Pm6x/wEAAGAaufu/ELfY/wAAADCN3P1fjFua7H/9v/5f/3+b9f+Xr/719f/6f/2//l//v0z/r//f8/v1//p/1o3W/+fu/1Lc0mT/AwAAQAe5+78ct9j/AAAAMI3c/V+JW+x/AAAAmEbu/q/GLU32v/5f/6//9/1//b/+f0v6f/3/Ev2//n/P79f/6/9ZN1r/n7v/a3FLk/0PAAAAHeTu/3rcYv8DAADANHL3fyNusf8BAABgGrn7vxm3NNn/M/f/Sz9N/3+F/l//f9D/6/83pv/X/y/R/+v/9/x+/b/+n3Wj9f+5+78VtzTZ/wAAANBB7v5vxy32PwAAAEwjd/934hb7HwAAAKaRu/+7cUuT/T9z/79E/3+F/l//f9D/6/83pv/X/y/R/+v/9/x+/b/+n3Wj9f+5+78XtzTZ/wAAANBB7v7vxy32PwAAAEwjd/8P4hb7HwAAAKaRu/+HcUuT/a//1//r//X/+n/9/5b0//r/Jfp//f+e36//1/+zbrT+P3f/j+KWJvsfAAAAOsjd/+O4xf4HAACAaeTu/0ncYv8DAADANHL3/zRuabL/9f/6f/3/UP3/Ha/+dfT/+n/9/zL9v/7/oP8/2qn7+b2/X/+v/2fdaP1/7v6fxS1N9j8AAAB0kLv/53GL/Q8AAADTyN3/i7jF/gcAAIBp5O7/ZdzSZP/r//X/+v+j+/9LB9///7/36P/1/9ei/9f/L9H/6//3/H79v/6fdaP1/7n7fxW3NNn/AAAA0EHu/l/HLfY/AAAATCN3/2/iFvsfAAAAppG7/7dxS5P9r//X/+v/h/r+v/5f/6//vyD9v/7/oP8/2qn7+b2/X/+v/2fdaP1/7v4b4pYm+x8AAAA6yN3/u7jF/gcAAIBp5O7/fdxi/wMAAMA0cvffGLc02f/6f/3/lP3/nfT/+n/9/yj0//r/Jfp//f+e36//1/+zbrT+P3f/H+KWJvsfAAAAOsjd/8e4xf4HAACAaeTu/1PcYv8DAADANHL3/zluabL/9f/6/yn7f9//1//vrf+/dPY/YP3/xej/9f8H/f/RTt3P7/39+n/9P+tG6/9z9/8lbmmy/wEAAKCD3P1/jVvsfwAAAJhG7v6/xS32PwAAAEwjd//f45Ym+1//r//X/+v/9f8D9P++/380/b/+/6D/P9qp+/m9v1//r/9n3Wj9f+7+f8QtTfY/AAAAdJC7/59xi/0PAAAA08jd/6+4xf4HAACAaeTu/3fc0mT/6//1//p//b/+X/+/Jf2//n+J/l//v+f36//1/6wbrf/P3f+fAAAA//9nkS0F")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4142, 0x1f7)
r1 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
sendfile(r0, r1, 0x0, 0x20fffe82)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x105042, 0x0)
read(r2, &(0x7f0000001400)=""/4096, 0x1000)

1.235768131s ago: executing program 3 (id=1177):
r0 = timerfd_create(0x0, 0x800)
timerfd_settime(r0, 0x3, &(0x7f0000000080)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0x5edc, 0x1000, 0x1, 0x40000333}, &(0x7f0000000000)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd=r0, 0x0, &(0x7f0000000880)=[{&(0x7f0000000400)=""/245, 0xf5}], 0x1})
io_uring_enter(r1, 0x847ba, 0x0, 0xe, 0x0, 0x0)

1.144109259s ago: executing program 2 (id=1178):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000500)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x10, 0x10, 0x2, [@decl_tag={0x3, 0x0, 0x0, 0x11, 0x1, 0x2}]}}, 0x0, 0x2a, 0x0, 0x1}, 0x28)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, 0x0, &(0x7f0000010040), 0x0, 0xffffffffffffffff, 0x4}, 0x38)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000940)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0)
close(r0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000340))
ioctl$SIOCSIFHWADDR(r0, 0x8b34, &(0x7f0000000000)={'wlan1\x00', @random="000500000020"})

965.772265ms ago: executing program 2 (id=1180):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000300)=ANY=[@ANYBLOB="1c00000e01000b00000014"], 0x36)

267.872267ms ago: executing program 2 (id=1181):
r0 = socket(0x200000100000011, 0x3, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000240)={'batadv0\x00', <r2=>0x0})
bind$packet(r0, &(0x7f0000000080)={0x11, 0x0, r2, 0x1, 0x7, 0x6, @multicast}, 0x14)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x800b, 0x4)
sendmsg$netlink(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000900)=ANY=[@ANYBLOB="34000000020000010000000000000000d96e788d5e85080045f00d80074e11d569116e3a1ce41e2a560254ea0043"], 0x34}], 0x1, 0x0, 0x0, 0x20000080}, 0x4000)

23.853658ms ago: executing program 3 (id=1182):
symlink(&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)='./file0\x00')
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x28bd, 0x71, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}, {{{0x9, 0x5, 0x81, 0x3, 0x3ff}}}}}]}}]}}, 0x0)
syz_usb_control_io(r1, 0x0, 0x0)
syz_usb_control_io(r1, &(0x7f0000000040)={0x2c, &(0x7f0000000c40)=ANY=[@ANYBLOB='\x00\x00W'], 0x0, 0x0, 0x0, 0x0}, 0x0)

0s ago: executing program 4 (id=1183):
syz_mount_image$reiserfs(&(0x7f0000000140), &(0x7f0000001140)='./file6\x00', 0x98, &(0x7f0000000280), 0x1, 0x10ef, &(0x7f00000022c0)="$eJzs2DGLE0EYBuB3dg/kqshcvx5oYSHHHfEPXKGQxsLaLljZmUrJz/HnyFX2R3pTBOyVTQwJEhDJYuB4Hlh252Vmvp1yvgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDvLPlekosmqdusSVKSrrubLJJ02/zx17ZJydv3k9mrj+PXs8209FmT0q9aj+vN01rHdVxv6suL22d19unzh3avZEmX+9V8ev5mOehR+trtoDsCAADAw/DzaKMT1wcAAAD+ZrBGAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAA6vajSVKSrrubLJJ0p/0tAAAA4EglTd6NDuWbNsDOi3wblZRHu+RH6edc58uB9QAAAMC/KXv38ec5z5O9/DJnubrajH+/srxN2iTXf+xzv5pP18/lfFr+5wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgF/swLEAAAAAgDB/6zQ6NgAAAAAAAAAAAAAAAGCqAAAA//9TGNII")
r0 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
setrlimit(0x1, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r1, &(0x7f00000000c0)='a', 0x200000c1, 0x404043000)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  154.820039][ T7101] team0: Port device team_slave_1 added
[  154.828879][ T7075] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  154.890461][ T7075] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  154.900226][ T7190] syz.3.471: attempt to access beyond end of device
[  154.900226][ T7190] loop3: rw=524288, sector=1736, nr_sectors = 32 limit=256
[  155.002977][ T7190] syz.3.471: attempt to access beyond end of device
[  155.002977][ T7190] loop3: rw=0, sector=1736, nr_sectors = 8 limit=256
[  155.054397][   T27] audit: type=1800 audit(1771579788.172:74): pid=7190 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.471" name="file0" dev="loop3" ino=1048596 res=0 errno=0
[  155.115064][ T7101] batman_adv: batadv0: Adding interface: batadv_slave_0
[  155.126785][ T7101] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  155.206895][ T7101] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  155.242571][ T7101] batman_adv: batadv0: Adding interface: batadv_slave_1
[  155.265357][ T7101] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  155.336713][ T7101] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  155.384403][ T7213] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  155.535762][ T7101] hsr_slave_0: entered promiscuous mode
[  155.552769][ T7101] hsr_slave_1: entered promiscuous mode
[  155.560709][ T7101] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  155.568811][ T7101] Cannot create hsr debugfs directory
[  155.575753][ T7219] netlink: 8 bytes leftover after parsing attributes in process `syz.1.478'.
[  156.099577][ T7075] 8021q: adding VLAN 0 to HW filter on device bond0
[  156.299569][ T7075] 8021q: adding VLAN 0 to HW filter on device team0
[  156.507067][ T5083] Bluetooth: hci3: command tx timeout
[  156.535658][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  156.543843][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  156.724039][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  156.731248][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  157.166555][ T7075] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  157.367732][ T2133] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  157.397764][ T7101] netdevsim netdevsim2 netdevsim0: renamed from eth0
[  157.418185][ T7101] netdevsim netdevsim2 netdevsim1: renamed from eth1
[  157.438841][ T7101] netdevsim netdevsim2 netdevsim2: renamed from eth2
[  157.462165][ T7101] netdevsim netdevsim2 netdevsim3: renamed from eth3
[  157.496968][ T7264] loop3: detected capacity change from 0 to 4096
[  157.576719][ T2133] usb 2-1: Using ep0 maxpacket: 32
[  157.590088][ T2133] usb 2-1: config 0 has an invalid interface number: 184 but max is 0
[  157.627859][ T2133] usb 2-1: config 0 has no interface number 0
[  157.634082][ T2133] usb 2-1: config 0 interface 184 has no altsetting 0
[  157.657944][ T2133] usb 2-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  157.683353][ T2133] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  157.704989][ T7264] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  157.708857][ T2133] usb 2-1: Product: syz
[  157.716244][ T2133] usb 2-1: Manufacturer: syz
[  157.743310][ T7264] ntfs3: loop3: Failed to load $Extend (-22).
[  157.754611][ T7264] ntfs3: loop3: Failed to initialize $Extend.
[  157.777885][ T2133] usb 2-1: SerialNumber: syz
[  157.790806][ T7101] 8021q: adding VLAN 0 to HW filter on device bond0
[  157.804792][ T2133] usb 2-1: config 0 descriptor??
[  157.842941][ T2133] smsc75xx v1.0.0
[  157.862924][ T7101] 8021q: adding VLAN 0 to HW filter on device team0
[  157.974433][ T7075] 8021q: adding VLAN 0 to HW filter on device batadv0
[  157.994539][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  158.001959][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  158.054150][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  158.061471][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  158.372028][ T7075] veth0_vlan: entered promiscuous mode
[  158.411363][ T7075] veth1_vlan: entered promiscuous mode
[  158.455448][ T2133] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32
[  158.472145][ T7075] veth0_macvtap: entered promiscuous mode
[  158.491847][ T2133] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  158.513071][ T7075] veth1_macvtap: entered promiscuous mode
[  158.576146][ T7075] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  158.606760][ T7075] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.627480][ T7075] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  158.646891][ T7075] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.664418][ T7075] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  158.675802][ T7075] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.700521][ T7075] batman_adv: batadv0: Interface activated: batadv_slave_0
[  158.735942][ T7075] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  158.753807][ T7075] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.777226][ T7075] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  158.798333][ T7075] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.815975][ T7075] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  158.836771][ T7075] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  158.865121][ T7075] batman_adv: batadv0: Interface activated: batadv_slave_1
[  158.909353][ T7075] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  158.936154][ T7075] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  158.948489][ T7075] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  158.962363][ T2133] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000010: -71
[  158.979124][ T7075] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  158.991128][ T2133] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to write HW_CFG: -71
[  159.004490][ T2133] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  159.016414][ T2133] smsc75xx: probe of 2-1:0.184 failed with error -71
[  159.041533][ T2133] usb 2-1: USB disconnect, device number 4
[  159.172798][ T7101] 8021q: adding VLAN 0 to HW filter on device batadv0
[  159.248638][ T1136] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  159.272311][ T1136] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  159.338165][ T1136] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  159.371348][ T1136] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  159.399678][ T7101] veth0_vlan: entered promiscuous mode
[  159.426128][ T7101] veth1_vlan: entered promiscuous mode
[  159.514843][ T7101] veth0_macvtap: entered promiscuous mode
[  159.586141][ T7101] veth1_macvtap: entered promiscuous mode
[  159.651871][ T7101] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  159.687938][ T7101] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  159.713473][ T7101] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  159.742400][ T7101] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  159.762917][ T7101] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  159.790237][ T7101] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  159.805583][ T7101] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  159.819516][ T7101] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  159.835666][ T7101] batman_adv: batadv0: Interface activated: batadv_slave_0
[  159.905634][ T7101] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  159.939836][ T7101] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  159.985664][ T7101] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  160.012537][ T7101] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  160.033720][ T7101] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  160.065212][ T7101] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  160.086598][ T7101] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  160.109966][ T7101] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  160.142743][ T7101] batman_adv: batadv0: Interface activated: batadv_slave_1
[  160.217890][ T7101] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  160.247315][ T7101] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  160.256108][ T7101] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  160.282836][ T7312] loop1: detected capacity change from 0 to 256
[  160.309772][ T7101] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  160.367937][ T7312] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  160.698426][ T3512] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  160.706426][ T3512] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  160.780636][  T956] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  160.789377][  T956] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  160.952614][ T7323] loop1: detected capacity change from 0 to 16
[  160.981927][ T7323] erofs: (device loop1): mounted with root inode @ nid 36.
[  160.991697][ T5810] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  161.046073][ T7323] erofs: (device loop1): z_erofs_read_folio: read error -117 @ 0 of nid 36
[  161.071766][ T7323] erofs: (device loop1): z_erofs_read_folio: read error -117 @ 0 of nid 36
[  161.088058][ T7323] erofs: (device loop1): z_erofs_read_folio: read error -117 @ 0 of nid 36
[  161.120975][ T7323] erofs: (device loop1): z_erofs_read_folio: read error -117 @ 0 of nid 36
[  161.150274][ T7323] erofs: (device loop1): z_erofs_read_folio: read error -117 @ 0 of nid 36
[  161.153932][ T7308] loop3: detected capacity change from 0 to 32768
[  161.177906][ T7323] erofs: (device loop1): z_erofs_read_folio: read error -117 @ 0 of nid 36
[  161.208070][ T5810] usb 1-1: Using ep0 maxpacket: 32
[  161.216904][ T5810] usb 1-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  161.256826][ T5810] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  161.269905][ T7308] JBD2: Ignoring recovery information on journal
[  161.283865][ T5810] usb 1-1: config 0 descriptor??
[  161.434202][ T7308] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[  161.523841][ T5810] dvb-usb: found a 'Elgato EyeTV Sat' in warm state.
[  161.581397][ T5810] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  161.626025][ T5810] dvbdev: DVB: registering new adapter (Elgato EyeTV Sat)
[  161.667416][ T5810] usb 1-1: media controller created
[  161.744545][ T7338] loop1: detected capacity change from 0 to 512
[  161.794404][ T7338] EXT4-fs: Ignoring removed orlov option
[  161.805556][ T5810] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  161.895152][ T5810] az6027: usb out operation failed. (-71)
[  161.907390][ T5810] az6027: usb out operation failed. (-71)
[  161.913443][ T5810] stb0899_attach: Driver disabled by Kconfig
[  161.919632][ T5810] az6027: no front-end attached
[  161.919632][ T5810] 
[  161.928875][ T5810] az6027: usb out operation failed. (-71)
[  161.934774][ T5810] dvb-usb: no frontend was attached by 'Elgato EyeTV Sat'
[  161.945894][ T5810] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb1/1-1/input/input9
[  161.997412][ T5810] dvb-usb: schedule remote query interval to 400 msecs.
