last executing test programs:

1m55.625409038s ago: executing program 3 (id=134):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40a01, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = dup(r1)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x3}})
write$tun(r0, &(0x7f00000000c0)=ANY=[@ANYBLOB="001c88a807001000000014"], 0xffe)

1m55.139744835s ago: executing program 3 (id=137):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r0)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x6000, 0x1)
unlink(&(0x7f0000000040)='./file0\x00')
mknod$loop(&(0x7f0000000200)='./file0\x00', 0x6000, 0x0)

1m54.892745134s ago: executing program 3 (id=140):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x1c0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000240)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='./file0/file1\x00', 0x20400, 0x20)
getdents64(r0, &(0x7f00000001c0)=""/61, 0x3d)

1m54.637612304s ago: executing program 3 (id=142):
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x4, 0x0, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101090, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f00000001c0)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000140)='./file0/file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x10a78c0, 0x0)

1m54.386199654s ago: executing program 3 (id=143):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0xbfb3)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000280)={0x0, 0xfffffffd, 0x0, 0x0, 0xff, "0000000000000400f7ff00"})
r1 = syz_open_pts(r0, 0x101000)
dup3(r1, r0, 0x0)
ioctl$TCSBRK(r0, 0x5409, 0x4af2)

1m53.650157238s ago: executing program 3 (id=146):
mknodat$null(0xffffffffffffff9c, &(0x7f0000002440)='./file0\x00', 0x8000, 0x103)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000022c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000002540)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000040)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x2000}})
read$FUSE(r0, &(0x7f0000000200)={0x2020, 0x0, <r1=>0x0}, 0x2092)
write$FUSE_INIT(r0, &(0x7f00000046c0)={0x50, 0x0, r1, {0x7, 0x9, 0x4, 0x403a1810, 0xfffe, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100}}, 0x50)
lgetxattr(&(0x7f0000000100)='./file0\x00', &(0x7f00000001c0)=@known='system.posix_acl_default\x00', 0x0, 0x0)

1m53.258215607s ago: executing program 32 (id=146):
mknodat$null(0xffffffffffffff9c, &(0x7f0000002440)='./file0\x00', 0x8000, 0x103)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000022c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000002540)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000040)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x2000}})
read$FUSE(r0, &(0x7f0000000200)={0x2020, 0x0, <r1=>0x0}, 0x2092)
write$FUSE_INIT(r0, &(0x7f00000046c0)={0x50, 0x0, r1, {0x7, 0x9, 0x4, 0x403a1810, 0xfffe, 0x1, 0x0, 0x0, 0x0, 0x0, 0x100}}, 0x50)
lgetxattr(&(0x7f0000000100)='./file0\x00', &(0x7f00000001c0)=@known='system.posix_acl_default\x00', 0x0, 0x0)

1m49.533690118s ago: executing program 0 (id=162):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = openat$ttynull(0xffffffffffffff9c, &(0x7f00000000c0), 0x88002, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0xd)
r1 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x103902, 0x0)
r2 = dup(r1)
write$UHID_INPUT(r2, &(0x7f0000001040)={0x18, {"a2e3ad21ed6b52f99cfbf4c087f70c9b3e6ee7ff7fc6e5539b9b3b0e8b9b411b5d30091b080d29428f0e1ac6e7049b3468959b4c9a242a9b67f3988f7ef319520200ffe8d178708c523c921b1b25380a169b63d336cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae193973735b36d5b1b63e91c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca5b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b4124351601611c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1388dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44060bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca4051c2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb77ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b405177548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e05130935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463181f4b87c10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fad6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b3110b932a4d02da711b757fe43c06d21e35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc238a081ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed714887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee658e4cb5e930ed624806c43a006dc9336d07c2b8081c128ad2706f48261f7897084c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264d2700c838fa2c7b34252600c9654e502dcea39cb6bc3eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c6000064b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa70826ad01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x100d}}, 0xfffffdef)

1m48.116818784s ago: executing program 0 (id=168):
r0 = gettid()
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
write$dsp(r1, &(0x7f0000000280)='\x00', 0x1)
prctl$PR_SET_SECCOMP(0x16, 0x1, 0x0)
syz_open_procfs$namespace(r0, &(0x7f0000000080)='ns/time_for_children\x00')

1m47.099517644s ago: executing program 0 (id=173):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./bus\x00', 0x1d7)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file0\x00', 0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000080)='./file1/file0\x00', 0x0, 0x1085408, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f00000003c0), 0x0, &(0x7f00000004c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1/file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x200)

1m46.666146465s ago: executing program 0 (id=175):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000080)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000180)='./file0/file0\x00', &(0x7f00000003c0)='./file0\x00', 0x0, 0x2243005, 0x0)
mount$bind(0x0, &(0x7f00000001c0)='./file0\x00', 0x0, 0x20000, 0x0)

