last executing test programs:

5m13.847518153s ago: executing program 3 (id=11247):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_RENAME(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000100)={0x34, 0x5, 0x6, 0x101, 0x0, 0x0, {0xa, 0x0, 0x3}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz1\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x8040}, 0x40)

5m13.665599923s ago: executing program 3 (id=11249):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x1, 0x4, &(0x7f0000006680))
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)

5m12.601694506s ago: executing program 3 (id=11263):
r0 = socket$inet6(0xa, 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x89f0, &(0x7f0000000000)={'bridge0\x00', &(0x7f0000000080)=@ethtool_regs={0x12}})

5m12.536514412s ago: executing program 3 (id=11265):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f0000000440)={[{@dmask={'dmask', 0x3d, 0x4ae}}, {@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {@sys_tz}, {@errors_remount}, {}, {}, {@gid}, {@utf8}, {@sys_tz}, {@sys_tz}, {@keep_last_dots}]}, 0x1, 0x152d, &(0x7f00000034c0)="$eJzs3AuYTtUaOPD3XWvtMSS+JrkMa6138yWXZZIklyS5JEklSXJLSJrkSEJiCEkakpBchiSGkFwmJo37/X5JSJImSXLLLVn/Z8Lf6dT5dy79j/OceX/Psx/rtfZa+93f+13W3jPzfddlSK3Gtas3JCL4t+CFf5IAIBYABgBAXgAIAKB8XPm4rP6cEpP+vYOwP9dDqVc6A3Ylcf2zN65/9sb1z964/tkb1z974/pnb1z/7I3rz1h2tnFqoWt4y74b3//Pzvjz/39IZpkxX60uc11XgJh/dAjXP3vj+v/PCv6Rnbj+2RvXP7uKvdIJsP8C/PrPDnL83R6uf/bG9WcsO7vS95+v9AaR/7LH4HDOC4X5T50/Y4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDH2H3DaX6YA4FL7SufFGGOMMcYYY4yxP4/PcaUzYIwxxhhjjDHG2P9/CAIkKAggBnJALOSEXCAA4GrIA3khAtdAHFwL+eA6yA8FoCAUgngoDEVAgwELBCEUhWIQheuhONwAJaAklILS4KAMJMCNUBZugnJwM5SHW6AC3AoVoRJUhipwG1SF26Ea3AHV4U6oATWhFtSGu6AO3A114R6oB/dCfbgP7ocHoAE8CA3hIWgED0NjeASawKPQFJpBc2gBLf+l8S9AD3gRekIvSILe0Adegr7QD/rDyzAAXoGB8CoMgtcgGQbDEHgdhsIbMAzehOEwAkbCWzAK3obRMAbGwjhIgfEwAd6BifAuTIL3YDJMgVSYCtPgfZgOM2AmfACz4EOYDXNgLsyDNPgI5sMCSIePYSF8AhmwCBbDElgKy2A5rICVsApWwxpYC+tgPWyAjbAJNsMW2ArbYDt8CjvgM9gJu2A3fA574It/cvypvxnfFQEBBQpUqDAGYzAWYzEX5sLcmBvzYB6MYATjMA7zYT7Mj/mxIBbEeIzHIlgEDRokJCyKRTGKUSyOxbEElsBSWAodOkzABCyLN2E5LIflsTxWwApYESthJayCVbAqVsVqWA2rY3WsgTWwFtbCu/Au7I11sS7Ww3pYH+tfuj2FDbEhNsJG2BgbYxNsgk2xKTbH5tgSW2IrbIWtsTW2xbbYDtthe2yPiZiIHbADdsSO2Ak7YWfsjF2wC3bFbtgt84UcgC/ii9gLa4je2Af7YF9MztEfX8aX8RUciK/iq/gaJuNgHIKv4+v4Bg7DkzgcR+BIHIlVxds4GscgiXGYgik4ASfgRJyIWYm+h1MwFafiNJyG03EGzsAPcBZ+iB/iHJyD8zAN03A+LsB0TMeFeAozcBEuxiW4FJfhUlyBK3EFrsY1uBrX4TrcgBtwE27CLbgFt+E2/BQVAH6Gu3AXJuMe3IN7cS/uw324H/djJmbiATyAB/EgHsJDeBgP4xE8isfwKJ7AE3gST+FpPI1n8Syew+fiv2n0aclVySCyKKFEjIgRsSJW5BK5RG6RW+QReURERESciBP5RD6RX+QXBUVBES/iRRFRRBhhBIkwBgBEVERFcVFclBAlRClRSjjhRIJIEGVFWVFOlBPlxS2igrhVVBSVRBtXRVQRVUVbV03cIaqL6qKGqClqidqitqgj6oi6oq6oJ+qJ+qK+uF88IBqI3tgfHxJZlWksBmMTMQSbimZCXnwHayWGYWvRRrQVT4gROBzbi1YuUTwtOojR2FH8RYzBZ0VnMQ67iOdFV9FNdBcviB6itespeolJ2Fv0EVOwr+gn+ouXxXSsKT7AWTlriddEshgshojXxTx8QwwTb4rhYoQYKd4So8TbYrQYI8aKcSJFjBcTxDtionhXTBLvicliikgVU8U08b6YLmaImeIDMUt8KGaLOWKumCfSxEdivlgg0sXHYqH4RGSIRWKxWCKWimViuVghVopVYrVYI9aKdWK92CA2ik1is4iFrWKb2C4+FTvEZ2Kn2CV2i8/FHvGF2Cu+FPvEV2K/+Fpkim/EAfGtOCi+E4fE9+Kw+EEcEUfFMXFcnBA/ipPilDgtzoiz4idxTvwszgsvQKIUUkolAxkjc8hYmVPmklfJ3DK4+OheI+PktTKfvE7mlwVkQVlIxsvCsojU0kgrSYayqCwmo/J6WVzeIEvIkrKULC2dLCMT5I2yrLxJlpM3y/LyFllB3iorykqysqwib5NV5e0SIheOUUPWlLVkbXmXTIK7ZV15j6wn75X15X3yfvmAbCAflA3lQ7KRfFg2lo/IJvJR2VQ2k81lC9lSPiZbycdla9lGtpVPyHbySdlePiUT5dOyg/QXnyLPys7yOdlFPi+7ym6yu/xZnpde9pS9JPQG2Ue+JPvKfrJ/LADIV+RA+aocJF+TyXKwHCJfl0PlG3KYfFMOlyPkSPmWHCXflqPlGDlWjpMpcrycIN+RE+W7cpJ8T06WU2SqnCr7ywG/zDRTyj8c/87vjB/0y9E3yI1yk9wst8itcpvcLj+VO+QOuVPulLvlbrlH7pF75V65T+6T++V+mSkz5QF5QB6UB+UheUgeloflEXlUnpHH5Qn5ozwpT8lT8ow8K8/KcxcfA1CohJJKqUDFqBwqVuVUudRVKre6WuVReVVEXaPi1LUqn7pO5VcFVEFVSMWrwqqI0sooq0iFqqgqpqLqerz4hFGlVGnlVBmVoG78Z8ar4uoGVUKV/NX4S/kl/Z38WqqWqpVqpVqr1qqtaqvaqXaqvWqvElWi6qA6qI6qo+qkOqnOqrPqorqorqqr6q66qx6qh+qpeqoklaT6qJdUX9VP9VcvqwHqFTVQDVSD1CCVrJLVEDVEDVVD1TA1TA1Xw9VINVKNUqPUaDVajVVjVYpKURPUBDVRTVST1CQ1WU1WqSpVTVPT1HQ1Xc1UM9UsNUvNVrPVXDVXpak0NV/NV+kqXS1UC1WGWqQWqSVqiVqmlqkVaoVapVapNWqNWqfWqQy1UW1Um9VmtVVtVdvVdrVD7VA7xU61W+1We9QetVftVfvUPrVf7VeZKlMdUAfUQXVQHVKH1GF1WB1RR9QxdUydUCfUSXVSnVan1Vl1Vp1T59R5dT5r2ReIQAQqUEFMEBPEBrFBriBXkDvIHeQJ8gSRIBLEBXFBvuC6IH9QICgYFArig8JBkUAHJrCBuFj0aHB9UDy4ISgRlAxKBaUDF5QJEoIbg7LBTUG54OagfHBLUCG4NagYVAoqB1WC24Kqwe1BteCOoHpwZ1AjqBnUCmoHdwV1gruDusE9Qb3g3qB+cF9wf/BA0CB4MGgYPBQ0Ch4OGgePBE2CR4OmQbOgedAiaPmnzu/9yQKPu566l07SvXUf/ZLuq/vp/vplPUC/ogfqV/Ug/ZpO1oP1EP26Hqrf0MP0m3q4HqFH6rf0KP22Hq3H6LF6nE7R4/UE/Y6eqN/Vk/R7erKeolP1VD1Nv6+n6xl6pv5Az9If6tl6jp6r5+k0/ZGerxfodP2xXqg/0Rl6kV6sl+ileplerlfolXqVXq3X6LV6nV6vN+iNepPerLforXqb3q4/1Tv0Z3qn3qV368/1Hv2F3qu/1Pv0V3q//lpn6m/0Af2tPqi/04f09/qw/kEf0Uf1MX1cn9A/6pP6lD6tz+iz+id9Tv+sz2uftbjP+ng3yigTY2JMrIk1uUwuk9vkNnlMHhMxERNn4kw+k8/kN/lNQVPQxJt4U8QUMVnIkClqipqoiZriprgpYUqYUqaUccaZBJNgypqyppwpZ8qb8qaCqWAqmoqmsqlsbjO3mdvN7eYOc4e509xpapqaprapbeqYOqauqWvqmXqmvqlv7jf3mwamgWloGppGppFpbBqbJqaJaWqamuamuWlpWppWppVpbVqbtqataWfamfamvUk0iaaD6WA6mo6mk+lkOpvOpovpYrqarqa76W56mB6mp+lpkkyS6WP6mL6mr+lv+psBZoAZaAaaQWaQSTbJZogZYoaaoWaYGWaGmxFmZNZC1bxtRpsxZqwZZ1JMiplgJpiJZqKZZCaZyWaySTWpZpqZZqab6WammWlmmVlmtplt5pq5Js2kmflmvkk36WahWWgyTIZZbBabpWapWW6Wm5VmpVltVpu1sNasN+vNRrPRbDabzVaz1Ww3280Os8PsNDvNbrPb7DF7zF6z1+wz+8x+s99kmkxzwBwwB81Bc8gcMofNYXPEHDHHzDFzwpwwJ81Jc9qcNmdNgYufl97E2pw2l73K5rZX2zw2r/3buKAtZONtYVvEapvfFvhVbKy1JWxJW8qWts6WsQn2xt/EFW0lW9lWsbfZqvZ2W+03cR17t61r77H17L22tr3rV3F9e5/NWp00QASwzWwj28I2to/YJvZR29Q2s81tC9vOPmnb26dson3adrDP/CaebxfYlXaVXW3X2J12lz1tz9iD9jt71v5ke9pedoB9xQ60r9pB9jWbbAf/Jh5p37Kj7Nt2tB1jx9pxv4kn2yk21U610+z7drqd8Zs4zX5kZ9l0O9vOsXPtvF/irJzS7cd2of3EZtgAFtsldqldZpfbFZdy9XntOrvebrA77Gd2s91it9ptdvulhbDdZXfbz+0e+4U9YL+1++xXdr89ZDPtN7/EWed3yH5vD9sf7BF71B6zx+0J+6O6NDrr3I/bn+156y0QEpAkRQHFUA6KpZyUi66i3HQ15aG8FKFrKI6upXx0HeWnAlSQClE8FaYipMmQJaKQilIxitL1dCm9UlSaHJWhBLqRytJNVI5upvJ0C1WgW6kiVaLKVIVuo6p0O1WjO6g63Uk1qCbVotp0F9Whu6ku3UP16F6qT/fR/fQANaAHqSE9RI3oYWpMj1ATepSaUjNqTi2oJT1Grehxak1tqC09Qe3oSWpPT1EiPU0d6BnqSH+hTvQsdabnqAs9T12pG3WnF6gHvUg9qRclUW/qQy9RX+pH/ellGkCv0EB6lQbRa5RMg2kIvU5D6Q0aRm/ScBpBI+ktGkVv02gaQ2NpHKXQeJpA79BEepcm0Xs0maZQKk2lafQ+TacZNJM+oFn0Ic2mOTSX5lEafUTzaQGl08e0kD6hDFpEi2kJLaVltJxW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nT6lHfQZ7aRdtJs+pz30BSF9SfvoK9pPX1MmfUMH6Fs6SN/RIfre96If6AgdpWN0nE7Qj3SSTtFpOkNn6Sc6Rz/TefIEIYYilKEKgzAmzBHGhjnDXOFVYe7w6jBPmDeMhNeEceG1Yb7wujB/WCAsGBYK48PCYZFQhya0IYVhWDQsFkbD68Pi4Q1hibBkWCosHbqwTJgQ3hiWDW8Ky4U3h+XDW8IK4a1hxbBS+Mi9VcLbwqrh7WG18I6wenhnWCOsGdYKa4d3hXXCu8O64T1hvfDesFx4X3h/+EDYIHwwbBg+FDYKHw4bh4+ETcJHw6Zhs7B52CJsGT4WtgofD1uHbcK24RNhu/DJsH34VJgYPh12CJ/5pf++BX+/PynsHfYJXwpfCr2/R86NzoumRT+Kzo8uiKZHP44ujH4SzYguii6OLokujS6LLo+uiK6Mroqujq6Jro2ui66Pboh6XzsHOHTCSadc4GJcDhfrcrpc7iqX213t8ri8LuKucXHuWpfPXefyuwKuoCvk4l1hV8RpZ5x15EJX1BVzUXe9K+5ucCVcSVfKlXbOlXEJroVr6Vq6Vu5x19q1cW3dE+4J96R70j3lnnJPuw7uGdfR/cV1cs+6zu4595x73nV13Vx394Lr4cbnufCaTHJ9XB/X1/V1/V1/N8ANcAPdQDfIDXLJLtkNcUPcUDfUDXPD3HA33I10I90oN8qNdqPdWDfWpbgUN8FNcBPdRDfJTXKT3WSX6lLdNDfNTXfTXdUZF44y2812c91cl+bS3HyXtWZMdwvdQpfhMtxit9gtdUvdcrfcrXQr3Wq32q11a916t95tdBvdZrfZbXVb3Xa33e1wO9xOn/fCpG6P2+v2un1un9vvvnaZ7ht3wH3rDrrv3CH3vTvsfnBH3FF3zB13J9yP7qQ75U67M+6s+8mdcz+78867lMj4yITIO5GJkXcjkyLvRSZHpkRSI1Mj0yLvR6ZHZkRmRj6IzIp8GJkdmROZG5kXSYt8FJkfWRBJj3wcWRj5JJIRWRRZHFkSWRpZFvG+8ObQF/XFfNRf74v7G3wJX9KX8qW982V8gr/Rl/U3+XL+Zl/e3+Ir+Ft9RV/JV/aP+qa+mW/uW/iW/jHfyj/uW/s2vq1/wrfzT/r2/imf6J/2HfwzvqP/i+/kn/Wd/XO+i3/ed/XdfHf/gu/hX/Q9fS+f5Hv7Pv4l39f38/39y36Af8UP9K/6Qf41n+wH+yH+dT/Uv+GH+Tf9cD/Cj4x5y4+6dIkM43yKH+8n+Hf8RP+un+Tf85P9FJ/qp/pp/n0/3c/wM/0Hfpb/0M/2c/xcP8+n+Y/8fL/Ap/uP/UL/ic/wiy7dVPbL/Qq/0q/yq/0av9av8+v9Br/Rb/Kb/Ra/1W/z2/2nfof/zO/0u/xu/7nf47/we/2Xfp//yu/3X/tM/40/4L/1B/13/pD/3h/2P/gj/qg/5o/7E/5Hf9Kf8qf9GX/W/+TP+Z/9ef6bNcYYY4yxf8j4y03x654Lt/N7/84Y8Vc79wGAq7cUyvzr/qwV5dr8F9r9RHy7CAA83avLQ5e2GjWSkpIu7pshISg2B+DST4KyxMDleBG0hSchEdpA2d/Nv5/odpb+YP7oLQC5/mpMLFyOL8//JQAm/c78jz0xcn6F8HTc/2P+OQAlil0ekxMux4ug7S/3V9pAub+Tf4FWf5B/zq9SAFr/1ZjccDm+nH8CPA7PQOKv9mSMMcYYY4wxxi7oJyp3unT9eek3Pn/v+jxeXR6TAy7Hf3R9zhhjjDHGGGOMsSvv2W7dn3osMbFNp3++Ue2P91H/2sy/NJrAv5oYN/6lhvcA/7dwAPBvTgiQ1ZD/ybPY9B85VvLFl87fdi094wP47yjln9G4wm9MjDHGGGOMsT/d5UX/r/9fXamEGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4yxbOjf/Y43+Ae+pe9KnyNjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDF2pf2fAAAA//+Bqfni")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)