[  162.001548][ T7338] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  162.013511][ T5810] dvb-usb: Elgato EyeTV Sat successfully initialized and connected.
[  162.059476][   T27] audit: type=1800 audit(1771579795.172:75): pid=7308 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.492" name="file1" dev="loop3" ino=17059 res=0 errno=0
[  162.107796][ T7338] ext4 filesystem being mounted at /144/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  162.118634][ T5810] usb 1-1: USB disconnect, device number 4
[  162.251392][ T5810] dvb-usb: Elgato EyeTV Sat successfully deinitialized and disconnected.
[  162.396900][ T7351] netlink: 8 bytes leftover after parsing attributes in process `syz.2.500'.
[  162.426323][ T7351] netlink: 4 bytes leftover after parsing attributes in process `syz.2.500'.
[  162.456616][ T7351] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  162.465573][ T7351] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  162.474444][ T7351] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  162.483316][ T7351] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  162.497570][ T7308] syz.3.492 (7308) used greatest stack depth: 18768 bytes left
[  162.505293][ T5768] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  162.545866][ T7351] netlink: 8 bytes leftover after parsing attributes in process `syz.2.500'.
[  162.607159][ T7351] netlink: 4 bytes leftover after parsing attributes in process `syz.2.500'.
[  162.754591][ T5766] ocfs2: Unmounting device (7,3) on (node local)
[  163.420460][   T27] audit: type=1326 audit(1771579796.542:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7379 comm="syz.1.509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc52859c629 code=0x7ffc0000
[  163.478958][   T27] audit: type=1326 audit(1771579796.542:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7379 comm="syz.1.509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc52859c629 code=0x7ffc0000
[  163.506136][   T27] audit: type=1326 audit(1771579796.592:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7379 comm="syz.1.509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=44 compat=0 ip=0x7fc52859c629 code=0x7ffc0000
[  163.569304][   T27] audit: type=1326 audit(1771579796.592:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7379 comm="syz.1.509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc52859c629 code=0x7ffc0000
[  163.667416][   T27] audit: type=1326 audit(1771579796.592:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7379 comm="syz.1.509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc52859c629 code=0x7ffc0000
[  163.750154][   T27] audit: type=1326 audit(1771579796.602:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7379 comm="syz.1.509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=272 compat=0 ip=0x7fc52859c629 code=0x7ffc0000
[  163.845298][   T27] audit: type=1326 audit(1771579796.622:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7379 comm="syz.1.509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc52859c629 code=0x7ffc0000
[  163.893589][ T7391] loop3: detected capacity change from 0 to 2048
[  163.911298][ T7391] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=27485, location=27485
[  163.923446][   T27] audit: type=1326 audit(1771579796.662:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7379 comm="syz.1.509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=68 compat=0 ip=0x7fc52859c629 code=0x7ffc0000
[  163.984361][ T7391] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  164.006120][   T27] audit: type=1326 audit(1771579796.662:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7379 comm="syz.1.509" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc52859c629 code=0x7ffc0000
[  164.368701][ T7405] loop0: detected capacity change from 0 to 16
[  164.408537][ T7405] erofs: (device loop0): mounted with root inode @ nid 36.
[  164.606772][    T9] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  164.807575][    T9] usb 2-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  164.833384][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  164.844643][    T9] usb 2-1: Product: syz
[  164.872487][    T9] usb 2-1: Manufacturer: syz
[  164.884063][    T9] usb 2-1: SerialNumber: syz
[  164.911895][    T9] usb 2-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  164.957162][  T967] usb 2-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  165.077059][ T5829] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  165.255888][ T7427] loop2: detected capacity change from 0 to 512
[  165.280703][ T5829] usb 4-1: Using ep0 maxpacket: 8
[  165.290555][ T7427] EXT4-fs: Ignoring removed orlov option
[  165.333400][ T5829] usb 4-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=3a.b2
[  165.352512][ T7427] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  165.363361][ T5829] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  165.387929][ T5829] usb 4-1: Product: syz
[  165.392220][ T5829] usb 4-1: Manufacturer: syz
[  165.406771][ T5829] usb 4-1: SerialNumber: syz
[  165.422783][ T7427] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  165.443159][ T5829] usb 4-1: config 0 descriptor??
[  165.478238][ T7427] ext4 filesystem being mounted at /8/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  165.605862][ T7101] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  165.702912][ T5829] gspca_main: sunplus-2.14.0 probing 04a5:3003
[  165.721288][    T9] usb 2-1: USB disconnect, device number 5
[  166.279475][ T7445] loop0: detected capacity change from 0 to 32768
[  166.335417][ T7445] JBD2: Ignoring recovery information on journal
[  166.347561][  T967] usb 2-1: Service connection timeout for: 256
[  166.360888][  T967] ath9k_htc 2-1:1.0: ath9k_htc: Unable to initialize HTC services
[  166.381927][  T967] ath9k_htc: Failed to initialize the device
[  166.392524][    T9] usb 2-1: ath9k_htc: USB layer deinitialized
[  166.406302][ T7445] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  166.606346][ T7445] OCFS2: ERROR (device loop0): int ocfs2_validate_gd_parent(struct super_block *, struct ocfs2_dinode *, struct buffer_head *, int): Group descriptor #32 has bit count of 1024
[  166.624960][ T7445] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  166.636309][ T7445] OCFS2: File system is now read-only.
[  166.642016][ T7445] (syz.0.525,7445,1):ocfs2_search_chain:1761 ERROR: status = -30
[  166.649984][ T7445] (syz.0.525,7445,1):ocfs2_search_chain:1871 ERROR: status = -30
[  166.657881][ T7445] (syz.0.525,7445,1):ocfs2_claim_suballoc_bits:1950 ERROR: status = -30
[  166.666315][ T7445] (syz.0.525,7445,1):ocfs2_claim_suballoc_bits:1993 ERROR: status = -30
[  166.674968][ T7445] (syz.0.525,7445,1):__ocfs2_claim_clusters:2365 ERROR: status = -30
[  166.683247][ T7445] (syz.0.525,7445,1):__ocfs2_claim_clusters:2373 ERROR: status = -30
[  166.691462][ T7445] (syz.0.525,7445,1):ocfs2_local_alloc_new_window:1203 ERROR: status = -30
[  166.700201][ T7445] (syz.0.525,7445,1):ocfs2_local_alloc_new_window:1228 ERROR: status = -30
[  166.708973][ T7445] (syz.0.525,7445,1):ocfs2_local_alloc_slide_window:1302 ERROR: status = -30
[  166.719922][ T7445] (syz.0.525,7445,1):ocfs2_local_alloc_slide_window:1321 ERROR: status = -30
[  166.729401][ T7445] (syz.0.525,7445,1):ocfs2_reserve_local_alloc_bits:671 ERROR: status = -30
[  166.739783][ T7445] (syz.0.525,7445,1):ocfs2_reserve_local_alloc_bits:709 ERROR: status = -30
[  166.749330][ T7445] (syz.0.525,7445,1):ocfs2_reserve_clusters_with_limit:1166 ERROR: status = -30
[  166.758534][ T7445] (syz.0.525,7445,1):ocfs2_reserve_clusters_with_limit:1215 ERROR: status = -30
[  166.767690][ T7445] (syz.0.525,7445,1):ocfs2_convert_inline_data_to_extents:7080 ERROR: status = -30
[  166.777130][ T7445] (syz.0.525,7445,1):ocfs2_allocate_unwritten_extents:1460 ERROR: status = -30
[  166.786142][ T7445] (syz.0.525,7445,1):__ocfs2_change_file_space:2044 ERROR: status = -30
[  166.795382][ T5829] gspca_sunplus: reg_w_riv err -71
[  166.801063][ T5829] sunplus: probe of 4-1:0.0 failed with error -71
[  166.810642][ T5829] usb 4-1: USB disconnect, device number 6
[  167.044562][ T5083] block nbd2: Receive control failed (result -32)
[  167.070719][ T7459] block nbd2: shutting down sockets
[  167.095746][ T7075] ocfs2: Unmounting device (7,0) on (node local)
[  167.335845][ T7468] syzkaller1: entered promiscuous mode
[  167.356796][ T7468] syzkaller1: entered allmulticast mode
[  167.813908][ T7483] loop1: detected capacity change from 0 to 2048
[  167.856629][ T7483] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  168.298971][ T7481] loop0: detected capacity change from 0 to 32768
[  168.326472][ T7481] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop0 scanned by syz.0.530 (7481)
[  168.336089][ T7491] netlink: 8 bytes leftover after parsing attributes in process `syz.2.537'.
[  168.421921][ T7481] BTRFS info (device loop0): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  168.463662][ T7481] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  168.506988][ T7481] BTRFS info (device loop0): setting nodatacow, compression disabled
[  168.524560][ T7481] BTRFS info (device loop0): force clearing of disk cache
[  168.543741][ T7481] BTRFS info (device loop0): enabling ssd optimizations
[  168.559191][ T7481] BTRFS info (device loop0): using spread ssd allocation scheme
[  168.606814][ T7481] BTRFS info (device loop0): turning off barriers
[  168.619363][ T7481] BTRFS info (device loop0): disabling free space tree
[  168.626344][ T7481] BTRFS info (device loop0): not using ssd optimizations
[  168.680935][ T7481] BTRFS info (device loop0): not using spread ssd allocation scheme
[  168.780149][ T2133] libceph: connect (1)[c::]:6789 error -101
[  168.801750][  T967] libceph: connect (1)[c::]:6789 error -101
[  168.803592][ T2133] libceph: mon0 (1)[c::]:6789 connect error
[  168.819702][  T967] libceph: mon0 (1)[c::]:6789 connect error
[  168.940485][ T7481] BTRFS info (device loop0): rebuilding free space tree
[  169.079982][  T967] libceph: connect (1)[c::]:6789 error -101
[  169.086117][  T967] libceph: mon0 (1)[c::]:6789 connect error
[  169.097142][ T2133] libceph: connect (1)[c::]:6789 error -101
[  169.110963][ T2133] libceph: mon0 (1)[c::]:6789 connect error
[  169.123858][ T7481] BTRFS info (device loop0): disabling free space tree
[  169.137102][ T7481] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  169.158611][ T7481] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  169.598732][ T7494] ceph: No mds server is up or the cluster is laggy
[  169.620441][ T7502] ceph: No mds server is up or the cluster is laggy
[  169.638857][ T2133] libceph: connect (1)[c::]:6789 error -101
[  169.644980][ T2133] libceph: mon0 (1)[c::]:6789 connect error
[  169.654572][ T7075] BTRFS info (device loop0): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  169.666399][    T9] libceph: connect (1)[c::]:6789 error -101
[  169.685584][    T9] libceph: mon0 (1)[c::]:6789 connect error
[  169.998316][ T7531] netlink: 40 bytes leftover after parsing attributes in process `syz.0.543'.
[  170.142896][ T7533] overlayfs: failed to verify upper (16/file0, ino=108, err=-116)
[  170.173155][ T7533] overlayfs: failed to verify index dir 'upper' xattr
[  170.195286][ T7533] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index.
[  170.462623][ T7539] loop0: detected capacity change from 0 to 4096
[  170.614369][ T7544] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  170.784077][ T7549] loop1: detected capacity change from 0 to 512
[  170.935861][ T7549] __quota_error: 8 callbacks suppressed
[  170.935880][ T7549] Quota error (device loop1): do_check_range: Getting dqdh_prev_free 1536 out of range 0-5
[  170.952626][ T7549] Quota error (device loop1): qtree_write_dquot: Error -117 occurred while creating quota
[  170.966172][ T7549] EXT4-fs error (device loop1): ext4_acquire_dquot:6949: comm syz.1.551: Failed to acquire dquot type 1
[  170.980032][ T7549] EXT4-fs (loop1): 1 truncate cleaned up
[  170.987503][ T7549] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  171.000461][ T7549] ext4 filesystem being mounted at /157/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  171.448495][ T5768] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  171.697983][ T7567] mmap: syz.0.556 (7567) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  172.006675][    C1] sched: RT throttling activated
[  172.207313][ T7559] loop3: detected capacity change from 0 to 131072
[  172.231190][ T7559] F2FS-fs (loop3): invalid crc value
[  172.241657][ T7559] F2FS-fs (loop3): Found nat_bits in checkpoint
[  172.357269][ T7559] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e4
[  174.586364][ T7603] loop3: detected capacity change from 0 to 128
[  174.799519][ T7607] Invalid argument reading file caps for ./file0
[  175.067680][ T7612] netlink: 4 bytes leftover after parsing attributes in process `syz.3.574'.
[  175.076561][ T7612] netlink: 4 bytes leftover after parsing attributes in process `syz.3.574'.
[  175.724139][ T7628] loop2: detected capacity change from 0 to 4096
[  175.881821][ T7632] syzkaller1: entered promiscuous mode
[  175.896906][ T7632] syzkaller1: entered allmulticast mode
[  175.937117][   T28] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  175.972684][ T7614] loop1: detected capacity change from 0 to 40427
[  176.002479][   T27] audit: type=1804 audit(1771579809.122:93): pid=7633 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.580" name=2F6E6577726F6F742F33312F131377C5FC35D41454D5D41D29AD1A6029598146E6BE166E41AD0DBD4054033C9F33BBDA8224A2F3D772E7636E48B33CBF708372E8F1B9933EC5127743BE2206209EF02DF9CBF2F6E880D3382F66696C6531 dev="loop2" ino=33 res=1 errno=0
[  176.050287][ T7614] F2FS-fs (loop1): build fault injection attr: rate: 25, type: 0x7ffff
[  176.066441][ T7614] F2FS-fs (loop1): build fault injection attr: rate: 0, type: 0x7698c
[  176.085563][ T7614] F2FS-fs (loop1): invalid crc value
[  176.094120][ T7614] F2FS-fs (loop1): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_ra_meta_pages+0x21d/0x9b0
[  176.113405][ T7614] F2FS-fs (loop1): Found nat_bits in checkpoint
[  176.170363][   T28] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  176.193814][ T7614] F2FS-fs (loop1): inject page alloc in f2fs_grab_cache_page of f2fs_ra_meta_pages+0x68b/0x9b0
[  176.206908][   T28] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  176.239426][   T28] usb 4-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  176.253678][ T7614] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  176.270020][   T28] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  176.317230][   T28] usb 4-1: SerialNumber: syz
[  176.425794][ T7614] F2FS-fs (loop1): inject too big dir depth in f2fs_add_regular_entry of f2fs_add_dentry+0xda/0x1d0
[  176.482606][   T27] audit: type=1800 audit(1771579809.602:94): pid=7614 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.573" name="file1" dev="loop1" ino=11 res=0 errno=0
[  176.533310][ T7614] F2FS-fs (loop1): inject no more block in inc_valid_node_count of f2fs_new_node_page+0x187/0x910
[  176.585941][   T28] usb 4-1: 0:2 : does not exist
[  176.611116][ T7614] F2FS-fs (loop1): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_map_blocks+0xde5/0x3e60
[  176.689025][   T28] usb 4-1: USB disconnect, device number 7
[  176.758643][ T7646] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(6)
[  176.765733][ T7646] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  176.803760][ T5929] udevd[5929]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  176.832380][ T7646] vhci_hcd vhci_hcd.0: Device attached
[  176.863345][ T5768] syz-executor: attempt to access beyond end of device
[  176.863345][ T5768] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  176.901172][ T5768] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  177.097432][  T967] usb 37-1: new high-speed USB device number 2 using vhci_hcd
[  177.122844][ T7649] vhci_hcd: connection reset by peer
[  177.132299][   T42] vhci_hcd: stop threads
[  177.142825][   T42] vhci_hcd: release socket
[  177.168806][   T42] vhci_hcd: disconnect device
[  177.516072][ T7659] loop3: detected capacity change from 0 to 4096
[  177.571872][ T7662] loop0: detected capacity change from 0 to 2048
[  177.675764][ T7662] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  177.832445][ T7666] loop1: detected capacity change from 0 to 64
[  177.861696][   T27] audit: type=1800 audit(1771579810.982:95): pid=7659 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.586" name="file1" dev="loop3" ino=0 res=0 errno=0
[  177.937313][   T27] audit: type=1800 audit(1771579810.982:96): pid=7659 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.586" name="file1" dev="loop3" ino=0 res=0 errno=0
[  179.411378][ T7702] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  179.907400][ T7718] loop3: detected capacity change from 0 to 512
[  180.013271][   T27] audit: type=1800 audit(1771579813.132:97): pid=7718 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.609" name="file2" dev="loop3" ino=1048606 res=0 errno=0
[  180.072397][ T7718] FAT-fs (loop3): error, corrupted file size (i_pos 51, 8960)
[  180.074543][ T7722] netlink: 4 bytes leftover after parsing attributes in process `syz.0.610'.