1m46.298707028s ago: executing program 0 (id=176):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x4, 0x0, 0x7fff0000}]})
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002000), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f0000002040), &(0x7f0000002080)='./file0\x00', 0x0, &(0x7f0000000080)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}}, 0x3e, 0x0, 0x0)
syz_fuse_handle_req(r1, &(0x7f00000020c0)="c6cfdab7e6f83fe5e44dd3a8d886a720a29cfb7e50ef99fcf38be6c3b9a9f8c9fdb7b1332c99b85247977ad2d66a577e6f0853366c7561476cb35cf07e6fc1c21d33853a21771a8835a50d941d35a4ccb511cb67ed64259c99811f0e6f176fba1e0fa45fefe030a588f0cf64895fb12a794fd0bd176a38440328d3c6c24c85f50e95c5190eb03fb04f1eb34cae287ed75c8ca8fab2c04dc1fafa14ef93e2a721a12238700dfdabd057e94e697534e1af81921756270313d22a185c146852a5e94300bc8de9904e8c6948d5d2aed05337b9572ee74b77209c6b4710e87fa6661b19283079a46f70a538d96f484b63171bdc3622fcbab6d9bafeaacd755923209c07b8c2f39c04ea713020bcd9e6f1120ea3fbc8dd0b55986c05aa0c0b13ad52f250e9505ba53a887ed7c857e0f56282d6dd5932930efe384bbb198c50aae4b9a65e6a6ccc2904a9121a28df865011c39a54fb0f890cc1f7ef5f5172754f1c2aa8e8acf8c754f22efa88ffea91f2a14133e0a7a8a06bc80d042ce1affa2ebc74b49b48169404b33c62915e54c554d10bc432ec988f7081a8690335d58d0a819d33296db1377af876d84fd557f9a2018ee91f7d39819fc72b0a9bbdd05d6efe6cc459cd42e16f955dcb1a6a2b8b2a71b3a7e1bfa82816abf8c7d3688d53decbc480eaa3821cef557290284d9c504a63768852e15b39841ef3648f14c7edab006a30c7bd518f300df6ff307c0740150dddfdab1e408edb96b2e6ed612b0bc2fca570fa1813d86160a766fe6c11cdbc7a67014fa7645b4b1d3aad378bcce27aa4725ecf7675b2682cc5a15673136e7181ed5ef122017dc72df65af147dcb9ac702f8a6a2eb3f6824ba7db3c32fa4bfbf63dcd45e42a49b6edee22856fc2a43aeb6a3eea91dbd53a231b559ca7b38564853be3bdee7f820966faa916ed4fd335159328f8b727ba068b0ade0e11c9f2c2af4d5244f5d49f9c9f94105a6fe4c71112bcacf9c3dd2861d06cb3fa6b2159bc2028e513298b594ca7da60f4ed30edd7b066c23ca7d9b7d9555b47e687b43b7b5ca3210d939e34dd3d176d8b3d3d2f32f28518aa8b5169362fee4a4ede7d3d218db0ecc3de14789344df20188d907093bbf621fe67ab2a1f29221b2ec334dadc15345fc829005f4f81fc13ad0f5590742295812a7f2108cbbbc37387a7d4174592bf4f94f272306942e6c44b23e96d92911ef416b4159e81b19f267aad20c2aabf7fd285330cbf4c1bb8ac86493e0ef84de88eb7953fcf833e6cc5ebdd50b706bcc148971d24e9d3736ed66e28f75e6a1e2c9a4e2abba887b27815d2f5739fe5f8afe7240841337bfe7a69308186180fed5736fe3cbc2892cb991d0f4400d66952459c54a16448f06fd49995aa65501631d5c42e2abd8f0d890a6bbe49b384bfe27599afd536493981be5f7dbb15bfbc198fcd8ebfca182c53156742e237df31c1dca495e40cf030623a8a081e3bec3b8e5109ba05c0830ef00ff98a4419bae14762d8e0a790c1d517f1f683bb1712a6a0951f024a46efb5c2122460495fa0f4ebaae86286b8a626be2052874f947f18b0c2860ce681a33d5f4217415363fe7a6f8fca125742f03433988d88a5b8e2bf4f3079eb990b6e1ff381b7199717fb885f4f37351bf18bedbeeca351b7bfca5b791b91be0dcf8d169914c449829669e0577d1ebc4fa783d57e0c695cafae201014831a16d8fec47f22d9b79c2acc820f4dba9d1a2986731681ed1f8dd1e83bc2d491302d2f769e6b0bc470404930cad6511492b3adadc6f5073220590d1ce89a520b6d51d6903dd54360cd7047aed76e0a6cd3c3625e67b7c1636fd627aa48f1ee6dd567730c6ec19d1634f62a77f70c64736532455f0d2ae85003e7bb32f06b480a9f7fba5e6917305fd77e38f6936e49c1a3b2a07e242ccc2f9d629d7992937a035574b3efefd515096e30058cb60cc89d8565205f15e71d805ba5d1c4f7b971918e32bd81611a574fc651bc8094f7f3aef8a3ebf95aef1c062ec66e288b1d1ee17ab75723bc46b031744a25cf055c1bc8b083313e38d0fd5d60e832ef28fbff4c93d2d2ed283575a486167c7158e08fe7094d23984bdf38cf6000db39c5d0f7db72325af909b18247d8fddd89eff8831c294d52194a11dae2339938a79ae903eb63bc6e5535796e1c0416cdad01e1493a3075930a0b3b50ad904ff760bec5c6406b10808bf13251df73b4d6fd149a378ac277ccbbfddd9536abdf5c7a8d29e128a290f0d56c9635540f4c9a3ff1d3e0e2b974b50497ebd690dc9393f8b3acfd1650627db8ab784233727f997dab536f1e993980a41f510fa0128d6bf2c8445ed1578b25a36e05f7170b9fbe8ca63e1b4a7235c27f56790c4dd38168ce26358d12b143e9dbae1d01406778250f1c77c80643016ffd4a7a6703b9c3dfa4e7b51fa1d59605d57c9712159eb34c306a988ac95eeb15c3225ccd022d2ccf5f31a81009d2a25891b83e60efe8f718d6c124202f108d23e5e6c89e269890bda8e5681315db361cdf30e4269f2cb530a188f26621a8b263f22bb385d779b3c4eebd16656451087457892e15074abb1c796f0b7f635b9496f3a17220716c449c11c0e82b67b8f1ee6a2709a20676f40f2751df3d74db503db6cb73c955ae1d6983da44de4d349004f3d9db4ba40124416a67bd18d1d9b3c1e4706ddbb2099a2ae16e99c144860d46ef66bc6844963c0563fe2cb8c4049dea32ce5656fbfec6d1aff7ef48bac92c932c9787d9e4cb0c78fc3d70f730c452c20d077b4d9ea304f1b8a2967b1e7af7f05fd35f84d633bf5095b1af53a506f6f61abc99186eba707843e9db2a18fc1c6c77dd79ab9353eaad6457245709acbe9cb381d4458eb5571fa4f4df069ae668b1df2c97f91271be5fc2040031c3980c7555af2d4186875ea4599c873ffaf47aa08c27a0580ceef6251dce4cfd6eb175a1bf36c1fd750826f4e14966e6f196b68da0a524baf86f49ce8c09430554b50a0b387c02ebd59fae9caa1054cba1304aa6732f3990ce6b7bca6b65237f0fc3c79a102e2989dcf3f884002f2efe83e25a3fb217c24c4f66e0973e7ca62483bb52c943ccfbf31324f2b7938de0555a54f47256c903ab65489906c382d7d1022f7f302b186d18b5775e042ba83b874793420a6d854aaec01e3c819d0b11b51558fb9c10b1e2ff96639fb119d90f80aa302c9a6420b4b1230d79fd1e8105259c4ebf9cc3f1eac67f15bcb9d49ae537084c96994ad08214ac07db663c1bbce6499b5665fb5a949ab3d65062467824a2065a9de2f1edc243e03ad38f0ef227519de50a3dc2e8f4a38538be5557c5de56d0110a0759fe96b0e66d20fcb6066995f77fba9c7468434a53ffffffff000000008bd2ea3b1da2a1178acf50249d77757353943cd126b511098230698782ca88d018381f233f4331d3980f72f30caf915a18794de1253734b89303f25826a80ddd75a9bdf14c6f01690833190872ca5431ab92ab3dca92595983b11de0076125059234720906641119dab9c96be9c10d60fb54267bda61fcb85a491df037cd563b229eea02cd192796d36803b04691d385471a5f68bb76afafe9df28f50dcabfefc8e2eb334bcace928b8eb8f6449116fb5a0fa4a0c51e21b8b1f99308d396db60418cb5385bdf6bce7227e514f6cbc9a9fc50b79e8b0530fd51b21679ea1c404dba52811b3c9487f670e622ac7b1ce8028eadbd882d4325663d8dc4f0960c047c5f3099c90c6256bc11e8eef6b325e0f1ed00279a695f2828762f28ecacdc726aedf42064727ec100ffa74d38d47f383946b9f856e53cb939f98df1bb5af2a12810a619f205e030a302628ffb9b2cfcc2e881e239f33844a118a4de2a5c3d6b857c5105db775a61c5d54d1d82048670e8cd2c44a032904005125eb9f999e845efba3a063e3e26b06298f28799975b51118eece2b7fec02d4b888bfb90919bec287aba71296c66dcf749efa3abcddfccee6ef80d03a1638045f18fb96131cbd9a93e657c29eb74de40f433969e1988ac335bdd9c671b5b75ce6e2440be247775f9d597b4d8523c283e774ed0987e10b88e0c5616720502149db329babc91b225359927f88e0b42f02d41a4c9e0ad7c55a0d2c52cf45da6152c0c742f661b562c3a8ecff1145cac3f63fc053e1a14fe7a57742ab709581604fabe54ff13172b5049434d12f6ed9623265af643f725efea21e2ac1b82365033b9cff4158318f40c8894d2bcffdc954fcf7068c97ca2d2b1bf19b9232b918864e3f63fd59f4c8c578821ec5083e46363d9158451c5a92b425e68081b2c7572df44658a4aae41a439c6bb4bdd2f26ff2a357fa2946e5be5cd97ba25f73bbcc6c05fa966d0aa0cf2e45f22e0021468b37d5afebbfba3233e2cd4fd64e1578be72c38891224cd6c70c4cfd146df6a8142f1493772d48650f8fcbd1435ff704e02ec121e9f43de623eff8070f88a623cd395a02b6b1ffe4ea7ae7f443dc8bdac2cfaa126d4ac9d7788dc972c88fd87d3c8758853f1882532e4ff298b466e7d198daa9015127f2937544b34aaf545f39ee00d74e0e1017a30ff2edff701d53f3a13fc61b31fe7d9032a6c4a517c7527e48c0c44a2beebc9a9f9e6f989bc6c255e05bec5ff99547658143d9eb43a1d96aa5288638b4477aa1f84c59d41194335c09d9d5d660640acb84b53520482fb200ca616e1a6f486e6da3e6721479e85d0676ba142d95ecdf1acc76a49e9bf016f951d8b95adc7e8d4317ddbb28b678135a4a9b98fb8b8b5948b682ee70e04a31f7e3c49c52a11acbb29bd8152bbb4fedd2aae8e7ad5330365213d207677855e6cd72bf93502c14b11bd2f2d6e797efc2cc5bc198730e5cc51c92751ece5c167b3328a6deed4bd73c62623bb3874c9ef18e24997e3ac93b0ad9ca7ddd4c0401ec1b942cb21dfe6abfd3aefe2588ac1684bf6b37dc09d9b9d932d5534c707ef8fe0812a403e057d00955559ca3e0f7e70d3cdfab918b8d125061fd53374c97bd0c9d19e68bacb3db46974d36cb1c96b4475acaf4d46b88a578ed570ce09eb540f30cce4c3f853a9fd669ca36c36ff1f0432713f60e6d6bc789fdae7c7fcf4049e6166b63a12aaa3da6fc35d8783020ceb92f7f90082d4826735618905fc9fdbeb65990882ce130a7e5ebfcdc796ef293019925e80af5074bfed5f62833d9d98e324dd54e30e1d69a15e4beed5da9c6ec01a32978aa29cd26c5703a28e504e7c9264e0421718422b88ef90f6fb4e51c619f29b5fc2f600f88be036eaf28d7f5433715bd493ce55811901a59964f20ac0b06dc3a555eac123c40d3b397053501523a51e8b53a92bbd99ec3bdcd57904cfac3c0d7bcc6613b11a771d32f0f6c60c05449b42820c0a41f757ea1efebebb37f8ea567b2f7dcc4a67ebbdc00716a70f5fe255b9232e27ba05888e034fc50ac0934a43c84577183b83019008edbeb27546e8be7d8402a4c1852198c0e050b96129fd66247c39abff19338300fc3cbe20a395e5805d8bc64c2d87ba27264716e211ab023765e8d454b637aa1320cb18eb4a3dbfa94027a4d75a9a2cc784cbdc22694a8f7e97bd6cea5a4e26b538be9a9dde5637be2d386a85a79ed4df541ab7d0b1370d99d2cfd1f7bf1458bedd0a53f5e6972ee424ed08acb4b49db83cae427d315d1fea4e680258e73b3fc50fdb77692c8798bcda57ac0c34823d69a8ead14c41e9613813838ef80f63138cc9ba3a6b83dfc77b6aa1248678409bd96b64c0b625e88e33262fa0bbee94fec8f3bffedaf8b12d229d0f637848a1dba01892d80f5a5596d37ac1c9c54d32dec3ca56b49aa1157583074af418d0d95a5a46fc3c234814e377963dd4c9c8a5f7cc35aacc892afb9bcede477760688e06f0b2c5a702954f4532c715151eda02f78830129b2612de8fc62fb992d1ba52da164920eb1d1dbc7d1f8f16e31c763581f4c478cf7a84cf01ca904160475a1eabae393bcb852fd550374002bad1ba0827dadcf3f6a2354a3f8f67e6da4f567fe21f55cc34840e79f6af947561c79a141721f6da4625a20fb203f96bd1a3b7322a14a0ab4a38835e1f235f772a18643824cbb9f76664b1212c785055ae17e89f590fdb1b81535e1e3e8a726a9aaf67ae2a8e67eab8f32781bc21027cb1babd932d63bafe7faf48bc57820c5e32288583db4cf369a7fbb479e1e97ca67f63b1880fb33ccf2661d7af9041ea1afc0e90ee0b4b510d094268e4576584a17fcb21b3c3f68bf1e1c4748177cb4cab92df4c254e0d0759d507e5eb096861efcf1aa66805474e3bd32f7055a7d53d47f416d24a5ac7d5fc953206db3a012234d8693e0ff662457ddaf9407a7ade1fa8eaf85b6e1b1456aec3064ee858742f4e22f2d6084e3881a4783b3a9086009202eb6eb77fc1ce2236d6384cbc62c7db9cecd2fdb06f328d49c066562cf1dee863d33b48288fbb1d4d5bcafcd1b6391879e670c7189bbebafe48214d6e2b405e36192e1067eb8d0363777a174e630467673ca968ea51476b0b8a04d598f6fc593d3f3267ab37e17831dab86a67aac3ec8336c5b6e9e416b1f46d0a9e8ec6c515d86e773baa409e2afae30ea1744f2bc777af11c42f2bf6177e95245c6d601f7cb7b589ccda76a2a314dab023da8128c667a0df682f5c7bbf842a2bb51d4d842cd09d02d67444e5d8ae1f3260c4ef2da5a1c4121fdd47e953d03ff6fea10e35db2c0c110704f513b9d1c57c9da80881ced16d92faf1be60471dc4d82529ea50fd6060be18e8e6deffb15e0a0df4e36117dc22d78bd43b3fedb24cba54c2f2e3bba015bc4c817f70fc1e8b21adb04a9d8c229e9ec178fee0f35d4f169bb7dadd14f46ddc13fc62da4e21e42270a4ed0d60b4034db31ee1e13c97d8d941b2627b255d4283cf0af9044a65765ba88dcb2010fae98a6aeb0a5605d8a904d1cfa0cf8fa67a9d29670a108f014a1b21862e20d4f0f3f0cb99c97f289c657dbd08237aba2f616804ebb0e71819fa46df1a018d8336b534391596cd24b0720dd8a95e5c74b9d047da1da93d653b2aa98e67a65c3868a0c464ad24d427c3c81b41f0b2fb78f6aecd5487c29f4fd871bec21f54d22b661eeed67c866cdf057d585beace568ed52a4399dfdcc8c9a80c94f3cb92f0974b9b33ed893e8db33cf95220e03f3d28edd8b80991b0754010e7252392d1e846011defb6c46c73ee015bcb9b288f6945771af90ddd8c548eb6649efff32b0a2b36e743e46135e47fc65d1eb3f7a580104c22bbcc75ec041813cf2496a4793d17112f40333e3c874e0bcbcd889a6bb484e43632b2f9a628a461a2a5d58808b848751642b5c426c50fd82398894dc78c56ed1f0358b626cde2a0167dcb210c8ae2f6d9c95356331cf2a21ed0dfd5165bcac2681ce070f60ffffe69dd75836c4be0aa7f8630bf345a32d246c838552cbb35a6dfdb6ea54c4ecf0ad16990901b7a72280872fc807eda1de4fdce2c223fd089e0f0eac84c1e2980b9b5a032dd1294bd2eb49372f55b9b4cf4d3c1b14050bec1344d71a8316e173bd36f5917100de4dfedfff896517a04468006e5c632c8ad15521324f3abd72545b47df874a4a95d3bb30915ebcc3ed371528f89c7e943286a8cf4ff2cca3f3496ded16b139658bd5d3323ae9007b4dab665cd24e7888735de2cce7bc1b3af39a6d92d787dd237f8d72283f7aab1d99985f3783e5cb0661cadb552293f189f75e7f3fa933c775a27415a3ad22239986364ba7a582f2d9c31e7247aa8d44d5a7e8169fec65daaf62756b34dd307ebc7fbe8a8023aac1553fbf15b48a8ee3bd0c35c7ced684f667500ab2997aa75382475eb35888e72b30ad5aad3910c5ead6797f4182adce92dafc2073f1529ff5f1a42daf3c78e499039864e8e768fb11b33c0d7779e6128579d882761f9b21fcc0696da03eeb049c90b86da8dba548058f0caddb83ec9051a04f3133341e9a17a17b72ac20cd9e242fb383365f6a2f5c795087c7ee682555adadb7305bfe2886a57f3718f30f24b52d481aa35eb2c40417df5ea9d8af1b7b871ce37fb1c84402d269e3a01a5c9a00d3c7d6ff21c90d437066850ea92773288ba925294f9368b74fd1f3c4512800000006b73641507480f3db07634df10fca86bb4431664ade710d5a8894c368660c95f7a0b8ce5ffcdae136b5c8b4ed8c3b4cd9b71079dfd6d1501df9b7f1477b516f3cceecb2def619c05061502b253af7e3deccc839de56292c95a3912e809b100897a85705cf59af66e194143d13c12b6dc1a31cd15a74fe57666931e3fd6b75512d22f063c68576b1bd6a1ab6d7f4065447daee300b7d4fe330daeda866beb44eb8ed4041d0a36bfa49871e0623eb6f5d7b967e8f969985063e2fc4f4097c2a5189b10c1776713f78193c6e0e847025936b36eaa2e817ebb45c375f18350247f6586214a200f2f17536b52b8fa196d4a6a77317807075d130a77badf745a6076b1241e47942501cba893fd0db02545e49f559e9712a60ffce9f3154459c69984de49e11192266196497c81b7c5b45997c1369c8e8490b1a748985fd4c9ab8929d17a51c331dc160c8ae8d2961351ef103e3427299e4f28faff6ac1905be2814cb02511472c7232bd104ac438d846b4a727df2ed24364e061f157c2447e7d5265b1cd75797603e220a9d2e280868f3c2c56befbc6b1b1a07be1070b293adf324b3aee5140ef5f643c952726d9b770989b07f2cdea2e1d6951027e8b386faccff07b2547dd78aa85cc113b599ab168ef602e40fc097396341a8e5b97b59032110ddf114129feaed96e85237bb4bb886b287279b96234c18947ce7d2d5e92dd5c68829edd271bfccff21b87f6a061c9b43b51252add291c8f59be1a222d00fb7719664a8b89c452e78cf1d491a036107f0a521545fd96d2548735847e278065c196153028b91f59c7b70f9883f14cfb3343bb230f4af9bd51132cc62ee5459e34e77bb2983d30e65e65ab769fa0a0578bed01f33c76f4138208659a97fbbf380f1321336c14d21012f3cc4ee2101d42321f0123d51377e319e4ff4551f7f83ca62ff9448a28b6134da582f609be7dea5d70370772ef2552f12e97cf390ee2697022168d622ae0c813d86a43c25c758162ab0aadf25c84c790fb32a459997068be01325e473871cb024ff030070434d197558b8df442e1d2ad0c7b33fe021fa6cd57b7477dd76c6a802ddf405e909d48d23321e986d791b44d32d417d63638246fcdd661e6a1453d1411ec85fa0b750354aecdd4f4b90a420d2dffff00000000000090735f660dc5eaa7f2873c7841edaf2c0d46a92fc07c6cd22fc978f74bac72e468d96ba370fb88f9a629d4de0a8a83d43c1949aae33fe24859c1bbf8663adc6936e305cf9c56aacc84e7515caf18d0d049bec2f0a484b75a8c2c23abbca66b039a52e606f08df0a3cdd2dc6449e84ce463206d2878de0e4d0f438764a0fe360e95494e9e61581001785b081254971197024460a68ec029052f2d8841dac7e714798027696067e739cd1525df28ac9514c02e25f8ea1146e356fc5941e4661cd244dccee4a1450e4334a20cb572b842d44a8431abf4d5bb82ac6b78ce3c6d394e5969c6fe8216805f6e2db2889f27849e0dd26a5a387958a36c833a8b3d861033c00ffef267e4b09350ca1b819d5c83025e4ad69328970db92520e6ce569d5632caeb6dc42c8f6f8759256ad9c1ffe8c30a92b795bf00544714c957d5d982a4e91ec7a30dfdcacbd41ceb61f208e5442f7f7ce19ba2f0dddf50020ed1c271afe5007277e2496c3bc7f3101d6fa7f0ea2627a99de0c441a11c6afbb721037dcfc897fc5d9e0ed644b9c3aee328bc2beb3801d2bf43b1e360759c1056c74a63aa33cb6e5933b7a0b4f654113ea5830de7e8374e939e4c794be77f1f0c1e1bcedc8f584a56db0c38b6c8da60bad62b41d754d9b6cbf3379374a6126db0ef1ee2da5862acaf117408ad26c66ec8ee4f9f1844fb4cc64bc61212b303c7c622f05d29b7fd540bdc253bc948d373886e5cd4dc9bc1b551dfc514f12cc64ecc3b276ab43a4adc2142fea9c5ecf983b0841729d1771b51c2ff787ac2439f305ca3fe31cdbe24f034fcd3d41141cc0ed5cdd82e3171be1381ad4f0bf81b3be200524c98cad5a3dee3ee618c97d0678c7b4fbf729dbc2baaa2385fb63e6b906b08681c19d55200924c0edb4c3b48463fd9c2ac86510ce1e0a641def11e9e7b7fa74a629895221b06a15c995cafe55dee6c06e01b34f4f18e5ffeb76ffb412277bdfa4cee10823a1e55832c3d1d19ba5b84560668b33fafc672cfba1a85c60c61c45bd562506d9d28542c4b4795ed011a8005862f7add9dc2533dd29d0ddd534eb0a3b537b391c423b527b3ae4ce0c829a6efcf8671e9e5224df6ed6c1f20452cb46cd578a620788f9af325d45825ced3043ef3693ffebf7b881518ba2c71587251edf150772ae1e24f4415f9d9307151b8fbcb83d0da908f4b6c762b777dc406991353e962f181bc06e892ff9e49e557639dafd09b291f79720b866e46bcf14d5bd1ed15a468a8996ecec8ce3d9890fb45c96804dddfe5b7280c0e30934f129e14b344506f70d484eea40baac63b89dc71b030a6c8149ffca2434c773bffe76bbf2e778f0034666970a96bf336ee5240e765ea3715382bd8fe19c5ce5a8814717d87d4d6304a3b0d6581a6fed44975ef8a8186c19a513f5c6c0610acbd31fd58e2cb683162464cf7f50ade879461ee91f433b09d1febe058c101a0ff96cbffd547c2beab15ca343cfe592ea435f980ff03e0aeadcc80d64383d287997a6a937fc22221cec2a1aa6e8dfc1dc6e0f2e02060a18c09957376a72e165728acddf73873a958f43bcd2e9c6c71a83f744bf14c75f5e8308523a7d39bcbfd832c6597b2928b07630ae50540bb71b44b5b4040a1d172fabe8dbfb96a99e7498b12dcc8ed9e43fb36c202d019b4fbe11f715f5de76bede175c22d8355323eb004c5021d892fbe48fa7b6bf382eb03d0e447a38c63bb7fa1154c2cdf08a1cf5fa95ec75a5aa9037ebf8916cb78e6da650016a0c7ed34290e25e2122be24e4373c49c4fc81c39ec1a1ce4b658e1b80562bf911a1f6a5fc2e69d2554d4abf5ad79d9c9b7d9ac8c4122c11f590a35dcee3fbe185027832b4e2a71ebc591a60bb874b36b415b455bd942fe1a69a92b70ce1a1c867c85138449529cab5f63feab609a2ba3344191c416d8409b59962bcee1c4a40874069e28432fcade20f07c9259dec75fb978a6b84b6e8f50fdb341c7c19f55a8fa389cf085f44661c9618d56d32be0bdb3b2928fc2c372e86ea109afaee022bb832e80e869c7cb1053921b862b27599d3665f7fabfd6436743ea893ec43e4e4daa598127df8ee3249be4668d717117a038f0e734a894457df4c64dd76a9d9d42efc29f2311085c9e6fcef385f40af94f283edca078797e96b79719875aed3900252c3acc6a92e23083b3fa24057d9ebf7886df99d652e7d18cbd445560a0afc81bf7c011777837f94b32094fa1bc99472cc2a40bff245abb27d3f628b1b649fd00", 0x2000, &(0x7f0000000700)={&(0x7f0000000280)={0x50, 0x0, 0xd, {0x7, 0x2b, 0x0, 0x800000, 0x3, 0x6, 0xe9f, 0xfffffffc, 0x0, 0x0, 0x10}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r1, &(0x7f00000060c0)="970b180393e57da0084004606e0f7eb55b4379b678ec58dd5832867fc4741e325499108ee901f5ade42a10a2a5ca59b706328aca067422dcda816a63687f6b445fdf7c8c4c158921aab593be18f8f3e3a72a3c634c089c468f2afa55a47fcb36c8ec931a3b8e995ca8f9da378136eee8d00878a33e262e3718e8829586fb5a3bdd2143ea5a880a6322892369f494dd40593794a88b4f0e69dfc3d573117dc27d511cb0b7e7d1c13dac381d4472cb9eba0637c9611565d496c7a6936582144f524085bf34af3a90ac0a0db2f79a423fa8b797909b65b72ee23068ebf92a9ae53fdeca4a47ec6838e363039c63988cf6f4f393f907cff08e13520751cfa3bfeb452f120d8a5f462b040f8537f7add203eb2b2f5784376b4e0d85c027c4e0d5817ce1db986581a147a5c7e820212907992afff07f13a43b2a2c23e6f61d7bdafdea1d396e0fa1e79afd07195dfdab53cbe75d4b96971caef941b69525b87d59fcb99bfb348a12236968f9dacbfbdc4d9b0b01df755ba3b6c320a29e5bc23bd6b20f3b27dc3d63d2d2ef11865347c5ca1504ded5d549e17e1194d717c79bc330ebfc3929d079152f51f3ab9701a3241c7df4130027ca1a6d0e6b5f2f2c3b659cbea4cef19728b45f1325e04151af66111cabddafa17b90f193c52d1c4fb646f99fd42d77a3f16c05a491a775962a2a4ee9f9f6c1a5eaa68305a88add9d6f35815f37cadae92293a0db1613662f145991ba5fd632c4a170588f8265e11b3e1a4ff2b17f3664b98d9c6f54a356f19a9b72175e7eb46ff4330812993886cd7b42ffdc3767a4ac16dd21d76417b70cfe97ad6ad0ddea7284d0e3ecf0c6c6b57833f65963f3764e297c994e0181bbf693c8fc0e57fc15b2ad776a00c19a805a906ffa80efa4116d5f5c9863a74bb340008d958db841c5f1e3b286afac717ceabcc7310e75e45b61215f6ba0bb496bd5e094b6139326758c1d81b176e11da5eda522f05346e1a71a6358b4c9b7653a66ae7153858fac4695d64fe2962b0d62d6d8aac14cf9cd2199fb039b54b64f5085434b2339f90bc11f2e407a6e84557de9a7a7edcc3b15a7798cbc68c1b1e1a822103bd43b656e933bfe886736a2bda6ccb228a8e4fae5956673db0105999017d8b68159f7a9480fd2ca70bb7e9fbc8f4f1c3581b1f528c8fb5b5d6beb769dd5e9650739f3cfcb61ab7b066c342a6c6886b0bd83f399e3eb74d2cafce7fc76febe624a37e185924afa8695caa7d3c1a97fd6684979ef33957a334fbf10c7a9bba18397082580df2425129a87c4868d41d1bcda8a7faaf1afd492cb4c83b7c5ce7a950f92186cc07bf27dcf58ac56506f2453399070ae8e5b009e40eb1970bbe8a1c9f3befb54255602bd191bd46c56c0fda2842462c0b68884f9a922d2a8b161aa9ca2c0c52bcfa26b7b7a152f2ccd16ec4974361f7322dc3b345e926e1a1b56200dc425e2e03c3d7194f9cbd321e10de387adf9790a5706bcf05d9b8c16e40e5633c44553c2aa8611f7656fc732b5dfce1eaf212d2521eb013fcf154d251553ba7a6a1f7ba8b7ceb3a1df621376543a451fe76671beaab4833f1be28247919c7cdf4177e2c9cca78ce52b5a7e4dde913dd8b13ce861bbf7048822041f4b29b3441b4880a8f7a4a289ad3c6258494e7736e48373408d248c3b033372ebdb3d9a406869445b5d956434a576b83d4a7e7b47ae8c69f50be20ea56f171e592e114602ed4f47e86dc34008770940adb4f0167811c474ada06693b55f567cc3201f97c08a3711dca486a86c367f59ce44259c1d71cdb135aa8630c4cae61ad07998a2f781ff87c946e8aef9bde6d4738bc009fc43fd176bc38756a0ca48c382395b48bc55da32892551ecdd0bd3f4c69a79bbe600f4103f21e443821492b92516833b231942e91a39e7401a42ba3e99a3a2fefa6167365b9050305b6f09a013f41e764a80f422cce051e5b30ba6528540ee5d4ea5872572c85f321b68e730f40f64b648be31a9e530718ec17443a1a4dcdb79cf799cfa75d0bfa0fde71828d8f51e38dc3d1d77430ceed007426f689d5843c34afdec5dde3e480a36ffa25db4b3483cde91e56eee8756dd953a3abff11bd7901d6b37c8371b023d7457361908576f92990f19e9f48dc58ca550e61a035161f1539b14b7bcce535b3a3783021094129f312c03e51df62579ae9423927021e8bcf530116f3658a1e94d39a800452f7461d2f001f86b911a8a14b9e61c2fd8f959ea40793df240aed5e5862ea59d78fb235788c1ba3c0ec44fbefc29c2e6f22d70849750625c3c15227579d42858b5fac30bbe86491697cec1c4543addc1f50202fdf77a6d2d23e70ed611a63368694e459012ebdbe71c4f702980d7ae63aaee33d5f8df5fce071c73cd918991c6ba2f95f33a9917a22c9e7342dd492c9e2c2f6457c3a48f35edc1720f2224f2af2ef4c0a38b75ce27aae5d5ef615920ab9245851590cdcdcfaa7e5a66b73f5a0a1bcf1bab66ecdfc0dcbd8cebb1b98f6256cea6761c835a761819018fd9c3d2f541eba25abde06f1551328800b1efc04d8e10594dbe95f9f10005cae8c5b27cc18268ebaa4578f9dcfa99aa61567a55b43545ec729764af99d224cfea6a36a93d4f70bae3225256e179e81a0c64dffce9c2141994253af664c33f881aa417fa3b7e9424f1841f1aa845ea0fe05c4e47b318bef60709d6f20c9eee6e8c0c18bd161d3dbe57d82903937e10c41aa9066dcee124354584232afdcb60d185bc39fcc5e7e5124d17e2f998b64836b587cf233469b92af65a70f4a8f35df9e24c7d5d21bda27ae44ce6706f86d3747db675aa329e8b43652bb1e89687dd003dd7924d300f498d444639b3fd413840cfa958e436e5959e95486161af807cbb7304d99284818eabe39493c66664e92143ff41602a3805369f461abeae5e5b6987a20fa47495cbeeeb322c848147dd9a052384a49898138557e10eb015df370d01977083ad24c7defc8c80583d5f5eca20d0853afb9f41c356f8da0e2435d423528f67f091fc614645980a57ed893ded1c3d37881b243b8a5503f45672492f3849895c9377277a91e7090241832629032872294896107628ffd1151c444153f54b484fa3e5ca057cbe073e6039c11b1eceaf7e20eef2576aa99e7a3f36aed9beb089af28d82e2dc5e97da4878b76b5224e1d293f5223c09f715fba13945695a98624eade1381e31c5651069805e6f707811586f5f81e431e8624a608ba1ab405d2593b1f9f667b89d82e60048e4ef3be98bd3078beb4e5e66e8823c8b427d6f84468f1f18f1ff8a8c11515426993334bcbe0c3ba37b91be07eb800fb2e00a24351457d8fc067b4bfec43c0ce8cd26b23bfbb27d3da7bca3efb7fe6f7715760eda4e3a27a7be7419b803667ef6057bdd5d44250b47fa156af04db91fc57f25425b3cfbaf90a840fe5cfcefcd1500cf4908ec4df10c8bc14ec284bb99b13a8f6136e5e1c669806cb5a4a5227f7952c5b605a2b443866fae399a1f8fea323784935c3e5a9ba9e831749efc9b8228421bdb91afed16341962535cebf6fb02679e5412f67db405c90e218789b634d92a41aaf528c92b8bf38b629a1797c036465b77dc3bb124bdddd309136681d3fbe0251698da27c6f89589171e4492209f7eb48d50a161a5135602fca3355f8934f879c54afb91224901b635ed372fdacc9469471225d2ef3c980466027b86cfe3d664071edaa29b47455064a074da56f4e098ddf27984dac546826aed38e464d5c5a79a3ece544cdb3801de0e29bf5164dbcc14578e3e6c44a4a9041e2315f1243358c5949377352911e0a67c6de7e11b0881af528fe478c34909a1178a8a4f7fb727317e4f3981706d9c9215224604c2d6a4faeefc21bd635c8412931ac4feb2c60666672fb6dc5deda0d6c4ce31f2b6cb45907427691488abb280c3fd001f3d7507c0db358af7151d3b8e2e98eb8a78ee69966f7a1307882c5b57530e0dab5c57f84852c42db013e3448da2fb0a754ed97c001f33cca549eb71d7aef88d1ae7fac0d96f334556d75f600a029ed698ce9e4302279999726a57337b9afda0b0292c14d1687a85326120d9fcd84cdc02718f26c12ca28cac81af0dede79685233be41c7269c57100c603a4f9536f757fa753353bd0cded7d4edab29dff6f7dd5faa81078c263c9d1d7e662a0ffae22d8d12e679de9ec6c634ba46ddf6aa86ac0be41cabd9b14fd12107ffce96915fa0154f5b6017fa866d14ff47754a58ba14c1a3eb3f23f040779a788b774604c3a8a7dd818619352cf47849eebfdd3b49b56f376044e7cb218759059fa85057f96c159ccd63ea6cd0bf47781c2d023411854dd3ea46f4913cda9672655e566d2e83fe2e0eb5476bd6fd7a84557e37a4e8d32c75ab51dbffc59f0cebc3edeb395f38f82765ed3cfdce75b2fd570e783c8c3afb31049383af0b51575e5c9dd9332bde6f684a3e11d199f43004439ed535a20c7f2a695cf9b547985421ac62c2289c71491f0617d23cb7a9466c8f0482eb2e8aa782118702761e0267ef500afc52f4a3a7a53ef22aea542f679dc5c751c766e06af453576689c87b3b89c091e5444ff6fb1472fbd271fffb268a2eada125d7acfc70c8ff4cfd3f5421941c2857e54ed0617d6430b806d605c2e508cd5a7764d6ecdc69dbd050a97f8696535585bbb95b66f751566ce612aebce9a0b021f9fbf067870fe447dd05e8c521413e7f27955db3b8239836b6ad120f5fb48e9003bd19b05f94752743d89bdc5492c2ca1bc3133fe0ceb29451900e2ac713cf2cbc3a531048a473a195ad40c685b539f806f434c9e2cb6a8a25df84d41c13d1ceb90de1a3efecd06a53ac9a32654d1ece86dcf6fa17ea6a4f367f9b360b3e26514bf94af1f52d9c0b0691241e3c6c302e7054bb738cb234019c0e45a7db270ab9d75df73568f25579d33e7b42743c924b1f888df85c6166228f5391962b689f0a4d9683b43ddc98982a820b5c60d9c4e3997cd2212fc3850b2bd41342ccbefc1e4ec2ad7ae285f156f4a4f383281018c73ca4f2e9d255487a9717dd39cd744a000c68c53f82a22a08bcb734b5bbb8364180991140c2e727dfce4b19e70c968c97393b56019ef84688772d488b9bd6fa9354ab64f731e6adab543851e5ca1470fd13d0334ba025b57db5d9ea13c970642726284fefddab8fdf7155f5b8e3b3b86d098c4207b428bffcc7ff76f6397b6a3efc3c0b0fb2a4343b4051271f87e384c2b659086ba668c66a15d68b87faf82a60b184f27256e36a9ada7c4422754be56dbbab50ed781f36e40ded65a30378003de5b5cd5f80a6042613c76e80851312c7ed2c07b762b85a1b6928a7b2428d2bc7a6bfdfa2ba55aed54fd3c878ec655caf1223245433b7c6fc2a2d3b0393d7ba4e12f26a53b9d5afdbab230b9148f061df2e1c0fe73c2abcd142125367fa5e598e500263d9b27e759c08b7debee4695a5b192d968108c134241f236cae0434ed71e5099cd466cfb04d5f7cef2e94683172f82a9841610cb6fe55d4bfe73920992bb76f362b9cf7919c906495d4b37a915d23168fd7ffc2f36de55a1b17fa2232df03663ffa2a4c5e76aad90fd5abc80b6dfc16ec6aa328cc7714dc2d7bb14aae9f86c999e93a59fd18fb2300539bca25e69b04943a16c985ff481a42c9d8af43eb61ef7432b8e3aa5bc391c181b7d546b94ac659bc4b501157d3adf9d4cda4e298a4e4271fa2cd08919b055eb3f168df76c1f0b0d5cf5760b56774f105e51c93cc03ce97b00768b9620a6fd5162b9d9191ac0928d2460e4e821a276680cedb3b8167bc156b48a34d4c24d4a87fd09968a725d4b6a1b54b169f1e14143e97a84cf3d8eb4ec5458dcd5ff93365396c00533c3493847f595725a4f15300183eac306d16ea136b97a9864d16330d8c5b8321a6947caeb9cdc7ff4e53c419518ce9bc11f7355651be27a2c2b9ff4127ad86b96c1b5967def371d5d6a3f365abaca55c5f19600d1d5051d320b065c2f78f2147c170b9153a0eefd7b3f1e637cac3fff14b0eeaf472e6a6a9f7553ed3267c911d4d77a4f7285b77df725b3a88fbfd221343f656d60b61808b52a8facc81b8516698f2ac50cd8769371e67278c59ab1cc890fab36206b939f23b31ab976651ca8a4e7754bb10d03d4cc6506f13d98f2bda76477a69a8794a34614a88a7ec94e1a229ad6f747724a3bfb674cc87ea0dfb610f66057671f664206672e78c00a3f4585f17fc40827d0c8af88d3437f811274f662e9ee73d550833d0c8fde449089f8b5e8a25d25096537ac960699a07ebb51271a8f8556037436307063282febae745d53f8db65f13f24cc2e525ae465c9bf79f76b82dceada3bf34529321f913dd18548ab2a26f2a065028f46f4dfb18294dff30a7e5b131a08c671787baea45545d15629ec2f435d9138e517055cd48af7120b3b79f2275baed8a4b6a0f33c30890105ae2c07a332df79f2fd6767ecc66f1ed628c968a2685813342677a2823d10263958eee79d03e393a557475701694b5ec3dec8773f37b980f5812f1cbaed6e5253da037b5f88ba2070f445d74907679460dd48e16442d345abbd37f7853ec7123ff16db46c8571987db63ed711d36c05c2dafac47ea366f9467624b6296a2b9fb7056702d4ba38b4df72e7db3244421f31aa0911af3e3a09f9e08e96aa1545c37465f990bab4ee2821b1a701aa707db1dc18d52fcede15245f54a5f1a47b0d82c33fa378625d247b08753ac5fa5444b2e3f9d1d3918b154665b02fba87e39d0e27bdf60b27930eee02c31d847d40166544ab9ef801bd79bcc8d93980354021b8c7a1b9592934a90917db115bcd92068a970680011cb074da705f1cd06a0142862a777c6a47afd38721979323e27151c114e8901d41f79358e78289af10134e22d903415e2ebd2edf34ae10eefeec219db7b13ac983583dd4b02dcc615c6f70e6cf35ea216807c4b9c81482c2b941c7d6cd6621d9480ba924a3372ca3e3ca78438b0e9bf7c8436fcc0047b3bdb8d70190076d9feea778005d5d69f1b1194c76dce628e17b6beb299146b25f3f6660263c23dbcd08f70ccb45569a81a140eff66f2190110cf0977d9df7a2c437042961606ca1a378c8f59a310ad6c9cb4ff30a2d55411eeb38d927bb4d0f60ae75d90ab78dad14097f6dd38f512af2f932e1ad6a5e201180373689981f23bd9f59e4ca29244a8ea4236527fe2249eaa299af174f25b13d72b181c2f421652ece630ee1358098c29f84506654ffad3647792852a7faf107e36ae330886ffcef6e3a1725495e430568a9cd85d385e5a15d2f77ed274be3c8edfc52c230d21785b927bb8e470f989e8c89b01af8d04fc7050fc978013fbc5dcedd2baf5e8bfa8e2e1d3f193c224375db2f71d4655d2f647e9b1739657a0ad8ef6751a88151a3413ab870e0d7ba3f0a55ce3f30d55e8eb9e47e3d82563d9180399e7895490b8561a374acf5c94a1c648fa06780c4141c58ed913fb92865d3b4883301ba69b3f2b20c1f82024bd75e62ce2972d3219bdb961ab3bbac8f1d873ddece6d85f540f82c9d79b0937973335fe05e5c6ad8fcc525620a57678d58c7c2f0f157e030736d0fe4f6de520b390794cefdc6c828b4512fb6b2000d08e38693fa22834e69180d31b3978f9da75389f919a0d49ff961997d14ae6bdffcfb179c2ead52c69dae97416eef2602843dcbe4e5ae613d429feef7ffba6a31a8be8bf2e62c6d374c807363a986519a8cf9dfc99fc6607486e10599ae415b51e23f639194885e5119036e0e535accb4f126b4c45c47a53658af1e049daa2967b01d9450625d92f8f8e9d151633646044fcc5f6ad835479d48702839456decf070c7e6143cd31033810bd7da01c4a2cfb08605b25c00336f17d3b5a3db48866ef864b8d9cea9530429d3fb1afc7ae9e7d06aea9034db89b2ec8fc2a96d8d701fc51994305077dbea527bc0fc398b6bb7d42f0c408be69b98eb173d285fd8010ba75c57f2dd982582153814ff959fccc78aa5f7901357f6129f840af6649534f9ebc7750a20502a7cbf2d2f28c6f97884f43779bbbf93c550f8e79949db0e066538456b4e966761656eb7bebd5afe9b9fc241711b874682b226e9c6baecc1e909858e01b32472f6f8d483c073d3b576a4b03534dc4b620e21e6feb4bb2ddb37e3f0d4ff92c0af19e6087034c72c5928707748bc10ea22788bd938a0e6512cae4733fc1a2e47f3d4961932fe564684872922b44db143bea77580b0704675290e0839cb5ee529ada8b4c0bb14f05c5c396e29376f1ea80dea2852a88ddf8929fd402571fb242ead60d2be61f1662e1a833969e18e23e0b808900e7ed4be9d6944942da7d384739da1055cddc94937e1ea4cd305bf161c407b471df0ce3fb3413c5bd511d3c65e70edeb5397b0a8701538be7d2f1765688cbb0379744281231e60f5edcbfa6abd177405c455f77e30b95011ae4fda2a3c6d3f9a29bfe7656f6afba48358d57b4e1a84ebca241b7a427c6f806d1f771b540912f05a6df0d5223f85639fd7c163799e28abd08e4013aa43ddbc11ccc9d53131ec5c75f7682481968ad13ef34ba23d4759b51c4cac5a7ca2c73b3103c5b9e4b8686b872edcaca791d669589655e239920fc088eeced3a131ddff2eee9fab3cced40163eebfb29a85b3e97bbd97d17c3b06d3123409f115cf3e3d1c74dcc359664ab942e6ab36c41b1af4015ff5baf700eb99abd658e6833039051a235a2f84b70cb8d90271a481ce40e2a18bef8dcf7f54952b090bbaaaad391cb6cfa218a1e823ca7b16311e35e0350dd8016f67ed34771d7f3a607c1c9ed63524ea0c865148b05f1d017e475641b5076df632b7c261ef54c23eaf7cf52c22864a8ae8f8c3442d147fd52a801f87665b47e229a77b8e85c21d7996c7de9ac4899b098380f74eff119369c81b21b0b916017d0b604ca2a74b1424a4c3132d265d12a01ec2e8cff9809ed2f7891c55bc5cb932c6ea3cdba14cef47a2a0521e36869e9d62914447c3e6cf3da9ecaed915dec41e81605a46a4ec71a8b5ec0bc2f62b3237de7203e4b6d01bc32a5b2dc416623936a324b73e0c63ec414ce1bb4b344db85f014979ae866c4a2c2cce0f814862c0691883dd2d7bcd63fdf2ddf0cb2c6a1a10aa878ba997b74db8e894e4a7ed5e8ea1e3c0b602bae23c6c8c5f38b919aeef5625501fe5d4759c43e90de56122f3ecf87e8023f25e0d3ce64ab629409e881d2d1c5f083da90d45907e62ce3177f7982e514779a13f70bc207d9aa55835e37a5f4782242681ff46600ac9e63f90a245957440987b54b3678ae808c481d25755dba747cd7c3cc0fafb9a142e1ec1a9a5f81b5cdd6dbbc3a4ba5d49f58be6196c305e2af35fdbfbbae02cc4efe771d65e6000ec3f6cf394650f5144308c95279b9df3b29236a32ad3e9cd377296a4252e7dda1bb95d99c32cb81d970de4ff47760ee087dd2fa98392c8ede48391b49cd40e314adb896f0f5b08ffcdffdd70775160144552b13edfac23a09d53a4a4a827a1f216b2827cb9fb47a9fe6412d509d35b754d3700cc0dc8d7a3406a53bd1b0ee5112c50fb8f805be52a6c4e1e664d174727f33720bb371fbe9adc747a234013fcaadbce5cd2d416414b1900074e3ec73a36f32f9d7baa96ed4ea37aea560df4d9c724c69b440139a6dc1758bc74b59c521bc59958da71c4e5c23e4a8999305d989369a9bcd10f0faa789f4040950c349ef0ee910a822ba8df4a6cc16bd72dfb85d7c9a97911e96541a7fb6fb4711cdfe1e1083b2e8e870e2d2a7304f99296a496fe30553971b75f78ace054a8e3c6d54d40b2dbb2ee38a6244139fcba31b88a3ce91d637e7c88db35794002ca28533a46af85929f603e4cf4f5aea715ac4495d2c07e8bf79da078521fac5059dfe6dff61405fb6962987d15a2c7b27a851e3076803c7b4374a85f05b96e9bae91656a003e9acad767c9ac88b339fd868136b63fcb0520a2ee2f25128c8b97a0d43d60be7436756614108cfee63fb0fd65cce0bb0afcf5ea7fa817134c876c949945642a29d71aab10d05522b4b1788bb051ae1ad23fc7e75607580f9bfb7ed901a66d69e79ba742ba169f7e0d36d0c8482d3a85d66a9fc08b3e4c1669ffb4f74f418d4317fbf03b785859601b9e3af056b6a2543289738fe1e601e635ff04d750f8724bdebbbc920a7ca2f99cdaff265299bef09a2e20878682f2f37e46b5d2d3ade8d857ec6d3f7a2779080a5927749086b33b22def28633d53dae49362b4c4d47d2899562a52f22618a45998233048f0e54ba01dd53953c9f508abcb0acb1c1fb1d110e5d6c14d707713cea4cf0403b7573ab5b0a1439e6b2d29c46a3077e0dd296ca751db66f829a42c5afe0304c48fbef52c526c8f2100f6826fd4a5295f7492855f841fdb1f8487fba63b6db19af983a75468ad29a2b6cc58f9ef2dfeec8d798d60e1950731e65c5e2ec1065a22915a30845a5f87a26c067ea870d4e1ef71f67617906080b7b122b8ac9e4da1b05442b5477ee97343cb20f2587744abfa5f318ce29cbd24df1a6dbd42470789e17ae8115a588788d910a171b88dd1b94228728bfef3b28b2b32f523d603fa28d00cf23b0a201658f28ef7920f36a0da8917068a4435e0d710d320258114e2fcde2e1dec0c9faac26d671ea3735ee2b26cb644ba56ced9031cdd2b391c4b96aee7a4c38063e61dbd8ada24cea7ced0728a365bc2320eda9746823b7d83afdc8b3b293b56739011554000aec6272004a002328f20368c0902b8a8d251afebfb4d7b427cfa8927385626a474e3918ff557c8f19a8691011523a63c7e578b98c8951157f0763db3ebc4ea24388527e83b149ef89d4173ebb1c0c9aa3cf4e1a47faa3ebe7ca625e7ef077b38235781236797360696e552b9289a80491d4c3e70ff00b01540deb0de1b3385549b667cfa3598a34751868a14ccb22a420781452699563b16d0d0f1a7f0ba3f0ff45cc2d2536f1de9e024bbc923cede7725f84bf3e6a645f43c4ab3db6ddff671f283857262570b6652dbd8c869ca6a3896b870235047db08a54e5c39d7516c4b0d621d87a9c3e8c53249ff2ab9145f026ba4743a46197af56a0df022363ed59a5c2011e664a05fb952d5ad9ee2037c59a4075e4b504d91e87d303e0bc55cccaeb17e1cbab6176d2d148ce05fe986c79eb843886194f80e202c4f373244b38fd46643c1bc0fa8723ac498c71919e4ed8e5092832aec00a35ceeca94df7bd2c0c02dabc886cedf1fd044db2b45c30f8c0334c992eed40290baaeeb4d00e2cb504ca1173b6b6eec8d2aa3a1bf46e64c1ae1b3ca2882545729fe78d5e1e99c6f1f31c0b0f2190889c7318ce7605128a86c62c8a1fa107304c4609e28a2a43c6799ff6a7d70909ee10676801ee670004cf9632e34cb8cfb43d2f477ad335f5142da0baa4f4542dc93704e93a3420ec50284626fe36618b079d0db013d691583aba257947bdb1514d0318180ae43d0f94712f5c0de35f3e342ce7da65f755761506b9bfd186641fdbd03d5a2d4fe170fe23af8", 0x2000, &(0x7f0000001e40)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000e80)={0x20, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
pselect6(0x40, &(0x7f0000000100)={0x0, 0xfffffffffffffffc, 0xffffffffffffffff, 0x0, 0x800, 0x0, 0x4, 0x10000000}, 0x0, &(0x7f0000001340)={0x1f, 0x0, 0x0, 0x0, 0x0, 0x6, 0xfffffffffffffffe}, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

1m45.813623268s ago: executing program 0 (id=178):
io_setup(0x1, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x3ed4, 0x5})
r0 = timerfd_create(0x8, 0x80000)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timerfd_settime(r0, 0x3, &(0x7f0000000040), 0x0)
timerfd_gettime(r0, 0x0)