5m12.298184942s ago: executing program 3 (id=11267):
futex(&(0x7f000000cffc)=0x1, 0x6, 0x0, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc)=0xfffffffd, 0x8, 0x1, 0x0, 0x0, 0x1ffffff)

5m11.710608337s ago: executing program 3 (id=11277):
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000140)=0xfffffffffffffffe, 0xb, 0x3)

5m11.387579186s ago: executing program 32 (id=11277):
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000140)=0xfffffffffffffffe, 0xb, 0x3)

3.390850652s ago: executing program 5 (id=16599):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_dev$sndmidi(0x0, 0x2, 0x141101)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @hci_ev_cmd_complete={{0xe, 0x5}, @HCI_OP_USER_CONFIRM_NEG_REPLY}}, 0x45)

3.193919235s ago: executing program 5 (id=16603):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000000)={0x73622a85, 0x101, 0x3})
ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000180)={0x14, 0x0, &(0x7f00000003c0)=[@increfs_done={0x40106308, 0x3, 0xfc}], 0x0, 0x0, 0x0})

3.064121853s ago: executing program 5 (id=16605):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'tunl0\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=@newqdisc={0x150, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xfffffffc, {0x0, 0x0, 0x0, r1, {0x0, 0x1}, {0xffff, 0xffff}, {0x16}}, [@qdisc_kind_options=@q_red={{0x8}, {0x124, 0x2, [@TCA_RED_STAB={0x104, 0x2, "09000000000020008f29d158039b90627d7b60f0d5ca47f33eed46409b7c8722ce020df6b24c2e6ac7b97dc04d01be2092874115214b1ebb764511f69cd1e9f6263346363d2c639c76000067af25166c2f0f85f36aa8867406119c010400002e31dea98204000000d560eae59ea49ef95d73202a6e3b5e1eb38244e694e7410d33bc92794ad27031f2a19698b5142ddf36e2a876a4fc871207bf12a84f1d4d132f5bb7edcf2d08d677e6a7268e106b6ced3c7f53df24092ddb9e0fac6a1153c3fc88bfd1404fef22cf3e825a6e19c6a48a5444eabb459ac3ec9a278df4011773d2f2e6529ed0ad424b47ec67522477f979360b76d1008000"}, @TCA_RED_PARMS={0x14, 0x1, {0x3f26, 0x7, 0x81, 0xc, 0xb, 0x14, 0x5}}, @TCA_RED_MAX_P={0x8}]}}]}, 0x150}}, 0x0)

2.884638681s ago: executing program 5 (id=16609):
r0 = socket(0x11, 0x2, 0x0)
setsockopt(r0, 0x107, 0x1, &(0x7f00000001c0)="010000000000060000071a80010061cc", 0x10)
close(r0)