[  180.098108][ T7718] FAT-fs (loop3): Filesystem has been set read-only
[  180.128157][ T7718] FAT-fs (loop3): error, corrupted file size (i_pos 51, 8960)
[  180.436969][ T5828] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  180.622877][ T7737] loop1: detected capacity change from 0 to 512
[  180.638063][ T5828] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  180.668098][ T5828] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  180.689712][ T5828] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  180.714102][ T7737] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  180.736829][ T5828] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  180.744906][ T5828] usb 3-1: SerialNumber: syz
[  180.747013][ T7737] ext4 filesystem being mounted at /170/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  180.916209][ T5768] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  180.979709][ T7728] IPVS: You probably need to specify IP address on multicast interface.
[  180.990972][ T7728] IPVS: Error connecting to the multicast addr
[  181.020563][ T5828] usb 3-1: 0:2 : does not exist
[  181.049997][ T5828] usb 3-1: unit 16 not found!
[  181.115395][ T5828] usb 3-1: USB disconnect, device number 3
[  181.312727][ T7750] trusted_key: syz.1.619 sent an empty control message without MSG_MORE.
[  181.415221][ T7752] loop0: detected capacity change from 0 to 128
[  181.429665][ T7752] FAT-fs (loop0): bogus number of reserved sectors
[  181.444869][ T7752] FAT-fs (loop0): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[  181.454390][ T7752] FAT-fs (loop0): Can't find a valid FAT filesystem
[  181.882401][ T7765] loop3: detected capacity change from 0 to 512
[  181.921457][ T7765] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  181.971973][ T7765] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  181.990067][ T7767] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  182.008617][ T7767] overlayfs: failed to set xattr on upper
[  182.014562][ T7767] overlayfs: ...falling back to redirect_dir=nofollow.
[  182.028461][ T7765] EXT4-fs (loop3): 1 truncate cleaned up
[  182.035092][ T7767] overlayfs: ...falling back to index=off.
[  182.047577][ T7765] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  182.049545][ T7767] overlayfs: ...falling back to xino=off.
[  182.119805][ T7767] overlayfs: conflicting lowerdir path
[  182.269529][  T967] vhci_hcd: vhci_device speed not set
[  182.435843][ T5766] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  182.977987][   T28] usb 2-1: new full-speed USB device number 6 using dummy_hcd
[  183.192039][   T28] usb 2-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[  183.201369][   T28] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  183.213918][   T28] usb 2-1: Product: syz
[  183.218651][   T28] usb 2-1: Manufacturer: syz
[  183.224727][   T28] usb 2-1: SerialNumber: syz
[  183.248223][   T28] usb 2-1: config 0 descriptor??
[  183.284825][   T28] gspca_main: stk1135-2.14.0 probing 174f:6a31
[  183.542779][ T7811] loop0: detected capacity change from 0 to 128
[  183.568324][ T7811] FAT-fs (loop0): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  183.747445][ T7815] capability: warning: `syz.2.643' uses deprecated v2 capabilities in a way that may be insecure
[  184.066821][ T5828] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  184.086862][ T2133] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  184.250235][ T5828] usb 1-1: Using ep0 maxpacket: 8
[  184.257993][ T5828] usb 1-1: config index 0 descriptor too short (expected 74, got 45)
[  184.266228][ T5828] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[  184.283600][ T5828] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  184.294240][ T5828] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 30768, setting to 1024
[  184.310189][ T5828] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  184.315739][ T2133] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  184.321173][ T5828] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  184.350230][ T5828] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  184.354726][ T2133] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  184.369785][ T5828] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  184.382713][ T2133] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  184.405405][ T2133] usb 4-1: config 0 descriptor??
[  184.551858][   T28] gspca_stk1135: reg_w 0xd err -71
[  184.573161][   T28] gspca_stk1135: serial bus timeout: status=0x00
[  184.584286][   T28] gspca_stk1135: Sensor write failed
[  184.591093][   T28] gspca_stk1135: serial bus timeout: status=0x00
[  184.609546][   T28] gspca_stk1135: Sensor write failed
[  184.614989][   T28] gspca_stk1135: serial bus timeout: status=0x00
[  184.626603][ T5828] usb 1-1: usb_control_msg returned -32
[  184.637237][ T5828] usbtmc 1-1:16.0: can't read capabilities
[  184.658482][   T28] gspca_stk1135: Sensor read failed
[  184.663809][   T28] gspca_stk1135: serial bus timeout: status=0x00
[  184.697441][ T2133] usbhid 4-1:0.0: can't add hid device: -71
[  184.703492][ T2133] usbhid: probe of 4-1:0.0 failed with error -71
[  184.710207][   T28] gspca_stk1135: Sensor read failed
[  184.715467][   T28] gspca_stk1135: Detected sensor type unknown (0x0)
[  184.734796][ T2133] usb 4-1: USB disconnect, device number 8
[  184.741553][   T28] gspca_stk1135: serial bus timeout: status=0x00
[  184.754678][   T28] gspca_stk1135: Sensor read failed
[  184.774287][   T28] gspca_stk1135: serial bus timeout: status=0x00
[  184.782307][   T28] gspca_stk1135: Sensor read failed
[  184.789587][   T28] gspca_stk1135: serial bus timeout: status=0x00
[  184.795982][   T28] gspca_stk1135: Sensor write failed
[  184.801453][   T28] gspca_stk1135: serial bus timeout: status=0x00
[  184.811236][   T28] gspca_stk1135: Sensor write failed
[  184.816746][   T28] stk1135: probe of 2-1:0.0 failed with error -71
[  184.830948][   T28] usb 2-1: USB disconnect, device number 6
[  184.916251][ T7824] loop2: detected capacity change from 0 to 256
[  184.933844][ T7824] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  184.945964][ T7824] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[  184.965480][ T7824] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  185.019891][    C0] usbtmc 1-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  185.030500][ T7825] usbtmc 1-1:16.0: Unable to send data, error -71
[  185.049227][ T7825] usbtmc 1-1:16.0: usb_control_msg returned -32
[  185.070086][ T5828] usb 1-1: USB disconnect, device number 5
[  185.297030][ T2133] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  185.478017][ T2133] usb 4-1: Using ep0 maxpacket: 16
[  185.485593][ T2133] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  185.497111][ T2133] usb 4-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  185.507709][ T2133] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  185.531479][ T2133] usb 4-1: config 0 descriptor??
[  185.904857][ T7844] loop2: detected capacity change from 0 to 1024
[  185.965837][ T7844] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  186.005773][ T2133] mcp2221 0003:04D8:00DD.0006: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.3-1/input0
[  186.028721][ T7844] ext4 filesystem being mounted at /52/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  186.101217][ T7844] EXT4-fs error (device loop2): ext4_map_blocks:718: inode #15: block 3: comm syz.2.655: lblock 3 mapped to illegal pblock 3 (length 3)
[  186.143807][ T7844] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  186.169536][ T7844] EXT4-fs (loop2): This should not happen!! Data will be lost
[  186.169536][ T7844] 
[  186.253606][ T7844] EXT4-fs error (device loop2): ext4_map_blocks:608: inode #15: block 3: comm syz.2.655: lblock 3 mapped to illegal pblock 3 (length 1)
[  186.335136][ T7844] EXT4-fs error (device loop2): ext4_map_blocks:608: inode #15: block 3: comm syz.2.655: lblock 3 mapped to illegal pblock 3 (length 1)
[  186.351276][ T7844] EXT4-fs error (device loop2): ext4_map_blocks:608: inode #15: block 3: comm syz.2.655: lblock 3 mapped to illegal pblock 3 (length 1)
[  186.367170][ T7844] EXT4-fs error (device loop2): ext4_map_blocks:608: inode #15: block 3: comm syz.2.655: lblock 3 mapped to illegal pblock 3 (length 1)
[  186.410555][ T7852] EXT4-fs error (device loop2): ext4_ext_remove_space:2929: inode #15: comm syz.2.655: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  186.443685][ T7852] EXT4-fs error (device loop2) in ext4_setattr:5663: Corrupt filesystem
[  186.530809][  T967] usb 4-1: USB disconnect, device number 9
[  186.570694][ T7101] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  187.048778][ T7871] loop0: detected capacity change from 0 to 256
[  187.056248][ T7871] exfat: Deprecated parameter 'utf8'
[  187.065472][ T7871] exfat: Deprecated parameter 'namecase'
[  187.077653][ T7871] exfat: Deprecated parameter 'utf8'
[  187.114846][ T7871] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  187.200736][ T7871] syz.0.665: attempt to access beyond end of device
[  187.200736][ T7871] loop0: rw=524288, sector=34359738488, nr_sectors = 8 limit=256
[  187.232051][ T7871] syz.0.665: attempt to access beyond end of device
[  187.232051][ T7871] loop0: rw=0, sector=34359738488, nr_sectors = 8 limit=256
[  187.249594][   T27] audit: type=1800 audit(1771579820.372:98): pid=7871 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.665" name="file1" dev="loop0" ino=1048612 res=0 errno=0
[  187.273639][ T7871] exFAT-fs (loop0): error, tried to truncate zeroed cluster.
[  187.358380][ T7871] exFAT-fs (loop0): error, tried to truncate zeroed cluster.
[  187.367888][ T7871] syz.0.665: attempt to access beyond end of device
[  187.367888][ T7871] loop0: rw=2049, sector=34359738488, nr_sectors = 8 limit=256
[  187.940319][ T7898] loop1: detected capacity change from 0 to 512
[  187.982535][ T7898] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  188.411607][ T5768] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  188.565703][ T7910] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=811541631 (3246166524 ns) > initial count (3243941116 ns). Using initial count to start timer.
[  188.936951][ T2133] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  189.134507][ T2133] usb 3-1: Using ep0 maxpacket: 32
[  189.147434][ T2133] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  189.166980][ T2133] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  189.177241][ T2133] usb 3-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  189.186424][ T2133] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  189.197498][ T2133] usb 3-1: config 0 descriptor??
[  189.286927][ T5829] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  189.390635][ T5083] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  189.399861][ T5083] Bluetooth: hci2: Injecting HCI hardware error event
[  189.410935][ T5776] Bluetooth: hci2: hardware error 0x00
[  189.494053][ T5829] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  189.504822][ T5829] usb 4-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  189.520382][ T5829] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 62976, setting to 1024
[  189.533996][ T5829] usb 4-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  189.547026][ T5829] usb 4-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  189.566327][ T5829] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  189.581931][ T5829] usb 4-1: New USB device strings: Mfr=1, Product=130, SerialNumber=3
[  189.606820][ T5829] usb 4-1: Product: syz
[  189.611170][ T5829] usb 4-1: Manufacturer: syz
[  189.615841][ T5829] usb 4-1: SerialNumber: syz
[  189.651527][ T5829] cdc_mbim 4-1:1.0: skipping garbage
[  189.844106][ T2133] ft260 0003:0403:6030.0007: chip code: 6424 8183
[  189.878763][ T7919] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  190.004537][ T7926] loop1: detected capacity change from 0 to 4096
[  190.045048][ T2133] ft260 0003:0403:6030.0007: USB HID v0.00 Device [HID 0403:6030] on usb-dummy_hcd.2-1/input0
[  190.112109][ T7926] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  190.133655][ T7926] ntfs3: loop1: Failed to initialize $Extend/$Reparse.
[  190.263250][ T2133] ft260 0003:0403:6030.0007: failed to retrieve status: -71, no wakeup
[  190.282594][ T2133] ft260 0003:0403:6030.0007: failed to retrieve status: -71
[  190.289439][ T7928] netlink: 392 bytes leftover after parsing attributes in process `syz.0.685'.
[  190.311684][ T2133] ft260 0003:0403:6030.0007: failed to reset I2C controller: -71
[  190.355562][ T2133] usb 3-1: USB disconnect, device number 4
[  190.510688][ T7919] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[  190.736577][ T5829] cdc_mbim 4-1:1.0: bind() failure
[  190.771637][ T5829] cdc_ncm: probe of 4-1:1.1 failed with error -71
[  190.799407][ T5829] cdc_mbim: probe of 4-1:1.1 failed with error -71
[  190.808068][ T5829] usbtest: probe of 4-1:1.1 failed with error -71
[  190.823000][ T5829] usb 4-1: USB disconnect, device number 10
[  191.468599][ T5776] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  191.662694][ T7963] 9pnet: p9_errstr2errno: server reported unknown error _vlan
[  191.806910][  T967] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  191.861190][ T7967] loop1: detected capacity change from 0 to 256
[  191.886844][ T7967] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  191.947381][   T27] audit: type=1800 audit(1771579825.062:99): pid=7967 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.703" name="file1" dev="loop1" ino=1048614 res=0 errno=0
[  191.997819][  T967] usb 1-1: Using ep0 maxpacket: 32
[  192.017542][  T967] usb 1-1: config 0 has an invalid interface number: 67 but max is 0
[  192.044647][  T967] usb 1-1: config 0 has no interface number 0
[  192.051268][   T27] audit: type=1800 audit(1771579825.092:100): pid=7967 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.703" name="file1" dev="loop1" ino=1048614 res=0 errno=0
[  192.103360][  T967] usb 1-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  192.117222][  T967] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  192.145867][  T967] usb 1-1: Product: syz
[  192.154260][ T7970] FAT-fs (loop1): error, corrupted file size (i_pos 196, 65268)
[  192.156288][  T967] usb 1-1: Manufacturer: syz
[  192.178810][ T7970] FAT-fs (loop1): Filesystem has been set read-only
[  192.186272][ T7970] FAT-fs (loop1): error, corrupted file size (i_pos 196, 65268)
[  192.186822][  T967] usb 1-1: SerialNumber: syz
[  192.211916][  T967] usb 1-1: config 0 descriptor??