1m44.933794718s ago: executing program 33 (id=178):
io_setup(0x1, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x3ed4, 0x5})
r0 = timerfd_create(0x8, 0x80000)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timerfd_settime(r0, 0x3, &(0x7f0000000040), 0x0)
timerfd_gettime(r0, 0x0)

4.830696868s ago: executing program 6 (id=756):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000003005740ed0b0011c3ec000000010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f00000010c0)={0x84, &(0x7f0000000080)=ANY=[@ANYBLOB="00000100000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000640)={0x2c, &(0x7f0000000680)=ANY=[@ANYBLOB="00154d00000041fd52b20346ea7543406c21ac94833da5f851727ff1d68cdfdab830fc5372090b5e01b422f5c4c92c66d2fdf0b2502c97259b62e132c9b32ac4fab28e62ce3f0a00002b"], 0x0, 0x0, 0x0, 0x0})
r1 = ioctl$KVM_GET_STATS_FD_vm(0xffffffffffffffff, 0xaece)
syz_fuse_handle_req(r1, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

4.155408738s ago: executing program 5 (id=762):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCSIFVLAN_ADD_VLAN_CMD(r1, 0x8983, &(0x7f00000002c0)={0x0, 'syzkaller0\x00', {0x1}, 0xb5})
r2 = socket$netlink(0x10, 0x3, 0x0)
preadv(r0, &(0x7f0000000140)=[{&(0x7f0000000100)=""/20, 0x14}], 0x1, 0xb, 0x1)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})

3.507069098s ago: executing program 5 (id=769):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff})
recvmmsg(r1, &(0x7f0000000400)=[{{0x0, 0xf5ffffff, 0x0, 0x0, 0x0, 0x4000000}}], 0xf00, 0x0, 0x0)
setsockopt$sock_int(r1, 0x1, 0x2e, &(0x7f0000000000)=0x400000d2, 0x4)
shutdown(r1, 0x0)

3.233377625s ago: executing program 5 (id=770):
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x1)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000001c0)={[0x67a, 0x6, 0xf3b8, 0x0, 0x1000, 0x800000400, 0x4002004c4, 0x3, 0x1, 0x94, 0x10, 0x0, 0x3, 0x4, 0x1, 0x8], 0xeeee7ffb, 0x40000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x1, 0x30000, 0x2000, &(0x7f0000000000/0x2000)=nil})

3.133838326s ago: executing program 2 (id=771):
mkdirat(0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x1a4)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000000)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
chdir(&(0x7f0000000300)='./bus\x00')
syz_mount_image$fuse(0x0, &(0x7f0000000040)='./file1\x00', 0x20000, 0x0, 0x1, 0x0, 0x0)
lsetxattr$trusted_overlay_upper(&(0x7f0000000000)='./file1\x00', &(0x7f0000000040), &(0x7f0000000ac0)=ANY=[], 0xdf5, 0x0)
removexattr(&(0x7f0000006100)='./file1\x00', &(0x7f0000006140)=@known='trusted.overlay.upper\x00')

3.035580635s ago: executing program 2 (id=773):
pipe(&(0x7f0000000500)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r1, 0x5, &(0x7f00000004c0)='fd', 0x0, r0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x2)
symlinkat(&(0x7f0000000100)='./file0\x00', r2, &(0x7f00000000c0)='./file0\x00')
unlinkat(r2, &(0x7f0000000040)='./file0\x00', 0x0)

2.977712646s ago: executing program 6 (id=774):
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x6)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x840, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = eventfd(0x8000)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000100)={r2, 0x5, 0x0, r0})
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000140)={r2, 0x2, 0x1})

2.881900417s ago: executing program 5 (id=776):
syz_usb_connect$hid(0x6, 0x36, &(0x7f0000000000)={{0x12, 0x1, 0x310, 0x0, 0x0, 0x0, 0x20, 0x5543, 0x81, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x8}}]}}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x9)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000000)={0x77774002, 0x12000, 0x2})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000100)={0x0, 0x10000})
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f00000003c0)={0xb000, 0x0, 0xfffffffe})

2.687475246s ago: executing program 2 (id=777):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000000c0)={0x3, 0x1000}, 0x4)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000040)={0x3, 0x1000}, 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0}, 0x90)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r2, 0x5, 0xb68, 0x0, &(0x7f0000000000)='%', 0x0, 0xd01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

2.619254116s ago: executing program 1 (id=778):
r0 = socket$inet6(0xa, 0x2, 0x0)
shutdown(r0, 0x0)
setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000000040)=0x1005, 0x4)
r1 = syz_io_uring_setup(0x416d, &(0x7f0000000200)={0x0, 0x0, 0x10100, 0x0, 0x24e}, &(0x7f0000000480), &(0x7f00000000c0)=<r2=>0x0)
syz_io_uring_setup(0xa97, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x269, 0x0, r1}, &(0x7f0000000000)=<r3=>0x0, &(0x7f00000005c0))
syz_io_uring_submit(r3, r2, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xfffffffffffffe54})
io_uring_enter(r1, 0x48e9, 0x7505, 0x0, 0x0, 0x0)

2.619030467s ago: executing program 6 (id=779):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
sendto$inet6(r0, &(0x7f0000000080)='X', 0x1, 0x0, &(0x7f0000000140)={0xa, 0x0, 0x0, @private0}, 0x1c)
setsockopt$inet_sctp6_SCTP_EVENTS(r0, 0x84, 0xb, &(0x7f0000000100)={0x66, 0xfe, 0x4, 0x5, 0xa8, 0x20, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x9}, 0xe)
setsockopt$inet_sctp6_SCTP_RECVNXTINFO(r0, 0x84, 0x21, &(0x7f0000000000)=0x6, 0x4)
shutdown(r0, 0x1)
recvmmsg(r0, &(0x7f0000005000)=[{{0x0, 0x2a, 0x0, 0x0, &(0x7f00000000c0)=""/19, 0x13}, 0x3}], 0x4000169, 0x60, 0x0)
mmap(&(0x7f0000196000/0x1000)=nil, 0x1000, 0x0, 0x840000000000a132, 0xffffffffffffffff, 0x0)

2.485760887s ago: executing program 4 (id=781):
r0 = fsopen(&(0x7f0000000ac0)='configfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchdir(r1)
openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x48)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x90)
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x800002, &(0x7f0000000940)=ANY=[@ANYBLOB='umask=00000000000000000000010,nodecompose,decompose,uid=', @ANYRESHEX=0xee01, @ANYBLOB=',nls=maccyrillic,gid=', @ANYRESHEX, @ANYBLOB="2c706172743d3078303030302330303030303030303030372c666f7263652c666f776e095d0c1513d5eeba6c455abbb5c17c1723ad4181caacc300b8b950ca34ba1f42b5aec3cbce30514eb091af8cd13854f54d6591dd000d7734bfbb16675129ed319db5cdd374d1d3c65202f329c6f5b6e228da26e5ae651cb96c4a5c82", @ANYRES8=r2, @ANYBLOB=',uid>', @ANYRES32, @ANYBLOB=',nolazytime,fowner>', @ANYRESDEC, @ANYBLOB=',permit_directio,uid=', @ANYRESOCT=r0, @ANYBLOB="2c0061a4b2117dcefc69fead51511f5e8f04a321976cc8ae9a251235be6c4f4607fc55b04172ea53bf42a985daa9"], 0x1, 0x6bb, &(0x7f0000001f80)="$eJzs3U+InGcdB/DvO5nMZiIk2zZNowhZGijaYLKboSaC0CgiOQQJ9tLrkmyaJZu0bLaSFjETtQqePEkPHioSDz2JiFBPYj0LghdPuQe8echB3fL+md3Z3clmN392tu3nA++8zzvP8z7P7/3l/TPzTpY3wOfWudezt58i546fv1ku373TW7h7p3dtUE4ykaSVtOtZim5SfJycTT3li+WbTXfFg8Z55d5HRfv9D3v1UruZqvatzdbbYGTLfrJvZWFPkqm6+N8tdNga3V81Vf1cXO3vERUrcZcJOzZIHIzb8gb91cpRh8ZaWz9ugV3rVn3d3GAy2Z/66lp+Dkhzdnj4mWH8Nj039XcuDgAAAHhaRn6XH3bwfu7nZg7sTDgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADw2VDUzwwsmqk1KE+lGDz/vzP0TP3OmMN9TO9drmbfPzjuQAAAAAAAAADgsRy9n/u5mQOD5eWi+s3/xWrhUPX6hbydG5nLYk7kZmazlKUsZibJ5FBHnZuzS0uLMxvX/FXKNZeXl281a54aueaptXH11wc66n8abGgEAAAAAAAAAJ9bP8651d//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgNyiSPfWsmg4NypNptZPsS9Ipplaad8Ya7BPwl3EHAAAAAE9ft5kfKP5fF5aL6jv/4ep7/768netZynyWspC5XKruBdTf+lv/6PcW7t7pXSunjR1/69/biqPqMfW9h9EjT1ctnl9Z41y+m9dyPFO5kMXM5weZzVLmMpXvVKXZFJls7l5M3r3TzSDWjfGeXbN0YX1sR4fKZXxHqki6uZz5KrYTudgZhN5q2h0ZGu1PnWTdiLfL7BSvNraYo0vNvNyiXzbz3WGy2vK9KxmZbnJfZuOZ4bxvzP0295P1I82ktXIP6tDqKOXi+pEeKef7m3mZ65893Zxv81ba2kz0f1EuDfa+w5vnPPnqP/964Urr+tUrl28c3z270SNav0/0hjLxwpYysVBmov8Ymdj3OPE/OZ0mG/VZdHtnyxerdQ9kPt/Lm7mUuZzOdGZyJtP5Rk6ll1NDeX1+87xWx1pre8fasa80hfKa9POha9OOmXhQRZnXZ4byOnymm6zqht9ZzdKzW8hS0cnoLP1rZCjtLzWFcoyfDF1xxm99JmaGMvHc5pn4zf+Wk9xYuH518crsWxu7PjhqvJeaeXnYvrf23PzbJ7ZR29Nsbrm/PFv+Y6W+bAzvHWXdc4O6dfnqNL+4tJvO1tR1Uh3Pdd3DjtSyp8O3R/VU170wcpReVXdkqG7Np5y8mYWVTyGNHT9IAdiC/S/v73Tvdf/e/aD70+6V7vl93544M/HlTvb+rf3nPb9v/a71zeLlfJAf5cC4IwUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgM+CG++8e3V2YWFucRcW0nrCHd4eWTVIRf1OZ0Sbo9kF2fh0FCY226P+kPpxTQ9YvfN0I3wto6q6eWA8O1tIewfGmsiIqvMr73ST1ko8Sa7ukgfcAU/DyaVrb5288c67X5u/NvvG3Btz10+dOf3q6d7XZ26dvDy/MDddvzaN22MOFniiVj8GjDsSAAAAAAAAAAAAYKt24s8bRgxb9MewrQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCn07nXs7efIjPTJ6bL5bt3egvlNCivtmwnaSUpfpgUHydnU0+ZHOqueNA4r9z76Ncvvf9hb7Wv9qB9a916f/zP8vI2t6LfTJlKsqeZP9zElvq7ONRff5uB1YqVLSwTdmyQOBi3TwIAAP//Bc4E/Q==")

2.433583395s ago: executing program 1 (id=782):
mknodat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x11c0, 0x0)
acct(&(0x7f0000000040)='./file0\x00')
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40041, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x42, 0x0)

2.279459275s ago: executing program 2 (id=783):
ioctl$DRM_IOCTL_MODE_SETCRTC(0xffffffffffffffff, 0xc06864a2, &(0x7f00000005c0)={0x0, 0x0, 0x0, 0x0, 0xf8, 0x8, 0x7ff, 0x6, {0x8, 0x8, 0x0, 0x5, 0x0, 0x2, 0x1, 0x1, 0x0, 0xffff, 0x8, 0x7c0, 0xffffffff, 0x77, "ba9a42184edc4097e01b52f22e2cbb318719fb31f6699332292cc81f89f07580"}})
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000300)={0xa, 0x4e20, 0x8, @ipv4={'\x00', '\xff\xff', @remote}, 0x3}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000540), 0x3c)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f00000000c0)=@gcm_256={{0x304}, "41328ac33100", "e8582491a0c4050000000000f6542a9b6800000000000000003967d2daa45b4e", "61241765", "89a06afff55f00fd"}, 0x38)
sendmsg$inet(r0, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="110000000000"], 0x28}, 0x0)

2.2777537s ago: executing program 4 (id=784):
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x200010, &(0x7f0000000680)=ANY=[@ANYBLOB="64656275672c757466383d312c757466383d302c757466383d312c73686f72746e616d653d77696e39352c636865636b3d7374726963742c73686f72746e616d653d77696e6e742c73686f72746e616d653d6c6f7765722c002bc08d8cca74e8ecafb48437094fe1a4a2383bd9d85bff651d1101fd722e01b9b5d22f08b5fc0ac7cbf33fb553a90ae4d01d71ddeeb089f517aeaaa271899287d5b8949b22b23c2807b7d81714b89e9682f6c3faa6107733a77a4cf985560ed64ec24e255dee3654aa2ba55be4bf3ae257adba34bed8e32e4122bb46aa57a75dab0288098e42f886f09bdf63537db28a454b02a4204a7e7dac3c30a6d4b5c814916b02"], 0x1, 0x25a, &(0x7f0000000240)="$eJzs2s9rI2UYB/Bn6sqmXbqp+ItdEF/0oF6Gbc8edpEKYkFRK6yC7KydauyYlE4oRMT2pFf/BM/i0Zsge/TSi3+BB2+99LgHcSRNWtOysIs/mqX7+RySh3nnm7zzvmF4ErL/6refb6zX+XrRj5ksi5nrsRt3s1iImTiyG6+8dPOX5969+cGbN1ZWWuOjSymly8///OGXP7xwp3/p/R8v/3Qx9hY+2j9Y+n3vmb0r+3++92mnTp06dXv9VKTbvV6/uF2Vaa1Tb+QpvV2VRV2mTrcut06Mr1e9zc1BKrpr83ObW2Vdp6I7SBvlIPV7qb81SMUnRaeb8jxP83PBv7H6/d2miYPm8VvRNM3sd3HpTsz/Fu3InkjZk9ezp29lz+5mVw6apn06OjudGfPf+sf7z7kwvqkvv5NSK6L6Znt1e3X0PBxtxY316EQVZVyL2fgjhh+TsVH9+hsry9fSoYX4utoZ53e2Vx87fP3j/GK0Y+He+cVRPh3lL0bE8HFuMr8U7Xjq3vmlU/nR+7fi5Rcn8nm049ePoxdVrMUwGzvjJVj+ajGl195aOZW/engeAMB5k6djw/5t2LSd6N/y/MT4RH80yk/0h+379Ien+qsLcfXCdK+diHrwxUZRVeXW8AveYXF85FEtZieX5UGKo59C/r+JzZzYs4dloRTnuYj4bCp3JM7S35t+31NbZzIhAAAAAAAAAAAAHshZ/J1w2tcIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA83P4KAAD//8scwHs=")
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000440)=@raw={'raw\x00', 0x8, 0x3, 0x4c8, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x3f8, 0xffffffff, 0xffffffff, 0x3f8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'bridge0\x00'}, 0x0, 0x148, 0x170, 0x0, {}, [@common=@unspec=@helper={{0x48}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00', {0xff}, {}, 0x0, 0x0, 0x0, 0x4b}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'vcan0\x00', {0x3, 0x0, 0x41, 0xfffffffe, 0x2, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x528)
r1 = socket$inet6(0xa, 0x3, 0x3a)
connect$inet6(r1, &(0x7f0000000a40)={0xa, 0x4e25, 0x8, @local, 0x9}, 0x1c)
mount(&(0x7f0000000040)=@sg0, 0x0, 0x0, 0x800, 0x0)
sendmsg(r1, &(0x7f00000000c0)={0x0, 0x953a, &(0x7f0000000100)=[{&(0x7f0000000000)="2c10", 0xfff2}], 0x1, 0x0, 0x0, 0x2c}, 0x44004)

2.155107268s ago: executing program 2 (id=785):
openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x88800, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f00000003c0)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_IOAS_MAP$PAGES(r0, 0x3b85, &(0x7f0000000040)={0x45, 0x7, r1, 0x0, &(0x7f0000800000/0x800000)=nil, 0x800000, 0x200000})
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(r0, 0x3ba0, &(0x7f0000000340)={0x48, 0x5, r1, 0x0, <r2=>0xffffffffffffffff, 0x1})
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(r0, 0x3ba0, &(0x7f0000000100)={0x48, 0x7, r2, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x334e8b})
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)

2.145463767s ago: executing program 1 (id=786):
syz_open_procfs(0x0, &(0x7f0000000100)='syscall\x00')
r0 = socket(0x1, 0x803, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=@newlink={0x50, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @vxcan={{0xa}, {0x18, 0x2, 0x0, 0x1, @val={0x14, 0x1, {{0x0, 0x0, 0x0, 0x0, 0x18088, 0x80}}}}}}, @IFLA_MASTER={0x8, 0x3, r1}]}, 0x50}, 0x1, 0x8}, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=ANY=[@ANYBLOB="9000000010000305000000000000000000000700", @ANYRES32=0x0, @ANYBLOB="996e06004d4c0700540012800800010068737200480002800500030008000000050003000500000005000300fd00000008000200", @ANYRES32=r2, @ANYBLOB="08000100", @ANYRES32=r3], 0x90}}, 0x0)

2.072903059s ago: executing program 5 (id=787):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, 0x0}], 0x1, 0x68, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000180)=[@text64={0x40, 0x0}], 0x1, 0x18, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1.678885222s ago: executing program 2 (id=788):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000980)=ANY=[@ANYBLOB="120100009080e140fc044a500243010203010902120001000000000904"], 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000b80)={0x84, &(0x7f0000000000)={0x0, 0xe, 0x1, "02"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$lan78xx(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)

1.676561022s ago: executing program 6 (id=789):
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x4, 0x4, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xe468}, 0x94)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x1, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$ifreq_SIOCGIFINDEX_team(r3, 0x8933, &(0x7f0000000600)={'team0\x00', <r4=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000d80)=@newlink={0x44, 0x10, 0x401, 0x0, 0x2000000, {0x0, 0x0, 0x0, 0x0, 0x300}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0x4}}}, @IFLA_LINK={0x8, 0x5, r2}, @IFLA_MASTER={0x8, 0xa, r4}]}, 0x44}}, 0x0)

1.644323427s ago: executing program 5 (id=790):
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000700)=ANY=[@ANYBLOB="1201000000000010711e0920000000000001090224000100000000090400090103000100092105"], 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = syz_io_uring_setup(0x88f, &(0x7f0000000300)={0x0, 0xeecd, 0x100, 0x20000001, 0xb3}, &(0x7f0000000000)=<r2=>0x0, &(0x7f0000000180)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000000c0)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x40, 0x0, r0, 0x0, 0x0, 0x0, 0x130c0})
io_uring_enter(r1, 0x75fa, 0xe475, 0x0, 0x0, 0x0)

1.545260444s ago: executing program 1 (id=791):
setresgid(0xee00, 0xee01, 0x0)
r0 = syz_clone(0x8100, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000480)='task\x00')
fchdir(r1)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0)
r2 = syz_open_procfs(r0, &(0x7f0000000040)='stat\x00')
pread64(r2, &(0x7f0000000140)=""/15, 0xf, 0x4)

1.481057696s ago: executing program 4 (id=792):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f000000a040)=@newtfilter={0x74, 0x2c, 0xd27, 0x70bd25, 0x8000, {0x0, 0x0, 0x0, r3, {0x0, 0x7}, {}, {0xffff, 0x8}}, [@filter_kind_options=@f_route={{0xa}, {0x44, 0x2, [@TCA_ROUTE4_POLICE={0x40, 0x5, [@TCA_POLICE_TBF={0x3c, 0x1, {0x5bd, 0x20000000, 0x5, 0x80, 0x9, {0x5a, 0x1, 0x40, 0xff, 0x2}, {0x6, 0x1, 0x1, 0x2, 0x8, 0x7}, 0x9, 0x6, 0xfffffffd}}]}]}}]}, 0x74}, 0x1, 0x0, 0x0, 0x1}, 0x800)