2.687352152s ago: executing program 5 (id=16612):
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000500)='./file2\x00', 0x101c91c, &(0x7f0000000400)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x2000000}}, {@noblock_validity}, {@resgid}, {@inlinecrypt}, {@errors_remount}, {@noblock_validity}, {@usrjquota}, {@nodelalloc}, {@resgid, 0x32}]}, 0x1d, 0x4e8, &(0x7f0000000540)="$eJzs3d9rXFkdAPDvvcn0Z2pS9KEWrMVWkqKdSRrbBh+qguhTQa3vNSaTEDLJhMykbULRFP8AQUQFn3zyRfAPEKR/gggFfReVXZbddvdhYXc7y9yZSdN0pknpZKZNPh84M+ecuXe+58wwZ+6593JvAIfW+Yi4EBFPa7XapYgYbtanzRSbjVRf7snj+zP1lEStduv9JCJp1NUXG9v2niebqx2LiJ/8MOLnyYtxK+sbi9OlUnG1WS5Ul1YKlfWNywtL0/PF+eLy5OTEtanrU1enxrvSz6GIuPH9///u13/+wY2/f/Puf26/O/aLpFkf8awf3dboei77LFoGI2J1P4L1yWDWQwAA3gat7fyvRcSlGI6BbGsOAAAAOEhq3xmKT5OI2g5Hd1YAAAAAb600Owc2SfPN8wCGIk3z+cY5vF+KE2mpXKl+Y668tjzbOFd2JHLp3EKpON48V3gkckm9PJHln5WvbJWTrDwZEacj4rfDx7NyfqZcmu33zg8AAAA4JE7umP9/NNyY/2/zSd8aBwAAAHTPSL8bAAAAAOw7838AAAA4+Mz/AQAA4ED70c2b9VRr3f969s762mL5zuXZYmUxv7Q2k58pr67k58vl+eyafUu7vV+pXF75Viyv3StUi5VqobK+cXupvLZcvb3w3C2wAQAAgB46/dWH/04iYvPbx7NUd6TfjQJ6YvBVFv7f/rUD6L2BfjcA6JtX+v8HDpRcvxsA9F2yy+sdT975R/fbAgAA7I/RL7c//p/uum9gM+1RE4F9Yv8fHF677fcDDi7H/+HwysVAmMjD4bbbJUBf//h/rfZKDQIAALpuKEtJmm8e8x+KNM3nI05lc4JcMrdQKo5HxBci4l/DuaP18kS2ZuLYAQAAAAAAAAAAAAAAAAAAAAAAAADsUa2WHK0BAAAAB1pE+k7SvA/w6PDFoZ37B44kHw9nzxFx94+3fn9vulpdnajXf7BVX/1Ds/5KP/ZgAAAAADu15umteTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdNOTx/dnWqmXcd/7XkSMtIs/GMey52ORi4gTHyYxuG29JCIGuhB/80FEnGkXP6k3K0aarWgX/3gf46cRcbIL8eEwe1gff77b7veXxvnsuf3v71o2Qr2+zuNfujX+DbSJX687tccYZx/9tdAx/oOIs4Ptx59W/KTD+Hdhj/F/9tONjU6v1f4UMdr2/yd5LlahurRSqKxvXF5Ymp4vzheXJycnrk1dn7o6NV6YWygVm49tY/zmK397+rL+n+gQf2SX/l/cY/8/e3Tv8Rcb2dzW6smz+GMX2n//ZzrET5vf/9eb+frro638ZiO/3bm//PPcy/o/26H/u33/Y3vs/6Uf/+q/e1wUAOiByvrG4nSpVFw91JnX+jTqm0VvRC/ezEz9c30DmtE288t9eOf6lnm/+9WNTF+HJQAAYB+8OAcGAAAAAAAAAAAAAAAAAAAAeq0XlxPL7Yi5mT124+r5AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADd83kAAAD//7kT0VY=")
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)

2.682143094s ago: executing program 0 (id=16613):
r0 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000500), 0x801, 0x0)
ioctl$RTC_PIE_ON(r0, 0x7005)
ioctl$RTC_PIE_OFF(r0, 0x7006)

2.499733117s ago: executing program 0 (id=16616):
r0 = syz_clone(0x200, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace(0x4207, r0)

2.115657898s ago: executing program 0 (id=16620):
r0 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/key-users\x00', 0x0, 0x0)
r1 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000300)='/proc/sys/net/ipv4/vs/ignore_tunneled\x00', 0x2, 0x0)
sendfile(r1, r0, 0x0, 0x1)

1.950990772s ago: executing program 0 (id=16622):
r0 = syz_usbip_server_init(0x1)
syz_usb_connect(0x0, 0x24, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000994bd740f60d5600b5a0000000010902"], 0x0)
write$usbip_server(r0, &(0x7f0000000000)=ANY=[@ANYBLOB="0000000300000001"], 0x35)

1.912155093s ago: executing program 2 (id=16623):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000480)=ANY=[@ANYBLOB="140000001000010000000000000000000100000a54000000060a09040000000000000000020000000900020073797a32000000000900010073797a3000000000200004801c0001800a0001007175657565"], 0x7c}}, 0x0)

1.786233382s ago: executing program 5 (id=16625):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000000018105e04da0700000000000109022400010000000009040000090300000009210000000122220009058103"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f00000000c0)={0x0, 0x22, 0x22, {[@global=@item_012={0x2, 0x1, 0x9, '\f\"'}, @global=@item_012={0x2, 0x1, 0x6, "a0ad"}, @global=@item_4={0x3, 0x1, 0x1, "c6dc64b9"}, @global=@item_012={0x0, 0x1, 0x2}, @global=@item_012={0x1, 0x1, 0x4, '8'}, @main=@item_4={0x3, 0x0, 0xb, "c83e0503"}, @local=@item_4={0x3, 0x2, 0x1, "dde84050"}, @local=@item_4={0x3, 0x2, 0x9, "808c84d6"}, @local=@item_4={0x3, 0x2, 0x5, 'c^,-'}]}}, 0x0}, 0x0)

1.671256209s ago: executing program 2 (id=16627):
munmap(&(0x7f0000bff000/0x400000)=nil, 0x400000)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000180)={&(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ff9000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffd000/0x2000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x7000)=nil, &(0x7f0000ffb000/0x3000)=nil, 0x0}, 0x68)
brk(0x200000ffa000)

1.504087579s ago: executing program 2 (id=16629):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0xfe, 0xfe, 0x7ffc9ffe}]})
syz_mount_image$ext4(&(0x7f0000000bc0)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x0, &(0x7f00000000c0), 0x2, 0xbd1, &(0x7f0000001340)="$eJzs3M1rHOcZAPBnRquVbKtduZRS91KVUmwoXUsuMrUp1C4uvfRQaK8Fq/LKCK0/kFRcyTqskn8gX+dALoEkJiGH+OxLQnLNJbGvCTkETFCsBEJIFGY/pI2lleR4V6PIvx+8mvedd7TP8+ywO/PC7gbwxBrJ/qQRxyLiYhJRau5PI6JY7w1G1BrHra4sTX65sjSZxNravz5LIomIBytLk63HSprbI83BYES8/9ckfvb05rhzC4szE9VqZbY5Pjl/5frJuYXFP0xfmbhcuVy5Onb6T+Onxk+PnhnvWq1ffXTu9he/+fsnta9f/ebW58+/nMS5GGrOtdfRLSMxsv6ctCtExES3g+Wkr1lPe51JYYd/SnucFAAAHaVt93C/iFL0xcbNWyne/iDX5AAAAICuWOuLWAMAAAAOuMT6HwAAAA641ucAHqwsTbZavp9I2Fv3z0fEcKP+1WZrzBSiVt8ORn9EHH6QRPvXWpPGvz22kYj4+N6ZN7IWPfoe8nZqyxHxy63Of1Kvf7j+Le7N9acRMdqF+CMPjX9M9Z/rQvy86wfgyXTnfONCtvn6l67f/8QW17/CFteuHyLv61/r/m910/3fRv19He7//rnLGDdfefFGp7ms/j/f/tvrrZbFz7aPVdQjuL8c8avCVvUn6/UnHeq/uMsYpW9vVDrN5V3/2ksRx2Pr+luS7X+f6OTUdLUy2vi7ZYzl98Zf6xQ/7/qz83+4Q/2t33/qdP6v7zLGfy5ceHPTznsb3e3rTz8tJv+u94rNPf+fmJ+fHYsoJv/YvP/U9rm0jmk9Rlb/id9u//rfqv7sPaHWfB6ytcByc5uNn3oo5l9u3XyrUz6t9V+e5/9Sh/PfXv+7hc3n/5ldxvjdO8+d6DTXvv7NWha/tRYGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgJY0IoYiScvr/TQtlyOORMTP43BavTY3//upa/+7eimbixiO/nRquloZjYhSY5xk47F6f2N86qHxHyPiaES8UDpUH5cnr1Uv5V08AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA645ExFAkaTki0ohYLaVpuZx3VgAAAEDXDeedAAAAANBz1v8AAABw8Fn/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0GNHf33nbhIRtbOH6i1TbM7155oZ0Gtp3gkAuenLOwEgN4W8EwBy84hrfLcLcAAlO8wPdpwZ6HouAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOxfx4/duZtERO3soXrLFJtz/blmBvRa2tZPcswD2Ht9200W9i4PYO95icOTyxof2GntP7hxTO37MwM9ywkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/Weo3pK0HBHF5r5yOeInETEc/cnUdLUyGhE/jYgPS/0D2Xgs55wBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADovrmFxZmJarUym3XSaHbW9/Sg09eM3MMQvekkjbxr+yWfg90ZeHanY/4bjxmiGPui0n3ayfNdCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAvMwtLM5MVKuV2bm8MwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADyNrewODNRrVZme9jJu0YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPLzXQAAAP//jAsGRw==")
unlink(&(0x7f0000000280)='./file1\x00')