[  192.223525][  T967] smsc95xx v2.0.0
[  192.229897][ T7970] FAT-fs (loop1): error, corrupted file size (i_pos 196, 65268)
[  192.247025][ T7970] FAT-fs (loop1): error, corrupted file size (i_pos 196, 65268)
[  192.386877][ T5829] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  192.504556][ T7965] loop2: detected capacity change from 0 to 32768
[  192.538978][ T7965] (syz.2.701,7965,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  192.567337][ T7965] (syz.2.701,7965,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  192.577852][ T5829] usb 4-1: Using ep0 maxpacket: 32
[  192.609670][ T5829] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  192.629197][ T5829] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  192.652890][  T967] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  192.667526][ T5829] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  192.679475][ T7965] JBD2: Ignoring recovery information on journal
[  192.686038][  T967] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  192.719950][ T5829] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  192.794058][ T7965] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  192.809859][ T5829] usb 4-1: config 0 descriptor??
[  192.819464][ T5829] hub 4-1:0.0: USB hub found
[  193.013034][ T7978] loop1: detected capacity change from 0 to 4096
[  193.037620][ T5829] hub 4-1:0.0: 1 port detected
[  193.058299][ T7978] ntfs3: loop1: Different NTFS sector size (4096) and media sector size (512).
[  193.163647][   T27] audit: type=1800 audit(1771579826.282:101): pid=7965 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.701" name="file1" dev="loop2" ino=16979 res=0 errno=0
[  193.261745][   T27] audit: type=1800 audit(1771579826.382:102): pid=7978 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.706" name="file1" dev="loop1" ino=30 res=0 errno=0
[  193.299139][   T27] audit: type=1800 audit(1771579826.422:103): pid=7978 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.706" name="file1" dev="loop1" ino=30 res=0 errno=0
[  193.326501][  T967] smsc95xx 1-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000104: -71
[  193.349509][  T967] smsc95xx: probe of 1-1:0.67 failed with error -71
[  193.375234][  T967] usb 1-1: USB disconnect, device number 6
[  193.523962][ T7101] ocfs2: Unmounting device (7,2) on (node local)
[  193.707332][ T5829] hub 4-1:0.0: activate --> -90
[  194.116447][  T967] usb 4-1: USB disconnect, device number 11
[  194.132899][ T7987] netlink: 8 bytes leftover after parsing attributes in process `syz.2.710'.
[  194.152346][ T7987] netlink: 'syz.2.710': attribute type 18 has an invalid length.
[  194.172521][ T7987] netlink: 4 bytes leftover after parsing attributes in process `syz.2.710'.
[  194.193503][ T7989] netlink: 'syz.0.711': attribute type 12 has an invalid length.
[  194.205940][ T7989] netlink: 'syz.0.711': attribute type 29 has an invalid length.
[  194.220000][ T7989] netlink: 148 bytes leftover after parsing attributes in process `syz.0.711'.
[  194.229585][ T7989] netlink: 'syz.0.711': attribute type 2 has an invalid length.
[  194.245880][ T7989] netlink: 'syz.0.711': attribute type 3 has an invalid length.
[  194.254224][ T7989] netlink: 11 bytes leftover after parsing attributes in process `syz.0.711'.
[  194.272080][ T7987] netlink: 8 bytes leftover after parsing attributes in process `syz.2.710'.
[  194.292660][ T7987] netlink: 'syz.2.710': attribute type 18 has an invalid length.
[  194.311953][ T7987] netlink: 4 bytes leftover after parsing attributes in process `syz.2.710'.
[  194.358163][ T5829] usb 4-1-port1: config error
[  194.435280][ T7981] loop1: detected capacity change from 0 to 32768
[  194.437913][ T7991] loop0: detected capacity change from 0 to 256
[  194.489650][ T7981] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.708 (7981)
[  194.523543][ T7991] FAT-fs (loop0): Directory bread(block 64) failed
[  194.543524][ T7991] FAT-fs (loop0): Directory bread(block 65) failed
[  194.558351][ T7981] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  194.569087][ T7991] FAT-fs (loop0): Directory bread(block 66) failed
[  194.585103][ T7991] FAT-fs (loop0): Directory bread(block 67) failed
[  194.596870][ T7981] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  194.596958][ T7981] BTRFS info (device loop1): setting nodatacow, compression disabled
[  194.596978][ T7981] BTRFS info (device loop1): turning on flush-on-commit
[  194.596998][ T7981] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_LZO (0x8)
[  194.597090][ T7981] BTRFS info (device loop1): use lzo compression, level 0
[  194.597114][ T7981] BTRFS info (device loop1): setting nodatasum
[  194.597131][ T7981] BTRFS info (device loop1): use no compression
[  194.597172][ T7981] BTRFS info (device loop1): trying to use backup root at mount time
[  194.597248][ T7981] BTRFS info (device loop1): max_inline at 0
[  194.597266][ T7981] BTRFS info (device loop1): using free space tree
[  194.648663][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  194.659332][ T7991] FAT-fs (loop0): Directory bread(block 68) failed
[  194.668412][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  194.721703][ T7991] FAT-fs (loop0): Directory bread(block 69) failed
[  194.747442][ T7991] FAT-fs (loop0): Directory bread(block 70) failed
[  194.754097][ T7991] FAT-fs (loop0): Directory bread(block 71) failed
[  194.815488][   T42] BTRFS warning (device loop1): checksum verify failed on logical 5332992 mirror 1 wanted 0x0a5e5d25 found 0xcee3a718 level 0
[  194.829909][ T7981] BTRFS warning (device loop1): couldn't read tree root
[  194.837236][ T7981] BTRFS warning (device loop1): try to load backup roots slot 1
[  194.845594][ T7991] FAT-fs (loop0): Directory bread(block 72) failed
[  194.877850][   T42] BTRFS warning (device loop1): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0xe06dfc66 level 0
[  194.900655][ T7991] FAT-fs (loop0): Directory bread(block 73) failed
[  194.946895][ T7981] BTRFS warning (device loop1): couldn't read tree root
[  194.953973][ T7981] BTRFS warning (device loop1): try to load backup roots slot 2
[  194.996208][  T956] BTRFS error (device loop1): level verify failed on logical 5255168 mirror 1 wanted 0 found 1
[  195.057173][ T7981] BTRFS warning (device loop1): couldn't read tree root
[  195.064248][ T7981] BTRFS warning (device loop1): try to load backup roots slot 3
[  195.153078][ T7981] BTRFS info (device loop1): enabling ssd optimizations
[  195.163886][ T7981] BTRFS info (device loop1): auto enabling async discard
[  195.192737][ T7981] BTRFS info (device loop1): rebuilding free space tree
[  195.203622][   T27] audit: type=1800 audit(1771579828.322:104): pid=7991 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.712" name="file1" dev="loop0" ino=1048616 res=0 errno=0
[  195.285744][ T8013] loop3: detected capacity change from 0 to 4096
[  195.294569][ T7981] BTRFS info (device loop1): checking UUID tree
[  195.307479][ T7991] syz.0.712: attempt to access beyond end of device
[  195.307479][ T7991] loop0: rw=0, sector=1192, nr_sectors = 4 limit=256
[  195.437081][   T27] audit: type=1800 audit(1771579828.552:105): pid=7981 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.708" name="file1" dev="loop1" ino=257 res=0 errno=0
[  195.894640][ T5768] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  196.053211][ T7993] loop2: detected capacity change from 0 to 40427
[  196.118189][ T7993] F2FS-fs (loop2): Found nat_bits in checkpoint
[  196.322135][ T7993] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  196.678082][ T7101] syz-executor: attempt to access beyond end of device
[  196.678082][ T7101] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  196.738553][ T7101] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  196.813620][ T8035] loop3: detected capacity change from 0 to 2048
[  196.888962][ T8035] UDF-fs: iocharset maccenteur37ØŸ»)¬â�~\ª¹�éði®Ô�}­”îvU§~ÝÑ#ê@IË«š9€Ìx‚ÅÔHÓ¦ŸI"¡“½Áæ3:Ö not found
[  197.165795][ T8041] loop3: detected capacity change from 0 to 256
[  197.505612][ T8048] loop3: detected capacity change from 0 to 1024
[  197.583665][ T8048] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  197.666987][ T8048] ext4 filesystem being mounted at /168/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  197.713465][   T27] audit: type=1800 audit(1771579830.832:106): pid=8048 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.729" name="file1" dev="loop3" ino=15 res=0 errno=0
[  197.751272][ T8048] EXT4-fs error (device loop3): ext4_map_blocks:718: inode #15: comm syz.3.729: lblock 0 mapped to illegal pblock 0 (length 4)
[  197.830007][ T8048] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 4 with error 117
[  197.848888][ T8048] EXT4-fs (loop3): This should not happen!! Data will be lost
[  197.848888][ T8048] 
[  197.932504][ T8059] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #15: comm syz.3.729: lblock 0 mapped to illegal pblock 0 (length 1)
[  197.989800][ T8059] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #15: comm syz.3.729: lblock 0 mapped to illegal pblock 0 (length 1)
[  198.048160][ T8059] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #15: comm syz.3.729: lblock 0 mapped to illegal pblock 0 (length 1)
[  198.089897][ T8059] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #15: comm syz.3.729: lblock 0 mapped to illegal pblock 0 (length 1)
[  198.133877][ T8065] loop0: detected capacity change from 0 to 1024
[  198.184069][ T3512] EXT4-fs error (device loop3): ext4_map_blocks:718: inode #15: block 4: comm kworker/u4:10: lblock 4 mapped to illegal pblock 4 (length 1)
[  198.206402][ T3512] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 4 with max blocks 1 with error 117
[  198.219506][ T3512] EXT4-fs (loop3): This should not happen!! Data will be lost
[  198.219506][ T3512] 
[  198.260530][ T5766] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  198.888473][ T8078] input: syz0 as /devices/virtual/input/input10
[  199.816816][   T28] usb 2-1: new full-speed USB device number 7 using dummy_hcd
[  199.999738][   T28] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  200.011027][   T28] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 512, setting to 64
[  200.023518][   T28] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 2632, setting to 64
[  200.034884][   T28] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid maxpacket 512, setting to 64
[  200.048619][   T28] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  200.057936][   T28] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  200.065971][   T28] usb 2-1: Product: syz
[  200.070313][   T28] usb 2-1: Manufacturer: syz
[  200.074945][   T28] usb 2-1: SerialNumber: syz
[  200.084190][ T8095] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  200.306409][ T8095] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  200.314106][ T8095] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  200.586776][ T5776] Bluetooth: hci3: command tx timeout
[  200.933958][ T8095] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  200.942768][ T8095] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  201.153184][   T28] cdc_ncm 2-1:1.0: failed to get mac address
[  201.355644][   T28] cdc_ncm 2-1:1.0: bind() failure
[  201.374041][   T28] cdc_ncm: probe of 2-1:1.1 failed with error -71
[  201.384512][   T28] cdc_mbim: probe of 2-1:1.1 failed with error -71
[  201.393163][   T28] usbtest: probe of 2-1:1.1 failed with error -71
[  201.404650][   T28] usb 2-1: USB disconnect, device number 7
[  201.616889][ T5810] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  201.791354][ T5776] Bluetooth: hci0: command 0x0406 tx timeout
[  201.807483][ T5810] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  201.818809][ T5810] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  201.829087][ T5810] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  201.842385][ T5810] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  201.851608][ T5810] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  201.863366][ T5810] usb 4-1: config 0 descriptor??
[  202.299651][ T5810] plantronics 0003:047F:FFFF.0008: No inputs registered, leaving
[  202.327532][ T5810] plantronics 0003:047F:FFFF.0008: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  202.790557][ T8107] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  202.969198][    C1] plantronics 0003:047F:FFFF.0008: hid_field_extract() called with n (132) > 32! (syz-executor)
[  203.077979][ T8151] loop0: detected capacity change from 0 to 64
[  203.189468][   T28] usb 4-1: USB disconnect, device number 12
[  203.580910][ T8164] loop2: detected capacity change from 0 to 128
[  203.598743][ T8164] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  203.612648][ T8164] ext4 filesystem being mounted at /79/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  203.644588][    C1] vkms_vblank_simulate: vblank timer overrun
[  203.668531][ T8164] syz.2.771 (pid 8164) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[  203.723224][ T7101] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  204.346448][ T8162] loop0: detected capacity change from 0 to 32768
[  204.364147][ T8162] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.770 (8162)
[  204.376569][ T5810] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  204.386794][   T28] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  204.425686][ T8162] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  204.438470][ T8162] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  204.447719][ T8162] BTRFS info (device loop0): max_inline at 6
[  204.455132][ T8162] BTRFS info (device loop0): enabling disk space caching
[  204.464571][ T8162] BTRFS info (device loop0): turning off barriers
[  204.471660][ T8162] BTRFS info (device loop0): disabling tree log
[  204.480986][ T8162] BTRFS info (device loop0): force clearing of disk cache
[  204.488726][ T8162] BTRFS info (device loop0): setting incompat feature flag for COMPRESS_LZO (0x8)
[  204.512767][ T8162] BTRFS info (device loop0): force lzo compression, level 0
[  204.524022][ T8162] BTRFS info (device loop0): enabling tree log
[  204.534390][ T8162] BTRFS info (device loop0): max_inline at 0
[  204.542764][ T8162] BTRFS info (device loop0): disk space caching is enabled
[  204.590935][ T5810] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  204.603414][   T28] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  204.642647][ T5810] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  204.654247][   T28] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  204.672305][ T8178] loop3: detected capacity change from 0 to 32768
[  204.685154][ T5810] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  204.714120][   T28] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  204.752676][ T8162] BTRFS info (device loop0): enabling ssd optimizations
[  204.770653][ T8178] XFS (loop3): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  204.774050][   T28] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  204.794777][ T5810] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  204.818195][ T8162] BTRFS info (device loop0): rebuilding free space tree
[  204.837161][ T5810] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  204.849514][ T5810] usb 2-1: config 0 descriptor??
[  204.860499][ T8176] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  204.880411][   T28] usb 3-1: Quirk or no altest; falling back to MIDI 1.0
[  204.923237][ T8178] XFS (loop3): Ending clean mount
[  204.941043][ T8162] BTRFS info (device loop0): disabling free space tree
[  204.987069][ T8162] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  205.020964][ T8162] BTRFS info (device loop0): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  205.354417][ T2133] usb 3-1: USB disconnect, device number 5
[  205.362651][ T5810] plantronics 0003:047F:FFFF.0009: No inputs registered, leaving
[  205.430513][ T5766] XFS (loop3): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  205.450013][ T5810] plantronics 0003:047F:FFFF.0009: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  205.981735][ T7075] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  206.372478][ T5810] IPVS: starting estimator thread 0...