1.362912296s ago: executing program 1 (id=793):
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000040)='./file0\x00', 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="696f636861727365743d6d616363726f617469616e2c646973636172643d3078303030303030303030303030303030332c6e6f646973636172642c6572726f72733d636f6e74696e75652c696f636861727365743d6d6163637972696c6c69632c0067add4ceec7cb8702b1b4a0ff322839e69b507d7478e0706b00408dc59283f5c0159b8e3c0289dcb182504844ef8e6972cdb3f50680fc9602ed27c1f6b47a91f941f154ae205d34a9b7a7c67efa0c0e2a70251d664fce12ae64a5a521aa83080b7672c4e1566a61a0ade4b6c9d78151053d9fb31fd2cfc77f269f873e14e5fe3c46c0acbb22d40391ae31d2025dcd947adf76739ae4ecbe3b630040b37e2b09d7816e0b93981de1147532cf2f46d4d4904f68fb43cd165b9"], 0x1, 0x61d0, &(0x7f0000016fc0)="$eJzs3c2OHFfZB/Cn+ms+8saxsojyWghNEgMJIf4MxhAgyQIWbFggb5GtySSycADZBjmRhSeaDQsuAoTEEhBLVlxAFmzZcQFYspGArFKoZs4Z1zTd7rGd6eqZ8/tJk6qnTtX0qfy7prtdVX0CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIjvffcHZ6uIuPzztOB4xP9FP6IXsdLUaxGxsnY8rz+IiOdjuzmei4jhUkSVG5+JeD0iPj4Wce/+7fVm0bl99uM7f/zbb3/41Pf/+vvh6X//6Wb/jWnr3br1q3/9+c7j7y8AAACUqK7rukof80+kz/e9rjsFAMxFfv2vk7xcvXD15oL1R61Wq9WHsG6rJ7vTLiJis71N857B6XgAOGQ245Ouu0CH5F+0QUQ81XUngIVWdd0BDsS9+7fXq5Rv1X49WNtpz9eC7Ml/s9q9v2PadJbxa0zm9fzain48O6U/K3PqwyLJ+ffG87+80z5K6x10/vMyLf/Rzq1Pxcn598fzH3N08u9NzL9UOf/BI+Xflz8AAAAAACyw/O//xzs+/7v05LuyLw87/7s2pz4AAAAAAAAAwGftScf/21UZ/w8AAAAWVfNZvfHrYw+WTfsutmb5pSri6bH1gcKkm2VWu+4HAAAAAAAAAAAAAJRksHMN76UqYhgRT6+u1nXd/LSN14/qSbc/7ErffyhZ13/kAQBgx8fHxu7lryKWI+JS+q6/4erqal0vr6zWq/XKUn4/O1parldan2vztFm2NNrHG+LBqG5+2XJru7ZZn5dntY//vuaxRnV/Hx2bjw4DB4CI2Hk1uucV6Yip62ei63c5HA6O/6PH8c9+dP08BQAAAA5eXdd1lb7O+0Q659/rulMAwFzk1//x8wJqtVqtVquPXt1WT3anXUTEZnub5j2D4fgB4JDZjE+67gIdkn/RBhHxfNedABZa1XUHOBD37t9er1K+Vfv1II3vnq8F2ZP/ZrW9Xd5+0nSW8WtM5vX82op+PDulP8/NqQ+LJOffG8//8k77KK130PnPy7T8m/083kF/upbz74/nP+bo5N+bmH+pcv6DR8q/L38AAAAAAFhg+d//jy/U+d/R4+7OTA87/7t2YI8KAAAAAAAAAAfr3v3b6/m+13z+/3MT1nP/59GU86/kX6Scf7r/f/fCm5fH1uu35u++/SD/f96/vf67m//4/zzdb/5LeaZKz6wqPSOq9EjVIE0fc8em2Br2R80jDatef5Cu+amH78bVuBYbcWbPur10PDxoP7unvenpcLu97u+0n9vTPthtz9uf39M+TFc61Su5/VSsx0/iWryz3d60Lc3Y/+UZ7fWM9px/3/FfpJz/oPXT5L+a2quxaePuR73/Oe7b00mP89bVz//yzMHvzkxb0d/dt7Zm/17soD/b/0+eGsXPbmxcP3Xrys2b189GmuxZei7S5DOW8x+mn5z/yy/ttOe/++3j9e5Ho0fOf1FsxWBq/i+15pv9fWXOfetCzn+UfnL+76T2ycf/Yc5/+vH/agf9AQAAAAAAAAAAAAAAgIep63r7FtG3IuJCuv+nq3szAYD5yq//dZKXz6vuP+72f9i7H131X62ec10tWH/mWn9aL1Z/1AtZ/2fB+rNwdVs92ZvtIiL+0t6mec/wi0m/DABYZJ9GxN+77gSdkX/B8vf9NdOTXXcGmKsbH3z4oyvXrm1cv9F1TwAAAAAAAACAx5XH/1xrjf98sq7rO2Pr7Rn/9e1Ye9LxPwd5ZneA0SkDVfcffZ8eZqs36vdaw42/ENPG/x7uzj1s/O/BjMcbzmgfzWhfmtG+PKN94o0eLTn/F1rjnZ+MiBNjw6+XMP7r+Jj3Jcj5v9h6Pjf5f2lsvXb+9W8Oc/69Pfmfvvn+T0/f+ODD166+f+W9jfc2fnz+7Nkz5y9cuHjx4ul3r17bOLPz3w57fLBy/nnsa9eBliXnnzOXf1ly/l9ItfzLkvP/YqrlX5acf36/J/+y5PzzZx/5lyXn/0qq5V+WnP+XUy3/suT8X021/MuS8/9KquVflpz/a6mWf1ly/qdSLf+y5PxPp3qf+a8cdL+Yj5x/PsPl+C9Lzj9f2SD/suT8z6Va/mXJ+Z9PtfzLkvN/PdXyL0vO/6upln9Zcv4XUi3/suT8v5Zq+Zcl538x1fIvS87/66mWf1ly/t9ItfzLkvN/I9XyL0vO/5upln9Zcv7fSrX8y5Lz/3aq5V+WnP+bqZZ/WR58/78ZM2bM5Jmu/zIBAAAAAAAAAAAAAOPmcTlx1/sIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMB/2YEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAgAAAAAAPm/NkJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVUV9u4tRq67vgP4mb1540BiIKROasLGMcY4m+z6El9oXUy4NtxKQij0gu1612bBN7x2CTSqHQVKJIyKKtqGh7aAUJuXCqvigVaA8oBaVaoE7QN9QVSoPERVQAGpKq0gW82c//+/M7OzM7ve8ebMOZ+PlPyyM2fmnDnzn9n92vnuAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAM3ufMPsp2pZltVqtfyCTVn2ovq8YWJT45LXvrDHBwAAAKzdLxr/fu7mdMHhFdyoaZt/uuPbX11YWFjI3jf8p6OfW1hIV0xk2eiGLGtcF139wftrzdsEj2fjtaGmr4d67H64x/UjPa4f7XH9WI/rN/S4frzH9UtOwBI3ZLV0Z9sa/7kpP6XZLdlo47ptHW71eG3DUP3cpdtmtcZtFkZPZHPZqWw2m27ZPt+21tj+63fW9/XWLO5rqGlfW+or5CePHo/HUAvneFvLvhbvM/rR67OJn/7k0eN/feHZ2zrNnqeh5f7y49yxtX6cnwiX5MdayzakcxKPc6jpOLd0eE6GW46z1rhd/b/bj/O5FR7n8OJhrqv253w8G2r893ca52mklnU4T1vCZT+7K8uyy4uH3b7Nkn1lQ9nGlkuGFp+f8XxF1u+jvpRemo2sap3euYJ1Wp8z21rXaftrIj7/d4bbjSxzDM1P048eG2t63n++cC3rNKo/6uVeK+1rsN+vlaKswbguvtN40E90XIPbwuN/dPvya7Dj2umwBtPjblqDW3utwaGx4cYxpyeh1rjN4hrc1bL9cGNPtcZ8Znv3NTh14fS5qfmPffyeudPHTs6enD2zZ9eu6T379h04cGDqxNyp2en839d4totvYzaUXgNbw7mLr4FXt23bvFQXvji25P33Wl+H411eh5vatu3363Ck/cHV1ucFuXRN56+N99RP+viVoWyZ11jj+dm59tdhetxNr8ORptdhx+8pHV6HIyt4Hda3ObdzZT+zjDT90+kYlv9esLY1uKlpDbb/PNK+Bvv980hR1uB4WBff27n894It4XifmFztzyPDS9Zgerjhvad+Sfp5f/xAY3Ral7fXr7hxLLs4P3v+3keOXbhwflcWxrp4WdNaaV+vG5seU7ZkvQ6ter0enrvjids7XL4pnKvxe+r/Gl/2uapvs/fe7s9V47tb5/PZcunuLIw+W+/z2em7ef18jmXZ57/12IPfePTzb1j2fNbz5iem1v6zeMqlTe+/o8u8/8bc/3y+v3RXjw+PjuSv3+F0dkZb3o9bn6qRxntXrbHv56ZW9n48Gv5Z7/fjW7q8H29u27bf78ej7Q8uvh/Xev1px9q0P5/jYZ2cmu7+flzfZvPu1a7Jka7vx3eFWQvn/zUhKaRc1LR2llu3aV8jI6PhcY3EPbSu0z0t24+GbFbf11O7r22d7rgrv6/h9OgWrdc6nWjbtt/rNP3Z13LrtNbrT9+uTfvzOR7WxS17uq/T+jZP7137e+cN8T+b3jvHeq3B0eGx+jGPpkXYeL/PFm6Ia/De7Hh2NjuVzTSuHWusp1pjX5P3rWwNjoV/1vu9cnOXNbijbdt+r8H0fWy5tVcbWfrg+6D9+RwP6+LJ+7qvwfo2b9zf359dd4RL0jZNP7u2//nacn/mdXvbabpea2UkHOe39nf/s9n6NqcOrDZndj9Pd4dLbuxwntpfv8u9pmay9TlPm8NxPntg+fNUP576Np87uML1dDjLsksfub/x573h71f+7uJ3v9ry9y6d/k7n0kfu//GLT/zjao4fgMH3fD425t/rmv5maiV//w8AAAAMhJj7h8JM5H8AAAAojZj74/8Vnsj/AAAAUBox94+EmVQk/29+47Nzz1/KUjN/IYjXp9PwQL5d7LhOh68nFhbVL7//y7P//Q+XVrbvoSzLfv7AH3TcfvMD8bhyE+E4r76p9fIlvnrPivZ99OFLab/N/fUvhPuPj2ely6BTBXc6y7Kv3/yZxn4m3n+lMZ9+4GhjPnj5icfr2zx3MP863v6Zl+Xb/0Uo/x4+cazl9s+E8/DDMKff1vl8xNt95cprtux/7+L+4u1qW29qPOwnP5Dfb/w9OZ99PN8+nufljv8bn37qK/XtH3lV5+O/NNT5+J8K9/vlMP/3Ffn2zc9B/et4u0+G44/7i7e790vf7Hj8Vz+Vb3/uzfl2R8OM+98Rvt725mfnms/XI7VjLY8re0u+Xdz/9Hf/uHF9vL94/+3HP37kSsv5aF8fT/9bfj9TbdvHy+N+or9v23/9fprXZ9z/U390tOU899r/1QefeUX9ftv3f3fbduc+srOx/8X7a/2NTX/5yc903F88nsN/e67l8Rx+d3gdh/0/+YGwHsP1/3c1v7/2365w9N2t7z9x+y9sutTyeKK3/jTf/9XXnWzMDeM3bLzxRS++6fIr6+cuy76zIb+/Xvs/+VdnW47/i7fm5yNeHzv67ftfTtz/+Y9Onjk7f3FuJp3VR29u/O6ct+fHE4/35vDe2v71kbMXPjh7fmJ6YjrLJsr7K/Su2ZfC/HE+LnffemHJO+jOh8Pzefuff33j9n/9dLz839+TX37lbfn3rVeH7T4bLt8Unr/V7X+pJ++8tfH6rj0djnBh6e8LXost2/7rwIo2DI+//eeCuN7PvfyDjfNQv67xfSO+rtd4/N+fye/na+G8LoTfzLz11sX9NW8ffzfClYfy1/uaz194m4vP69+E5/sdP8zvPx5XfLzfDz/HfHNz6/tdXB9fuzTUfv+N3+JxObyfZJfz6+NW8Xxfee7WjocXfw9Jdvm2xtd/ku7ntlU9zOXMf2x+6tTcmYuPTF2Ynb8wNf+xjx85ffbimQtHGr/L88iHet1+8f1pY+P9aWZ2396s8W51Nh/X2Qt9/OcePj6zf3r7zOyJYxdPXHj43Oz5k8fn54/PzsxvP3bixOxHe91+bubQrt0H9+zfPXlybubQgYMH9xycnDtztn4Y+UH1sG/6w5Nnzh9p3GT+0N6Du+67b+/05OmzM7OH9k9PT17sdfvG96bJ+q1/f/L87KljF+ZOz07Oz3189tCug/v27e752wBPnzsxPzF1/uKZqYvzs+en8scycaFxcf17X6/bU07z/5H/PNuulv8ivuxdd+9Lv5+17suPLXtX+SZtv0D02fC7aP75JecOrOTrmPtHw0wqkv8BAACgCmLuHwszkf8BAACgNGLu3xBmIv8DAABAacTcPx5mUpH8X7r+/+ZLK9q//r/+f/P50v+vWP//oaL1//P3C/3//lhr/17/P9D/1//X/9f/1/+nD4rW/4+5/4Ysq2T+BwAAgCqIuX9jmIn8DwAAAKURc/+NYSbyPwAAAJRGzP0vCjOpSP7X/9f/1//X/9f/77x//f/BpP/fnf5/D/r/U1m1+v+X+3n8+v/6/yxVtP5/zP0vDjOpSP4HAACAKoi5/6YwE/kfAAAASiPm/pvDTOR/AAAAKI2Y+zeFmVQk/+v/6//r/+v/6/933r/+/2DS/+9O/78H/X+f/6//r/9PXxWt/x9z/0vCTCqS/wEAAKAKYu5/aZiJ/A8AAADFM3JtN4u5/2VhJkvy/zXuAAAAAHjBxdx/S9ZWBK/I3//r/+v/F7//vyFdp/+v/58Vsv8/nOn/F4f+f3f6/z3o/+v/6//r/9NXRev/N3J/Np69PMykIvkfAAAAqiDm/lvDTOR/AAAAKI2Y+38pzET+BwAAgNKIuX9zmElF8r/+v/5/8fv/Pv9f/7/o/X+f/18k+v/d6f/3oP+v/6//r/9PXxWt/x9z/21hJhXJ/wAAAFAFMfffHmYi/wMAAEBpxNz/y2Em8j8AAACURsz9W8JMKpL/9f8L3v+PzVH9f/1//X/9f/3/FdH/707/vwf9f/1//X/9f/qqaP3/mPtfEWZSkfwPAAAAVRBz/x1hJvI/AAAAlEbM/a8MM5H/AQAAoDRi7p8IM6lI/tf/L3j/P+/Bj/n8f/1//X/9f/3/ldH/707/vwf9f/3/vvT/Fy7p/+v/kyta/z/m/jvDTCqS/wEAAKAKYu7fGmYi/wMAAEBpxNx/V5iJ/A8AAAClEXP/tjCTiuR//f+B6P9n+v/6//r/+v/6/yuj/9+d/n8P+v/6/z7/X/+fvipa/z/m/leFmVQk/wMAAEAVxNy/PcxE/gcAAIDSiLn/1WEm8j8AAACURsz9O8JMKpL/9f/1//X/9f/1/zvvX/9/MOn/d6f/34P+v/6//r/+P31VtP5/zP2vCTOpSP4HAACAKoi5f2eYifwPAAAApRFz/91hJvI/AAAAlEbM/ZNhJhXJ//r/+v/6//r/+v+d96//P5j0/7vT/+9B/1//X/9f/5++Klr/P+b+e8JMKpL/AQAAoApi7r83zET+BwAAgNKIuX8qzET+BwAAgNKIuX86zKQi+V//X/9f/1//f1X9/1cu3q/+f07/v1j0/7vT/+9B/1///wXv/4/q/1MqRev/x9y/K8ykIvkfAAAAqiDm/t1hJvI/AAAAlEbM/XvCTOR/AAAAKI2Y+/eGmVQk/+v/6//r/+v/+/z/zvvX/x9M+v/d9b//Hx+i/r/+v/6/z//X/2epovX/Y+6/L8ykIvkfAAAAqiDm/n1hJvI/AAAAlEbM/fvDTOR/AAAAKI2Y+w+EmVQk/+v/6//r/+v/6/933r/+/2DS/+/O5//3oP+v/6//r//PGj30h81fFa3/H3P/wTCTiuR/AAAAqIKY+18bZiL/AwAAQGnE3P8rYSbyPwAAAJRGzP2/GmZSkfyv/9/SPa8/XP1//X/9f/3/Bv3/waT/353+fw/6//r/+v/6//TVsv3/EL3Xu/8fc/+hMJOK5H8AAACogpj7fy3MRP4HAACA0oi5/3VhJvI/AAAAlEbM/YfDTCqS//X/ff6//r/+v/5/5/2vd/9/LN6v/v+a6P93p//fg/6//r/+v/4/fVW0z/+Puf/1YSYVyf8AAABQBTH33x9mIv8DAABAacTc/4YwE/kfAAAASiPm/jeGmVQk/+v/6//r/+v/6/933r/P/x9M+v/d6f/3oP+v/6//r/9PXxWt/x9z/5vCTCqS/wEAAKAKYu5/c5iJ/A8AAAClEXP/W8JM5H8AAAAojZj73xpmUpH8r/+v/6//r/+v/995//r/g0n/vzv9/x70//X/9f/1/+mrovX/Y+7/9TCTiuR/AAAAqIKY+x8IM5H/AQAAoDRi7n9bmIn8DwAAAKURc//bw0wqkv/1//X/9f/1//X/O+9f/38w6f93N2D9/1/cFC7X/8/p/xf7+Ffb/x9p+/q69P9/sFz/f2FD++31/7keitb/j7n/HWEmFcn/AAAAUAUx978zzET+BwAAgNKIuf9dYSbyPwAAAJRGzP2/EWZSkfyv/18/jsX2sv5/Wfv/Q/r/+v/6/xWh/9/dgPX/ff5/G/3/Yh+/z//X/2epovX/Y+5/d5hJRfI/AAAAVEHM/Q+Gmcj/AAAAUBox9z8UZiL/AwAAQGnE3P+eMJOK5H/9f5//X43+v8//z/T/9f8rQv+/O/3/HvT/9f+L1v//T/1/BlvR+v8x9z8cZlKR/A8AAABVEHP/e8NM5H8AAAAojZj7fzPMRP4HAACA0oi5/31hJhXJ//r/g9L/nxjQ/v9j+v/Xsf9/x035dvr/+v8s0v/vTv+/B/1//f+i9f99/j8Drmj9/5j73x9msvL8P77iLQEAAIAXRMz9vxVmUpG//wcAAIAqiLn/t8NM5H8AAAAojZj7fyfMpCL5X/9/UPr/Pv8/0//3+f9tj0f/X/+/k/Xr/8d3Hv1//X/9/0j/X/9f/592Rev/x9z/u2EmFcn/AAAAUAUx938gzET+BwAAgIHQ6f/Jbhdz/5EwE/kfAAAASiPm/qNhJhXJ//r/+v/6/wXt///Z1n/53rffeXSX/r/+v/7/qqzr5//XX/w+/1//X/8/0f/X/9f/p13R+v8x9x8LM6lI/gcAAIAqiLn/98JM5H8AAAAojZj7j4eZyP8AAABQGjH3z4SZVCT/6//r/+v/F7T/P8Cf/x/Ph/5/q771/+Obrv5/R3n/Pq2i69v/f+9iT1z/f7X9/7GOl+r/6/8P8vHr/+v/s1TR+v8x98+GmVQk/wMAAEAVhNw/dCKfi1fI/wAAAFAaMfefDDOR/wEAAKA0Yu7/YJhJRfK//r/+v/6//r/P/++8/279/9qIz/8vqtS//1njhaL/36Y4/f/O9P/1/wf5+PX/9f9Zqmj9/5j758JMKpL/AQAAoApi7v9QmIn8DwAAAKURc/+Hw0zkfwAAACiNmPtPhZlUJP/r/+v/6//r/+v/d95/YT//X/+/q7X27/X/A/3/avf//0f/X/9f/5/+KFr/P+b+02EmFcn/AAAAUAUx958JM5H/AQD+n707abKzLvs4fvp5wpNO8SzcuXBjlUtfAgtd6wtw4caNVZYLJ1ScCc4jioqzIjgPOIAgooLzAE4ozqDiPA84IUrFonNdV9Ldd9+nOzndfd///+ezyCVtmnOkUgm/dL7eANCM3P2PjVvsfwAAAGhG7v7HxS2d7H/9/9n0/6cqZf3/5vc/if7/Qfr/nV5f/6//b5n+f5z+fwn9v+f/6//1/6zU1Pr/3P2Pj1s62f8AAADQg9z9T4hb7H8AAABoRu7+8+MW+x8AAACakbv/iXFLJ/t/S/+/tuiz/8+M1/P/W+r/Pf9/x9fX/+v/W3aw/f9F9/7Mp//X/+v/g/5/V/3/0Z0+X/9Pi6bW/+fuf1Lc0sn+BwAAgB7k7n9y3GL/AwAAQDNy918Qt9j/AAAA0Izc/U+JWzrZ/6t7/v+xjY/PtP8v+n/9/8YH9P/6f/3/bHn+/7ie+v/zbz33MXdee7/r9vL6+n/9v+f/6/9Zran1/7n7nxq3dLL/AQAAoAe5+58Wt9j/AAAA0Izc/U+PW+x/AAAAaEbu/mfELZ3s/9X1/7N+/n/R/+v/Nz6g/9f/6/9nS/8/rqf+/0xeX/+v/9f/6/9Zran1/7n7nxm3dLL/AQAAoAe5+58Vt9j/AAAA0Izc/RfGLfY/AAAANCN3//G4pZP9r//f//7/Hv2//j+u/l//r//ff/r/cfr/JfT/+n/9v/6flZpa/5+7/6K4pZP9DwAAAD3I3f/suMX+BwAAgGbk7n9O3GL/AwAAQDNy9z83bulk/+v/Pf9f/6//1/8Pv77+f570/+P0/0vo/8+2nz9H/6//1/9zuj32/3eP/LS9kv4/d//z4pZO9j8AAAD0IHf/8+MW+x8AAACakbv/BXGL/Q8AAADNyN3/wrilk/2v/9f/6//1/2fc/2//obdB/z9M/38w9P/jJtP/rx0Z/LD+f/b9v+f/6//1/2wytef/5+5/UdzSyf4HAACAHuTuf3HcMrL/9/yb+QAAAMChyt3/krjF1/8BAABg9rI6y93/0rilk/2v/9f/6//1/57/P/z6Y/3/dae9P/3/tOj/x02m/9+B/l//P+f3r//X/7Pd1Pr/3P0vi1s62f8AAADQg9z9F8ct9j8AAAA0I3f/y+MW+x8AAACakbv/FXFLJ/t/uP8/9d/r/3dH/7/5/ev/h398rKr/z7+j/n+0/3+w5//3Sf8/7uD7/6P6/81/f/3/Pjrs9994/39s2efr/xkytf4/d/8lcUsn+x8AAAB6kLv/lXGL/Q8AAADNyN3/qrjF/gcAAIBm5O5/ddzSyf73/H/9v/5/fv2/5/+fdJjP/18ceP9/RP+/S/r/cZ7/v4T+X/+v//f8f1Zqav1/7v5L45ZO9j8AAAD04NK7Fhu7/zWLhf0PAAAAc3T6nx3Y+gdKQ+7+18Yt9j8AAAA0I3f/6+KWTva//l//r//X/+v/h19/Wv2/5//vlv5/nP5/Cf3/fvTzRxrr/y/b6fOn0P9fqP9nYjb1/zec+vhh9f+5+18ft3Sy/wEAAKAHufvfELfY/wAAANCM3P1vjFvsfwAAAGhG7v43xS2d7P997/+P7fza+n/9v/5f/6//1/+vmv5/nP5/Cf2/5/97/r/+n5U61f9v/vnwsPr/3P1vjls62f8AAADQg9z9b4lb7H8AAABoRu7+y+IW+x8AAACakbv/rXFLJ/vf8//1//p//b/+f/j19f/zpP8fp/9fQv+v/9f/6/9ZqU3P/z/NYfX/ufsvj1s62f8AAADQg9z9V8Qt9j8AAAA0I3f/2+IW+x8AAACakbv/7XFLJ/tf/7+//X9+XP+v/1/o//X/+v8D0W3/vzb0K9F2O/T/Nz/q+EM3f0T/r//X/+v/9f+swCT6/xOn/u0yd/874pZO9j8AAAD0IHf/O+MW+x8AAACakbv/XXGL/Q8AAADNyN3/7rhlj/v/Pit9VwdH/+/5//p//b/+f/j19f/z1G3/v0ue/7+E/l//r//X/7NSk+j/T/vr3P3viVt8/R8AAACakbv/vXGL/Q8AAADNyN3/vrjF/gcAAIBm5O5/f9zSyf7X/+v/9f/6f/3/8Oufaf+/vhim/z8Y+v9x+v8l9P/6f/2//p+Vmlr/n7v/yrilk/0PAAAAPcjd/4G4xf4HAACAZuTu/2DcYv8DAABAM3L3fyhu6WT/6//1//p//b/+f/j1Pf9/nvT/4/T/i8XiqpE3MNT/nziq/9f/6//1/5yhqfX/ufs/HLd0sv8BAACgB7n7r4pb7H8AAABoRu7+q+MW+x8AAACakbv/I3FLJ/tf/6//1//r//X/w6+v/58n/f84/f8Snv+v/9f/6/9Zqan1/7n7r4lbOtn/AAAA0IPc/dfGLfY/AAAANCN3/0fjFvsfAAAAmpG7/7q4pZP9r//X/+v/9f/70v8f1/9vpf8/GPvX/y/0//p//f8S+n/9v/6frQ6q/787fr5f1v/n7v9Y3NLJ/gcAAIAe5O6/Pm6x/wEAAKAZufs/HrfY/wAAANCM3P2fiFs62f/6f/2//l//7/n/w6+v/58nz/8fp/9fQv+v/9f/6/9ZqYPq/3fq/bf+de7+T8Ytnex/AAAA6EHu/hviFvsfAAAAmpG7/8a4xf4HAACAZuTu/1Tc0sn+1//r/zf3/4uF/l//r/8/6QD6//WF/n/l9P/j9P9L6P/b7P//Z9FQ/39sx8/X/zNFU+v/c/d/Om7pZP8DAABAD3L3fyZusf8BAACgGbn7Pxu32P8AAADQjNz9n4tbWtr/9+ycvs2//z+65RP1/4vF4rYLPP9f/z/y+vr/yfT/9U9V/786+v9x+v8l9P9t9v+e/6//59BMrf/P3f/5uKWl/Q8AAACdy93/hbjF/gcAAIBm5O7/Ytxi/wMAAEAzcvd/KW7pZP/Pv//f+on6/8VZPf9f/7/xAf2//l//P1tn299fvh6/pun/9f/6/8F+fm2Hf+9Z6P/1//p/Bkyt/8/d/+W4pZP9DwAAAD3I3X9T3GL/AwAAQDNy998ct9j/AAAA0Izc/V+JWzrZ//p//b/+f579/7r+X/+v/x80lef/n3feQ27R/+v/W+z/x+j/9f/6f7aaWv+fu/+rcUsn+x8AAAB6kLv/a3GL/Q8AAADNyN3/9bjF/gcAAIBm5O7/RtzSyf7f3v+fszhZqJ401P9Ho6b/P43+f/P71/8P//jw/H/9v/5//02l//f8/zN7//p//f+c3/+e+v/7b/98/T8tmlr/n7v/lrilk/0PAAAAPcjd/824xf4HAACAZuTu/1bcYv8DAABAM3L33xq3dLL/Pf9f/6//1//r/4dfX/8/T/r/cfr/JfT/Z9/P58+q+v/5Pv//f/X/rM7U+v/c/d+OWzaG3wP+/wz/ZwIAAAATkrv/O3FLJ1//BwAAgB7k7v9u3GL/AwAAQDNy938vbulk/+v/9f/6f/2//n/49fX/86T/H6f/X6Kf/n996IOH3c+frcN+/830/57/zwpNrf/P3f/9uKWT/Q8AAABtu2vj29z9P4hb7H8AAABoRu7+H8Yt9j8AAAA0I3f/bXFLJ/tf/6//b7//f4T+f8vr6//1/y3T/+ev6MP0/0v00/8POux+fu7vX/+v/2e7qfX/uftvj1s62f8AAADQg9z9P4pb7H8AAABoRu7+H8ct9j8AAAA0I3f/T+KWTva//r+v/n9t0WP/7/n/+n/9f0/m0/9fcWToo57/r//X/8/3/ev/9f9sN7X+P3f/HWtHutz/AAAAMFcPe+Cjb9/t971j49v1xU/jFvsfAAAAmpG7/2dxi/0PAAAAzcjd//O4pZP9r//vq//v8/n/+n/9v/6/J/Pp/4fp//X/+v/5vn/9v/6f7abW/+fu/0XcctrwG/w/6AEAAAAOz//t7bvn7v9l3NLJ1/8BAACgB7n7fxW3bNv/J3b5p9oBAACAqcnd/+u4pZOv/+v/J97/L/ap/4/vp/8/Sf+v/x96ff3/POn/x51l/39iTf+v/x+h/9f/6//Zamr9f+7+669ZdLn/AQAAoFGbfkfhNxvfri9+G7fY/wAAANCM3P2/i1vsfwAAAGhG7v7fxy2d7H/9/8T7/zN6/v+x+k+e/995/3/x+uDr6//1/y3T/4/z/P8l9P/6f/2//p+V2kP/vzFI97v/z93/h7ilk/0PAAAAPcjd/8e4xf4HAACAZuTu/1PcYv8DAABAM3L3/zlu6WT/6/8Pof+/5Ohisa/9/y6e/6//76P/3+H12+n/73vu8Zse/sirr9T/c8pB9v/5Y0H/r//X/5+k/9f/6//ZamrP/8/d/5e4pZP9DwAAAD3I3X9n3GL/AwAAQDNy9/81brl3/994WO8KAAAAWKXc/X+LWzr5+r/+v8Xn/8+z/89/1ofQ/x+fX/+fTXHv/b/n/+v/t/P8/3H6/yX0//p//b/+n5WaWv+fu//vcUsn+x8AAAB6kLv/H3FL7v+1Pf/WPQAAADAxufv/Gbf4+j8AAAA0I3f/XXFLJ/tf/6//n0r/nzz//9Tnef7/Sfp//f9e6P/H6f+X0P/r//X/+n9Wamr9f+7+f8Utnex/AAAA6EHu/rvjFvsfAAAAmpG7/99xi/0PAAAAzcjd/5+4pZP9r//X/+v/9f/6/+HX1//Pk/5/nP5/Cf2//l//r/9npabW/+fu/28AAAD//xDQcaQ=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4142, 0x1f7)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
sendfile(r1, r2, 0x0, 0x20fffe82)
pwrite64(r0, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)

1.30644628s ago: executing program 6 (id=794):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
recvmmsg(r0, &(0x7f0000000080)=[{{0x0, 0x0, 0x0}}], 0x40000000000012d, 0x2, 0x0)
setsockopt$inet_int(r0, 0x0, 0x17, &(0x7f0000000180)=0x6, 0x4)
setsockopt$inet_int(r0, 0x0, 0x19, &(0x7f0000000140)=0x400030, 0x4)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000b09000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f000000c000/0x2000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f000000b000/0x2000)=nil, &(0x7f0000c65000/0x1000)=nil, &(0x7f00008d9000/0x3000)=nil, 0x0}, 0x68)
bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
syz_emit_ethernet(0x2e, &(0x7f0000000500)={@broadcast, @broadcast, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x20, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @empty}, {0x0, 0x4e20, 0xc, 0x0, @gue={{0x1, 0x0, 0x0, 0x0, 0x0, @void}}}}}}}, 0x0)

1.155991981s ago: executing program 4 (id=795):
syz_open_dev$usbmon(&(0x7f0000000080), 0x0, 0x0)
r0 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x0, 0x1, 0xbfdffffc}, &(0x7f00000000c0)=<r1=>0x0, &(0x7f00000003c0)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x85c3}})
io_uring_enter(r0, 0x47f6, 0x0, 0x0, 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)

1.084228511s ago: executing program 6 (id=796):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x181)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./bus\x00', 0x140)
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './cgroup'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
chdir(&(0x7f00000001c0)='./bus\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./bus\x00', 0x289c2, 0x1)
fcntl$setlease(r0, 0x400, 0x1)
fallocate(r0, 0x0, 0x800657, 0x40000b9)

795.283478ms ago: executing program 4 (id=797):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r0, 0x29, 0x4b, &(0x7f0000000100)=0x401, 0x4)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e22}, 0x1c)
bind$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0x3, @loopback={0x100000}, 0x6}, 0x1c)

571.969998ms ago: executing program 4 (id=798):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000d00)=ANY=[@ANYBLOB="120100021982302013042360e5ec0102030109021b0001000060020904840001ee48b100090582"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$rtl8150(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$uac2(r0, 0x0, 0x0)