1.087960984s ago: executing program 1 (id=16631):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x141842, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_user\x00', 0x275a, 0x0)
copy_file_range(r1, &(0x7f00000001c0)=0xffffffffffffff7f, r0, 0x0, 0x81, 0x10000000000000)

948.227414ms ago: executing program 4 (id=16632):
r0 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r1=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000500)=@newqdisc={0x38, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r1, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hhf={{0x8}, {0xc, 0x2, [@TCA_HHF_HH_FLOWS_LIMIT={0x4}]}}]}, 0x38}}, 0x0)

859.898519ms ago: executing program 1 (id=16633):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_buf(r0, 0x6, 0x1f, &(0x7f0000000000)="e3", 0x1)
setsockopt$inet_buf(r0, 0x0, 0x28, 0x0, 0x4f)

725.453377ms ago: executing program 4 (id=16634):
r0 = socket(0x40000000015, 0x5, 0x0)
connect$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @loopback}, 0x10)
getsockname$inet6(r0, 0x0, &(0x7f0000000080))

687.358556ms ago: executing program 1 (id=16635):
unshare(0x22020600)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
getsockopt(r0, 0x400, 0x1, 0x0, 0x0)

562.892734ms ago: executing program 4 (id=16636):
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000000)={0x1a, {"a2e3ad21ed6b52f99cfbf4c087f71e9b230963ff7fc6e5539b9b3b09719b711b5d30101b080d29558f0e1ac6e7049b3468959b189a242a9b45f3988f7ef319520100ffe8d178708c523c921b1b23380a169b63d336cd3b78130daa61d8e81aea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae193973735b36d5b1b63e91c00305d3f46635eb016d5b1dda98e2d749be7bd1d020000000000000075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801000000005b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b412435111c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269caf12c31357c8219793e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a687974e7b4ab01b7f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da3710ac000000001a527777a5371f87d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ef06e288e810bac9c76600025e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1388dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f103000000416d59fdee5325928974d12dad99dac44c3f0008047096a44060bebc2420aed92fa9b6578b4779415d97b9a6d601005c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac292d9e53803ed000000009737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b09114edb8e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca4051c2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb67ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe529003d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb4483f070077d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85e654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b405177548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd84e935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba30b4279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463181f4b87c10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227edff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fad6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b30f0b932a4d02da711b757fe43c06d21e759595e4e98b27faea8aa12bc8040000000000000033eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d0000010000000000fcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d080e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed704887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6ff7ffb1d62458d0741a12830052fcc460db043afe525629b40d7cee65802cb5e930ed624806c43a006dc9336d07c2b8081c188d26558f48261f7897084c2a1a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c0ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264c7b34252600c9654e502dcea39cb0800eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc640df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c6000064b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa7082ead01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058093fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r0, 0x8b2b, &(0x7f0000000040)={'wlan1\x00', @random="008000"})

562.666953ms ago: executing program 1 (id=16637):
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140))
clock_adjtime(0xffffffd3, &(0x7f0000000000)={0xffffffffffff056d, 0x4000000000008a, 0xff, 0x2000000000009, 0x7, 0x43, 0x52e6ac5d, 0x2000ffffffff, 0x9655, 0xffdffffffffffffe, 0xa, 0x9, 0x5, 0x7, 0x80100000000000, 0xcc3, 0x1, 0x85, 0x17, 0x3, 0x100000000, 0x8, 0x200000005, 0xfffffffffffffffe, 0x3, 0xa})

562.558544ms ago: executing program 2 (id=16638):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01020000000000000000010000000900010073797a300000000058000000160a03000000000000000000010000000900010073797a30000000000900020073797a30000000002c0003800800014000000000180003801400020000007468305f746f5f68737200000000080002"], 0xe8}}, 0x0)
sendmsg$NFT_MSG_GETTABLE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x1, 0xa, 0x101, 0x0, 0x0, {0x1, 0x0, 0x1}}, 0x14}, 0x1, 0x0, 0x0, 0x24004000}, 0x4000)

495.878384ms ago: executing program 1 (id=16639):
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000080)='cubic', 0x4)
bind$inet(r0, &(0x7f00000005c0)={0x2, 0x4e24, @loopback}, 0x10)