[  206.388060][ T8217] IPVS: ovf: FWM 3 0x00000003 - no destination available
[  206.407899][    C1] IPVS: ovf: FWM 3 0x00000003 - no destination available
[  206.496925][ T8218] IPVS: using max 20 ests per chain, 48000 per kthread
[  207.539623][ T2133] usb 2-1: USB disconnect, device number 8
[  208.422408][ T8245] loop1: detected capacity change from 0 to 40427
[  208.477050][ T8245] F2FS-fs (loop1): build fault injection attr: rate: 771, type: 0x7ffff
[  208.516324][ T8245] F2FS-fs (loop1): invalid crc value
[  208.554931][ T8245] F2FS-fs (loop1): Found nat_bits in checkpoint
[  208.716181][ T8245] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  208.938513][ T5768] syz-executor: attempt to access beyond end of device
[  208.938513][ T5768] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  208.971629][ T5768] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  209.100760][ T8275] netlink: 168 bytes leftover after parsing attributes in process `syz.2.800'.
[  209.938652][ T8286] loop1: detected capacity change from 0 to 16
[  209.976773][ T8286] erofs: (device loop1): mounted with root inode @ nid 36.
[  210.118262][ T5083] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 0] out[9000]
[  210.136565][ T8286] erofs: (device loop1): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[4096]
[  210.758496][ T8298] loop3: detected capacity change from 0 to 128
[  211.287883][ T8304] loop0: detected capacity change from 0 to 2048
[  211.357558][ T8304] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  211.708236][ T8309] netlink: 8 bytes leftover after parsing attributes in process `syz.1.816'.
[  211.767219][ T8309] netlink: 12 bytes leftover after parsing attributes in process `syz.1.816'.
[  211.794387][ T8309] geneve2: entered promiscuous mode
[  211.840727][ T8309] geneve2: entered allmulticast mode
[  211.892836][ T8312] loop0: detected capacity change from 0 to 1024
[  212.116016][  T956] hfsplus: b-tree write err: -5, ino 3
[  212.136233][ T7075] hfsplus: node 4:3 still has 1 user(s)!
[  212.481009][ T8329] loop2: detected capacity change from 0 to 64
[  212.572835][ T8332] loop1: detected capacity change from 0 to 512
[  212.608954][ T8329] hfs: bad catalog entry type 65535
[  212.666558][ T8332] EXT4-fs error (device loop1): ext4_orphan_get:1398: inode #15: comm syz.1.827: inode has both inline data and extents flags
[  212.680473][ T8332] EXT4-fs error (device loop1): ext4_orphan_get:1403: comm syz.1.827: couldn't read orphan inode 15 (err -117)
[  212.708139][ T8332] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  213.082354][ T5768] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  213.867323][ T8369] netlink: 8 bytes leftover after parsing attributes in process `syz.3.843'.
[  213.876281][ T8369] netlink: 4 bytes leftover after parsing attributes in process `syz.3.843'.
[  213.967394][ T8369] netlink: 8 bytes leftover after parsing attributes in process `syz.3.843'.
[  213.983061][ T8369] netlink: 4 bytes leftover after parsing attributes in process `syz.3.843'.
[  214.281614][ T8381] netlink: 4 bytes leftover after parsing attributes in process `syz.0.848'.
[  214.325333][ T8362] loop1: detected capacity change from 0 to 32768
[  214.376436][ T8362] JBD2: Ignoring recovery information on journal
[  214.446166][ T8362] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  214.646883][   T27] audit: type=1800 audit(1771579847.762:107): pid=8362 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.839" name="file1" dev="loop1" ino=17059 res=0 errno=0
[  214.667536][    C1] vkms_vblank_simulate: vblank timer overrun
[  215.122720][ T8398] syzkaller0: entered allmulticast mode
[  215.158443][ T5768] ocfs2: Unmounting device (7,1) on (node local)
[  215.166108][ T8398] syzkaller0 (unregistering): left allmulticast mode
[  215.693434][ T8414] overlayfs: failed to verify upper (195/file0, ino=1043, err=-116)
[  215.715298][ T8414] overlayfs: failed to verify index dir 'upper' xattr
[  215.725567][ T8414] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index.
[  215.837070][ T5083] block nbd1: Receive control failed (result -32)
[  215.866535][ T8415] block nbd1: shutting down sockets
[  216.053601][ T8418] loop2: detected capacity change from 0 to 32768
[  216.084253][ T8418] JBD2: Ignoring recovery information on journal
[  216.135899][ T8418] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  216.259077][ T8418] OCFS2: ERROR (device loop2): int ocfs2_validate_gd_parent(struct super_block *, struct ocfs2_dinode *, struct buffer_head *, int): Group descriptor #32 has bit count of 1024
[  216.277511][ T8418] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  216.287577][ T8418] OCFS2: File system is now read-only.
[  216.293096][ T8418] (syz.2.861,8418,1):ocfs2_search_chain:1761 ERROR: status = -30
[  216.302309][ T8418] (syz.2.861,8418,1):ocfs2_search_chain:1871 ERROR: status = -30
[  216.310181][ T8418] (syz.2.861,8418,1):ocfs2_claim_suballoc_bits:1950 ERROR: status = -30
[  216.318646][ T8418] (syz.2.861,8418,1):ocfs2_claim_suballoc_bits:1993 ERROR: status = -30
[  216.327117][ T8418] (syz.2.861,8418,1):__ocfs2_claim_clusters:2365 ERROR: status = -30
[  216.335314][ T8418] (syz.2.861,8418,1):__ocfs2_claim_clusters:2373 ERROR: status = -30
[  216.343560][ T8418] (syz.2.861,8418,1):ocfs2_local_alloc_new_window:1203 ERROR: status = -30
[  216.353282][ T8418] (syz.2.861,8418,1):ocfs2_local_alloc_new_window:1228 ERROR: status = -30
[  216.362397][ T8418] (syz.2.861,8418,1):ocfs2_local_alloc_slide_window:1302 ERROR: status = -30
[  216.371570][ T8418] (syz.2.861,8418,1):ocfs2_local_alloc_slide_window:1321 ERROR: status = -30
[  216.380528][ T8418] (syz.2.861,8418,1):ocfs2_reserve_local_alloc_bits:671 ERROR: status = -30
[  216.389347][ T8418] (syz.2.861,8418,1):ocfs2_reserve_local_alloc_bits:709 ERROR: status = -30
[  216.399524][ T8418] (syz.2.861,8418,1):ocfs2_reserve_clusters_with_limit:1166 ERROR: status = -30
[  216.408811][ T8418] (syz.2.861,8418,1):ocfs2_reserve_clusters_with_limit:1215 ERROR: status = -30
[  216.417973][ T8418] (syz.2.861,8418,1):ocfs2_convert_inline_data_to_extents:7080 ERROR: status = -30
[  216.427474][ T8418] (syz.2.861,8418,1):ocfs2_allocate_unwritten_extents:1460 ERROR: status = -30
[  216.436510][ T8418] (syz.2.861,8418,1):__ocfs2_change_file_space:2044 ERROR: status = -30
[  216.622018][ T7101] ocfs2: Unmounting device (7,2) on (node local)
[  216.663033][ T8426] netlink: 51 bytes leftover after parsing attributes in process `syz.1.871'.
[  216.836234][ T8433] loop3: detected capacity change from 0 to 2048
[  216.906387][ T8433] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  217.126083][ T8439] loop0: detected capacity change from 0 to 2048
[  217.223736][ T8439] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  217.266534][ T8438] loop2: detected capacity change from 0 to 4096
[  217.308126][ T8438] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512).
[  217.348888][ T8438] ntfs3: loop2: Inode r=19 is not in use!
[  217.355050][ T8438] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  217.363675][ T8438] ntfs3: loop2: Failed to initialize $Extend/$Reparse.
[  217.918568][ T8452] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  217.925198][ T8452] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  217.964602][ T7075] UDF-fs: error (device loop0): udf_read_inode: (ino 1317) failed !bh
[  217.973868][ T8452] vhci_hcd vhci_hcd.0: Device attached
[  217.985847][ T7075] UDF-fs: error (device loop0): udf_read_inode: (ino 1317) failed !bh
[  218.003930][ T8453] vhci_hcd: connection closed
[  218.005699][   T59] vhci_hcd: stop threads
[  218.039416][   T59] vhci_hcd: release socket
[  218.043937][   T59] vhci_hcd: disconnect device
[  218.321103][ T8447] loop2: detected capacity change from 0 to 32768
[  218.359478][ T8447] JBD2: Ignoring recovery information on journal
[  218.460551][   T12] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  218.504173][ T8447] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  218.710364][   T12] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  218.774400][   T27] audit: type=1800 audit(1771579851.892:108): pid=8447 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.868" name="file1" dev="loop2" ino=17059 res=0 errno=0
[  218.835246][   T12] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  218.980294][   T12] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  219.272749][ T8470] ªªªªªª: renamed from vlan0 (while UP)
[  219.282230][ T7101] ocfs2: Unmounting device (7,2) on (node local)
[  219.297242][ T2133] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  219.532753][ T2133] usb 4-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  219.566769][ T2133] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  219.596781][ T2133] usb 4-1: Product: syz
[  219.606979][ T2133] usb 4-1: Manufacturer: syz
[  219.619864][ T2133] usb 4-1: SerialNumber: syz
[  219.658171][ T2133] usb 4-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  219.776981][ T2133] usb 4-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  219.820784][ T5776] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  219.832330][ T5776] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  219.850351][ T5776] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  219.862377][ T5776] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  219.910236][ T5776] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[  219.920302][ T5776] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  220.069686][ T8481] netlink: 'syz.2.879': attribute type 1 has an invalid length.
[  220.171716][ T8481] 8021q: adding VLAN 0 to HW filter on device bond1
[  220.312386][ T8487] bond1: (slave geneve2): making interface the new active one
[  220.331450][ T8487] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  220.519090][ T5809] usb 4-1: USB disconnect, device number 13
[  221.147543][ T2133] usb 4-1: Service connection timeout for: 256
[  221.153836][ T2133] ath9k_htc 4-1:1.0: ath9k_htc: Unable to initialize HTC services
[  221.192420][ T2133] ath9k_htc: Failed to initialize the device
[  221.205163][ T5809] usb 4-1: ath9k_htc: USB layer deinitialized
[  221.487150][ T5810] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  221.510238][ T8517] loop3: detected capacity change from 0 to 128
[  221.528837][ T8517] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  221.688644][ T8517] UDF-fs: error (device loop3): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[  221.711116][ T5810] usb 2-1: config 0 interface 0 has no altsetting 0
[  221.737967][ T5810] usb 2-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  221.753708][ T8475] chnl_net:caif_netlink_parms(): no params data found
[  221.761809][ T5810] usb 2-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  221.777265][ T5810] usb 2-1: Product: syz
[  221.788312][ T5810] usb 2-1: Manufacturer: syz
[  221.798043][ T5810] usb 2-1: SerialNumber: syz
[  221.814638][ T5810] usb 2-1: config 0 descriptor??
[  221.833141][ T5810] usb 2-1: selecting invalid altsetting 0
[  221.866499][ T8516] UDF-fs: error (device loop3): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[  221.924515][ T8516] UDF-fs: error (device loop3): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[  222.007023][ T8516] UDF-fs: error (device loop3): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[  222.028074][ T5776] Bluetooth: hci1: command tx timeout
[  222.037023][ T8516] UDF-fs: error (device loop3): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[  222.075625][ T8516] UDF-fs: error (device loop3): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[  222.263039][ T5810] usb 2-1: USB disconnect, device number 9
[  222.553515][   T12] hsr_slave_0: left promiscuous mode
[  222.563438][   T12] hsr_slave_1: left promiscuous mode
[  222.584692][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  222.598672][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  222.611837][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  222.622159][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  222.635439][   T12] bridge_slave_1: left allmulticast mode
[  222.644303][   T12] bridge_slave_1: left promiscuous mode
[  222.656336][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  222.675352][   T12] bridge_slave_0: left allmulticast mode
[  222.681459][   T12] bridge_slave_0: left promiscuous mode
[  222.693421][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  222.733232][   T12] veth1_macvtap: left promiscuous mode
[  222.740804][   T12] veth0_macvtap: left promiscuous mode
[  222.747320][   T12] veth1_vlan: left promiscuous mode
[  222.752719][   T12] veth0_vlan: left promiscuous mode
[  223.914210][   T12] team0 (unregistering): Port device team_slave_1 removed
[  223.981037][   T12] team0 (unregistering): Port device team_slave_0 removed
[  224.062767][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  224.119123][ T5776] Bluetooth: hci1: command tx timeout
[  224.141565][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  224.690401][ T8563] loop1: detected capacity change from 0 to 1024
[  224.712240][ T8563] EXT4-fs: Ignoring removed nomblk_io_submit option
[  224.823162][ T8563] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  225.063728][   T12] bond0 (unregistering): Released all slaves
[  225.327508][ T8475] bridge0: port 1(bridge_slave_0) entered blocking state
[  225.356824][ T8475] bridge0: port 1(bridge_slave_0) entered disabled state
[  225.392718][ T8475] bridge_slave_0: entered allmulticast mode
[  225.421326][ T8475] bridge_slave_0: entered promiscuous mode
[  225.457984][ T8475] bridge0: port 2(bridge_slave_1) entered blocking state
[  225.465205][ T8475] bridge0: port 2(bridge_slave_1) entered disabled state
[  225.486112][ T8475] bridge_slave_1: entered allmulticast mode
[  225.494564][ T5768] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  225.519487][ T8475] bridge_slave_1: entered promiscuous mode
[  225.629225][ T8475] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  225.651708][ T8475] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  225.756568][ T8475] team0: Port device team_slave_0 added
[  225.816802][ T8475] team0: Port device team_slave_1 added
[  225.896326][ T8475] batman_adv: batadv0: Adding interface: batadv_slave_0
[  225.925393][ T8475] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  225.967278][ T8475] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  225.999133][ T8475] batman_adv: batadv0: Adding interface: batadv_slave_1
[  226.006177][ T8475] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  226.048012][ T8475] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  226.121958][ T8475] hsr_slave_0: entered promiscuous mode
[  226.149331][ T8475] hsr_slave_1: entered promiscuous mode
[  226.159320][ T8475] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  226.174956][ T8475] Cannot create hsr debugfs directory
[  226.187221][ T5776] Bluetooth: hci1: command tx timeout
[  226.348296][ T8590] IPVS: ovf: FWM 3 0x00000003 - no destination available
[  226.355584][    C1] IPVS: ovf: FWM 3 0x00000003 - no destination available
[  226.665683][ T8475] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  226.684299][ T8475] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  226.701826][ T8475] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  226.719465][ T8475] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  226.916406][ T8475] 8021q: adding VLAN 0 to HW filter on device bond0
[  226.940708][ T8587] loop1: detected capacity change from 0 to 32768
[  226.975459][ T8475] 8021q: adding VLAN 0 to HW filter on device team0
[  226.986218][ T8587] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  227.022933][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  227.030159][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  227.074732][ T1079] bridge0: port 2(bridge_slave_1) entered blocking state
[  227.081960][ T1079] bridge0: port 2(bridge_slave_1) entered forwarding state
[  227.151983][ T8587] XFS (loop1): Ending clean mount
[  227.218845][ T8587] XFS (loop1): Quotacheck needed: Please wait.
[  227.308337][ T8587] XFS (loop1): Quotacheck: Done.