0s ago: executing program 1 (id=799):
fcntl$lock(0xffffffffffffffff, 0x25, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000040)='tasks\x00', 0x2, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
unlinkat(0xffffffffffffff9c, &(0x7f0000000000)='mnt/encrypted_dir\x00', 0x200)
lseek(r1, 0x7f, 0x0)

kernel console output (not intermixed with test programs):

 entered promiscuous mode
[   94.937459][ T5850] 8021q: adding VLAN 0 to HW filter on device batadv0
[   94.994505][ T5847] veth1_vlan: entered promiscuous mode
[   95.048208][ T5845] veth0_vlan: entered promiscuous mode
[   95.113273][ T5845] veth1_vlan: entered promiscuous mode
[   95.134705][ T5846] 8021q: adding VLAN 0 to HW filter on device batadv0
[   95.145016][ T5848] veth0_macvtap: entered promiscuous mode
[   95.192436][ T5848] veth1_macvtap: entered promiscuous mode
[   95.275837][ T5847] veth0_macvtap: entered promiscuous mode
[   95.306778][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_0
[   95.339427][ T5848] batman_adv: batadv0: Interface activated: batadv_slave_1
[   95.374213][ T5847] veth1_macvtap: entered promiscuous mode
[   95.391646][ T3497] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   95.403043][ T3497] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   95.414083][ T3497] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   95.436082][ T3497] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   95.446803][ T5845] veth0_macvtap: entered promiscuous mode
[   95.482868][ T5845] veth1_macvtap: entered promiscuous mode
[   95.512045][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_0
[   95.553070][ T5847] batman_adv: batadv0: Interface activated: batadv_slave_1
[   95.631404][ T3497] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   95.645045][ T3497] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   95.656526][ T5846] veth0_vlan: entered promiscuous mode
[   95.687161][ T3497] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   95.696821][ T3497] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   95.724522][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_0
[   95.773719][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.776662][ T5846] veth1_vlan: entered promiscuous mode
[   95.789236][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.805263][ T5850] veth0_vlan: entered promiscuous mode
[   95.823243][ T5845] batman_adv: batadv0: Interface activated: batadv_slave_1
[   95.870327][   T36] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   95.879345][   T36] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   95.909230][   T36] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   95.919302][   T36] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   95.964010][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   95.973054][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   95.994636][ T5850] veth1_vlan: entered promiscuous mode
[   96.054911][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   96.078726][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   96.159922][ T5848] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality.
[   96.175504][  T487] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   96.183484][  T487] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   96.218057][ T5846] veth0_macvtap: entered promiscuous mode
[   96.365793][  T487] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   96.391619][  T487] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   96.402474][ T5846] veth1_macvtap: entered promiscuous mode
[   96.425053][ T5850] veth0_macvtap: entered promiscuous mode
[   96.480039][ T5967] loop2: detected capacity change from 0 to 1024
[   96.510070][ T5850] veth1_macvtap: entered promiscuous mode
[   96.524397][ T5967] =======================================================
[   96.524397][ T5967] WARNING: The mand mount option has been deprecated and
[   96.524397][ T5967]          and is ignored by this kernel. Remove the mand
[   96.524397][ T5967]          option from the mount to silence this warning.
[   96.524397][ T5967] =======================================================
[   96.667584][ T5967] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   96.684033][ T5859] Bluetooth: hci3: command tx timeout
[   96.759519][ T5850] batman_adv: batadv0: Interface activated: batadv_slave_0
[   96.768058][ T5859] Bluetooth: hci1: command tx timeout
[   96.773094][ T5851] Bluetooth: hci4: command tx timeout
[   96.773942][ T5859] Bluetooth: hci2: command tx timeout
[   96.779147][ T5860] Bluetooth: hci0: command tx timeout
[   96.805788][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_0
[   96.875581][ T3573] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   96.888260][ T3573] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   96.914837][ T5846] batman_adv: batadv0: Interface activated: batadv_slave_1
[   96.943972][ T5850] batman_adv: batadv0: Interface activated: batadv_slave_1
[   96.997223][ T3573] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   97.014287][  T487] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   97.036539][ T3497] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   97.076437][ T3497] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   97.120955][ T3497] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   97.144740][ T3573] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   97.166856][ T3573] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   97.217170][ T3573] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   97.531738][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.550317][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.763443][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.784557][ T5999] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   97.802609][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   97.829299][ T3573] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   97.838841][ T3573] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   98.026501][ T3497] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   98.064912][ T3497] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   99.633961][ T6034] 9p: Bad value for 'rfdno'
[  100.302113][ T5924] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  100.447111][ T6051] loop3: detected capacity change from 0 to 4096
[  100.566914][ T5924] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  100.586139][ T6051] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.654056][ T5924] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  100.720115][ T5924] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  100.795442][ T5924] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  100.822679][ T5924] usb 1-1: SerialNumber: syz
[  101.018015][ T5845] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.177406][ T5924] usb 1-1: 0:2 : does not exist
[  101.313960][ T5838] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  101.400214][ T5924] usb 1-1: USB disconnect, device number 2
[  101.488196][ T6074] loop1: detected capacity change from 0 to 4096
[  101.497579][ T5909] udevd[5909]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  101.520701][ T5838] usb 5-1: Using ep0 maxpacket: 16
[  101.546723][ T5838] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  101.580767][ T5838] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  101.606415][ T5838] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  101.655997][ T5838] usb 5-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  101.689190][ T5838] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  101.727928][ T5838] usb 5-1: config 0 descriptor??
[  101.789298][   T36] ntfs3(loop1): ino=5, mi_enum_attr
[  102.010501][ T6085] netlink: 28 bytes leftover after parsing attributes in process `syz.0.41'.
[  102.195868][ T5838] microsoft 0003:045E:07DA.0001: unknown main item tag 0x0
[  102.229070][ T5838] microsoft 0003:045E:07DA.0001: ignoring exceeding usage max
[  102.297621][ T5838] input: HID 045e:07da as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:045E:07DA.0001/input/input5
[  102.559820][ T5838] microsoft 0003:045E:07DA.0001: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.4-1/input0
[  102.646140][ T5838] usb 5-1: USB disconnect, device number 2
[  102.920275][ T6100] fido_id[6100]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[  103.083573][   T29] usb 2-1: new low-speed USB device number 2 using dummy_hcd
[  103.262733][   T29] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  103.290064][   T29] usb 2-1: config 0 has no interface number 0
[  103.308099][   T29] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  103.336583][   T29] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  103.362141][   T29] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  103.395567][   T29] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  103.427249][   T29] usb 2-1: config 0 descriptor??
[  103.448218][ T6104] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  103.486156][ T6112] loop0: detected capacity change from 0 to 1024
[  103.513954][   T29] iowarrior 2-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  103.603149][ T6112] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  103.676266][ T6112] ext4 filesystem being mounted at /10/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  103.793426][ T6112] EXT4-fs error (device loop0): ext4_map_blocks:821: inode #15: comm syz.0.53: lblock 0 mapped to illegal pblock 0 (length 5)
[  103.993240][ T5847] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  104.243905][ T6110] loop4: detected capacity change from 0 to 40427
[  104.289399][ T6110] F2FS-fs: heap/no_heap options were deprecated
[  104.329024][   T29] IPVS: starting estimator thread 0...
[  104.387777][ T6110] F2FS-fs (loop4): build fault injection rate: 19
[  104.422678][ T6110] F2FS-fs (loop4): build fault injection type: 0x3bfe8c
[  104.456281][ T6120] IPVS: using max 28 ests per chain, 67200 per kthread
[  104.480299][ T6110] F2FS-fs (loop4): invalid crc value
[  104.493538][   T10] usb 2-1: USB disconnect, device number 2
[  104.493538][    C1] iowarrior 2-1:0.1: iowarrior_callback - usb_submit_urb failed with result -19
[  104.615077][ T6110] F2FS-fs (loop4): inject page alloc in f2fs_grab_cache_folio of f2fs_build_free_nids+0x9d8/0x1810
[  104.947548][ T6110] F2FS-fs (loop4): inject slab alloc in f2fs_kmem_cache_alloc of read_node_folio+0x221/0x410
[  104.997480][ T6110] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  105.042774][ T6110] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  105.189002][ T6110] F2FS-fs (loop4): inject page alloc in f2fs_grab_cache_folio of f2fs_get_dnode_of_data+0x911/0x2060
[  105.219300][ T6141] F2FS-fs (loop4): inject slab alloc in f2fs_kmem_cache_alloc of f2fs_new_node_folio+0x3ad/0xd80
[  105.245151][ T6110] F2FS-fs (loop4): inject slab alloc in f2fs_alloc_inode of alloc_inode+0x6a/0x1b0
[  105.432879][ T5850] syz-executor: attempt to access beyond end of device
[  105.432879][ T5850] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  105.477896][ T5850] CPU: 0 UID: 0 PID: 5850 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  105.477925][ T5850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  105.477945][ T5850] Call Trace:
[  105.477957][ T5850]  <TASK>
[  105.477966][ T5850]  dump_stack_lvl+0xe8/0x150
[  105.478002][ T5850]  f2fs_handle_critical_error+0x37c/0x540
[  105.478038][ T5850]  f2fs_write_end_io+0x1274/0x1740
[  105.478081][ T5850]  __submit_merged_bio+0x256/0x700
[  105.478116][ T5850]  __submit_merged_write_cond+0x3c9/0x4e0
[  105.478152][ T5850]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  105.478204][ T5850]  f2fs_write_data_pages+0x287e/0x34f0
[  105.478279][ T5850]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  105.478332][ T5850]  ? unwind_get_return_address+0x4d/0x90
[  105.478353][ T5850]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  105.478409][ T5850]  ? check_noncircular+0xda/0x150
[  105.478441][ T5850]  ? lockdep_unlock+0x5d/0xd0
[  105.478467][ T5850]  ? __lock_acquire+0x146e/0x2cf0
[  105.478523][ T5850]  ? do_raw_spin_lock+0x12b/0x2f0
[  105.478561][ T5850]  ? do_raw_spin_unlock+0xf5/0x210
[  105.478588][ T5850]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  105.478620][ T5850]  do_writepages+0x32e/0x550
[  105.478657][ T5850]  ? do_raw_spin_unlock+0xf5/0x210
[  105.478688][ T5850]  filemap_fdatawrite+0x1e9/0x2f0
[  105.478718][ T5850]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  105.478792][ T5850]  ? do_raw_spin_unlock+0xf5/0x210
[  105.478824][ T5850]  f2fs_sync_dirty_inodes+0x30e/0x860
[  105.478861][ T5850]  f2fs_write_checkpoint+0x9df/0x26a0
[  105.478917][ T5850]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  105.478996][ T5850]  kill_f2fs_super+0x314/0x720
[  105.479034][ T5850]  ? __pfx_kill_f2fs_super+0x10/0x10
[  105.479080][ T5850]  ? lockdep_hardirqs_on+0x7a/0x110
[  105.479121][ T5850]  deactivate_locked_super+0xbc/0x130
[  105.479154][ T5850]  cleanup_mnt+0x437/0x4d0
[  105.479175][ T5850]  ? _raw_spin_unlock_irq+0x23/0x50
[  105.479202][ T5850]  task_work_run+0x1d9/0x270
[  105.479233][ T5850]  ? __pfx_task_work_run+0x10/0x10
[  105.479271][ T5850]  exit_to_user_mode_loop+0xed/0x480
[  105.479305][ T5850]  ? rcu_is_watching+0x15/0xb0
[  105.479332][ T5850]  do_syscall_64+0x32d/0xf80
[  105.479357][ T5850]  ? trace_irq_disable+0x3b/0x150
[  105.479382][ T5850]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.479402][ T5850]  ? clear_bhb_loop+0x40/0x90
[  105.479427][ T5850]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  105.479447][ T5850] RIP: 0033:0x7efed619d9d7
[  105.479474][ T5850] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  105.479490][ T5850] RSP: 002b:00007fff1031e288 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  105.479516][ T5850] RAX: 0000000000000000 RBX: 00007efed6232050 RCX: 00007efed619d9d7
[  105.479530][ T5850] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff1031e340
[  105.479563][ T5850] RBP: 00007fff1031e340 R08: 00007fff1031f340 R09: 00000000ffffffff
[  105.479577][ T5850] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff1031f3d0
[  105.479589][ T5850] R13: 00007efed6232050 R14: 0000000000019afe R15: 00007fff1031f410
[  105.479623][ T5850]  </TASK>
[  105.479714][ T5850] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  106.530667][   T29] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  106.581858][ T6168] loop4: detected capacity change from 0 to 128
[  106.621305][ T6168] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  106.644380][ T6168] hpfs: filesystem error: improperly stopped
[  106.661178][ T6168] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  106.693822][ T6168] hpfs: You really don't want any checks? You are crazy...
[  106.706688][   T29] usb 4-1: Using ep0 maxpacket: 8
[  106.712460][ T6168] hpfs: Code page index out of array
[  106.722561][ T6168] hpfs: code page support is disabled
[  106.735171][   T29] usb 4-1: config index 0 descriptor too short (expected 301, got 45)
[  106.743989][ T5838] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  106.753960][ T6168] hpfs: hpfs_map_4sectors(): unaligned read
[  106.769092][   T29] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  106.777424][ T6168] hpfs: hpfs_map_4sectors(): unaligned read
[  106.792946][   T29] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  106.805489][ T6168] hpfs: filesystem error: unable to find root dir
[  106.851800][   T29] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  106.872312][   T29] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  106.885874][   T29] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  106.896851][   T29] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  106.920623][ T5838] usb 3-1: Using ep0 maxpacket: 8
[  106.941124][ T5838] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  106.960757][ T5838] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  106.982563][ T5838] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  107.013069][ T5838] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  107.050159][ T5838] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  107.071964][ T5838] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  107.134795][   T29] usb 4-1: GET_CAPABILITIES returned 0
[  107.182220][   T29] usbtmc 4-1:16.0: can't read capabilities
[  107.304023][ T5838] usb 3-1: GET_CAPABILITIES returned 0
[  107.319640][ T5838] usbtmc 3-1:16.0: can't read capabilities
[  107.379758][ T6176] loop0: detected capacity change from 0 to 4096
[  107.389863][ T5924] usb 4-1: USB disconnect, device number 2
[  107.543125][ T5838] usb 3-1: USB disconnect, device number 2
[  107.556287][ T6183] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  107.686853][   T30] audit: type=1800 audit(1773862949.193:2): pid=6176 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.76" name="file1" dev="loop0" ino=15 res=0 errno=0
[  107.941467][ T6179] loop1: detected capacity change from 0 to 32768
[  107.997639][ T6179] XFS (loop1): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  108.089667][ T6179] XFS (loop1): Ending clean mount
[  108.454687][ T6203] netlink: 'syz.3.84': attribute type 20 has an invalid length.
[  108.494180][ T6203] netlink: 4 bytes leftover after parsing attributes in process `syz.3.84'.
[  108.495443][ T5846] XFS (loop1): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  108.685919][ T6203] netlink: 'syz.3.84': attribute type 20 has an invalid length.
[  108.694704][  T487] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  108.709441][   T49] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  108.749860][   T49] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  108.786615][ T6203] netlink: 4 bytes leftover after parsing attributes in process `syz.3.84'.
[  108.804734][   T49] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  108.841632][ T6203] Zero length message leads to an empty skb
[  108.976180][   T30] audit: type=1326 audit(1773862950.483:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6213 comm="syz.4.89" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efed619c799 code=0x7ffc0000
[  109.056155][   T30] audit: type=1326 audit(1773862950.493:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6213 comm="syz.4.89" exe="/root/syz-executor" sig=0 arch=c000003e syscall=432 compat=0 ip=0x7efed619c799 code=0x7ffc0000
[  109.132916][   T30] audit: type=1326 audit(1773862950.513:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6213 comm="syz.4.89" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efed619c799 code=0x7ffc0000
[  109.209646][ T6220] netlink: 'syz.4.92': attribute type 14 has an invalid length.
[  109.221830][   T30] audit: type=1326 audit(1773862950.513:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6213 comm="syz.4.89" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efed619c799 code=0x7ffc0000
[  109.253659][ T6220] netlink: 4 bytes leftover after parsing attributes in process `syz.4.92'.
[  109.297822][   T30] audit: type=1326 audit(1773862950.513:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6213 comm="syz.4.89" exe="/root/syz-executor" sig=0 arch=c000003e syscall=81 compat=0 ip=0x7efed619c799 code=0x7ffc0000
[  109.373514][   T30] audit: type=1326 audit(1773862950.513:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6213 comm="syz.4.89" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efed619c799 code=0x7ffc0000
[  109.422291][ T6220] netlink: 'syz.4.92': attribute type 14 has an invalid length.
[  109.431418][  T487] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  109.454842][ T6220] netlink: 4 bytes leftover after parsing attributes in process `syz.4.92'.
[  109.467938][  T487] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  109.473193][   T30] audit: type=1326 audit(1773862950.513:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6213 comm="syz.4.89" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efed619c799 code=0x7ffc0000
[  109.513124][  T487] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  109.545076][   T30] audit: type=1326 audit(1773862950.513:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6213 comm="syz.4.89" exe="/root/syz-executor" sig=0 arch=c000003e syscall=433 compat=0 ip=0x7efed619c799 code=0x7ffc0000
[  109.561309][  T487] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  109.650158][   T30] audit: type=1326 audit(1773862950.513:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6213 comm="syz.4.89" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7efed619c799 code=0x7ffc0000
[  110.395012][ T6235] loop3: detected capacity change from 0 to 8192
[  111.095400][ T6249] loop1: detected capacity change from 0 to 128
[  111.137753][ T6249] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  111.192395][ T6249] hpfs: filesystem error: improperly stopped
[  111.210970][ T6249] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  111.235505][ T6249] hpfs: You really don't want any checks? You are crazy...
[  111.273958][ T6249] hpfs: hpfs_map_sector(): read error
[  111.309808][ T6249] hpfs: code page support is disabled
[  111.329694][ T6249] hpfs: hpfs_map_4sectors(): unaligned read
[  111.356837][ T6249] hpfs: hpfs_map_4sectors(): unaligned read
[  111.368702][ T6249] hpfs: filesystem error: unable to find root dir
[  111.682124][ T5924] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  111.718066][ T6262] input: syz0 as /devices/virtual/input/input6
[  111.863664][ T5924] usb 5-1: Using ep0 maxpacket: 16
[  111.906646][ T5924] usb 5-1: config 128 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  111.935428][ T5924] usb 5-1: config 128 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  111.976978][ T5924] usb 5-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00
[  111.996376][ T5924] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  112.377518][ T6271] loop3: detected capacity change from 0 to 512
[  112.396477][ T6271] EXT4-fs (loop3): Test dummy encryption mode enabled
[  112.417674][ T6271] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  112.457760][ T6271] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  112.481175][ T5924] mcp2221 0003:04D8:00DD.0002: USB HID v0.05 Device [HID 04d8:00dd] on usb-dummy_hcd.4-1/input0
[  112.518218][ T6271] EXT4-fs error (device loop3): ext4_orphan_get:1417: comm syz.3.113: bad orphan inode 131083
[  112.538003][ T6271] loop3: lost filesystem error report for type 5 error -117
[  112.549869][ T6271] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  112.586524][ T6271] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni"
[  112.708343][ T5845] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  112.892741][ T5924] usb 5-1: USB disconnect, device number 3
[  113.902632][ T5838] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  114.000491][   T30] kauditd_printk_skb: 3 callbacks suppressed
[  114.021887][   T30] audit: type=1804 audit(1773862955.503:15): pid=6296 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.122" name="/newroot/21/file0/file1" dev="overlay" ino=143 res=1 errno=0
[  114.095032][ T5838] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  114.122966][ T5838] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  114.150679][ T5838] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  114.175998][ T5838] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  114.216053][ T6293] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[  114.263114][ T5838] usb 5-1: Quirk or no altset; falling back to MIDI 1.0
[  114.681117][ T5838] usb 5-1: USB disconnect, device number 4
[  115.057556][ T6307] loop1: detected capacity change from 0 to 512
[  115.090039][ T6307] EXT4-fs error (device loop1): ext4_iget_extra_inode:5028: inode #15: comm syz.1.126: corrupted in-inode xattr: invalid ea_ino
[  115.148122][ T6307] loop1: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  115.148683][ T6307] EXT4-fs error (device loop1): ext4_orphan_get:1396: comm syz.1.126: couldn't read orphan inode 15 (err -117)
[  115.158032][    C1] EXT4-fs (loop1): error count since last fsck: 1
[  115.158103][    C1] EXT4-fs (loop1): initial error at time 1773862956: ext4_iget_extra_inode:5028: inode 15
[  115.158141][    C1] EXT4-fs (loop1): last error at time 1773862956: ext4_iget_extra_inode:5028: inode 15
[  115.207044][ T6307] loop1: lost filesystem error report for type 5 error -117
[  115.281030][ T6307] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  115.486194][ T5846] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.895848][ T6322] loop0: detected capacity change from 0 to 1024
[  115.941561][ T6322] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  116.271695][ T5847] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  116.643640][ T6338] process 'syz.3.137' launched './file1' with NULL argv: empty string added
[  117.436684][ T6336] loop4: detected capacity change from 0 to 32768
[  117.477721][ T6342] loop0: detected capacity change from 0 to 32768
[  117.509219][ T6336] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  117.666381][ T6336] XFS (loop4): Ending clean mount
[  117.732839][ T6336] XFS (loop4): Quotacheck needed: Please wait.
[  117.829211][ T6342] JBD2: Ignoring recovery information on journal
[  118.035445][ T6336] XFS (loop4): Quotacheck: Done.
[  118.146814][ T6342] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  118.391048][  T487] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  118.426097][  T487] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  118.474998][ T5850] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  118.705098][ T6373] netlink: 'syz.1.151': attribute type 7 has an invalid length.
[  118.767708][ T5847] ocfs2: Unmounting device (7,0) on (node local)
[  118.822010][ T5859] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  118.836999][  T487] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  118.856070][ T5859] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  118.864305][  T487] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  118.877842][ T5859] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  118.897912][ T5859] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  118.929126][ T5859] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  119.046911][ T6373] netlink: 'syz.1.151': attribute type 7 has an invalid length.
[  119.164333][  T487] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  119.192393][ T6377] netlink: 8 bytes leftover after parsing attributes in process `syz.4.149'.
[  119.203939][  T487] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.499776][  T487] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  119.513164][  T487] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  119.546562][ T6382] bond1: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  119.585590][ T6382] bond1: (slave lo): Enslaving as an active interface with an up link
[  119.616334][ T6382] A link change request failed with some changes committed already. Interface tunl0 may have been left with an inconsistent configuration, please check.
[  119.712908][   T24] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  119.783990][ T5924] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  119.914153][   T24] usb 1-1: config 0 has no interfaces?
[  119.936430][ T6383] loop4: detected capacity change from 0 to 32768
[  119.950456][   T24] usb 1-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  119.966161][ T5924] usb 3-1: Using ep0 maxpacket: 16
[  119.967616][   T24] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  119.982155][   T24] usb 1-1: Product: syz
[  119.989326][   T24] usb 1-1: Manufacturer: syz
[  119.994511][   T24] usb 1-1: SerialNumber: syz
[  119.999344][ T6383] (syz.4.153,6383,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  120.014479][ T5924] usb 3-1: config 0 has no interfaces?
[  120.015975][ T6383] (syz.4.153,6383,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  120.037070][ T5924] usb 3-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[  120.062042][   T24] usb 1-1: config 0 descriptor??
[  120.076441][ T5924] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  120.091254][ T5924] usb 3-1: Product: syz
[  120.098932][ T5924] usb 3-1: Manufacturer: syz
[  120.104514][ T5924] usb 3-1: SerialNumber: syz
[  120.118844][ T5924] usb 3-1: config 0 descriptor??
[  120.128243][ T6383] JBD2: Ignoring recovery information on journal
[  120.190417][ T6383] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  120.523879][ T6394] loop1: detected capacity change from 0 to 32768
[  120.566365][ T6394] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.156 (6394)
[  120.636114][ T6403] (syz.4.153,6403,0):ocfs2_check_set_options:1244 ERROR: Invalid heartbeat mount options
[  120.724007][ T6394] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  120.747280][ T6394] BTRFS info (device loop1): using crc32c checksum algorithm
[  120.918254][   T24] usb 1-1: USB disconnect, device number 3
[  121.008773][ T5860] Bluetooth: hci0: command tx timeout
[  121.035783][ T6025] usb 3-1: USB disconnect, device number 3
[  121.067758][ T5850] ocfs2: Unmounting device (7,4) on (node local)
[  121.148529][ T6394] BTRFS info (device loop1): enabling ssd optimizations
[  121.155787][ T6394] BTRFS info (device loop1): turning on flush-on-commit
[  121.164084][ T6394] BTRFS info (device loop1): enabling free space tree
[  121.172770][ T6394] BTRFS info (device loop1): enabling auto defrag
[  121.184319][ T6394] BTRFS info (device loop1): use lzo compression, level 1
[  121.203343][ T6394] BTRFS info (device loop1): max_inline set to 4096
[  121.425743][  T487] bridge_slave_1: left allmulticast mode
[  121.447486][  T487] bridge_slave_1: left promiscuous mode
[  121.448631][  T487] bridge0: port 2(bridge_slave_1) entered disabled state
[  121.585488][  T487] bridge_slave_0: left allmulticast mode
[  121.619181][  T487] bridge_slave_0: left promiscuous mode
[  121.648824][  T487] bridge0: port 1(bridge_slave_0) entered disabled state
[  121.796096][ T5846] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  122.647185][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  123.081419][ T5860] Bluetooth: hci0: command tx timeout
[  123.660487][   T30] audit: type=1326 audit(1773862965.163:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6467 comm="syz.0.168" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fdb66d9c799 code=0x0
[  123.708204][  T487] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  123.753504][  T487] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  123.775771][  T487] bond0 (unregistering): Released all slaves
[  123.842754][ T6374] chnl_net:caif_netlink_parms(): no params data found
[  124.852511][ T6374] bridge0: port 1(bridge_slave_0) entered blocking state
[  124.893675][ T6374] bridge0: port 1(bridge_slave_0) entered disabled state
[  124.911625][   T24] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  124.944631][ T6374] bridge_slave_0: entered allmulticast mode
[  124.967111][ T6374] bridge_slave_0: entered promiscuous mode
[  124.997293][ T6374] bridge0: port 2(bridge_slave_1) entered blocking state