390.837478ms ago: executing program 1 (id=16640):
r0 = syz_mount_image$btrfs(&(0x7f00000051c0), &(0x7f0000005200)='./file0\x00', 0x1204408, &(0x7f00000003c0)={[{@compress_force}, {@clear_cache}, {@nodatasum}, {@nossd}, {}, {@space_cache_v1}]}, 0x0, 0x51ab, &(0x7f000000a440)="$eJzs3V9oVFceB/Az+aPxDyY+xV32wX1YWcUFWRF2UdggGF2Whdn1YVnYrFlZxT+7JUgDwb5YS2lBxGCgthSKD33pS0mlUFqqBAsthYogVloUW0teWiiESsGXlpK590xmzvVmxlQbq5+PJHfO/d1z7pnhPsx3zLkTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIIRwcM3Kv+xaPb2urD7dP3bq6LLt507vP3ljaGjLlRAqtf2VvL5n+66/79+95689scPw37JtX1/ZkFnXz7PGkqads/2af/4TQuhOBujMtzs6G/pW0hOEI8UB53XgZv/o5u7BaxN3zmy8eP3QhuJTZ1bPYk9gseTX1fTctTRQ+92RHFFvN1x6laZLNOufXnA/yZMAAO7JpmptU387mr/FrbePpfWkPZC0x5N2fIcw3thYiGzcJWXzXJvWF2meA1lUWFo6z6Sev/71djXtn7STqHEP82w+NI80PWXzHEnqizVPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIfJqx9euvTcy+u3ldWn+8dOHV22/dzp/SdvDA1tuRJCX21/JStXlv+q8w+fLtt57fiRN36zr+ftk515v7jtajg4fBIf/LE3hL0Nlek47JerQqg2F2rN8FKxcLD24M+xAAAAwKPkF7XfHfV2Fge7m9qVWpqs1P5FWVg8cLN/dHP34LWJO2c2Xrx+aMPCx6uWjDdw1/Hq7b65n0pDMI7xNx1vrh4PPVIYZ37piGme/2zmyVsXJn7777L+hfzfN3/+j6+c/A8AAMCPIf+n48yvVf6/+s7zT3UN7n2vrH8h/69tOmUh/8cZx/zfERaW/wEAAOBh9qDz/0BhnPm1yv/fnZ86f/nb46+U9S/k/03t5f+uxmnHnR/FCR/uDWFTq6kDAAAAJeL/u899tBDzevbJQZrXO2ZGe6d6blwtG6+Q/wfay//d9/2ZAQAAAAv1v7F/Hb8wNn6zrF7I/9X28v/SBz5zAAAAoF37Tvz/3PoNIyvL6oX8P9xe/l+eb/OVD1mn9+NfIUz0htAz+2AkK3wQxv9ULwAAAAD3SczpX41u/f7jwel3y44r5P+R+e//H+90ENf/N93/r7D+v6GQ3fVvqxsDAAAA8DgqruePt8fPvrmg7Pv3213/f+uXO3b9d+c/vig7fyH/H2sv/3c2bu/n9/8BAADAAvzcvv/vn4Vx5tfq/v/fDN36et3hZwfL+hfy/3h7+T9uVzQ+van4+jzTG8Ka2Qf53QRfi6c7nBQmuxsK2Quf9Ngde+SFyaUNhZqRpMfve0P49eyDY0lhdSyMJ4WZVXnhbFK4HAv59VAvvJ4UpuKV9sKqfLpp4a1YyBdYTMYVFCvqSyKSHrfLeswW7trjev3kAAAAj5UYnvMs293cDGmUnay0OmB5qwM6Wh3Q2eqAruSA9MCy/WG4uRD3v7jtd7evPPHm06FEIf+fbS//x5diSbYpW/8f4vr//HsN6+v/h2OhLylMxkI1vWNANZ4jC7sn4jn6qnmPmTX1AgAAADzS4ucCnYs8DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH5g7/6D7KrqA4Cf/f0jm91FHAFJNYqA6ZDNJjFKK1MC1UFxpi4OdZw60UR2g9ssJCZhICnthEA7U5hUVKa1o0NDHUdpkUY6jlK1pEyBcaRTm7ZMxWhl/EFtaxnGSodSm87be8/d+87dm/dCdiFLP58/9p33vufnfT/2nXvvOxcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOD/h38ZWPMb+1f89Py6+PfPuOHDewcuve+jWw8c3bRpw5EQJmYf78jCHYMrui785sBlj+3f+flzp/rvP9Cbl8vjYVnjT2d+55ai1uUhfLEjhO40sHooC/Tk94difSuGQjgtzAWKElODWYm04fDQQAgHw1ygqOr+gRCGSoErjzz4wIFG4o6BEM4NIfSlbXy7L2tjIA2c15sFBtPA9u4s8F/HMkXgS51ZAE5afDMUL/pDE80ZRucvV/P661mwjr240uF1xcRofb4fX7LInSrpTR+YOKmnrVIdi6Ly9jjs3bYE3m2V7Xy7p638RSr/hnJsLtQXOientm65bmZ3fKQzjI111dW0SM/z40/feNWJpJfM6zB2YHRBXofP3vme68+afMuNt24/54m177vg6Ml2s27zLra+kL/mlszzGG30ebIE3n6Vb0krfekKIfzcB7tv6vrtI5+qi1fm/6PHn//Hl3O87WzKHWt9bjibm8dHhmLiqeFsbg4AAABLxlLYa/qjs1/xe6s61zxeV19l/r+yveP/8ZB/PpnPRns4hI2ziZtHQjhz9vEscHds7gMjIbxmNjXRHLgkCRwO4azZxKqiqqREfyyxMgk8OZwHNiaBh2NgIgl8OgZuTwK3xMChJHBVDBxOApfGQJhuHsfPD+fjaDswEAObs414KJ6F8JPh2Fqyrb5VVAUAALBA8tlhT/Pd0rkOJ5shTi8PDbTKEM/Ars3Ql9SQzmCLaVVtDd2tauhsVUMx7n3HH36l5o5WNVdOw+hoznDpK/7w/BVfu+ELoUZl/j9+/Pl/3zwd6agc/w/hitm/MXdnHpkp4psnmjIAAAAAJ2HtG2a+9idnv+nNdfHK/H9je+f/x30iXaXM4dG4G2LbSAjjzYGs2jdXA9lR72V5AAAAAJaC4nh8cSx8Or/NTtFO59PV/BMnmD8e+N84b/5fCpOnb/vBUxvq+luZ/0+0d/7/YPNt1omHYy8+NhJCfynwSOxlIzBrZQx89+LmQD7+h+MGuC1WlZ+YUFR1WyyxOQbGk8DBuhLfKEqc2RzIn6yi8ZuLcUznJUoBAAAAeMHF3QHxuHw8///Ctd/70KaP7/1cXbnK/H/ziZ3/PzsPrpzeP7MshDXdIXSlPwx4dDBbGDAGhjryxFcHs7q60qpuGgzhosbA0qqeyNf/707XGDwykFUVA2e+9rNPn9dIfGoghDXlwGPvvWt2x8juJFA0/qsDIby6Mdq08S/0Z433pI3/QX8IryoFiqo+0B9Co7HetKoH+/LrGKRV/VlfCKeXAkVVb+wLYU8AYImK/0onyw/u2rN325aZmamdi5iI+/AHwtbpmamxq7bPTPbV9Gky6XPTMkY3VcfU2ebYj+ZLFN1z+dhIO+nid4Lj5b7k+/ErJw7m9+N3oZ7Zca7rabq7Ph3y68+pNpEO6cUY8mC5krknsVJ/zN8bloX+63ZN7Ry7Ycvu3TvXZn/bzb4u+xsPM2Xbam26rQbn61sbL492F0N/vtuq6TJXa3Zfs2PNrj17V09fs+Xqqaunrn3D+LrxdevHN7zpwjWNUY1nf1sM9fz5qk6Geuyu6hDavQbU8x3qK7tLlbwQnxoSEhJLLbHl4q/+5b1nfWJZ3cdPZf6/4/jz//ipEz/58/UZ6o7/j8bD/Nnjc4f5N8fAwXaP/4/WHc0vTgxYmQT2xcA+h/kBAAB4