[  227.640311][ T5768] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  227.685717][ T8475] 8021q: adding VLAN 0 to HW filter on device batadv0
[  228.266796][ T5776] Bluetooth: hci1: command tx timeout
[  228.271367][ T8475] veth0_vlan: entered promiscuous mode
[  228.313818][ T8475] veth1_vlan: entered promiscuous mode
[  228.374111][ T8475] veth0_macvtap: entered promiscuous mode
[  228.400270][ T8475] veth1_macvtap: entered promiscuous mode
[  228.445266][ T8475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  228.462004][ T8475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  228.473062][ T8475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  228.492451][ T8475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  228.505166][ T8475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  228.522994][ T8475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  228.533531][ T8475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  228.546000][ T8475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  228.563396][ T8475] batman_adv: batadv0: Interface activated: batadv_slave_0
[  228.585230][ T8475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  228.602328][ T8475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  228.614669][ T8475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  228.632180][ T8475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  228.644214][ T8475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  228.660884][ T8475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  228.671397][ T8475] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  228.689672][ T8475] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  228.703896][ T8475] batman_adv: batadv0: Interface activated: batadv_slave_1
[  228.735674][ T8475] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  228.760555][ T8475] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  228.769939][ T8475] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  228.779122][ T8475] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  228.922016][  T956] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  228.944323][  T956] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  228.982582][ T3512] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  229.004492][ T3512] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  229.168635][   T10] null_blk: rq ffff888022c10000 timed out
[  229.174450][   T10] blk_print_req_error: 54 callbacks suppressed
[  229.174464][   T10] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 2
[  229.198588][   T10] null_blk: rq ffff888022c10180 timed out
[  229.204411][   T10] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 2
[  229.215555][   T10] null_blk: rq ffff888022c10300 timed out
[  229.221617][   T10] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 2
[  229.232640][   T10] null_blk: rq ffff888022c10480 timed out
[  229.238483][   T10] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 2
[  229.249138][   T10] null_blk: rq ffff888022c10600 timed out
[  229.254923][   T10] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 2
[  229.265539][   T10] null_blk: rq ffff888022c10780 timed out
[  229.271356][   T10] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 2
[  229.281987][   T10] null_blk: rq ffff888022c10900 timed out
[  229.287800][   T10] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 2
[  229.302705][   T10] null_blk: rq ffff888022c10a80 timed out
[  229.309487][   T10] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 2
[  229.320068][   T10] null_blk: rq ffff888022c10c00 timed out
[  229.325884][   T10] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 2
[  229.336545][   T10] null_blk: rq ffff888022c10d80 timed out
[  229.342415][   T10] timeout error, dev nullb0, sector 393216 op 0x0:(READ) flags 0xe00000 phys_seg 2 prio class 2
[  229.353037][   T10] null_blk: rq ffff888022c10f00 timed out
[  229.358988][   T10] null_blk: rq ffff888022c11080 timed out
[  229.364785][   T10] null_blk: rq ffff888022c11200 timed out
[  229.370710][   T10] null_blk: rq ffff888022c11380 timed out
[  229.376498][   T10] null_blk: rq ffff888022c11500 timed out
[  229.382758][   T10] null_blk: rq ffff888022c11680 timed out
[  229.388675][   T10] null_blk: rq ffff888022c11800 timed out
[  229.394469][   T10] null_blk: rq ffff888022c11980 timed out
[  229.400330][   T10] null_blk: rq ffff888022c11b00 timed out
[  229.407122][   T10] null_blk: rq ffff888022c11c80 timed out
[  229.412941][   T10] null_blk: rq ffff888022c11e00 timed out
[  229.418837][   T10] null_blk: rq ffff888022c11f80 timed out
[  229.424669][   T10] null_blk: rq ffff888022c12100 timed out
[  229.431210][   T10] null_blk: rq ffff888022c12280 timed out
[  229.437128][   T10] null_blk: rq ffff888022c12400 timed out
[  229.442932][   T10] null_blk: rq ffff888022c12580 timed out
[  229.448763][   T10] null_blk: rq ffff888022c12700 timed out
[  229.454546][   T10] null_blk: rq ffff888022c12880 timed out
[  229.460376][   T10] null_blk: rq ffff888022c12a00 timed out
[  229.466163][   T10] null_blk: rq ffff888022c12b80 timed out
[  229.472130][   T10] null_blk: rq ffff888022c12d00 timed out
[  229.478358][   T10] null_blk: rq ffff888022c12e80 timed out
[  229.484165][   T10] null_blk: rq ffff888022c13000 timed out
[  229.490279][   T10] null_blk: rq ffff888022c13180 timed out
[  229.496092][   T10] null_blk: rq ffff888022c13300 timed out
[  229.501981][   T10] null_blk: rq ffff888022c13480 timed out
[  229.508841][   T10] null_blk: rq ffff888022c13600 timed out
[  229.514655][   T10] null_blk: rq ffff888022c13780 timed out
[  229.520580][   T10] null_blk: rq ffff888022c13900 timed out
[  229.526861][   T10] null_blk: rq ffff888022c13a80 timed out
[  229.532680][   T10] null_blk: rq ffff888022c13c00 timed out
[  229.538610][   T10] null_blk: rq ffff888022c13d80 timed out
[  229.544433][   T10] null_blk: rq ffff888022c13f00 timed out
[  229.550332][   T10] null_blk: rq ffff888022c14080 timed out
[  229.556112][   T10] null_blk: rq ffff888022c14200 timed out
[  229.561956][   T10] null_blk: rq ffff888022c14380 timed out
[  229.567797][   T10] null_blk: rq ffff888022c14500 timed out
[  229.574030][   T10] null_blk: rq ffff888022c14680 timed out
[  229.579870][   T10] null_blk: rq ffff888022c14800 timed out
[  229.585657][   T10] null_blk: rq ffff888022c14980 timed out
[  229.591567][   T10] null_blk: rq ffff888022c14b00 timed out
[  229.597391][   T10] null_blk: rq ffff888022c14c80 timed out
[  229.603188][   T10] null_blk: rq ffff888022c14e00 timed out
[  229.609968][   T10] null_blk: rq ffff888022c14f80 timed out
[  229.615769][   T10] null_blk: rq ffff888022c15100 timed out
[  229.621631][   T10] null_blk: rq ffff888022c15280 timed out
[  229.627811][   T10] null_blk: rq ffff888022c15400 timed out
[  229.633637][   T10] null_blk: rq ffff888022c15580 timed out
[  229.639487][   T10] null_blk: rq ffff888022c15700 timed out
[  229.645276][   T10] null_blk: rq ffff888022c15880 timed out
[  229.651129][   T10] null_blk: rq ffff888022c15a00 timed out
[  229.656987][   T10] null_blk: rq ffff888022c15b80 timed out
[  229.662775][   T10] null_blk: rq ffff888022c15d00 timed out
[  229.668643][   T10] null_blk: rq ffff888022c15e80 timed out
[  231.727051][    T8] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  231.957866][    T8] usb 5-1: config 0 interface 0 has no altsetting 0
[  231.973196][    T8] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  231.990292][    T8] usb 5-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  232.016903][    T8] usb 5-1: Product: syz
[  232.021206][    T8] usb 5-1: Manufacturer: syz
[  232.025872][    T8] usb 5-1: SerialNumber: syz
[  232.057895][    T8] usb 5-1: config 0 descriptor??
[  232.084469][    T8] usb 5-1: selecting invalid altsetting 0
[  232.258560][ T8703] loop3: detected capacity change from 0 to 32768
[  232.316294][ T8703] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.919 (8703)
[  232.389858][    T8] usb 5-1: USB disconnect, device number 2
[  232.414800][ T8703] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  232.452843][ T8703] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  232.501907][ T8703] BTRFS info (device loop3): setting nodatacow, compression disabled
[  232.533349][ T8703] BTRFS info (device loop3): force clearing of disk cache
[  232.559718][ T8703] BTRFS info (device loop3): enabling ssd optimizations
[  232.606719][ T8703] BTRFS info (device loop3): using spread ssd allocation scheme
[  232.614479][ T8703] BTRFS info (device loop3): turning off barriers
[  232.657550][ T8703] BTRFS info (device loop3): disabling free space tree
[  232.664656][ T8703] BTRFS info (device loop3): not using ssd optimizations
[  232.684714][ T8703] BTRFS info (device loop3): not using spread ssd allocation scheme
[  233.070579][ T8703] BTRFS info (device loop3): rebuilding free space tree
[  233.213965][   T28] libceph: connect (1)[c::]:6789 error -101
[  233.229911][ T8703] BTRFS info (device loop3): disabling free space tree
[  233.277029][   T28] libceph: mon0 (1)[c::]:6789 connect error
[  233.295194][ T8703] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  233.330931][   T28] libceph: connect (1)[c::]:6789 error -101
[  233.355732][   T28] libceph: mon0 (1)[c::]:6789 connect error
[  233.371042][ T8703] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  233.537166][ T2133] libceph: connect (1)[c::]:6789 error -101
[  233.543428][ T2133] libceph: mon0 (1)[c::]:6789 connect error
[  233.679011][   T28] libceph: connect (1)[c::]:6789 error -101
[  233.693996][   T28] libceph: mon0 (1)[c::]:6789 connect error
[  233.959243][ T8746] ceph: No mds server is up or the cluster is laggy
[  233.994001][ T5766] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  234.004900][ T8749] ceph: No mds server is up or the cluster is laggy
[  234.041331][ T8739] loop2: detected capacity change from 0 to 131072
[  234.069677][ T8739] F2FS-fs (loop2): invalid crc value
[  234.108706][ T2133] libceph: connect (1)[c::]:6789 error -101
[  234.115623][ T2133] libceph: mon0 (1)[c::]:6789 connect error
[  234.123472][ T8739] F2FS-fs (loop2): Found nat_bits in checkpoint
[  234.187513][ T8739] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e4
[  236.336677][ T8805] loop2: detected capacity change from 0 to 512
[  236.339491][ T8808] Invalid argument reading file caps for ./file0
[  236.392618][ T8805] EXT4-fs error (device loop2): ext4_orphan_get:1398: inode #15: comm syz.2.931: inode has both inline data and extents flags
[  236.461102][ T8805] EXT4-fs error (device loop2): ext4_orphan_get:1403: comm syz.2.931: couldn't read orphan inode 15 (err -117)
[  236.488360][ T8805] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  236.963108][ T7101] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  237.033433][ T8831] loop4: detected capacity change from 0 to 128
[  239.029515][ T8860] loop2: detected capacity change from 0 to 128
[  239.079028][ T8860] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  239.330368][ T8863] loop1: detected capacity change from 0 to 128
[  240.076851][ T5810] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  240.275152][ T5810] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  240.298183][ T5810] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  240.331506][ T5810] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  240.377023][ T5810] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  240.408324][ T5810] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  240.429349][ T5810] usb 3-1: config 0 descriptor??
[  240.889511][ T5810] plantronics 0003:047F:FFFF.000A: No inputs registered, leaving
[  240.932690][ T5810] plantronics 0003:047F:FFFF.000A: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  241.094045][ T8879] loop4: detected capacity change from 0 to 40427
[  241.130791][ T8895] netlink: 'syz.1.977': attribute type 12 has an invalid length.
[  241.154078][ T8895] netlink: 'syz.1.977': attribute type 29 has an invalid length.
[  241.187011][ T8895] netlink: 148 bytes leftover after parsing attributes in process `syz.1.977'.
[  241.208816][ T8879] F2FS-fs (loop4): build fault injection attr: rate: 771, type: 0x7ffff
[  241.237456][ T8895] netlink: 16 bytes leftover after parsing attributes in process `syz.1.977'.
[  241.247970][ T8879] F2FS-fs (loop4): invalid crc value
[  241.269763][ T8879] F2FS-fs (loop4): Found nat_bits in checkpoint
[  241.410627][ T8879] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  241.653878][ T8475] syz-executor: attempt to access beyond end of device
[  241.653878][ T8475] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  241.707748][ T8475] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  242.881097][ T8932] loop3: detected capacity change from 0 to 16
[  242.898280][ T8932] erofs: (device loop3): mounted with root inode @ nid 36.
[  242.960950][ T8932] erofs: (device loop3): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36
[  242.991799][ T8932] erofs: (device loop3): z_erofs_read_folio: read error -117 @ 43 of nid 36
[  243.158074][ T5810] usb 3-1: USB disconnect, device number 6
[  243.771630][ T8952] loop3: detected capacity change from 0 to 1024
[  243.842260][ T8952] EXT4-fs (loop3): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  243.870177][ T8952] ext4 filesystem being mounted at /233/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  243.948777][ T8952] EXT4-fs error (device loop3): ext4_map_blocks:718: inode #15: block 3: comm syz.3.989: lblock 3 mapped to illegal pblock 3 (length 3)
[  243.986835][ T5756] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  243.991868][ T8952] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  244.023813][ T8952] EXT4-fs (loop3): This should not happen!! Data will be lost
[  244.023813][ T8952] 
[  244.052485][ T8957] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #15: block 3: comm syz.3.989: lblock 3 mapped to illegal pblock 3 (length 1)
[  244.073738][ T8957] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #15: block 3: comm syz.3.989: lblock 3 mapped to illegal pblock 3 (length 1)
[  244.095039][ T8957] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #15: block 3: comm syz.3.989: lblock 3 mapped to illegal pblock 3 (length 1)
[  244.115519][ T8957] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #15: block 3: comm syz.3.989: lblock 3 mapped to illegal pblock 3 (length 1)
[  244.130651][ T8957] EXT4-fs error (device loop3): ext4_map_blocks:608: inode #15: block 3: comm syz.3.989: lblock 3 mapped to illegal pblock 3 (length 1)
[  244.150707][ T8952] EXT4-fs error (device loop3): ext4_ext_remove_space:2929: inode #15: comm syz.3.989: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  244.174522][ T8952] EXT4-fs error (device loop3) in ext4_setattr:5663: Corrupt filesystem
[  244.204664][ T5756] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  244.221230][ T5756] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  244.233951][ T5756] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  244.251128][ T5756] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  244.291479][ T5756] usb 2-1: SerialNumber: syz
[  244.318702][ T5766] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  244.522990][ T5756] usb 2-1: 0:2 : does not exist
[  244.539759][ T5756] usb 2-1: unit 16 not found!
[  244.607170][ T5756] usb 2-1: USB disconnect, device number 10
[  245.337743][   T12] wlan1: BSS 50:50:50:50:50:50 switches to unsupported channel (0 MHz), disconnecting
[  245.378882][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  245.392029][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  245.628407][   T28] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  245.830788][   T28] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  245.861034][   T28] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  245.890531][   T28] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  245.912980][   T28] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  245.935892][   T28] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  245.969315][   T28] usb 2-1: config 0 descriptor??
[  246.198305][ T5810] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  246.254888][ T9024] loop4: detected capacity change from 0 to 16
[  246.285810][ T9024] erofs: (device loop4): mounted with root inode @ nid 36.
[  246.310871][ T9024] erofs: (device loop4): z_erofs_extent_lookback: bogus lookback distance 1388 @ lcn 42 of nid 36
[  246.356766][ T9024] erofs: (device loop4): z_erofs_read_folio: read error -117 @ 43 of nid 36
[  246.396783][ T5810] usb 3-1: Using ep0 maxpacket: 32
[  246.422438][   T28] plantronics 0003:047F:FFFF.000B: No inputs registered, leaving
[  246.434998][ T5810] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  246.464561][ T5810] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  246.487616][   T28] plantronics 0003:047F:FFFF.000B: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  246.507511][ T5810] usb 3-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  246.549267][ T5810] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  246.574883][ T5810] usb 3-1: config 0 descriptor??