[  125.017835][ T6374] bridge0: port 2(bridge_slave_1) entered disabled state
[  125.058257][ T6374] bridge_slave_1: entered allmulticast mode
[  125.091107][ T6374] bridge_slave_1: entered promiscuous mode
[  125.097284][   T24] usb 2-1: Using ep0 maxpacket: 32
[  125.120325][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  125.160808][ T5860] Bluetooth: hci0: command tx timeout
[  125.171584][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  125.200641][   T24] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  125.214063][   T24] usb 2-1: New USB device found, idVendor=0458, idProduct=5011, bcdDevice= 0.00
[  125.224200][   T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  125.240837][   T24] usb 2-1: config 0 descriptor??
[  125.444164][ T6374] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  125.489478][ T6374] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  125.722000][ T6478] loop4: detected capacity change from 0 to 40427
[  125.748973][ T6478] F2FS-fs: heap/no_heap options were deprecated
[  125.795763][ T6478] F2FS-fs (loop4): Image doesn't support compression
[  125.840410][ T6478] F2FS-fs (loop4): build fault injection rate: 690
[  125.847164][  T487] hsr_slave_0: left promiscuous mode
[  125.856385][ T6478] F2FS-fs (loop4): build fault injection type: 0x4
[  125.874613][   T24] input: HID 0458:5011 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0458:5011.0003/input/input7
[  125.902771][  T487] hsr_slave_1: left promiscuous mode
[  125.916376][ T6478] F2FS-fs (loop4): invalid crc value
[  125.931990][  T487] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  125.987301][  T487] batman_adv: batadv0: Removing interface: batadv_slave_0
[  126.024942][  T487] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  126.059054][  T487] batman_adv: batadv0: Removing interface: batadv_slave_1
[  126.119924][   T24] input: HID 0458:5011 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:0458:5011.0003/input/input8
[  126.252605][  T487] veth1_macvtap: left promiscuous mode
[  126.282521][  T487] veth0_macvtap: left promiscuous mode
[  126.313925][  T487] veth1_vlan: left promiscuous mode
[  126.329099][  T487] veth0_vlan: left promiscuous mode
[  126.406751][ T6478] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  126.456088][ T6478] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  126.485514][   T24] kye 0003:0458:5011.0003: input,hiddev0,hidraw0: USB HID v0.00 Mouse [HID 0458:5011] on usb-dummy_hcd.1-1/input0
[  126.737693][   T30] audit: type=1800 audit(1773862968.243:17): pid=6503 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.171" name="bus" dev="loop4" ino=14 res=0 errno=0
[  126.801449][ T6478] syz.4.171: attempt to access beyond end of device
[  126.801449][ T6478] loop4: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  126.844512][ T5838] usb 2-1: USB disconnect, device number 3
[  127.022043][ T5850] syz-executor: attempt to access beyond end of device
[  127.022043][ T5850] loop4: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[  127.060774][ T5850] CPU: 0 UID: 0 PID: 5850 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  127.060808][ T5850] Tainted: [L]=SOFTLOCKUP
[  127.060815][ T5850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  127.060827][ T5850] Call Trace:
[  127.060835][ T5850]  <TASK>
[  127.060843][ T5850]  dump_stack_lvl+0xe8/0x150
[  127.060882][ T5850]  f2fs_handle_critical_error+0x37c/0x540
[  127.060919][ T5850]  f2fs_write_end_io+0x1274/0x1740
[  127.060970][ T5850]  __submit_merged_bio+0x256/0x700
[  127.061006][ T5850]  __submit_merged_write_cond+0x3c9/0x4e0
[  127.061044][ T5850]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  127.061098][ T5850]  f2fs_write_data_pages+0x287e/0x34f0
[  127.061166][ T5850]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  127.061195][ T5850]  ? do_raw_spin_lock+0x12b/0x2f0
[  127.061271][ T5850]  ? finish_task_switch+0x41f/0xbe0
[  127.061305][ T5850]  ? __lock_acquire+0x6b5/0x2cf0
[  127.061351][ T5850]  ? __lock_acquire+0x6b5/0x2cf0
[  127.061388][ T5850]  ? do_raw_spin_lock+0x12b/0x2f0
[  127.061424][ T5850]  ? do_raw_spin_unlock+0xf5/0x210
[  127.061452][ T5850]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  127.061484][ T5850]  do_writepages+0x32e/0x550
[  127.061520][ T5850]  ? do_raw_spin_unlock+0xf5/0x210
[  127.061551][ T5850]  filemap_fdatawrite+0x1e9/0x2f0
[  127.061581][ T5850]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  127.061654][ T5850]  ? do_raw_spin_unlock+0xf5/0x210
[  127.061685][ T5850]  f2fs_sync_dirty_inodes+0x30e/0x860
[  127.061723][ T5850]  f2fs_write_checkpoint+0x9df/0x26a0
[  127.061779][ T5850]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  127.061843][ T5850]  ? kfree+0x1c5/0x650
[  127.061871][ T5850]  ? f2fs_stop_gc_thread+0x7f/0xb0
[  127.061903][ T5850]  kill_f2fs_super+0x314/0x720
[  127.061951][ T5850]  ? __pfx_kill_f2fs_super+0x10/0x10
[  127.061998][ T5850]  ? lockdep_hardirqs_on+0x7a/0x110
[  127.062038][ T5850]  deactivate_locked_super+0xbc/0x130
[  127.062072][ T5850]  cleanup_mnt+0x437/0x4d0
[  127.062092][ T5850]  ? _raw_spin_unlock_irq+0x23/0x50
[  127.062119][ T5850]  task_work_run+0x1d9/0x270
[  127.062149][ T5850]  ? __pfx_task_work_run+0x10/0x10
[  127.062189][ T5850]  exit_to_user_mode_loop+0xed/0x480
[  127.062218][ T5850]  ? rcu_is_watching+0x15/0xb0
[  127.062244][ T5850]  do_syscall_64+0x32d/0xf80
[  127.062268][ T5850]  ? trace_irq_disable+0x3b/0x150
[  127.062302][ T5850]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.062322][ T5850]  ? clear_bhb_loop+0x40/0x90
[  127.062347][ T5850]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.062366][ T5850] RIP: 0033:0x7efed619d9d7
[  127.062401][ T5850] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  127.062417][ T5850] RSP: 002b:00007fff1031e288 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  127.062439][ T5850] RAX: 0000000000000000 RBX: 00007efed6232050 RCX: 00007efed619d9d7
[  127.062452][ T5850] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff1031e340
[  127.062464][ T5850] RBP: 00007fff1031e340 R08: 00007fff1031f340 R09: 00000000ffffffff
[  127.062477][ T5850] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff1031f3d0
[  127.062489][ T5850] R13: 00007efed6232050 R14: 000000000001ef9d R15: 00007fff1031f410
[  127.062521][ T5850]  </TASK>
[  127.064964][ T5850] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  127.323853][ T5860] Bluetooth: hci0: command tx timeout
[  127.512191][ T5850] CPU: 0 UID: 0 PID: 5850 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  127.512222][ T5850] Tainted: [L]=SOFTLOCKUP
[  127.512228][ T5850] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  127.512238][ T5850] Call Trace:
[  127.512245][ T5850]  <TASK>
[  127.512253][ T5850]  dump_stack_lvl+0xe8/0x150
[  127.512287][ T5850]  f2fs_handle_critical_error+0x37c/0x540
[  127.512323][ T5850]  f2fs_write_end_io+0x1274/0x1740
[  127.512365][ T5850]  __submit_merged_bio+0x256/0x700
[  127.512400][ T5850]  __submit_merged_write_cond+0x3c9/0x4e0
[  127.512434][ T5850]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  127.512509][ T5850]  f2fs_write_data_pages+0x287e/0x34f0
[  127.512574][ T5850]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  127.512629][ T5850]  ? do_raw_spin_lock+0x12b/0x2f0
[  127.512697][ T5850]  ? finish_task_switch+0x41f/0xbe0
[  127.512726][ T5850]  ? __lock_acquire+0x6b5/0x2cf0
[  127.512769][ T5850]  ? __lock_acquire+0x6b5/0x2cf0
[  127.512803][ T5850]  ? do_raw_spin_lock+0x12b/0x2f0
[  127.512838][ T5850]  ? do_raw_spin_unlock+0xf5/0x210
[  127.512862][ T5850]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  127.512903][ T5850]  do_writepages+0x32e/0x550
[  127.512934][ T5850]  ? do_raw_spin_unlock+0xf5/0x210
[  127.512961][ T5850]  filemap_fdatawrite+0x1e9/0x2f0
[  127.512987][ T5850]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  127.513059][ T5850]  ? do_raw_spin_unlock+0xf5/0x210
[  127.513088][ T5850]  f2fs_sync_dirty_inodes+0x30e/0x860
[  127.513123][ T5850]  f2fs_write_checkpoint+0x9df/0x26a0
[  127.513177][ T5850]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  127.513233][ T5850]  ? kfree+0x1c5/0x650
[  127.513257][ T5850]  ? f2fs_stop_gc_thread+0x7f/0xb0
[  127.513287][ T5850]  kill_f2fs_super+0x314/0x720
[  127.513324][ T5850]  ? __pfx_kill_f2fs_super+0x10/0x10
[  127.513366][ T5850]  ? lockdep_hardirqs_on+0x7a/0x110
[  127.513406][ T5850]  deactivate_locked_super+0xbc/0x130
[  127.513437][ T5850]  cleanup_mnt+0x437/0x4d0
[  127.513455][ T5850]  ? _raw_spin_unlock_irq+0x23/0x50
[  127.513477][ T5850]  task_work_run+0x1d9/0x270
[  127.513504][ T5850]  ? __pfx_task_work_run+0x10/0x10
[  127.513537][ T5850]  exit_to_user_mode_loop+0xed/0x480
[  127.513561][ T5850]  ? rcu_is_watching+0x15/0xb0
[  127.513591][ T5850]  do_syscall_64+0x32d/0xf80
[  127.513613][ T5850]  ? trace_irq_disable+0x3b/0x150
[  127.513635][ T5850]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.513654][ T5850]  ? clear_bhb_loop+0x40/0x90
[  127.513677][ T5850]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  127.513695][ T5850] RIP: 0033:0x7efed619d9d7
[  127.513715][ T5850] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  127.513729][ T5850] RSP: 002b:00007fff1031e288 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  127.513747][ T5850] RAX: 0000000000000000 RBX: 00007efed6232050 RCX: 00007efed619d9d7
[  127.513758][ T5850] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007fff1031e340
[  127.513767][ T5850] RBP: 00007fff1031e340 R08: 00007fff1031f340 R09: 00000000ffffffff
[  127.513777][ T5850] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff1031f3d0
[  127.513786][ T5850] R13: 00007efed6232050 R14: 000000000001ef9d R15: 00007fff1031f410
[  127.513814][ T5850]  </TASK>
[  127.858379][ T5850] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  128.016816][ T5859] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  128.034236][ T5859] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  128.048918][ T5859] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  128.066725][ T5859] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  128.074667][ T5859] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  128.460231][  T487] team0 (unregistering): Port device team_slave_1 removed
[  128.502979][   T29] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  128.519967][  T487] team0 (unregistering): Port device team_slave_0 removed
[  128.676012][   T29] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  128.712449][   T29] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  128.721963][   T29] usb 3-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  128.737272][   T29] usb 3-1: Product: syz
[  128.752449][   T29] usb 3-1: SerialNumber: syz
[  129.054976][ T6374] team0: Port device team_slave_0 added
[  129.126308][ T6374] team0: Port device team_slave_1 added
[  129.297259][ T6374] batman_adv: batadv0: Adding interface: batadv_slave_0
[  129.323218][ T6374] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  129.402572][ T6374] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  129.519973][ T6374] batman_adv: batadv0: Adding interface: batadv_slave_1
[  129.582728][ T6374] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  129.635290][ T6374] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  129.836088][   T29] cdc_ncm 3-1:1.0: MAC-Address: 42:42:42:42:42:42
[  129.844362][   T29] cdc_ncm 3-1:1.0: dwNtbInMaxSize=0 is too small. Using 2048
[  129.863747][   T29] cdc_ncm 3-1:1.0: setting rx_max = 2048
[  130.187389][   T29] cdc_ncm 3-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.2-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  130.204274][ T5859] Bluetooth: hci1: command tx timeout
[  130.226593][ T6374] hsr_slave_0: entered promiscuous mode
[  130.244397][ T6374] hsr_slave_1: entered promiscuous mode
[  130.257871][ T6374] debugfs: 'hsr0' already exists in 'hsr'
[  130.281873][   T29] usb 3-1: USB disconnect, device number 4
[  130.288879][ T6374] Cannot create hsr debugfs directory
[  130.299372][   T29] cdc_ncm 3-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.2-1, CDC NCM (NO ZLP)
[  130.840655][ T6025] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  131.010653][ T6025] usb 5-1: Using ep0 maxpacket: 16
[  131.024144][ T6025] usb 5-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  131.049224][ T6025] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  131.080897][ T6025] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  131.113448][ T6025] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  131.138048][  T487] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  131.147601][ T6025] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  131.181596][ T6025] usb 5-1: Product: syz
[  131.195399][ T6025] usb 5-1: Manufacturer: syz
[  131.210371][ T6025] usb 5-1: SerialNumber: syz
[  131.307094][ T6025] usb 5-1: 0:2 : does not exist
[  131.401911][ T6563] loop1: detected capacity change from 0 to 40427
[  131.435687][ T6563] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  131.452125][ T6563] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  131.469075][  T487] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  131.479801][ T6563] F2FS-fs (loop1): invalid crc value
[  131.606383][ T6563] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  131.639200][ T6563] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  131.646661][ T6563] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  131.658260][  T487] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  131.680753][ T5923] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  131.712694][   T30] audit: type=1800 audit(1773862973.223:18): pid=6563 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.186" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop1" ino=10 res=0 errno=0
[  131.766757][ T6563] syz.1.186: attempt to access beyond end of device
[  131.766757][ T6563] loop1: rw=34817, sector=78248, nr_sectors = 4 limit=40427
[  131.853897][  T487] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  131.868918][ T5923] usb 3-1: config 0 has too many interfaces: 253, using maximum allowed: 32
[  131.885917][ T5923] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 253
[  131.907673][ T5923] usb 3-1: New USB device found, idVendor=055f, idProduct=c630, bcdDevice=b6.ac
[  131.924640][ T5923] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  131.957716][ T5923] usb 3-1: Product: syz
[  131.985575][ T5923] usb 3-1: Manufacturer: syz
[  132.002061][ T5923] usb 3-1: SerialNumber: syz
[  132.002104][ T6510] chnl_net:caif_netlink_parms(): no params data found
[  132.043832][ T5923] usb 3-1: config 0 descriptor??
[  132.071428][ T5846] syz-executor: attempt to access beyond end of device
[  132.071428][ T5846] loop1: rw=2051, sector=77824, nr_sectors = 432 limit=40427
[  132.088066][ T5923] gspca_main: sunplus-2.14.0 probing 055f:c630
[  132.113941][ T5846] F2FS-fs (loop1): Issue discard(9728, 9728, 54) failed, ret: -5
[  132.162793][ T6025] usb 5-1: USB disconnect, device number 5
[  132.256287][ T5909] udevd[5909]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  132.281853][ T5859] Bluetooth: hci1: command tx timeout
[  132.300932][ T6374] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  132.438705][ T6374] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  132.578498][ T6374] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  132.675871][ T6374] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  132.863653][ T6510] bridge0: port 1(bridge_slave_0) entered blocking state
[  132.882739][ T6510] bridge0: port 1(bridge_slave_0) entered disabled state
[  132.899480][ T6510] bridge_slave_0: entered allmulticast mode
[  132.909895][ T6510] bridge_slave_0: entered promiscuous mode
[  132.921251][  T487] bridge_slave_1: left allmulticast mode
[  132.928912][  T487] bridge_slave_1: left promiscuous mode
[  132.936463][  T487] bridge0: port 2(bridge_slave_1) entered disabled state
[  132.992257][  T487] bridge_slave_0: left allmulticast mode
[  133.007555][ T1316] ieee802154 phy0 wpan0: encryption failed: -22
[  133.009818][  T487] bridge_slave_0: left promiscuous mode
[  133.022526][ T1316] ieee802154 phy1 wpan1: encryption failed: -22
[  133.047673][  T487] bridge0: port 1(bridge_slave_0) entered disabled state
[  133.549064][ T5923] gspca_sunplus: reg_r err -71
[  133.567739][ T5923] sunplus 3-1:0.0: probe with driver sunplus failed with error -71
[  133.595178][ T5923] usb 3-1: USB disconnect, device number 5
[  133.620234][ T6632] loop1: detected capacity change from 0 to 128
[  133.628687][  T487] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  133.644321][ T6632] EXT4-fs: Ignoring removed nomblk_io_submit option
[  133.653741][ T6632] EXT4-fs (loop1): Test dummy encryption mode enabled
[  133.674763][ T6632] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  133.697752][ T6632] ext4 filesystem being mounted at /44/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  133.728414][  T487] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  133.749394][ T6632] EXT4-fs (loop1): re-mounted 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  133.759513][  T487] bond0 (unregistering): Released all slaves
[  133.817936][ T5846] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  134.006368][ T6510] bridge0: port 2(bridge_slave_1) entered blocking state
[  134.020068][ T6510] bridge0: port 2(bridge_slave_1) entered disabled state
[  134.027674][ T6510] bridge_slave_1: entered allmulticast mode
[  134.037431][ T6510] bridge_slave_1: entered promiscuous mode
[  134.364604][ T5859] Bluetooth: hci1: command tx timeout
[  134.374272][ T6510] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  134.421495][ T6510] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  134.696175][ T6510] team0: Port device team_slave_0 added
[  134.794382][ T6510] team0: Port device team_slave_1 added
[  134.923466][  T487] hsr_slave_0: left promiscuous mode
[  134.934921][  T487] hsr_slave_1: left promiscuous mode
[  134.947040][  T487] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  134.964322][  T487] batman_adv: batadv0: Removing interface: batadv_slave_0
[  134.979933][  T487] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  134.994228][  T487] batman_adv: batadv0: Removing interface: batadv_slave_1
[  135.016978][  T487] veth1_macvtap: left promiscuous mode
[  135.022924][  T487] veth0_macvtap: left promiscuous mode
[  135.028862][  T487] veth1_vlan: left promiscuous mode
[  135.036749][  T487] veth0_vlan: left promiscuous mode
[  135.453052][  T487] team0 (unregistering): Port device team_slave_1 removed
[  135.479730][  T487] team0 (unregistering): Port device team_slave_0 removed
[  135.666097][   T30] audit: type=1326 audit(1773862977.173:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6653 comm="syz.1.206" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdb4859c799 code=0x7fc00000
[  135.948993][ T6510] batman_adv: batadv0: Adding interface: batadv_slave_0
[  135.964944][ T6510] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  136.012167][ T6510] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  136.118440][ T6510] batman_adv: batadv0: Adding interface: batadv_slave_1
[  136.138326][ T6510] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  136.195507][ T6510] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  136.252423][ T6674] loop1: detected capacity change from 0 to 4096
[  136.310209][ T6674] EXT4-fs (loop1): Test dummy encryption mode enabled
[  136.354078][ T6674] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0103]
[  136.400263][ T6674] System zones: 0-5
[  136.451336][ T5859] Bluetooth: hci1: command tx timeout
[  136.472741][ T6674] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  136.552482][ T6510] hsr_slave_0: entered promiscuous mode
[  136.596184][ T6510] hsr_slave_1: entered promiscuous mode
[  136.614089][ T6510] debugfs: 'hsr0' already exists in 'hsr'
[  136.623001][ T6510] Cannot create hsr debugfs directory
[  136.715340][ T5846] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.979235][ T6697] af_packet: tpacket_rcv: packet too big, clamped from 65354 to 4294967272. macoff=96
[  137.339358][  T487] IPVS: stop unused estimator thread 0...
[  137.430782][ T6025] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  137.611336][ T6025] usb 2-1: Using ep0 maxpacket: 32
[  137.637669][ T6025] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  137.681172][ T6025] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  137.705699][ T6374] 8021q: adding VLAN 0 to HW filter on device bond0
[  137.734794][ T6025] usb 2-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  137.755933][ T6025] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  137.783451][ T6025] usb 2-1: config 0 descriptor??
[  138.003438][ T6374] 8021q: adding VLAN 0 to HW filter on device team0
[  138.105751][ T1010] bridge0: port 1(bridge_slave_0) entered blocking state
[  138.113062][ T1010] bridge0: port 1(bridge_slave_0) entered forwarding state
[  138.259582][ T6025] ft260 0003:0403:6030.0004: unknown main item tag 0x0
[  138.276027][ T6510] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  138.289744][ T6025] ft260 0003:0403:6030.0004: unknown main item tag 0x0
[  138.335630][ T6510] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  138.384119][ T1010] bridge0: port 2(bridge_slave_1) entered blocking state
[  138.391447][ T1010] bridge0: port 2(bridge_slave_1) entered forwarding state
[  138.417786][ T6510] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  138.443452][ T6025] ft260 0003:0403:6030.0004: chip code: 0000 0000
[  138.474876][ T6510] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  138.644489][ T6025] ft260 0003:0403:6030.0004: USB HID v0.00 Device [HID 0403:6030] on usb-dummy_hcd.1-1/input0
[  138.857326][ T6025] ft260 0003:0403:6030.0004: failed to retrieve status: -32, no wakeup
[  139.069237][ T6510] 8021q: adding VLAN 0 to HW filter on device bond0
[  139.085151][ T6025] ft260 0003:0403:6030.0004: failed to reset I2C controller: -71
[  139.216297][ T6510] 8021q: adding VLAN 0 to HW filter on device team0
[  139.243090][ T6025] usb 2-1: USB disconnect, device number 4
[  139.290451][   T60] bridge0: port 1(bridge_slave_0) entered blocking state
[  139.297848][   T60] bridge0: port 1(bridge_slave_0) entered forwarding state
[  139.448153][   T60] bridge0: port 2(bridge_slave_1) entered blocking state
[  139.455623][   T60] bridge0: port 2(bridge_slave_1) entered forwarding state
[  139.733830][ T6374] 8021q: adding VLAN 0 to HW filter on device batadv0
[  139.783569][ T6510] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  140.635146][ T6510] 8021q: adding VLAN 0 to HW filter on device batadv0
[  140.912477][ T6374] veth0_vlan: entered promiscuous mode
[  140.984362][ T6374] veth1_vlan: entered promiscuous mode
[  141.171511][ T6374] veth0_macvtap: entered promiscuous mode
[  141.231501][ T6374] veth1_macvtap: entered promiscuous mode
[  141.367398][ T6374] batman_adv: batadv0: Interface activated: batadv_slave_0
[  141.485881][ T6374] batman_adv: batadv0: Interface activated: batadv_slave_1
[  141.617281][ T3497] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  141.669437][ T3497] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  141.709322][ T6758] loop1: detected capacity change from 0 to 40427
[  141.728716][ T3497] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  141.766953][ T6758] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  141.781738][ T3497] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  141.799091][ T6784] input: syz0 as /devices/virtual/input/input9
[  141.814030][ T6758] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  142.257867][ T6758] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  142.323995][ T6758] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  142.337954][ T6758] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  142.537687][  T487] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  142.571864][  T487] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  142.615042][ T6510] veth0_vlan: entered promiscuous mode
[  142.750452][  T487] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  142.775129][ T6510] veth1_vlan: entered promiscuous mode
[  142.797931][  T487] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  142.822999][   T10] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  142.999246][ T6510] veth0_macvtap: entered promiscuous mode
[  143.030643][   T10] usb 3-1: Using ep0 maxpacket: 8
[  143.050304][ T6510] veth1_macvtap: entered promiscuous mode
[  143.056726][   T10] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  143.097067][   T10] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  143.138840][   T10] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  143.181715][   T10] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  143.219233][ T6510] batman_adv: batadv0: Interface activated: batadv_slave_0
[  143.247033][   T10] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  143.277381][   T10] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  143.365360][ T6510] batman_adv: batadv0: Interface activated: batadv_slave_1
[  143.437485][ T1010] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  143.458543][ T1010] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  143.493225][ T1010] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  143.548222][ T1010] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  143.571787][   T10] usb 3-1: GET_CAPABILITIES returned 0
[  143.598015][   T10] usbtmc 3-1:16.0: can't read capabilities
[  143.858156][ T6814] loop1: detected capacity change from 0 to 64
[  143.897479][    C1] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  144.001754][    C1] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  144.010931][    C1] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  144.020096][    C1] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  144.029247][    C1] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  144.092843][    C1] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  144.102023][    C1] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  144.111366][    C1] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  144.120500][    C1] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  144.137623][ T3573] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  144.158369][ T6818] syz.1.233: attempt to access beyond end of device
[  144.158369][ T6818] loop1: rw=0, sector=79, nr_sectors = 1 limit=64
[  144.177517][ T3573] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  144.209173][ T6814] syz.1.233: attempt to access beyond end of device
[  144.209173][ T6814] loop1: rw=2049, sector=73, nr_sectors = 3 limit=64
[  144.257301][ T6818] Buffer I/O error on dev loop1, logical block 79, async page read
[  144.270465][    C1] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  144.279625][    C1] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  144.288747][    C1] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  144.297927][    C1] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  144.326806][    C1] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  144.336061][    C1] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  144.345175][    C1] usbtmc 3-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  144.359983][ T6818] syz.1.233: attempt to access beyond end of device
[  144.359983][ T6818] loop1: rw=0, sector=80, nr_sectors = 1 limit=64
[  144.387318][  T487] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  144.404648][  T487] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  144.423730][   T10] usb 3-1: USB disconnect, device number 6
[  144.480596][ T6818] Buffer I/O error on dev loop1, logical block 80, async page read
[  144.516779][ T6818] syz.1.233: attempt to access beyond end of device
[  144.516779][ T6818] loop1: rw=0, sector=81, nr_sectors = 1 limit=64
[  144.583870][ T6818] Buffer I/O error on dev loop1, logical block 81, async page read
[  144.642978][ T6818] syz.1.233: attempt to access beyond end of device
[  144.642978][ T6818] loop1: rw=0, sector=82, nr_sectors = 1 limit=64
[  144.745325][ T6818] Buffer I/O error on dev loop1, logical block 82, async page read
[  145.014435][ T1010] kworker/u8:7: attempt to access beyond end of device
[  145.014435][ T1010] loop1: rw=2049, sector=76, nr_sectors = 1 limit=64
[  145.071993][ T1010] Buffer I/O error on dev loop1, logical block 76, lost async page write
[  145.098495][ T1010] kworker/u8:7: attempt to access beyond end of device
[  145.098495][ T1010] loop1: rw=2049, sector=77, nr_sectors = 1 limit=64
[  145.150612][ T1010] Buffer I/O error on dev loop1, logical block 77, lost async page write
[  145.181359][ T6007] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  145.188730][ T1010] kworker/u8:7: attempt to access beyond end of device
[  145.188730][ T1010] loop1: rw=2049, sector=78, nr_sectors = 1 limit=64
[  145.235581][ T1010] Buffer I/O error on dev loop1, logical block 78, lost async page write
[  145.291583][ T5846] syz-executor: attempt to access beyond end of device
[  145.291583][ T5846] loop1: rw=2049, sector=76, nr_sectors = 1 limit=64
[  145.318146][ T5846] Buffer I/O error on dev loop1, logical block 76, lost async page write
[  145.355808][ T5846] syz-executor: attempt to access beyond end of device
[  145.355808][ T5846] loop1: rw=2049, sector=77, nr_sectors = 1 limit=64
[  145.388513][ T5846] Buffer I/O error on dev loop1, logical block 77, lost async page write
[  145.390229][ T6007] usb 7-1: Using ep0 maxpacket: 32
[  145.417558][ T5846] Buffer I/O error on dev loop1, logical block 78, lost async page write
[  145.462616][ T6007] usb 7-1: config 0 has an invalid interface number: 196 but max is 0
[  145.494902][ T6007] usb 7-1: config 0 has no interface number 0
[  145.519464][ T6007] usb 7-1: config 0 interface 196 altsetting 1 bulk endpoint 0x2 has invalid maxpacket 528
[  145.561581][ T6007] usb 7-1: config 0 interface 196 has no altsetting 0
[  145.597535][ T6007] usb 7-1: New USB device found, idVendor=05ac, idProduct=7700, bcdDevice=eb.3a
[  145.639341][ T6007] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  145.682915][ T6007] usb 7-1: Product: syz
[  145.706792][ T6007] usb 7-1: Manufacturer: syz
[  145.742819][ T6007] usb 7-1: SerialNumber: syz
[  145.772148][ T6007] usb 7-1: config 0 descriptor??
[  145.794818][ T6829] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  145.831468][ T6826] loop4: detected capacity change from 0 to 32768
[  145.890873][ T5923] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  145.895773][ T6826] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.237 (6826)
[  146.015048][ T6826] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  146.044150][ T6826] BTRFS info (device loop4): using crc32c checksum algorithm
[  146.080850][ T5923] usb 2-1: Using ep0 maxpacket: 8
[  146.096288][ T5923] usb 2-1: config index 0 descriptor too short (expected 30, got 18)
[  146.123602][ T5923] usb 2-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  146.150683][ T5923] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  146.160409][ T5923] usb 2-1: Product: syz