aYi7G+PezLhXuuem1WN//MlHnqwrV5n/72vv9/8LtP5/sXT95XXL/K+KJcbr1v9Pl/kv1v/fV7f+f7rMf7H+/8EXYf3/64pAskl+Yv1/AADgpeCFW/+/5fL+6QUCKhlaLu+fXiCgkqHlMv7tXiDghNf/f/tzr+u55iOvviXUqMz/b29v/m/hfgAAADh13HVkQ8eD//o/D9XFK/P/g+3N/1/49f9C3fn/K+sCE3ULA1r/DwAAgCWqbv2/9a/78ebP/WzFD+vKVeb/h9qb/8fTLjqbcsdanxvO1rQL6Zp2Tw0XPxkAAACApaEzjI21u6Jp08qolzz/Nh/PlwI9Xrrsr758zT8+8tb39tfVV5n/H25v/t/0u4xn73zP9WdNvuXG527dfs4Ta993wdG54/8AAADA4ml3vwQAAAAAAAAAAAAAAPDie3rv5Lv++ew7P1MXr/z+P1wx+3jd7//jdf/i7wte3pQ71tp6/b/8/pXvuHfP7JKFjw6HcE45sG3/ttNCfm3+88uBBzatOqOR2J+W+Mp3Lv1BI/H+NPC21S97ppG4KAlsjosknpUG4lUVn1meBOLyin+fBuL2OJQGevPA7y7PxtGRbqsfDWXbqiPdVo8PhTBSChTb6otDWRsd6QDvSALFAD+UBuIAfyUPdKa9undZ1qsYGIpF/2hZ1isAAE5Z8VtgT9g6PTM1Hr/Cx9tXdjffRk1Llt1UrbajzeaP5kuT3XP52Eg76a70u+jctcZ7Ql9jCGsrX1fLWTpmR7kwtbTYdC+vGXKr1d7a/XX2iW663voRDWQjGrtq+8xkT8uBr2+dZV13yyxrK5OdcpbO2U3aRi1t9KWNEbW5bdrocrzfGcbGupJcvxiDo6HJQr0iyuv81b0Kynn2Tb7xb75x7Nihuvoq8//R9ub/feVxPZNfDGBfvLLezSMhnNnmiAAAAIB2fevL/7Ru+yd+55709ort1956weCPLq4rV5n/r2xv/h93jOWHgrO9HYfj9f+L+f9oFrg7NveBkRBeM5uaiCWyC+pfHkuMZ4G74w6TVbHE5onmqvpj4FASeHI4DxxOAg/HQL6X4rMh35XzkeEQNsymrmgusSOWGE0C74yBlUlgLAbGk8DyGNiYBP59eR6YSAJfj4Ew3byt/ny5vSsAAMDzkM+zeprvhnSed6i7VYaOVhkGW2XobJWhr1WGulHE+/fFDD3JySsdpUw9aa0DSS2VDPFi+Cfcr0qG8I3mnGnBStPx/IPifIOO5gz/dtnrv33erlXtX/9/vL35/2Dzbdb6w3H+P3f9vyzwSOzex+Kp4ytj4LsXNwfyHQMPx8nubUVVE3mJfNJ+WyyxMQZWJoEdMbAxCWy+Ig8cPKM5kM+0i8ZvLhqfzkuUAgAAAPCCizsI4m6aOP//0/+++3MH/uHav64rV5n/b2xv/h/bW1Zu7Jai1uUhfLFjrjdFYPVQFoj7MYbiz+NXDIVwWmkHR1FiajAr0Zs0HB4ayH6h3ptWdf9AtsZAvH/lkQcfONBI3DEQwrmlvS9FG9/uy9oYSAPn9WaBwTSwvTsLxD0/ReBLnVkATlqxVzC+oPJTXQqj85eref29VK4Jmg6vsg90nnzz/eZqsfSlD+T7VAsn9rRVqmNRVN4eh73bluK7bdS7rfxFKv+Gcmwu1Bc6J6e2brluZnd8pPxL1opFep7Lv1JtJ70Ar8N9z7+3rfWlHRhPPj7G5y83/+uwI1b37J3vuf6sybfceOv2c55Y+74LjrbdjRrxh8Lv/uTLRsubd7H1hfw1t+Q+TyZ8nizFfwMrPW2NGexTv//V//jp4z+ri1fm/xPtzf+7k9tZz8aNuWskhNeXNu6jcfP/8kj2OVgKZJ+Sp1cD2SH37w3XfnICAADAQit2dxT7C6bz2+yE8HSeXM0/cYL54/6KjfPmb7ffW29+aP8P/+6Or9TFK/P/zcef//cn3XT83/F/Fonj//M61XdF96cP7DupXdGV6lgUjv/P61R/tzn+Py/H/x3/n4/j/y04/j+vU/1pq3xL2uFLVwjh6++/8+33bP+18+rilfn/jvbm/9b/m3/RvmL9v8116//tqFv/b5/1/wAAgEVVs9BcOs+rrN5XyZCu3lfJ0HKBwJZLDFr/74TX/3vrO//3+mOvuGRnqFGZ/+9rb/4fXw7Lyq0vlfX/Vl5RU9XtMbDDwoAAAACciup2EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPDievcvPLl8029eOF0X//4ZN3x478Cl931064GjmzZtOBJClrUjC3cMrui68JsDlz22f+fnz53qv/9AX16uJ789uyl3rPW54RAOlh4Ziomnhht35gJXvuPePd2NxKPDIZxTDmzbv+20RuLTwyGcXw48sGnVGY3E/rTEV75z6Q8aifengbetftkzjcRFeaAj7e4nl2fd7Ui7e2B5CCOlQNHdX1/eXFXRxmV5oDNt4zNDWRsxMBSLfnwoayMGZmKJ6f4Q1nSH0JVW9bW+rKqutKq/6Muq6kqr+q2+EC4KIXSnVX2nN6uqOx353/ZmVcXAma/97NPnNRIHe0NYUw489t67NjQSH0oCRePv6g3h1Y2XTNr4fT1Z4z1p43f0hPCqEEJvWuI/u7MSvWmJJ7pDOL0UKBr/YHcIewIvCfHDZ7L84K49e7dtmZmZ2rmIid68rYGwdXpmauyq7TOTfUmf6nSU0sduOn78eI4+feNVjdt7Lh8baSfdnZfrme3yup6mu+sXqvftOtHex34NliuZez4q9cf8vWFZ6L9u19TOsRu27N69c232t93s67K/XXk021ZrF2pbdbYoHz3fbXV+uZI1u6/ZsWbXnr2rp6/ZcvXU1VPXvmF83fi69eMb3nThmsaoxrO/CzHUu44fX4yhvrK7VMkL8QEgISGx1BKdTZ9u46f6P73KF/25jvaEvtkP6Mq0opylY3aUCzHoS6rxrkUadGVKUhnR2srEoZJlXess6yuTibksA1mW2e91lclhuabO2U0a73eGsbHazTLafLe8eX88z+Zt1+P5pms3DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/B87cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAsAAAAACPO3DqNnAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBSAAAA//+3Rsqd")
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r0, 0xc0c89425, &(0x7f0000000000)={"adcee4307e0cb6c5ec0eb205d05a497c", <r1=>0x0, 0x0, {0x8, 0x38}, {0x8, 0x5}, 0xd, [0xffffffffffffffff, 0x0, 0x6, 0x8000000000000000, 0x1fe, 0x2, 0x8000, 0x4, 0x1, 0xf8, 0xffffffff, 0x1ff, 0x98, 0x400000000000, 0xdd, 0x3]})
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(r0, 0xc0c89425, &(0x7f0000000840)={"dc210ea6e8e07dfb5253f95a5ea31dd7", r1, 0x0, {0xffffffffffffff01, 0x4}, {0x8, 0x2}, 0x9, [0x9, 0x5f, 0x4, 0x4, 0x9, 0x8, 0x1, 0x5, 0x4, 0x0, 0xbc6, 0x9, 0x9, 0x7, 0x80, 0x4]})