[  246.592664][ T5810] hub 3-1:0.0: USB hub found
[  246.823364][ T5810] hub 3-1:0.0: 1 port detected
[  247.069479][  T967] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  247.276711][  T967] usb 5-1: Using ep0 maxpacket: 32
[  247.283901][  T967] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  247.307981][  T967] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  247.332124][  T967] usb 5-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  247.344767][ T5810] usb 2-1: USB disconnect, device number 11
[  247.351547][  T967] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  247.373072][  T967] usb 5-1: config 0 descriptor??
[  247.475706][   T28] hub 3-1:0.0: activate --> -90
[  247.867360][ T5776] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  247.878802][ T5776] Bluetooth: hci3: Injecting HCI hardware error event
[  247.888952][ T5083] Bluetooth: hci3: hardware error 0x00
[  247.891402][ T2133] usb 3-1: USB disconnect, device number 7
[  248.032063][  T967] ft260 0003:0403:6030.000C: chip code: 6424 8183
[  248.146793][   T28] usb 3-1-port1: config error
[  248.235473][  T967] ft260 0003:0403:6030.000C: USB HID v0.00 Device [HID 0403:6030] on usb-dummy_hcd.4-1/input0
[  248.461322][  T967] ft260 0003:0403:6030.000C: failed to retrieve status: -71, no wakeup
[  248.475499][  T967] ft260 0003:0403:6030.000C: failed to retrieve status: -71
[  248.497770][  T967] ft260 0003:0403:6030.000C: failed to reset I2C controller: -71
[  248.527261][  T967] usb 5-1: USB disconnect, device number 3
[  248.836870][    T8] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  248.865082][ T9011] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  249.031577][ T9096] loop2: detected capacity change from 0 to 256
[  249.053295][    T8] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  249.085759][    T8] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  249.114444][    T8] usb 2-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 62976, setting to 1024
[  249.175999][    T8] usb 2-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  249.215146][    T8] usb 2-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  249.308508][    T8] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  249.336669][    T8] usb 2-1: New USB device strings: Mfr=1, Product=130, SerialNumber=3
[  249.344927][    T8] usb 2-1: Product: syz
[  249.373807][    T8] usb 2-1: Manufacturer: syz
[  249.412024][    T8] usb 2-1: SerialNumber: syz
[  249.433582][    T8] cdc_mbim 2-1:1.0: skipping garbage
[  249.651175][ T9081] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  249.677395][ T5756] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  249.876880][ T5756] usb 3-1: Using ep0 maxpacket: 8
[  249.891583][ T5756] usb 3-1: config index 0 descriptor too short (expected 74, got 45)
[  249.903690][ T5756] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[  249.923529][ T5756] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  249.943365][ T5756] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 30768, setting to 1024
[  249.960508][ T5756] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  249.972556][ T5756] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  249.993945][ T5756] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  250.005311][ T5756] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  250.029181][ T5083] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  250.242975][ T5756] usb 3-1: usb_control_msg returned -32
[  250.256881][ T5756] usbtmc 3-1:16.0: can't read capabilities
[  250.281166][ T9081] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  250.512851][    T8] cdc_mbim 2-1:1.0: bind() failure
[  250.543258][    T8] cdc_ncm: probe of 2-1:1.1 failed with error -71
[  250.559207][    T8] cdc_mbim: probe of 2-1:1.1 failed with error -71
[  250.583709][    T8] usbtest: probe of 2-1:1.1 failed with error -71
[  250.605092][    T8] usb 2-1: USB disconnect, device number 12
[  250.687601][    C1] usbtmc 3-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  250.702049][ T9138] usbtmc 3-1:16.0: Unable to send data, error -71
[  250.717096][ T9138] usbtmc 3-1:16.0: usb_control_msg returned -32
[  250.738933][ T5756] usb 3-1: USB disconnect, device number 8
[  252.885028][ T9186] input: syz1 as /devices/virtual/input/input13
[  253.576915][ T5810] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  253.776906][ T5810] usb 4-1: Using ep0 maxpacket: 8
[  253.798057][ T5810] usb 4-1: config index 0 descriptor too short (expected 74, got 45)
[  253.813808][ T5810] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[  253.831234][ T5756] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  253.839624][ T5810] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  253.863939][ T5810] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 30768, setting to 1024
[  253.888211][ T5810] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  253.905550][ T5810] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  253.924775][ T5810] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  253.935733][ T5810] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  254.037017][ T5756] usb 2-1: Using ep0 maxpacket: 32
[  254.048445][ T5756] usb 2-1: config 0 has an invalid interface number: 67 but max is 0
[  254.083090][ T5756] usb 2-1: config 0 has no interface number 0
[  254.120201][ T5756] usb 2-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  254.175088][ T5756] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  254.202288][ T5810] usb 4-1: usb_control_msg returned -32
[  254.219931][ T5756] usb 2-1: Product: syz
[  254.226145][ T5810] usbtmc 4-1:16.0: can't read capabilities
[  254.243101][ T5756] usb 2-1: Manufacturer: syz
[  254.260819][ T5756] usb 2-1: SerialNumber: syz
[  254.297120][ T5756] usb 2-1: config 0 descriptor??
[  254.326810][ T5756] smsc95xx v2.0.0
[  254.453181][ T9205] loop2: detected capacity change from 0 to 4096
[  254.468306][ T9205] ntfs3: loop2: Different NTFS sector size (4096) and media sector size (512).
[  254.620489][    C0] usbtmc 4-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  254.630461][   T27] audit: type=1800 audit(1771579887.752:109): pid=9205 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1044" name="file1" dev="loop2" ino=30 res=0 errno=0
[  254.651252][ T9206] usbtmc 4-1:16.0: Unable to send data, error -71
[  254.662574][ T9206] usbtmc 4-1:16.0: usb_control_msg returned -32
[  254.676676][  T967] usb 4-1: USB disconnect, device number 14
[  254.696131][   T27] audit: type=1800 audit(1771579887.812:110): pid=9205 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1044" name="file1" dev="loop2" ino=30 res=0 errno=0
[  254.801370][ T5756] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  254.825668][ T5756] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  255.458140][ T5756] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000104: -71
[  255.486927][ T5756] smsc95xx: probe of 2-1:0.67 failed with error -71
[  255.517008][ T5756] usb 2-1: USB disconnect, device number 13
[  255.756257][ T9236] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1058'.
[  256.032326][ T1280] ieee802154 phy0 wpan0: encryption failed: -22
[  256.046729][ T1280] ieee802154 phy1 wpan1: encryption failed: -22
[  256.366737][ T5810] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  256.550923][ T5810] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  256.561231][ T5810] usb 3-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  256.573277][ T5810] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66
[  256.582457][ T5810] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  256.598007][ T5810] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  256.613977][ T5810] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  256.624039][ T5810] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  256.635383][ T5810] usb 3-1: Product: syz
[  256.641304][ T5810] usb 3-1: Manufacturer: syz
[  256.654536][ T5810] cdc_wdm 3-1:1.0: skipping garbage
[  256.660525][ T5810] cdc_wdm 3-1:1.0: skipping garbage
[  256.674256][ T5810] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device
[  256.680483][ T5810] cdc_wdm 3-1:1.0: Unknown control protocol
[  257.488689][ T5810] usb 3-1: USB disconnect, device number 9
[  258.711932][ T9276] loop2: detected capacity change from 0 to 1024
[  258.750488][ T9276] EXT4-fs (loop2): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  258.779698][ T9276] ext4 filesystem being mounted at /146/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  258.834900][   T27] audit: type=1800 audit(1771579891.942:111): pid=9276 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1069" name="file1" dev="loop2" ino=15 res=0 errno=0
[  258.892032][ T9276] EXT4-fs error (device loop2): ext4_map_blocks:718: inode #15: comm syz.2.1069: lblock 0 mapped to illegal pblock 0 (length 4)
[  258.921702][ T9276] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 4 with error 117
[  258.948991][ T9276] EXT4-fs (loop2): This should not happen!! Data will be lost
[  258.948991][ T9276] 
[  258.972005][ T9284] EXT4-fs error (device loop2): ext4_map_blocks:608: inode #15: comm syz.2.1069: lblock 0 mapped to illegal pblock 0 (length 1)
[  258.986484][ T9284] EXT4-fs error (device loop2): ext4_map_blocks:608: inode #15: comm syz.2.1069: lblock 0 mapped to illegal pblock 0 (length 1)
[  259.003249][ T9284] EXT4-fs error (device loop2): ext4_map_blocks:608: inode #15: comm syz.2.1069: lblock 0 mapped to illegal pblock 0 (length 1)
[  259.021645][ T9284] EXT4-fs error (device loop2): ext4_map_blocks:608: inode #15: comm syz.2.1069: lblock 0 mapped to illegal pblock 0 (length 1)
[  259.081776][ T1136] EXT4-fs error (device loop2): ext4_map_blocks:718: inode #15: block 4: comm kworker/u4:8: lblock 4 mapped to illegal pblock 4 (length 1)
[  259.099628][ T1136] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 4 with max blocks 1 with error 117
[  259.118973][ T1136] EXT4-fs (loop2): This should not happen!! Data will be lost
[  259.118973][ T1136] 
[  259.144376][ T7101] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  259.832033][ T9292] loop2: detected capacity change from 0 to 32768
[  259.911943][   T27] audit: type=1800 audit(1771579893.032:112): pid=9292 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1076" name="file1" dev="loop2" ino=7 res=0 errno=0
[  260.063459][   T27] audit: type=1800 audit(1771579893.172:113): pid=9307 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1076" name="file1" dev="loop2" ino=7 res=0 errno=0
[  260.700450][ T9320] input: syz0 as /devices/virtual/input/input14
[  261.831113][ T9340] loop4: detected capacity change from 0 to 32768
[  261.861028][ T9340] ocfs2: Slot 0 on device (7,4) was already allocated to this node!
[  261.877150][    T8] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  261.889511][ T9340] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  261.922895][ T1136] (kworker/u4:8,1136,0):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #72: rec_len % 4 != 0 - offset=312, inode=13845347915746889, rec_len=25793, name_len=214
[  261.968440][ T5809] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  262.107367][    T8] usb 3-1: Using ep0 maxpacket: 32
[  262.122239][   T27] audit: type=1800 audit(1771579895.242:114): pid=9340 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1099" name="file2" dev="loop4" ino=17060 res=0 errno=0
[  262.166114][    T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  262.191576][ T5809] usb 4-1: New USB device found, idVendor=2c42, idProduct=1602, bcdDevice=da.64
[  262.206684][    T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  262.216589][ T5809] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  262.226357][ T5809] usb 4-1: Product: syz
[  262.249488][    T8] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  262.260626][ T5809] usb 4-1: Manufacturer: syz
[  262.265299][ T5809] usb 4-1: SerialNumber: syz
[  262.277469][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  262.295683][ T5809] usb 4-1: config 0 descriptor??
[  262.305798][    T8] usb 3-1: config 0 descriptor??
[  262.319057][ T5809] hub 4-1:0.0: bad descriptor, ignoring hub
[  262.326094][ T5809] hub: probe of 4-1:0.0 failed with error -5
[  262.334656][ T5809] f81232 4-1:0.0: f81534a converter detected
[  262.387638][ T8475] ocfs2: Unmounting device (7,4) on (node local)
[  262.535220][ T5809] f81534a ttyUSB0: f81232_set_register failed status: -71
[  262.544831][ T5809] f81534a: probe of ttyUSB0 failed with error -5
[  262.618315][ T5809] usb 4-1: USB disconnect, device number 15
[  262.640390][ T5809] f81232 4-1:0.0: device disconnected
[  262.799138][    T8] savu 0003:1E7D:2D5A.000D: hiddev0,hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.2-1/input0
[  263.049403][ T5810] usb 3-1: USB disconnect, device number 10
[  263.446767][ T2133] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  263.557173][    T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  263.637804][ T2133] usb 5-1: Using ep0 maxpacket: 8
[  263.653069][ T2133] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  263.668248][ T2133] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  263.679741][ T2133] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  263.733314][ T2133] usb 5-1: config 0 descriptor??
[  263.817394][ T9373] overlayfs: invalid origin (0000)
[  263.867316][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  263.990652][ T2133] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  264.243440][    T8] usb 5-1: USB disconnect, device number 4
[  264.427358][ T5829] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  265.063703][ T9394] loop2: detected capacity change from 0 to 1024
[  265.080382][ T9394] EXT4-fs: Ignoring removed orlov option
[  265.086342][ T9394] EXT4-fs: Ignoring removed nomblk_io_submit option
[  265.136361][ T9394] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  265.300299][ T7101] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.470080][ T5810] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  265.991179][ T9419] loop4: detected capacity change from 0 to 1024
[  266.013819][ T9419] EXT4-fs: Ignoring removed orlov option
[  266.029801][ T9419] EXT4-fs: Ignoring removed nomblk_io_submit option
[  266.107717][ T9419] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  266.327006][  T967] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  266.346942][ T8475] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  266.520280][ T5810] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  266.538817][  T967] usb 2-1: New USB device found, idVendor=2c42, idProduct=1602, bcdDevice=da.64
[  266.566422][  T967] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  266.592207][  T967] usb 2-1: Product: syz
[  266.596472][  T967] usb 2-1: Manufacturer: syz
[  266.612950][ T5809] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  266.626734][  T967] usb 2-1: SerialNumber: syz
[  266.637889][  T967] usb 2-1: config 0 descriptor??
[  266.662373][  T967] hub 2-1:0.0: bad descriptor, ignoring hub
[  266.681140][  T967] hub: probe of 2-1:0.0 failed with error -5
[  266.697773][  T967] f81232 2-1:0.0: f81534a converter detected
[  266.876838][  T967] f81534a ttyUSB0: f81232_set_register failed status: -71
[  266.885463][  T967] f81534a: probe of ttyUSB0 failed with error -5
[  266.938432][  T967] usb 2-1: USB disconnect, device number 14
[  266.962480][  T967] f81232 2-1:0.0: device disconnected
[  267.062114][ T9436] loop3: detected capacity change from 0 to 32768
[  267.125850][   T27] audit: type=1800 audit(1771579900.242:115): pid=9436 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1137" name="file1" dev="loop3" ino=7 res=0 errno=0
[  267.183716][   T27] audit: type=1800 audit(1771579900.302:116): pid=9450 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1137" name="file1" dev="loop3" ino=7 res=0 errno=0
[  267.204127][    C1] vkms_vblank_simulate: vblank timer overrun
[  267.554835][ T5810] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  268.027759][ T9456] loop2: detected capacity change from 0 to 32768
[  268.046447][ T9456] ocfs2: Slot 0 on device (7,2) was already allocated to this node!
[  268.072958][ T9456] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  268.084767][  T956] (kworker/u4:5,956,1):ocfs2_check_dir_entry:325 ERROR: bad entry in directory #72: rec_len % 4 != 0 - offset=312, inode=13845347915746889, rec_len=25793, name_len=214
[  268.180466][   T27] audit: type=1800 audit(1771579901.302:117): pid=9456 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1146" name="file2" dev="loop2" ino=17060 res=0 errno=0
[  268.201215][    C1] vkms_vblank_simulate: vblank timer overrun
[  268.261331][ T7101] ocfs2: Unmounting device (7,2) on (node local)
[  268.587107][ T5810] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  268.793926][ T9474] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1152'.