[  146.165717][ T5923] usb 2-1: Manufacturer: syz
[  146.171388][ T5923] usb 2-1: SerialNumber: syz
[  146.179649][ T5923] usb 2-1: config 0 descriptor??
[  146.216206][ T5923] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  146.261933][ T5923] usb 2-1: setting power ON
[  146.293650][ T5923] dvb-usb: bulk message failed: -22 (2/0)
[  146.341659][ T6826] BTRFS info (device loop4): enabling ssd optimizations
[  146.349473][ T6826] BTRFS info (device loop4): turning on flush-on-commit
[  146.366047][ T6826] BTRFS info (device loop4): enabling free space tree
[  146.373331][ T6826] BTRFS info (device loop4): enabling auto defrag
[  146.379891][ T6826] BTRFS info (device loop4): use lzo compression, level 1
[  146.387126][ T6826] BTRFS info (device loop4): max_inline set to 4096
[  146.464517][ T6007] ipheth 7-1:0.196: ipheth_get_macaddr: usb_control_msg: -71
[  146.479227][ T6007] ipheth 7-1:0.196: probe with driver ipheth failed with error -71
[  146.510906][ T6007] usb 7-1: USB disconnect, device number 2
[  146.636847][ T5923] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  146.672696][ T5923] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  146.734121][ T5923] usb 2-1: media controller created
[  146.957732][ T5923] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  147.005151][ T6877] warning: `syz.6.242' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  147.181272][ T5923] usb 2-1: selecting invalid altsetting 6
[  147.231560][ T5923] usb 2-1: digital interface selection failed (-22)
[  147.265814][ T5923] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  147.301842][ T5923] usb 2-1: setting power OFF
[  147.359877][ T5923] dvb-usb: bulk message failed: -22 (2/0)
[  147.406797][ T5923] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  147.452281][ T5923] (NULL device *): no alternate interface
[  147.507276][ T5850] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  147.609308][ T5923] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  147.666623][ T5923] usb 2-1: USB disconnect, device number 5
[  148.512588][ T6904] loop6: detected capacity change from 0 to 512
[  150.649916][ T6909] loop1: detected capacity change from 0 to 32768
[  150.770303][ T6909] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  151.024426][ T6909] XFS (loop1): Ending clean mount
[  151.131053][ T6909] XFS (loop1): Quotacheck needed: Please wait.
[  151.515188][ T6909] XFS (loop1): Quotacheck: Done.
[  151.845860][ T6990] Driver unsupported XDP return value 0 on prog  (id 18) dev N/A, expect packet loss!
[  151.851113][ T6991] XFS (loop1): User initiated shutdown received.
[  151.892928][ T6991] XFS (loop1): Metadata I/O Error (0x4) detected at xfs_fs_goingdown+0x71/0x150 (fs/xfs/xfs_fsops.c:462).  Shutting down filesystem.
[  151.990813][ T6991] XFS (loop1): Please unmount the filesystem and rectify the problem(s)
[  152.107915][ T5846] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  152.166681][ T6961] loop6: detected capacity change from 0 to 32768
[  152.343026][ T6961] XFS (loop6): Mounting V5 Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4
[  152.889807][ T6961] XFS (loop6): Starting recovery (logdev: internal)
[  152.997144][ T6961] XFS (loop6): Ending recovery (logdev: internal)
[  153.149927][ T6961] XFS (loop6): Corruption warning: Metadata has LSN (8192:64) ahead of current LSN (1:192). Please unmount and run xfs_repair (>= v4.3) to resolve.
[  153.244794][ T6961] XFS (loop6): Metadata CRC error detected at xfs_allocbt_read_verify+0x42/0xe0, xfs_bnobt block 0x4 
[  153.340652][ T6961] XFS (loop6): Unmount and run xfs_repair
[  153.353731][ T6961] XFS (loop6): First 128 bytes of corrupted metadata buffer:
[  153.373715][ T6961] 00000000: 53 55 4d 59 00 00 00 02 ff ff ff ff ff ff ff ff  SUMY............
[  153.396384][ T6961] 00000010: 00 00 00 00 00 00 00 04 00 00 20 00 00 00 00 40  .......... ....@
[  153.433860][ T6994] loop4: detected capacity change from 0 to 32768
[  153.450591][ T6961] 00000020: 9f 91 83 2a 3b 79 45 c3 9d 6d ed 0b c7 35 7f e4  ...*;yE..m...5..
[  153.474768][ T6994] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.261 (6994)
[  153.497356][ T6961] 00000030: 00 00 00 00 25 47 cc 81 00 00 00 0d 00 00 00 03  ....%G..........
[  153.545858][ T6961] 00000040: 00 00 0e a8 00 00 11 58 00 00 00 00 00 00 00 00  .......X........
[  153.577671][ T7020] syzkaller0: entered promiscuous mode
[  153.593886][ T6961] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  153.607526][ T7020] syzkaller0: entered allmulticast mode
[  153.676493][ T6961] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  153.690313][ T6994] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  153.747401][ T6961] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  153.780007][ T6994] BTRFS info (device loop4): using crc32c checksum algorithm
[  153.808640][ T6961] XFS (loop6): metadata I/O error in "xfs_btree_read_buf_block+0x2b0/0x490" at daddr 0x4 len 4 error 74
[  153.833649][ T6961] XFS (loop6): page discard on page ffffea0001299580, inode 0x1d06, pos 325632.
[  153.930413][ T6994] BTRFS info (device loop4): enabling ssd optimizations
[  153.942442][ T6994] BTRFS info (device loop4): turning on flush-on-commit
[  153.992195][ T6994] BTRFS info (device loop4): enabling free space tree
[  154.027664][ T6994] BTRFS info (device loop4): enabling auto defrag
[  154.064794][ T6994] BTRFS info (device loop4): use lzo compression, level 1
[  154.114047][ T6994] BTRFS info (device loop4): max_inline set to 4096
[  154.311195][ T6927] XFS (loop6): Corruption warning: Metadata has LSN (8192:64) ahead of current LSN (1:192). Please unmount and run xfs_repair (>= v4.3) to resolve.
[  154.353678][ T6927] XFS (loop6): Metadata CRC error detected at xfs_allocbt_read_verify+0x42/0xe0, xfs_bnobt block 0x4 
[  154.377143][ T6927] XFS (loop6): Unmount and run xfs_repair
[  154.390583][ T6927] XFS (loop6): First 128 bytes of corrupted metadata buffer:
[  154.439296][ T6927] 00000000: 53 55 4d 59 00 00 00 02 ff ff ff ff ff ff ff ff  SUMY............
[  154.470442][ T6927] 00000010: 00 00 00 00 00 00 00 04 00 00 20 00 00 00 00 40  .......... ....@
[  154.492456][ T6927] 00000020: 9f 91 83 2a 3b 79 45 c3 9d 6d ed 0b c7 35 7f e4  ...*;yE..m...5..
[  154.514543][ T6927] 00000030: 00 00 00 00 25 47 cc 81 00 00 00 0d 00 00 00 03  ....%G..........
[  154.535575][ T6927] 00000040: 00 00 0e a8 00 00 11 58 00 00 00 00 00 00 00 00  .......X........
[  154.557979][ T6927] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  154.577230][ T6927] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  154.600614][ T6927] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  154.620189][ T6927] XFS (loop6): metadata I/O error in "xfs_btree_read_buf_block+0x2b0/0x490" at daddr 0x4 len 4 error 74
[  154.666013][ T6927] XFS (loop6): page discard on page ffffea0001296240, inode 0x1d06, pos 2048.
[  154.687182][   T10] loop6: writeback error on inode 7430, offset 0, sector 14980
[  154.715940][ T6927] XFS (loop6): Corruption warning: Metadata has LSN (8192:64) ahead of current LSN (1:192). Please unmount and run xfs_repair (>= v4.3) to resolve.
[  154.790604][ T6927] XFS (loop6): Metadata CRC error detected at xfs_allocbt_read_verify+0x42/0xe0, xfs_bnobt block 0x4 
[  154.814777][ T6927] XFS (loop6): Unmount and run xfs_repair
[  154.823292][ T6927] XFS (loop6): First 128 bytes of corrupted metadata buffer:
[  154.839599][ T6927] 00000000: 53 55 4d 59 00 00 00 02 ff ff ff ff ff ff ff ff  SUMY............
[  154.853498][ T5850] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  154.867304][ T6927] 00000010: 00 00 00 00 00 00 00 04 00 00 20 00 00 00 00 40  .......... ....@
[  154.898535][ T6927] 00000020: 9f 91 83 2a 3b 79 45 c3 9d 6d ed 0b c7 35 7f e4  ...*;yE..m...5..
[  154.911243][ T6927] 00000030: 00 00 00 00 25 47 cc 81 00 00 00 0d 00 00 00 03  ....%G..........
[  154.920414][ T6927] 00000040: 00 00 0e a8 00 00 11 58 00 00 00 00 00 00 00 00  .......X........
[  154.933051][ T6927] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  154.946010][ T6927] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  154.955848][ T6927] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  154.968504][ T6927] XFS (loop6): metadata I/O error in "xfs_btree_read_buf_block+0x2b0/0x490" at daddr 0x4 len 4 error 74
[  154.982911][ T6927] XFS (loop6): page discard on page ffffea000128de40, inode 0x1d06, pos 24576.
[  155.025736][ T6927] XFS (loop6): Corruption warning: Metadata has LSN (8192:64) ahead of current LSN (1:192). Please unmount and run xfs_repair (>= v4.3) to resolve.
[  155.044351][ T6927] XFS (loop6): Metadata CRC error detected at xfs_allocbt_read_verify+0x42/0xe0, xfs_bnobt block 0x4 
[  155.056748][ T6927] XFS (loop6): Unmount and run xfs_repair
[  155.063255][ T6927] XFS (loop6): First 128 bytes of corrupted metadata buffer:
[  155.114655][ T6927] 00000000: 53 55 4d 59 00 00 00 02 ff ff ff ff ff ff ff ff  SUMY............
[  155.137084][ T6927] 00000010: 00 00 00 00 00 00 00 04 00 00 20 00 00 00 00 40  .......... ....@
[  155.174551][ T6927] 00000020: 9f 91 83 2a 3b 79 45 c3 9d 6d ed 0b c7 35 7f e4  ...*;yE..m...5..
[  155.190200][ T6927] 00000030: 00 00 00 00 25 47 cc 81 00 00 00 0d 00 00 00 03  ....%G..........
[  155.199732][ T6927] 00000040: 00 00 0e a8 00 00 11 58 00 00 00 00 00 00 00 00  .......X........
[  155.213636][ T6927] 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  155.223006][ T6927] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  155.232443][ T6927] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  155.246234][ T6927] XFS (loop6): metadata I/O error in "xfs_btree_read_buf_block+0x2b0/0x490" at daddr 0x4 len 4 error 74
[  155.295423][ T6927] XFS (loop6): page discard on page ffffea000128de80, inode 0x1d06, pos 28672.
[  155.355381][ T6510] XFS (loop6): Unmounting Filesystem 9f91832a-3b79-45c3-9d6d-ed0bc7357fe4
[  155.371234][ T6510] XFS (loop6): Uncorrected metadata errors detected; please run xfs_repair.
[  156.276914][ T7068] loop4: detected capacity change from 0 to 32768
[  156.277935][ T7070] loop6: detected capacity change from 0 to 8192
[  156.286173][ T7068] btrfs: Deprecated parameter 'usebackuproot'
[  156.297769][ T7068] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  156.309195][ T7068] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.272 (7068)
[  156.327009][ T7068] BTRFS info (device loop4): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  156.337432][ T7068] BTRFS info (device loop4): using crc32c checksum algorithm
[  156.474189][ T1020] BTRFS warning (device loop4): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0
[  156.613522][ T7068] BTRFS error (device loop4): failed to load root extent
[  156.620323][ T6883] Set syz1 is full, maxelem 65536 reached
[  156.621213][ T7068] BTRFS warning (device loop4): try to load backup roots slot 1
[  156.637804][ T6552] BTRFS warning (device loop4): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0
[  156.678650][ T7068] BTRFS warning (device loop4): couldn't read tree root
[  156.690850][ T7068] BTRFS warning (device loop4): try to load backup roots slot 2
[  156.704238][ T6552] BTRFS error (device loop4): level verify failed on logical 5255168 mirror 1 wanted 0 found 1
[  156.727923][ T7068] BTRFS warning (device loop4): couldn't read tree root
[  156.735050][ T7068] BTRFS warning (device loop4): try to load backup roots slot 3
[  156.763120][ T7068] BTRFS info (device loop4): rebuilding free space tree
[  156.857076][ T7068] BTRFS info (device loop4): checking UUID tree
[  156.870643][ T7068] BTRFS info (device loop4): enabling ssd optimizations
[  156.877724][ T7068] BTRFS info (device loop4): turning on async discard
[  156.884612][ T7068] BTRFS info (device loop4): enabling free space tree
[  156.891590][ T7068] BTRFS info (device loop4): force clearing of disk cache
[  156.898761][ T7068] BTRFS info (device loop4): trying to use backup root at mount time
[  156.906941][ T7068] BTRFS info (device loop4): force zlib compression, level 3
[  157.045266][ T7088] loop6: detected capacity change from 0 to 128
[  157.196487][ T7088] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  157.260159][ T7088] ext4 filesystem being mounted at /9/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  157.445012][   T30] audit: type=1800 audit(1773862998.943:20): pid=7088 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.273" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop6" ino=12 res=0 errno=0
[  157.495609][ T5850] BTRFS info (device loop4): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  157.684868][ T6025] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  157.854082][ T6025] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 97, changing to 10
[  157.872502][ T6025] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24929, setting to 1024
[  157.884158][ T6025] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  157.897532][ T6025] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  157.906771][ T6025] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  157.974351][ T6025] usb 7-1: config 0 descriptor??
[  158.417808][ T6025] plantronics 0003:047F:FFFF.0005: unbalanced delimiter at end of report description
[  158.455721][ T6025] plantronics 0003:047F:FFFF.0005: parse failed
[  158.462410][ T6025] plantronics 0003:047F:FFFF.0005: probe with driver plantronics failed with error -22
[  158.683176][ T5924] usb 7-1: USB disconnect, device number 3
[  159.237715][ T6510] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  160.271293][ T6007] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  160.490815][ T6007] usb 5-1: Using ep0 maxpacket: 16
[  160.513599][ T6007] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  160.527656][ T6007] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  160.564790][ T6007] usb 5-1: config 0 interface 0 has no altsetting 0
[  160.588143][ T6007] usb 5-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  160.611386][ T6007] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  160.705413][ T6007] usb 5-1: config 0 descriptor??
[  160.989244][ T7144] netlink: 12 bytes leftover after parsing attributes in process `syz.6.290'.
[  161.375439][   T24] usb 5-1: USB disconnect, device number 6
[  162.668583][ T7194] netlink: 4 bytes leftover after parsing attributes in process `syz.1.306'.
[  164.230948][ T6007] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  164.403444][ T6007] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  164.422711][ T6007] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  164.436068][ T6007] usb 6-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  164.448485][ T6007] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  164.461852][ T6007] usb 6-1: SerialNumber: syz
[  164.723866][ T6007] usb 6-1: 0:2 : does not exist
[  164.938844][ T6007] usb 6-1: USB disconnect, device number 2
[  165.054462][ T7261] loop5: detected capacity change from 0 to 7
[  165.094248][ T6164] Dev loop5: unable to read RDB block 7
[  165.114674][ T6164]  loop5: unable to read partition table
[  165.137686][ T6164] loop5: partition table beyond EOD, truncated
[  165.177409][ T5909] udevd[5909]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  165.236927][ T7261] Dev loop5: unable to read RDB block 7
[  165.269225][ T7261]  loop5: unable to read partition table
[  165.300000][ T7261] loop5: partition table beyond EOD, truncated
[  165.343036][ T7261] loop_reread_partitions: partition scan of loop5 (þ被xü—ŸÑà– ) failed (rc=-5)
[  165.655259][ T7251] loop6: detected capacity change from 0 to 32768
[  166.148536][   T30] audit: type=1800 audit(1773863007.653:21): pid=7251 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.319" name="file1" dev="loop6" ino=7 res=0 errno=0
[  167.081765][ T7297] netlink: 28 bytes leftover after parsing attributes in process `syz.5.332'.
[  167.102683][ T7297] netlink: 'syz.5.332': attribute type 7 has an invalid length.
[  167.130464][ T7297] netlink: 'syz.5.332': attribute type 8 has an invalid length.
[  167.156940][ T7297] netlink: 4 bytes leftover after parsing attributes in process `syz.5.332'.
[  167.658976][ T7308] kvm: Disabled LAPIC found during irq injection
[  169.716019][ T7359] loop6: detected capacity change from 0 to 512
[  169.784496][ T7359] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  169.902924][ T7364] input: syz0 as /devices/virtual/input/input10
[  170.535214][ T7374] loop6: detected capacity change from 0 to 4096
[  171.108481][ T7370] loop5: detected capacity change from 0 to 32768
[  171.330850][ T7370] JBD2: Ignoring recovery information on journal
[  171.396686][   T30] audit: type=1326 audit(1773863012.903:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7397 comm="syz.4.360" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7efed619c799 code=0x0
[  171.438746][ T7399] loop1: detected capacity change from 0 to 128
[  171.558469][ T7370] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  171.781103][ T6007] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  171.940692][ T6007] usb 7-1: Using ep0 maxpacket: 16
[  172.029725][ T7370] syz.5.353 (7370) used greatest stack depth: 19104 bytes left
[  172.175917][ T6374] ocfs2: Unmounting device (7,5) on (node local)
[  173.575181][ T7437] loop1: detected capacity change from 0 to 512
[  173.670303][ T7437] EXT4-fs error (device loop1): ext4_free_branches:1023: inode #11: comm syz.1.374: invalid indirect mapped block 256 (level 2)
[  173.696092][ T7437] loop1: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[  173.701408][    C1] EXT4-fs (loop1): error count since last fsck: 1
[  173.718987][    C1] EXT4-fs (loop1): initial error at time 1773863015: ext4_free_branches:1023: inode 11
[  173.728820][    C1] EXT4-fs (loop1): last error at time 1773863015: ext4_free_branches:1023: inode 11
[  173.778209][ T7437] EXT4-fs (loop1): 2 truncates cleaned up
[  173.824651][ T7437] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  173.999552][ T7436] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm syz.1.374: bg 0: block 5: invalid block bitmap
[  174.083301][ T7436] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  174.143472][ T7436] EXT4-fs (loop1): This should not happen!! Data will be lost
[  174.143472][ T7436] 
[  174.182759][ T7436] EXT4-fs (loop1): Total free blocks count 0
[  174.200839][ T7449] bridge0: port 2(bridge_slave_1) entered disabled state
[  174.204345][ T7436] EXT4-fs (loop1): Free/Dirty block details
[  174.215353][ T7449] bridge0: port 1(bridge_slave_0) entered disabled state
[  174.292950][ T7436] EXT4-fs (loop1): free_blocks=0
[  174.310864][ T7436] EXT4-fs (loop1): dirty_blocks=2
[  174.343201][ T7436] EXT4-fs (loop1): Block reservation details
[  174.375694][ T7436] EXT4-fs (loop1): i_reserved_data_blocks=2
[  174.613145][ T6007] usb 7-1: unable to get BOS descriptor or descriptor too short
[  174.629121][ T7449] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  174.650893][ T6007] usb 7-1: no configurations
[  174.662824][ T6007] usb 7-1: can't read configurations, error -22
[  174.687680][ T7449] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  174.968053][ T6552] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 131075 with max blocks 1 with error 28
[  175.471942][   T49] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  175.508212][   T49] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  175.548456][   T36] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  175.574499][   T36] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  176.030755][ T6007] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  176.206051][ T6007] usb 7-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 21
[  176.221488][ T6007] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  176.231778][ T6007] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  176.260425][ T6007] usb 7-1: config 0 descriptor??
[  176.291928][ T6007] usbhid 7-1:0.0: couldn't find an input interrupt endpoint
[  176.736074][ T7470] capability: warning: `syz.5.384' uses 32-bit capabilities (legacy support in use)
[  177.051826][ T7479] kvm: kvm [7478]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc2) = 0x9d00
[  177.061651][ T7479] kvm: kvm [7478]: vcpu0, guest rIP: 0x9114 Unhandled WRMSR(0xc1) = 0x9d00
[  177.360611][ T6025] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  177.532969][ T6025] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  177.546472][ T6025] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  177.557755][ T6025] usb 6-1: New USB device found, idVendor=27b8, idProduct=01ed, bcdDevice= 0.00
[  177.567156][ T6025] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  177.583277][ T6025] usb 6-1: config 0 descriptor??
[  177.795669][   T10] kernel read not supported for file bpf-prog (pid: 10 comm: kworker/0:1)
[  178.433613][ T6025] hid-led 0003:27B8:01ED.0007: probe with driver hid-led failed with error -71
[  178.471016][ T6025] usb 6-1: USB disconnect, device number 3
[  180.413366][ T5924] usb 7-1: USB disconnect, device number 6
[  180.975279][ T7520] loop6: detected capacity change from 0 to 128
[  181.295341][   T30] audit: type=1804 audit(1773863022.793:23): pid=7520 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.404" name="/newroot/31/file0/bus" dev="loop6" ino=9 res=1 errno=0
[  181.992608][ T7532] netlink: 4 bytes leftover after parsing attributes in process `syz.1.408'.
[  182.023013][ T7532] netlink: 4 bytes leftover after parsing attributes in process `syz.1.408'.
[  182.531061][ T6025] usb 6-1: new full-speed USB device number 4 using dummy_hcd
[  182.703802][ T6025] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  182.736463][ T6025] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  182.758814][ T6025] usb 6-1: New USB device found, idVendor=1e7d, idProduct=319c, bcdDevice= 0.00
[  182.790217][ T6025] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  182.824940][ T6025] usb 6-1: config 0 descriptor??
[  183.097892][ T7538] loop1: detected capacity change from 0 to 32768
[  183.630425][ T7538] JBD2: Ignoring recovery information on journal
[  183.769438][ T7538] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  183.861535][ T6025] isku 0003:1E7D:319C.0008: unknown main item tag 0x0
[  183.868470][ T6025] isku 0003:1E7D:319C.0008: unknown main item tag 0x0
[  183.875487][ T6025] isku 0003:1E7D:319C.0008: unknown main item tag 0x0
[  183.883242][ T6025] isku 0003:1E7D:319C.0008: unknown main item tag 0x1
[  183.890236][ T6025] isku 0003:1E7D:319C.0008: unknown main item tag 0x0
[  184.008562][ T7545] loop6: detected capacity change from 0 to 131072
[  184.018249][ T7545] F2FS-fs (loop6): Test dummy encryption mode enabled
[  184.027927][ T6025] isku 0003:1E7D:319C.0008: unknown main item tag 0x0
[  184.045606][ T7545] F2FS-fs (loop6): invalid crc value
[  184.052134][ T6025] isku 0003:1E7D:319C.0008: item fetching failed at offset 6/7
[  184.067093][ T6025] isku 0003:1E7D:319C.0008: parse failed
[  184.074068][ T6025] isku 0003:1E7D:319C.0008: probe with driver isku failed with error -22
[  184.159409][ T7545] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  184.175418][ T7545] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  184.457771][ T5846] ocfs2: Unmounting device (7,1) on (node local)
[  185.268327][ T6025] usb 6-1: USB disconnect, device number 4
[  186.887416][ T7619] bridge0: entered promiscuous mode
[  186.892878][ T7619] bridge0: entered allmulticast mode
[  186.981461][ T7626] netlink: 4 bytes leftover after parsing attributes in process `syz.2.438'.
[  187.028973][ T7615] loop6: detected capacity change from 0 to 32768
[  187.048096][ T7615] (syz.6.436,7615,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  187.067205][ T7615] (syz.6.436,7615,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  187.093691][ T7626] netlink: 4 bytes leftover after parsing attributes in process `syz.2.438'.
[  187.123214][ T7615] JBD2: Ignoring recovery information on journal
[  187.168634][   T12] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  187.182605][   T12] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  187.195739][   T12] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  187.205552][   T12] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  187.249231][ T7615] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  187.545542][ T7637] overlayfs: failed to clone upperpath
[  188.278908][ T6510] ocfs2: Unmounting device (7,6) on (node local)
[  189.421448][   T24] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  189.578846][ T7671] loop6: detected capacity change from 0 to 32768
[  189.598338][   T24] usb 3-1: Using ep0 maxpacket: 16
[  189.620009][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  189.657011][   T24] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  189.683210][   T24] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  189.701561][   T24] usb 3-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  189.712350][   T24] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  189.724416][   T24] usb 3-1: config 0 descriptor??
[  189.733200][ T7671] JBD2: Ignoring recovery information on journal
[  189.908056][ T7671] ocfs2: Mounting device (7,6) on (node local, slot 0) with ordered data mode.
[  190.207784][   T24] shield 0003:0955:7214.0009: unknown main item tag 0x0
[  190.237638][   T24] shield 0003:0955:7214.0009: unknown main item tag 0x0
[  190.269177][   T24] shield 0003:0955:7214.0009: unknown main item tag 0x0
[  190.288883][   T24] shield 0003:0955:7214.0009: unknown main item tag 0x0
[  190.329920][   T24] shield 0003:0955:7214.0009: unknown main item tag 0x0
[  190.384698][   T24] input: HID 0955:7214 Haptics as /devices/virtual/input/input11
[  190.425298][ T7680] random: crng reseeded on system resumption
[  190.807189][ T6510] ocfs2: Unmounting device (7,6) on (node local)
[  191.026579][   T24] shield 0003:0955:7214.0009: Registered Thunderstrike controller
[  191.055646][   T24] shield 0003:0955:7214.0009: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.2-1/input0
[  191.160295][ T5838] shield 0003:0955:7214.0009: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO
[  191.192090][   T24] usb 3-1: USB disconnect, device number 7
[  191.233863][ T5838] shield 0003:0955:7214.0009: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  191.273713][ T5838] shield 0003:0955:7214.0009: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  191.307543][ T5838] shield 0003:0955:7214.0009: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV
[  191.839229][ T7722] loop5: detected capacity change from 0 to 128
[  191.875813][ T7725] trusted_key: syz.4.469 sent an empty control message without MSG_MORE.
[  191.952590][ T7722] zonefs (loop5) ERROR: Not a zoned block device
[  192.193976][ T7731] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  192.317048][ T7735] loop5: detected capacity change from 0 to 512
[  192.345980][ T7735] EXT4-fs: Ignoring removed oldalloc option
[  192.490799][ T7735] EXT4-fs (loop5): 1 truncate cleaned up
[  192.498949][ T7735] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  192.687967][ T6374] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  193.832059][    T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!!
[  194.301047][ T7768] syz.4.484 uses obsolete (PF_INET,SOCK_PACKET)
[  194.450438][ T1316] ieee802154 phy0 wpan0: encryption failed: -22
[  194.466365][ T1316] ieee802154 phy1 wpan1: encryption failed: -22
[  194.535139][ T7775] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  196.087447][ T7816] netlink: 8 bytes leftover after parsing attributes in process `syz.1.500'.
[  197.392454][ T7849] netlink: 172 bytes leftover after parsing attributes in process `syz.1.514'.
[  198.879895][ T7900] overlayfs: failed to clone upperpath
[  199.041840][ T7880] loop6: detected capacity change from 0 to 32768
[  199.098281][ T7880] OCFS2: ERROR (device loop6): int ocfs2_validate_inode_block(struct super_block *, struct buffer_head *): Invalid dinode 72: suballoc slot 44543
[  199.214382][ T7880] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  199.275704][ T7880] OCFS2: File system is now read-only.
[  199.290668][ T7880] (syz.6.524,7880,1):ocfs2_read_locked_inode:599 ERROR: status = -30
[  199.327047][ T7880] (syz.6.524,7880,1):_ocfs2_get_system_file_inode:144 ERROR: status = -30
[  199.356950][ T7880] (syz.6.524,7880,1):ocfs2_init_local_system_inodes:496 ERROR: status=-30, sysfile=7, slot=0
[  199.409226][ T7880] (syz.6.524,7880,1):ocfs2_init_local_system_inodes:505 ERROR: status = -30
[  199.433700][ T7880] (syz.6.524,7880,1):ocfs2_mount_volume:1758 ERROR: status = -30
[  199.518263][ T7880] (syz.6.524,7880,1):ocfs2_fill_super:1177 ERROR: status = -30
[  199.563295][ T6007] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[  199.731156][ T6007] usb 6-1: Using ep0 maxpacket: 32
[  199.760377][ T6007] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  199.796024][ T6007] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  199.822049][ T6007] usb 6-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  199.841017][ T6007] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  199.867399][ T6007] usb 6-1: config 0 descriptor??
[  199.898440][ T6007] hub 6-1:0.0: USB hub found
[  200.012162][ T7920] netlink: 212344 bytes leftover after parsing attributes in process `syz.6.541'.
[  200.099064][ T6007] hub 6-1:0.0: 1 port detected
[  200.110062][ T7923] netlink: 4 bytes leftover after parsing attributes in process `syz.6.542'.
[  200.301742][ T5838] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  200.503913][ T5838] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  200.540383][ T5838] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  200.582505][ T5838] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  200.613998][ T5838] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  200.633603][ T5838] usb 3-1: SerialNumber: syz
[  200.769342][ T6007] hub 6-1:0.0: activate --> -90
[  200.980788][   T29] usb 6-1: USB disconnect, device number 5
[  201.066512][ T5838] usb 3-1: 0:2 : does not exist
[  201.266363][ T7925] loop6: detected capacity change from 0 to 131072
[  201.274828][ T5838] usb 3-1: USB disconnect, device number 8
[  201.358035][ T7925] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  201.373204][ T7925] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  201.403758][ T5909] udevd[5909]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  201.470692][ T7925] F2FS-fs (loop6): lookup inode (7) has corrupted xattr
[  201.483965][   T30] audit: type=1800 audit(1773863042.983:24): pid=7925 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.543" name="file1" dev="loop6" ino=7 res=0 errno=0
[  201.504519][ T7925] F2FS-fs (loop6): lookup inode (7) has corrupted xattr
[  201.524825][ T7925] F2FS-fs (loop6): lookup inode (7) has corrupted xattr
[  201.963080][ T7950] loop1: detected capacity change from 0 to 1024
[  201.992462][ T7950] EXT4-fs: inline encryption not supported
[  202.063295][ T7950] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  202.183995][ T7961] EXT4-fs error (device loop1): ext4_mb_mark_diskspace_used:4222: comm syz.1.552: Allocating blocks 449-513 which overlap fs metadata