[  268.807609][ T9473] delete_channel: no stack
[  268.837252][  T967] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  269.209481][ T9489] loop5: detected capacity change from 0 to 7
[  269.231624][ T5929] Dev loop5: unable to read RDB block 7
[  269.238941][ T5929]  loop5: unable to read partition table
[  269.245513][ T5929] loop5: partition table beyond EOD, truncated
[  269.266382][ T9489] Dev loop5: unable to read RDB block 7
[  269.274219][ T9489]  loop5: unable to read partition table
[  269.281064][ T9489] loop5: partition table beyond EOD, truncated
[  269.296454][ T9489] loop_reread_partitions: partition scan of loop5 (þ被xü—ŸÑà– ) failed (rc=-5)
[  269.467413][  T967] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  269.637812][ T5756] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  269.646964][ T5809] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  269.666909][  T967] usb 5-1: Using ep0 maxpacket: 32
[  269.677842][  T967] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  269.685526][ T9501] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1163'.
[  269.696833][  T967] usb 5-1: New USB device found, idVendor=28bd, idProduct=0071, bcdDevice= 0.00
[  269.716697][  T967] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  269.720092][ T9499] delete_channel: no stack
[  269.748525][  T967] usb 5-1: config 0 descriptor??
[  270.172717][  T967] uclogic 0003:28BD:0071.000E: interface is invalid, ignoring
[  270.406207][ T5810] usb 5-1: USB disconnect, device number 5
[  270.576362][ T9517] loop5: detected capacity change from 0 to 7
[  270.589158][ T9517] Dev loop5: unable to read RDB block 7
[  270.596305][ T9517]  loop5: unable to read partition table
[  270.615597][ T9517] loop5: partition table beyond EOD, truncated
[  270.631806][ T9517] loop_reread_partitions: partition scan of loop5 (þ被xü—ŸÑà– ) failed (rc=-5)
[  270.669626][ T5810] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  270.907995][ T9508] comedi comedi2: reset error (fatal)
[  271.376886][  T967] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  271.596811][  T967] usb 2-1: Using ep0 maxpacket: 32
[  271.608876][  T967] usb 2-1: config 0 has an invalid interface number: 51 but max is 0
[  271.621847][  T967] usb 2-1: config 0 has no interface number 0
[  271.634063][  T967] usb 2-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  271.656660][  T967] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  271.685233][  T967] usb 2-1: Product: syz
[  271.695635][  T967] usb 2-1: Manufacturer: syz
[  271.705491][  T967] usb 2-1: SerialNumber: syz
[  271.708020][ T5829] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  271.738483][  T967] usb 2-1: config 0 descriptor??
[  271.764958][  T967] quatech2 2-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  271.985952][  T967] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  272.047218][  T967] usb 2-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  272.243434][ T9541] PF_CAN: dropped non conform CAN XL skbuff: dev type 65534, len 40
[  272.364797][ T9535] loop4: detected capacity change from 0 to 32768
[  272.461819][   T27] audit: type=1800 audit(1771579905.582:118): pid=9535 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1176" name="file1" dev="loop4" ino=7 res=0 errno=0
[  272.472877][    C0] usb 2-1: qt2_read_bulk_callback - non-zero urb status: -71
[  272.502992][  T967] usb 2-1: USB disconnect, device number 15
[  272.550776][  T967] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  272.568736][   T27] audit: type=1800 audit(1771579905.682:119): pid=9542 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1176" name="file1" dev="loop4" ino=7 res=0 errno=0
[  272.642533][  T967] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  272.700163][  T967] quatech2 2-1:0.51: device disconnected
[  272.715045][    T8] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  272.748085][ T5829] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  272.989255][  T112] ==================================================================
[  272.997395][  T112] BUG: KASAN: slab-use-after-free in jfs_lazycommit+0x751/0xa70
[  273.005088][  T112] Read of size 4 at addr ffff88802e74b294 by task jfsCommit/112
[  273.012759][  T112] 
[  273.015142][  T112] CPU: 1 PID: 112 Comm: jfsCommit Not tainted syzkaller #0
[  273.022393][  T112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  273.032512][  T112] Call Trace:
[  273.035878][  T112]  <TASK>
[  273.038843][  T112]  dump_stack_lvl+0x18c/0x250
[  273.043573][  T112]  ? __lock_acquire+0x7d40/0x7d40
[  273.048640][  T112]  ? show_regs_print_info+0x20/0x20
[  273.053881][  T112]  ? load_image+0x400/0x400
[  273.058425][  T112]  ? __virt_addr_valid+0x469/0x540
[  273.063584][  T112]  print_report+0xa8/0x210
[  273.068046][  T112]  ? jfs_lazycommit+0x751/0xa70
[  273.072932][  T112]  kasan_report+0x117/0x150
[  273.077477][  T112]  ? _raw_spin_lock_irqsave+0xc0/0x100
[  273.082971][  T112]  ? jfs_lazycommit+0x751/0xa70
[  273.087859][  T112]  jfs_lazycommit+0x751/0xa70
[  273.092578][  T112]  ? txFreelock+0x5a0/0x5a0
[  273.097106][  T112]  ? do_task_dead+0xd0/0xd0
[  273.101629][  T112]  ? __kthread_parkme+0x7a/0x1c0
[  273.106587][  T112]  kthread+0x2fa/0x390
[  273.110671][  T112]  ? txFreelock+0x5a0/0x5a0
[  273.115192][  T112]  ? kthread_blkcg+0xd0/0xd0
[  273.119818][  T112]  ret_from_fork+0x48/0x80
[  273.124338][  T112]  ? kthread_blkcg+0xd0/0xd0
[  273.128956][  T112]  ret_from_fork_asm+0x11/0x20
[  273.133753][  T112]  </TASK>
[  273.136786][  T112] 
[  273.139132][  T112] Allocated by task 9535:
[  273.143469][  T112]  kasan_set_track+0x4e/0x70
[  273.148075][  T112]  __kasan_kmalloc+0x8f/0xa0
[  273.152679][  T112]  jfs_fill_super+0xdc/0xad0
[  273.157286][  T112]  mount_bdev+0x221/0x2d0
[  273.161637][  T112]  legacy_get_tree+0xea/0x180
[  273.166339][  T112]  vfs_get_tree+0x8c/0x280
[  273.170790][  T112]  do_new_mount+0x24b/0xa40
[  273.175316][  T112]  __se_sys_mount+0x2e7/0x3d0
[  273.180012][  T112]  do_syscall_64+0x55/0xa0
[  273.184462][  T112]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  273.190374][  T112] 
[  273.192725][  T112] Freed by task 8475:
[  273.196739][  T112]  kasan_set_track+0x4e/0x70
[  273.201364][  T112]  kasan_save_free_info+0x2e/0x50
[  273.206444][  T112]  ____kasan_slab_free+0x126/0x1e0
[  273.211580][  T112]  slab_free_freelist_hook+0x130/0x1a0
[  273.217052][  T112]  __kmem_cache_free+0xba/0x1e0
[  273.221924][  T112]  generic_shutdown_super+0x134/0x2b0
[  273.227310][  T112]  kill_block_super+0x44/0x90
[  273.232005][  T112]  deactivate_locked_super+0x97/0x100
[  273.237394][  T112]  cleanup_mnt+0x43b/0x4d0
[  273.241834][  T112]  task_work_run+0x1d4/0x260
[  273.246446][  T112]  exit_to_user_mode_loop+0xe6/0x110
[  273.251839][  T112]  exit_to_user_mode_prepare+0xee/0x180
[  273.257434][  T112]  syscall_exit_to_user_mode+0x1a/0x50
[  273.262967][  T112]  do_syscall_64+0x61/0xa0
[  273.267415][  T112]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  273.273327][  T112] 
[  273.275669][  T112] Last potentially related work creation:
[  273.281390][  T112]  kasan_save_stack+0x3e/0x60
[  273.286083][  T112]  __kasan_record_aux_stack+0xaf/0xc0
[  273.291477][  T112]  kvfree_call_rcu+0xee/0x790
[  273.296212][  T112]  drop_sysctl_table+0x394/0x540
[  273.301169][  T112]  drop_sysctl_table+0x3ab/0x540
[  273.306120][  T112]  unregister_sysctl_table+0x41/0x60
[  273.311420][  T112]  inetdev_event+0x79a/0x1630
[  273.316110][  T112]  notifier_call_chain+0x197/0x380
[  273.321234][  T112]  unregister_netdevice_many_notify+0x100d/0x1900
[  273.327662][  T112]  ip_tunnel_delete_nets+0x324/0x370
[  273.332969][  T112]  cleanup_net+0x795/0xbb0
[  273.337425][  T112]  process_scheduled_works+0xa5d/0x15d0
[  273.343008][  T112]  worker_thread+0xa55/0xfc0
[  273.347626][  T112]  kthread+0x2fa/0x390
[  273.351709][  T112]  ret_from_fork+0x48/0x80
[  273.356143][  T112]  ret_from_fork_asm+0x11/0x20
[  273.360926][  T112] 
[  273.363270][  T112] The buggy address belongs to the object at ffff88802e74b200
[  273.363270][  T112]  which belongs to the cache kmalloc-256 of size 256
[  273.377344][  T112] The buggy address is located 148 bytes inside of
[  273.377344][  T112]  freed 256-byte region [ffff88802e74b200, ffff88802e74b300)
[  273.391168][  T112] 
[  273.393528][  T112] The buggy address belongs to the physical page:
[  273.399964][  T112] page:ffffea0000b9d280 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2e74a
[  273.410127][  T112] head:ffffea0000b9d280 order:1 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  273.419124][  T112] flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[  273.427130][  T112] page_type: 0xffffffff()
[  273.431484][  T112] raw: 00fff00000000840 ffff888017c41b40 ffffea0001ea6e80 dead000000000004
[  273.440091][  T112] raw: 0000000000000000 0000000000100010 00000001ffffffff 0000000000000000
[  273.448709][  T112] page dumped because: kasan: bad access detected
[  273.455153][  T112] page_owner tracks the page as allocated
[  273.460884][  T112] page last allocated via order 1, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 5768, tgid 5768 (syz-executor), ts 84090405951, free_ts 84048643545
[  273.483682][  T112]  post_alloc_hook+0x1c1/0x200
[  273.488489][  T112]  get_page_from_freelist+0x1951/0x19e0
[  273.494066][  T112]  __alloc_pages+0x1f0/0x460
[  273.498671][  T112]  alloc_slab_page+0x5d/0x160
[  273.503392][  T112]  new_slab+0x87/0x2d0
[  273.507495][  T112]  ___slab_alloc+0xc5d/0x12f0
[  273.512196][  T112]  __kmem_cache_alloc_node+0x19e/0x250
[  273.517673][  T112]  __kmalloc+0xa4/0x230
[  273.521851][  T112]  __list_lru_init+0xa6/0x5f0
[  273.526543][  T112]  alloc_super+0x74a/0x920
[  273.530976][  T112]  sget_fc+0x322/0x8d0
[  273.535060][  T112]  get_tree_nodev+0x2a/0x140
[  273.539665][  T112]  vfs_get_tree+0x8c/0x280
[  273.544112][  T112]  do_new_mount+0x24b/0xa40
[  273.548632][  T112]  __se_sys_mount+0x2e7/0x3d0
[  273.553322][  T112]  do_syscall_64+0x55/0xa0
[  273.557754][  T112] page last free stack trace:
[  273.562456][  T112]  free_unref_page_prepare+0x7b2/0x8c0
[  273.567949][  T112]  free_unref_page+0x32/0x2e0
[  273.572652][  T112]  __unfreeze_partials+0x1cf/0x210
[  273.577780][  T112]  put_cpu_partial+0x17c/0x250
[  273.582581][  T112]  __slab_free+0x319/0x400
[  273.587015][  T112]  qlist_free_all+0x75/0xd0
[  273.591538][  T112]  kasan_quarantine_reduce+0x143/0x160
[  273.597033][  T112]  __kasan_slab_alloc+0x22/0x80
[  273.601897][  T112]  slab_post_alloc_hook+0x6e/0x4b0
[  273.607029][  T112]  __kmem_cache_alloc_node+0x13a/0x250
[  273.612500][  T112]  __kmalloc+0xa4/0x230
[  273.616688][  T112]  inotify_handle_inode_event+0x18a/0x560
[  273.622424][  T112]  inotify_ignored_and_remove_idr+0x29/0x70
[  273.628335][  T112]  __se_sys_inotify_rm_watch+0x150/0x210
[  273.633983][  T112]  do_syscall_64+0x55/0xa0
[  273.638439][  T112]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  273.644403][  T112] 
[  273.646752][  T112] Memory state around the buggy address:
[  273.652416][  T112]  ffff88802e74b180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  273.660495][  T112]  ffff88802e74b200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  273.668585][  T112] >ffff88802e74b280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  273.676660][  T112]                          ^
[  273.681257][  T112]  ffff88802e74b300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  273.689332][  T112]  ffff88802e74b380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  273.697400][  T112] ==================================================================
[  273.705570][  T112] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  273.712771][  T112] CPU: 1 PID: 112 Comm: jfsCommit Not tainted syzkaller #0
[  273.719993][  T112] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  273.730083][  T112] Call Trace:
[  273.733378][  T112]  <TASK>
[  273.736321][  T112]  dump_stack_lvl+0x18c/0x250
[  273.741037][  T112]  ? show_regs_print_info+0x20/0x20
[  273.746275][  T112]  ? load_image+0x400/0x400
[  273.750841][  T112]  panic+0x2dc/0x730
[  273.754757][  T112]  ? bpf_jit_dump+0xd0/0xd0
[  273.759288][  T112]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  273.765221][  T112]  ? _raw_spin_unlock+0x40/0x40
[  273.770093][  T112]  ? print_memory_metadata+0x314/0x400
[  273.775582][  T112]  ? jfs_lazycommit+0x751/0xa70
[  273.780448][  T112]  check_panic_on_warn+0x84/0xa0
[  273.785407][  T112]  ? jfs_lazycommit+0x751/0xa70
[  273.790288][  T112]  end_report+0x6f/0x130
[  273.794544][  T112]  kasan_report+0x128/0x150
[  273.799064][  T112]  ? _raw_spin_lock_irqsave+0xc0/0x100
[  273.804543][  T112]  ? jfs_lazycommit+0x751/0xa70
[  273.809417][  T112]  jfs_lazycommit+0x751/0xa70
[  273.814113][  T112]  ? txFreelock+0x5a0/0x5a0
[  273.818633][  T112]  ? do_task_dead+0xd0/0xd0
[  273.823150][  T112]  ? __kthread_parkme+0x7a/0x1c0
[  273.828108][  T112]  kthread+0x2fa/0x390
[  273.832197][  T112]  ? txFreelock+0x5a0/0x5a0
[  273.836733][  T112]  ? kthread_blkcg+0xd0/0xd0
[  273.841349][  T112]  ret_from_fork+0x48/0x80
[  273.845788][  T112]  ? kthread_blkcg+0xd0/0xd0
[  273.850398][  T112]  ret_from_fork_asm+0x11/0x20
[  273.855196][  T112]  </TASK>
[  273.858810][  T112] Kernel Offset: disabled
[  273.863139][  T112] Rebooting in 86400 seconds..