[  202.243029][ T7961] EXT4-fs (loop1): Remounting filesystem read-only
[  202.312306][   T29] usb 3-1: new low-speed USB device number 9 using dummy_hcd
[  202.357395][ T5846] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  202.484774][   T29] usb 3-1: config 0 has an invalid interface number: 55 but max is 0
[  202.510303][   T29] usb 3-1: config 0 has no interface number 0
[  202.517975][   T29] usb 3-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  202.530171][   T29] usb 3-1: config 0 interface 55 altsetting 0 endpoint 0xE has invalid maxpacket 32, setting to 8
[  202.541483][   T29] usb 3-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  202.553724][   T29] usb 3-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 10
[  202.567809][   T29] usb 3-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid maxpacket 120, setting to 8
[  202.589664][   T29] usb 3-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  203.011409][ T7973] loop1: detected capacity change from 0 to 32768
[  203.026100][   T29] usb 3-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  203.040812][   T29] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  203.059391][   T29] usb 3-1: config 0 descriptor??
[  203.069955][ T7973] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  203.078969][ T7973] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  203.159840][ T7956] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  203.173774][ T7956] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  203.207390][   T29] ldusb 3-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  203.224885][ T7973] gfs2: fsid=syz:syz.0: journal 0 mapped with 3 extents in 0ms
[  203.242215][ T6007] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  203.263407][ T6007] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  203.362077][ T6007] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 98ms
[  203.386421][ T6007] gfs2: fsid=syz:syz.0: jid=0: Done
[  203.407900][ T7973] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  203.572841][ T6007] usb 3-1: USB disconnect, device number 9
[  203.612041][ T6007] ldusb 3-1:0.55: LD USB Device #0 now disconnected
[  203.925232][ T7973] gfs2: fsid=syz:syz.0: found 1 quota changes
[  204.451993][ T8002] fuse: fd is not a fuse device
[  205.368649][ T7998] loop6: detected capacity change from 0 to 40427
[  205.437044][ T7998] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[  205.466606][ T7998] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  205.496789][ T6025] IPVS: starting estimator thread 0...
[  205.514473][ T7998] F2FS-fs (loop6): invalid crc value
[  205.622407][ T8023] IPVS: using max 29 ests per chain, 69600 per kthread
[  205.821060][ T7998] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  205.865602][ T8031] netlink: 'syz.5.579': attribute type 10 has an invalid length.
[  205.875119][ T7998] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  205.904119][ T7998] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  206.104829][ T8031] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  206.207352][ T8039] ipvlan2: entered promiscuous mode
[  206.233740][ T8039] ipvlan2: entered allmulticast mode
[  206.263920][ T8039] gretap0: entered allmulticast mode
[  206.302662][ T8039] team0: Device ipvlan2 failed to register rx_handler
[  208.172175][ T8036] loop1: detected capacity change from 0 to 262144
[  208.184307][ T8036] F2FS-fs (loop1): invalid crc value
[  208.316383][ T8036] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  208.327829][ T8036] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e4
[  209.856303][ T8083] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  210.370689][   T24] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  210.540672][   T24] usb 6-1: Using ep0 maxpacket: 32
[  210.554917][   T24] usb 6-1: New USB device found, idVendor=1964, idProduct=0001, bcdDevice=d4.15
[  210.816956][ T8100] loop6: detected capacity change from 0 to 32768
[  210.824555][ T8100] btrfs: Deprecated parameter 'usebackuproot'
[  210.831980][ T8100] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  210.845148][ T8100] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.603 (8100)
[  210.858690][   T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  210.869153][ T8100] BTRFS info (device loop6): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  210.881086][ T8100] BTRFS info (device loop6): using crc32c checksum algorithm
[  210.897937][   T24] usb 6-1: Product: syz
[  210.906424][   T24] usb 6-1: Manufacturer: syz
[  210.922213][   T24] usb 6-1: SerialNumber: syz
[  210.941149][   T24] usb 6-1: config 0 descriptor??
[  211.067742][ T6927] BTRFS warning (device loop6): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0
[  211.143761][ T8100] BTRFS error (device loop6): failed to load root extent
[  211.151578][ T8100] BTRFS warning (device loop6): try to load backup roots slot 1
[  211.161076][ T6552] BTRFS warning (device loop6): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0
[  211.184264][ T8100] BTRFS warning (device loop6): couldn't read tree root
[  211.191521][ T8100] BTRFS warning (device loop6): try to load backup roots slot 2
[  211.199660][ T6927] BTRFS error (device loop6): level verify failed on logical 5255168 mirror 1 wanted 0 found 1
[  211.223616][   T24] RobotFuzz Open Source InterFace, OSIF 6-1:0.0: version d4.15 found at bus 006 address 006
[  211.236529][ T8100] BTRFS warning (device loop6): couldn't read tree root
[  211.243849][ T8100] BTRFS warning (device loop6): try to load backup roots slot 3
[  211.273217][ T8100] BTRFS info (device loop6): rebuilding free space tree
[  211.340977][ T8100] BTRFS info (device loop6): checking UUID tree
[  211.347898][ T8100] BTRFS info (device loop6): enabling ssd optimizations
[  211.357987][ T8100] BTRFS info (device loop6): turning on async discard
[  211.365274][ T8100] BTRFS info (device loop6): enabling free space tree
[  211.372152][ T8100] BTRFS info (device loop6): force clearing of disk cache
[  211.379321][ T8100] BTRFS info (device loop6): trying to use backup root at mount time
[  211.388241][ T8100] BTRFS info (device loop6): force zlib compression, level 3
[  211.712902][ T6510] BTRFS info (device loop6): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  211.892039][ T5859] Bluetooth: hci4: command 0x0406 tx timeout
[  211.894285][   T51] Bluetooth: hci2: command 0x0406 tx timeout
[  211.905334][ T5854] Bluetooth: hci3: command 0x0406 tx timeout
[  212.064750][ T6007] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  212.143025][   T24] usb 6-1: USB disconnect, device number 6
[  212.227532][ T6007] usb 2-1: Using ep0 maxpacket: 16
[  212.244618][ T6007] usb 2-1: config index 0 descriptor too short (expected 12306, got 18)
[  212.269340][ T6007] usb 2-1: config 55 has too many interfaces: 49, using maximum allowed: 32
[  212.312322][ T6007] usb 2-1: config 55 has an invalid descriptor of length 55, skipping remainder of the config
[  212.347597][ T6007] usb 2-1: config 55 has 0 interfaces, different from the descriptor's value: 49
[  212.374488][ T6007] usb 2-1: New USB device found, idVendor=041e, idProduct=4018, bcdDevice=ed.b4
[  212.392881][ T6007] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  212.414478][ T6007] usb 2-1: Product: syz
[  212.419089][ T6007] usb 2-1: Manufacturer: syz
[  212.424796][ T6007] usb 2-1: SerialNumber: syz
[  212.843764][ T8136] netlink: 7 bytes leftover after parsing attributes in process `syz.6.612'.
[  212.871802][ T6007] usb 2-1: USB disconnect, device number 6
[  213.019840][ T8140] netlink: 12 bytes leftover after parsing attributes in process `syz.6.614'.
[  213.064179][ T6924] netdevsim netdevsim6 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  213.064677][ T8140] netlink: 12 bytes leftover after parsing attributes in process `syz.6.614'.
[  213.096031][ T6924] netdevsim netdevsim6 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  213.106984][ T6924] netdevsim netdevsim6 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  213.117898][ T6924] netdevsim netdevsim6 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  213.607179][ T8155] overlayfs: failed to clone upperpath
[  214.140561][  T992] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  214.163235][ T8177] netlink: 4 bytes leftover after parsing attributes in process `syz.5.630'.
[  214.221656][ T6552] netdevsim netdevsim5 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  214.221886][ T8177] netlink: 4 bytes leftover after parsing attributes in process `syz.5.630'.
[  214.247311][ T6552] netdevsim netdevsim5 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  214.285566][   T60] netdevsim netdevsim5 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  214.295678][   T60] netdevsim netdevsim5 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  214.330793][  T992] usb 2-1: Using ep0 maxpacket: 32
[  214.353764][  T992] usb 2-1: config 0 has an invalid interface number: 67 but max is 0
[  214.378999][  T992] usb 2-1: config 0 has no interface number 0
[  214.404109][  T992] usb 2-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  214.438703][  T992] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  214.473150][  T992] usb 2-1: Product: syz
[  214.489495][  T992] usb 2-1: Manufacturer: syz
[  214.511967][  T992] usb 2-1: SerialNumber: syz
[  214.530204][  T992] usb 2-1: config 0 descriptor??
[  214.669188][ T8189] kvm: emulating exchange as write
[  214.992912][  T992] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  215.006576][  T992] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  215.563769][ T8217] netlink: 4 bytes leftover after parsing attributes in process `syz.2.645'.
[  215.627567][  T992] smsc95xx 2-1:0.67 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000104: -71
[  215.647818][  T992] smsc95xx 2-1:0.67: probe with driver smsc95xx failed with error -71
[  215.676573][  T992] usb 2-1: USB disconnect, device number 7
[  215.887836][ T8217] batman_adv: batadv0: Removing interface: batadv_slave_1
[  215.919497][ T8226] overlayfs: failed to clone upperpath
[  215.930193][ T8226] capability: warning: `syz.4.648' uses deprecated v2 capabilities in a way that may be insecure
[  215.955727][ T8226] overlayfs: failed to clone upperpath
[  216.750657][ T8254] netlink: 8 bytes leftover after parsing attributes in process `syz.2.660'.
[  216.770746][ T8254] netlink: 8 bytes leftover after parsing attributes in process `syz.2.660'.
[  216.965791][ T8265] ip6gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue
[  217.779995][ T8285] tipc: Failed to remove unknown binding: 66,1,1/0:4097994011/4097994013
[  218.350596][ T6025] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  218.513779][ T6025] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  218.537642][ T6025] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 255, changing to 11
[  218.563891][ T6025] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  218.588108][ T6025] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  218.620679][ T6025] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  218.640036][ T6025] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  218.654670][ T6025] usb 6-1: config 0 descriptor??
[  218.663168][ T8290] loop6: detected capacity change from 0 to 40427
[  218.671191][ T8298] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  218.686496][ T8290] F2FS-fs (loop6): build fault injection rate: 174
[  218.704998][ T8290] F2FS-fs (loop6): build fault injection type: 0x3bfe8c
[  218.722888][ T8290] F2FS-fs (loop6): invalid crc value
[  218.870012][ T8290] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  218.892459][ T8290] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  218.998050][ T8290] F2FS-fs (loop6): inject lock_op in f2fs_trylock_op of f2fs_do_write_data_page+0xd04/0x16f0
[  219.023374][ T8290] bio_check_eod: 1 callbacks suppressed
[  219.023391][ T8290] syz.6.672: attempt to access beyond end of device
[  219.023391][ T8290] loop6: rw=2049, sector=45096, nr_sectors = 136 limit=40427
[  219.067421][ T8321] syz.6.672: attempt to access beyond end of device
[  219.067421][ T8321] loop6: rw=2049, sector=45224, nr_sectors = 8 limit=40427
[  219.126730][ T6025] plantronics 0003:047F:FFFF.000A: reserved main item tag 0xd
[  219.138669][ T8321] syz.6.672: attempt to access beyond end of device
[  219.138669][ T8321] loop6: rw=0, sector=45168, nr_sectors = 8 limit=40427
[  219.194150][ T6025] plantronics 0003:047F:FFFF.000A: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[  219.294962][ T6510] syz-executor: attempt to access beyond end of device
[  219.294962][ T6510] loop6: rw=2049, sector=45232, nr_sectors = 8 limit=40427
[  219.341216][ T6510] CPU: 0 UID: 0 PID: 6510 Comm: syz-executor Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  219.341248][ T6510] Tainted: [L]=SOFTLOCKUP
[  219.341256][ T6510] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  219.341267][ T6510] Call Trace:
[  219.341275][ T6510]  <TASK>
[  219.341283][ T6510]  dump_stack_lvl+0xe8/0x150
[  219.341318][ T6510]  f2fs_handle_critical_error+0x37c/0x540
[  219.341352][ T6510]  f2fs_write_end_io+0x1274/0x1740
[  219.341392][ T6510]  __submit_merged_bio+0x256/0x700
[  219.341429][ T6510]  __submit_merged_write_cond+0x3c9/0x4e0
[  219.341464][ T6510]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  219.341512][ T6510]  f2fs_write_data_pages+0x287e/0x34f0
[  219.341581][ T6510]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  219.341628][ T6510]  ? __pfx_css_rstat_updated+0x10/0x10
[  219.341688][ T6510]  ? mod_memcg_lruvec_state+0x208/0x220
[  219.341720][ T6510]  ? lru_gen_update_size+0x7c7/0xd10
[  219.341760][ T6510]  ? __lock_acquire+0x6b5/0x2cf0
[  219.341815][ T6510]  ? filemap_get_folios_tag+0x118/0x720
[  219.341848][ T6510]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  219.341881][ T6510]  do_writepages+0x32e/0x550
[  219.341928][ T6510]  ? do_raw_spin_unlock+0xf5/0x210
[  219.341960][ T6510]  filemap_fdatawrite+0x1e9/0x2f0
[  219.341990][ T6510]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  219.342064][ T6510]  ? do_raw_spin_unlock+0xf5/0x210
[  219.342096][ T6510]  f2fs_sync_dirty_inodes+0x30e/0x860
[  219.342133][ T6510]  f2fs_write_checkpoint+0x9df/0x26a0
[  219.342190][ T6510]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  219.342269][ T6510]  kill_f2fs_super+0x314/0x720
[  219.342309][ T6510]  ? __pfx_kill_f2fs_super+0x10/0x10
[  219.342356][ T6510]  ? lockdep_hardirqs_on+0x7a/0x110
[  219.342398][ T6510]  deactivate_locked_super+0xbc/0x130
[  219.342430][ T6510]  cleanup_mnt+0x437/0x4d0
[  219.342451][ T6510]  ? _raw_spin_unlock_irq+0x23/0x50
[  219.342478][ T6510]  task_work_run+0x1d9/0x270
[  219.342509][ T6510]  ? __pfx_task_work_run+0x10/0x10
[  219.342548][ T6510]  exit_to_user_mode_loop+0xed/0x480
[  219.342577][ T6510]  ? rcu_is_watching+0x15/0xb0
[  219.342603][ T6510]  do_syscall_64+0x32d/0xf80
[  219.342628][ T6510]  ? trace_irq_disable+0x3b/0x150
[  219.342654][ T6510]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  219.342675][ T6510]  ? clear_bhb_loop+0x40/0x90
[  219.342701][ T6510]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  219.342722][ T6510] RIP: 0033:0x7f6bd879d9d7
[  219.342742][ T6510] Code: a2 c7 05 1c fd 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  219.342759][ T6510] RSP: 002b:00007ffd01a725a8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  219.342781][ T6510] RAX: 0000000000000000 RBX: 00007f6bd8832050 RCX: 00007f6bd879d9d7
[  219.342795][ T6510] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd01a72660
[  219.342808][ T6510] RBP: 00007ffd01a72660 R08: 00007ffd01a73660 R09: 00000000ffffffff
[  219.342821][ T6510] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd01a736f0
[  219.342834][ T6510] R13: 00007f6bd8832050 R14: 0000000000035819 R15: 00007ffd01a73730
[  219.342867][ T6510]  </TASK>
[  219.344622][ T6510] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  219.458747][ T8324] mmap: syz.2.683 (8324) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  219.778903][  T808] usb 6-1: USB disconnect, device number 7
[  220.814617][ T8360] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  222.036843][ T8390] loop1: detected capacity change from 0 to 4096
[  223.155190][ T8412] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns
[  223.199287][ T8412] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer.
[  223.640383][ T8429] netlink: 8 bytes leftover after parsing attributes in process `syz.6.717'.
[  223.693195][ T8436] netlink: 4 bytes leftover after parsing attributes in process `syz.6.717'.
[  224.036094][ T8436] A link change request failed with some changes committed already. Interface gre1 may have been left with an inconsistent configuration, please check.
[  224.827018][ T8469] netlink: 4 bytes leftover after parsing attributes in process `syz.1.731'.
[  224.919166][ T8475] loop6: detected capacity change from 0 to 764
[  224.926946][ T8467] xt_hashlimit: size too large, truncated to 1048576
[  224.980273][ T8475] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  225.638765][ T8486] loop5: detected capacity change from 0 to 4096
[  225.665676][ T8495] loop1: detected capacity change from 0 to 128
[  225.692371][ T8495] EXT4-fs (loop1): Test dummy encryption mode enabled
[  225.786816][ T8495] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  225.898914][ T8495] ext4 filesystem being mounted at /133/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  226.008742][ T8495] fscrypt: AES-256-XTS using implementation "xts-aes-aesni-avx"
[  226.292304][ T5846] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  226.357233][ T8514] overlayfs: failed to clone upperpath
[  227.130675][  T992] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  227.239289][ T8547] netlink: 212348 bytes leftover after parsing attributes in process `syz.5.759'.
[  227.250006][ T8547] netlink: Conntrack attr type has unexpected length (type=2, length=0, expected=2)
[  227.334675][  T992] usb 7-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  227.365073][  T992] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  227.400372][  T992] usb 7-1: config 0 descriptor??
[  227.416576][  T992] cp210x 7-1:0.0: cp210x converter detected
[  227.654279][ T8557] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  227.834431][  T992] cp210x 7-1:0.0: failed to get vendor val 0x000e size 3: -32
[  227.875717][  T992] usb 7-1: cp210x converter now attached to ttyUSB0
[  228.020583][ T8564] aoe: error packet from 0.0@lo; ecode=101 'no such error'
[  228.030544][ T8564] aoe: error packet from 0.0@lo; ecode=101 'no such error'
[  228.037940][ T8564] aoe: error packet from 0.0@lo; ecode=101 'no such error'
[  228.045365][ T8564] aoe: error packet from 0.0@lo; ecode=101 'no such error'
[  228.052771][ T8564] aoe: error packet from 0.0@lo; ecode=101 'no such error'
[  228.060111][ T8564] aoe: error packet from 0.0@lo; ecode=101 'no such error'
[  228.067421][ T8564] aoe: error packet from 0.0@lo; ecode=101 'no such error'
[  228.074722][ T8564] aoe: error packet from 0.0@lo; ecode=101 'no such error'
[  228.131410][  T808] usb 7-1: USB disconnect, device number 7
[  228.187621][  T808] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  228.242615][  T808] cp210x 7-1:0.0: device disconnected
[  228.491581][ T8582] overlayfs: failed to clone upperpath
[  229.420206][ T8614] xt_hashlimit: size too large, truncated to 1048576
[  229.608476][ T8621] netlink: 28 bytes leftover after parsing attributes in process `syz.1.786'.
[  230.078072][ T8631] ipvlan2: entered promiscuous mode
[  230.086471][ T8631] ipvlan2: entered allmulticast mode
[  230.092310][ T8631] gretap0: entered allmulticast mode
[  230.104035][ T8631] team0: Device ipvlan2 failed to register rx_handler
[  230.194637][  T992] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  230.295233][   T24] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  230.365792][  T992] usb 3-1: New USB device found, idVendor=04fc, idProduct=504a, bcdDevice=43.02
[  230.402325][  T992] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  230.421202][  T992] usb 3-1: Product: syz
[  230.430601][  T992] usb 3-1: Manufacturer: syz
[  230.439355][  T992] usb 3-1: SerialNumber: syz
[  230.459135][  T992] usb 3-1: config 0 descriptor??
[  230.467757][   T24] usb 6-1: Using ep0 maxpacket: 16
[  230.485306][  T992] gspca_main: sunplus-2.14.0 probing 04fc:504a
[  230.494504][   T24] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  230.512698][   T24] usb 6-1: config 0 interface 0 altsetting 9 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  230.545889][   T24] usb 6-1: config 0 interface 0 has no altsetting 0
[  230.574172][   T24] usb 6-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  230.585078][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  230.598573][   T24] usb 6-1: config 0 descriptor??
[  230.614892][   T24] usbhid 6-1:0.0: couldn't find an input interrupt endpoint
[  231.158628][ T8644] loop1: detected capacity change from 0 to 32768
[  231.212035][ T8644] 
[  231.212035][ T8644]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  231.212035][ T8644] 
[  231.383858][   T24] usb 6-1: USB disconnect, device number 8
[  231.635874][ T1020] 
[  231.635874][ T1020]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  231.635874][ T1020] 
[  231.648732][ T1020] 
[  231.648732][ T1020]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  231.648732][ T1020] 
[  231.666238][ T1020] 
[  231.666238][ T1020]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  231.666238][ T1020] 
[  231.677871][ T5846] 
[  231.677871][ T5846]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  231.677871][ T5846] 
[  231.696141][ T5846] 
[  231.696141][ T5846]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  231.696141][ T5846] 
[  231.718119][  T117] ==================================================================
[  231.726342][  T117] BUG: KASAN: slab-use-after-free in __mutex_lock+0x861/0x1420
[  231.733941][  T117] Read of size 8 at addr ffff88802cdb1908 by task jfsCommit/117
[  231.741615][  T117] 
[  231.743985][  T117] CPU: 0 UID: 0 PID: 117 Comm: jfsCommit Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  231.744017][  T117] Tainted: [L]=SOFTLOCKUP
[  231.744025][  T117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  231.744038][  T117] Call Trace:
[  231.744046][  T117]  <TASK>
[  231.744063][  T117]  dump_stack_lvl+0xe8/0x150
[  231.744098][  T117]  print_address_description+0x55/0x1e0
[  231.744128][  T117]  ? __mutex_lock+0x861/0x1420
[  231.744152][  T117]  print_report+0x58/0x70
[  231.744177][  T117]  kasan_report+0x117/0x150
[  231.744200][  T117]  ? __mutex_lock+0x861/0x1420
[  231.744228][  T117]  __mutex_lock+0x861/0x1420
[  231.744258][  T117]  ? __mutex_lock+0x5fc/0x1420
[  231.744284][  T117]  ? jfs_syncpt+0x25/0x90
[  231.744314][  T117]  ? __pfx___mutex_lock+0x10/0x10
[  231.744348][  T117]  jfs_syncpt+0x25/0x90
[  231.744375][  T117]  txEnd+0x2e5/0x530
[  231.744405][  T117]  jfs_lazycommit+0x5b8/0xaa0
[  231.744439][  T117]  ? __pfx_jfs_lazycommit+0x10/0x10
[  231.744469][  T117]  ? __pfx_default_wake_function+0x10/0x10
[  231.744501][  T117]  ? __kthread_parkme+0x7a/0x1f0
[  231.744527][  T117]  kthread+0x388/0x470
[  231.744551][  T117]  ? __pfx_jfs_lazycommit+0x10/0x10
[  231.744580][  T117]  ? __pfx_kthread+0x10/0x10
[  231.744603][  T117]  ret_from_fork+0x51e/0xb90
[  231.744635][  T117]  ? __pfx_ret_from_fork+0x10/0x10
[  231.744664][  T117]  ? __switch_to+0xc7d/0x1450
[  231.744691][  T117]  ? __pfx_kthread+0x10/0x10
[  231.744715][  T117]  ret_from_fork_asm+0x1a/0x30
[  231.744741][  T117]  </TASK>
[  231.744749][  T117] 
[  231.895223][  T117] Allocated by task 8644:
[  231.899569][  T117]  kasan_save_track+0x3e/0x80
[  231.904282][  T117]  __kasan_kmalloc+0x93/0xb0
[  231.908988][  T117]  __kmalloc_cache_noprof+0x31c/0x660
[  231.914383][  T117]  lmLogOpen+0x2d1/0xfa0
[  231.918652][  T117]  jfs_mount_rw+0xee/0x670
[  231.923086][  T117]  jfs_fill_super+0x754/0xd80
[  231.927793][  T117]  get_tree_bdev_flags+0x431/0x4f0
[  231.933018][  T117]  vfs_get_tree+0x92/0x2a0
[  231.937462][  T117]  do_new_mount+0x341/0xd30
[  231.942083][  T117]  __se_sys_mount+0x31d/0x420
[  231.946870][  T117]  do_syscall_64+0x14d/0xf80
[  231.951479][  T117]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  231.957391][  T117] 
[  231.959724][  T117] Freed by task 5846:
[  231.963712][  T117]  kasan_save_track+0x3e/0x80
[  231.968412][  T117]  kasan_save_free_info+0x46/0x50
[  231.973545][  T117]  __kasan_slab_free+0x5c/0x80
[  231.978328][  T117]  kfree+0x1c5/0x650
[  231.982262][  T117]  lmLogClose+0x297/0x520
[  231.986633][  T117]  jfs_umount+0x2fb/0x3d0
[  231.990991][  T117]  jfs_put_super+0x8c/0x190
[  231.995608][  T117]  generic_shutdown_super+0x13d/0x2d0
[  232.001043][  T117]  kill_block_super+0x44/0x90
[  232.005746][  T117]  deactivate_locked_super+0xbc/0x130
[  232.011245][  T117]  cleanup_mnt+0x437/0x4d0
[  232.015678][  T117]  task_work_run+0x1d9/0x270
[  232.020289][  T117]  exit_to_user_mode_loop+0xed/0x480
[  232.025601][  T117]  do_syscall_64+0x32d/0xf80
[  232.030213][  T117]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  232.036125][  T117] 
[  232.038466][  T117] The buggy address belongs to the object at ffff88802cdb1800
[  232.038466][  T117]  which belongs to the cache kmalloc-1k of size 1024
[  232.052558][  T117] The buggy address is located 264 bytes inside of
[  232.052558][  T117]  freed 1024-byte region [ffff88802cdb1800, ffff88802cdb1c00)
[  232.066464][  T117] 
[  232.068808][  T117] The buggy address belongs to the physical page:
[  232.075250][  T117] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2cdb0
[  232.084039][  T117] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  232.092552][  T117] flags: 0xfff00000000040(head|node=0|zone=1|lastcpupid=0x7ff)
[  232.100202][  T117] page_type: f5(slab)
[  232.104197][  T117] raw: 00fff00000000040 ffff88801b041dc0 dead000000000100 dead000000000122
[  232.112797][  T117] raw: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000
[  232.121530][  T117] head: 00fff00000000040 ffff88801b041dc0 dead000000000100 dead000000000122
[  232.130339][  T117] head: 0000000000000000 0000000800100010 00000000f5000000 0000000000000000
[  232.139030][  T117] head: 00fff00000000003 fffffffffffffe01 00000000ffffffff 00000000ffffffff
[  232.147729][  T117] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008
[  232.156498][  T117] page dumped because: kasan: bad access detected
[  232.162939][  T117] page_owner tracks the page as allocated
[  232.168665][  T117] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5588, tgid 5588 (S50sshd), ts 56578630367, free_ts 56359476801
[  232.189793][  T117]  post_alloc_hook+0x231/0x280
[  232.194600][  T117]  get_page_from_freelist+0x2418/0x24b0
[  232.200208][  T117]  __alloc_frozen_pages_noprof+0x233/0x3d0
[  232.206151][  T117]  allocate_slab+0x77/0x660
[  232.211041][  T117]  refill_objects+0x339/0x3d0
[  232.215746][  T117]  __pcs_replace_empty_main+0x321/0x720
[  232.221316][  T117]  __kmalloc_noprof+0x474/0x760
[  232.226177][  T117]  load_elf_binary+0x30f/0x2980
[  232.231056][  T117]  bprm_execve+0x949/0x1470
[  232.235577][  T117]  do_execveat_common+0x50d/0x690
[  232.240623][  T117]  __x64_sys_execve+0x97/0xc0
[  232.245315][  T117]  do_syscall_64+0x14d/0xf80
[  232.249935][  T117]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  232.255880][  T117] page last free pid 5584 tgid 5584 stack trace:
[  232.262221][  T117]  __free_frozen_pages+0xbf0/0xd00
[  232.267345][  T117]  __slab_free+0x274/0x2c0
[  232.271783][  T117]  qlist_free_all+0x99/0x100
[  232.276399][  T117]  kasan_quarantine_reduce+0x148/0x160
[  232.281887][  T117]  __kasan_slab_alloc+0x22/0x80
[  232.286760][  T117]  __kmalloc_cache_noprof+0x2ba/0x660
[  232.292148][  T117]  tomoyo_init_log+0x112e/0x1fb0
[  232.297105][  T117]  tomoyo_supervisor+0x353/0x1570
[  232.302146][  T117]  tomoyo_env_perm+0x151/0x1f0
[  232.306938][  T117]  tomoyo_find_next_domain+0x15cb/0x1aa0
[  232.312588][  T117]  tomoyo_bprm_check_security+0x11b/0x180
[  232.318323][  T117]  security_bprm_check+0x85/0x240
[  232.323400][  T117]  bprm_execve+0x8a2/0x1470
[  232.327916][  T117]  do_execveat_common+0x50d/0x690
[  232.332957][  T117]  __x64_sys_execve+0x97/0xc0
[  232.337643][  T117]  do_syscall_64+0x14d/0xf80
[  232.342250][  T117] 
[  232.344585][  T117] Memory state around the buggy address:
[  232.350227][  T117]  ffff88802cdb1800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  232.358303][  T117]  ffff88802cdb1880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  232.366399][  T117] >ffff88802cdb1900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  232.374480][  T117]                       ^
[  232.378821][  T117]  ffff88802cdb1980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  232.386934][  T117]  ffff88802cdb1a00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  232.395007][  T117] ==================================================================
[  232.404558][  T117] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  232.411803][  T117] CPU: 0 UID: 0 PID: 117 Comm: jfsCommit Tainted: G             L      syzkaller #0 PREEMPT(full) 
[  232.422518][  T117] Tainted: [L]=SOFTLOCKUP
[  232.426875][  T117] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  232.436958][  T117] Call Trace:
[  232.440282][  T117]  <TASK>
[  232.443251][  T117]  vpanic+0x56c/0xa60
[  232.447248][  T117]  ? __pfx_vpanic+0x10/0x10
[  232.451775][  T117]  panic+0xc5/0xd0
[  232.455533][  T117]  ? __pfx_panic+0x10/0x10
[  232.460010][  T117]  ? __mutex_lock+0x861/0x1420
[  232.464803][  T117]  ? __mutex_lock+0x861/0x1420
[  232.469614][  T117]  check_panic_on_warn+0x89/0xb0
[  232.474582][  T117]  ? __mutex_lock+0x861/0x1420
[  232.479535][  T117]  end_report+0x73/0x180
[  232.483805][  T117]  ? __mutex_lock+0x861/0x1420
[  232.488589][  T117]  kasan_report+0x128/0x150
[  232.493107][  T117]  ? __mutex_lock+0x861/0x1420
[  232.497904][  T117]  __mutex_lock+0x861/0x1420
[  232.502515][  T117]  ? __mutex_lock+0x5fc/0x1420
[  232.507302][  T117]  ? jfs_syncpt+0x25/0x90
[  232.511660][  T117]  ? __pfx___mutex_lock+0x10/0x10
[  232.516713][  T117]  jfs_syncpt+0x25/0x90
[  232.520890][  T117]  txEnd+0x2e5/0x530
[  232.524841][  T117]  jfs_lazycommit+0x5b8/0xaa0
[  232.529548][  T117]  ? __pfx_jfs_lazycommit+0x10/0x10
[  232.534790][  T117]  ? __pfx_default_wake_function+0x10/0x10
[  232.540618][  T117]  ? __kthread_parkme+0x7a/0x1f0
[  232.545598][  T117]  kthread+0x388/0x470
[  232.549686][  T117]  ? __pfx_jfs_lazycommit+0x10/0x10
[  232.554909][  T117]  ? __pfx_kthread+0x10/0x10
[  232.559612][  T117]  ret_from_fork+0x51e/0xb90
[  232.564232][  T117]  ? __pfx_ret_from_fork+0x10/0x10
[  232.569368][  T117]  ? __switch_to+0xc7d/0x1450
[  232.574075][  T117]  ? __pfx_kthread+0x10/0x10
[  232.578696][  T117]  ret_from_fork_asm+0x1a/0x30
[  232.583497][  T117]  </TASK>
[  232.587031][  T117] Kernel Offset: disabled
[  232.591366][  T117] Rebooting in 86400 seconds..