390.755391ms ago: executing program 4 (id=16641):
r0 = syz_io_uring_setup(0x78a9, &(0x7f0000000200)={0x0, 0x0, 0x40, 0x0, 0x3}, &(0x7f0000002480), &(0x7f00000024c0))
io_uring_register$IORING_REGISTER_BUFFERS2(r0, 0xf, &(0x7f0000002380)={0x1, 0x0, 0x0, &(0x7f00000022c0)=[{0x0}], 0x0}, 0x20)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(r0, 0x10, &(0x7f0000004f40)={0x0, 0x0, &(0x7f0000004f00)=[{0x0}], 0xfffffffffffffffe, 0x1}, 0x20)

271.643937ms ago: executing program 0 (id=16642):
capset(&(0x7f0000000080)={0x20071026}, &(0x7f00000001c0)={0x0, 0x8d9, 0x403, 0x9, 0xf, 0x8000})
r0 = syz_open_dev$sg(&(0x7f00000003c0), 0x4a38, 0x201)
ioctl$SG_IO(r0, 0x2285, &(0x7f0000000480)={0x53, 0xfffffffffffffffe, 0x6, 0xb4, @scatter={0x0, 0x100000, 0x0}, &(0x7f0000000200)="0a823ac6aeb7", 0x0, 0x2, 0x10023, 0xfffffffd, 0x0})

210.377974ms ago: executing program 2 (id=16643):
capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000100)={0x200000, 0x200000, 0x0, 0x0, 0x7, 0x8000001})
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$netlink(r0, &(0x7f0000000000)={0x10, 0x0, 0x0, 0x80065c9}, 0xc)

208.751475ms ago: executing program 4 (id=16644):
r0 = syz_open_dev$evdev(&(0x7f0000000100), 0x2, 0x862b01)
ioctl$EVIOCSFF(r0, 0x40304580, &(0x7f00000003c0)={0x57, 0xfffd, 0x4, {0xfffd, 0x1}, {0x7f, 0x2}, @const={0x5, {0x0, 0x23, 0x6, 0x8d}}})
write$char_usb(r0, &(0x7f0000000040)="e2", 0x2250)

79.318472ms ago: executing program 0 (id=16645):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x448d3}, 0x0)
r0 = io_uring_setup(0x2c4d, &(0x7f0000000200))
io_uring_register$IORING_REGISTER_EVENTFD_ASYNC(r0, 0x18, &(0x7f0000000000), 0x1)

43.479135ms ago: executing program 2 (id=16646):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_SUBFLOW_CREATE(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x24, r1, 0x1, 0x70bd2a, 0x25dfdbff, {}, [@MPTCP_PM_ATTR_ADDR_REMOTE={0x4}, @MPTCP_PM_ATTR_ADDR={0x4}, @MPTCP_PM_ATTR_TOKEN={0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x4400c051}, 0xc0)

0s ago: executing program 4 (id=16647):
capset(&(0x7f0000000500)={0x20080522}, &(0x7f0000000200)={0x200002, 0x200003, 0x801, 0x4, 0x7})
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x0, 0x40, 0x0, 0x0)

kernel console output (not intermixed with test programs):

 subj=unconfined pid=8971 comm="syz.2.15446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=122 compat=0 ip=0x7f9deb59c799 code=0x7ffc0000
[ 1134.562985][ T8980] ip6tnl3: entered promiscuous mode
[ 1134.583608][ T8980] ip6tnl3: entered allmulticast mode
[ 1134.606601][   T29] audit: type=1326 audit(2000000183.769:488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8971 comm="syz.2.15446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9deb59c799 code=0x7ffc0000
[ 1134.662346][   T29] audit: type=1326 audit(2000000183.769:489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8971 comm="syz.2.15446" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9deb59c799 code=0x7ffc0000
[ 1135.183430][ T9018] netlink: 68 bytes leftover after parsing attributes in process `syz.0.15468'.
[ 1135.330084][ T9024] loop2: detected capacity change from 0 to 1024
[ 1135.370555][ T9030] loop1: detected capacity change from 0 to 512
[ 1135.410828][ T9030] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[ 1135.471830][ T9030] UDF-fs: error (device loop1): udf_read_inode: (ino 19) failed ident=264
[ 1135.487546][ T1110] hfsplus: b-tree write err: -5, ino 25
[ 1135.503349][ T1110] hfsplus: b-tree write err: -5, ino 4
[ 1135.522919][ T1110] hfsplus: b-tree write err: -5, ino 2
[ 1136.086177][ T9032] loop4: detected capacity change from 0 to 32768
[ 1136.117854][ T9032] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.15475 (9032)
[ 1136.167181][ T9028] loop5: detected capacity change from 0 to 32768
[ 1136.175539][ T9032] BTRFS info (device loop4): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[ 1136.220597][ T9028] XFS (loop5): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 1136.229910][ T9032] BTRFS info (device loop4): using xxhash64 checksum algorithm
[ 1136.314006][ T9028] XFS (loop5): Ending clean mount
[ 1136.339836][ T9028] XFS (loop5): Quotacheck needed: Please wait.
[ 1136.359814][ T9032] BTRFS info (device loop4): enabling ssd optimizations
[ 1136.376588][ T9032] BTRFS info (device loop4): turning on flush-on-commit
[ 1136.383588][ T9032] BTRFS info (device loop4): turning on async discard
[ 1136.390516][ T9032] BTRFS info (device loop4): enabling free space tree
[ 1136.397377][ T9032] BTRFS info (device loop4): force zlib compression, level 3
[ 1136.404952][ T9032] BTRFS info (device loop4): max_inline set to 4096
[ 1136.524903][ T6296] BTRFS info (device loop4): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[ 1136.709612][ T9028] XFS (loop5): Quotacheck: Done.
[ 1136.859018][T31690] XFS (loop5): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 1138.420941][ T9148] loop4: detected capacity change from 0 to 1024
[ 1138.481387][ T9148] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1138.624416][ T9134] loop1: detected capacity change from 0 to 32768
[ 1138.624944][ T9157] loop5: detected capacity change from 0 to 256
[ 1138.654324][ T9134] BTRFS info: device /dev/loop1 (7:1) using temp-fsid 53fba450-81af-456f-90ad-cbdd51424dc7
[ 1138.699317][ T9161] trusted_key: encrypted_key: master key parameter 'trusted:' is invalid
[ 1138.701952][ T9134] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.15514 (9134)
[ 1138.745569][ T6296] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1138.786743][ T9134] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1138.837971][ T9134] BTRFS info (device loop1): using sha256 checksum algorithm
[ 1139.001274][ T9134] BTRFS info (device loop1): enabling ssd optimizations
[ 1139.018951][ T9134] BTRFS info (device loop1): turning on async discard
[ 1139.038394][ T9134] BTRFS info (device loop1): enabling free space tree
[ 1139.137036][ T6286] BTRFS info (device loop1): last unmount of filesystem 53fba450-81af-456f-90ad-cbdd51424dc7
[ 1139.327339][ T9195] netlink: 12 bytes leftover after parsing attributes in process `syz.2.15537'.
[ 1139.529440][ T9205] openvswitch: netlink: nsh attribute has 4 unknown bytes.
[ 1139.567215][ T9205] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1139.579326][ T9208] netlink: 'syz.4.15542': attribute type 4 has an invalid length.
[ 1139.627057][ T9208] netlink: 152 bytes leftover after parsing attributes in process `syz.4.15542'.
[ 1139.672468][ T9208] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[ 1139.713959][ T9210] netlink: 'syz.1.15543': attribute type 10 has an invalid length.
[ 1140.307101][ T9232] x_tables: unsorted entry at hook 1
[ 1140.348241][ T9228] loop4: detected capacity change from 0 to 4096
[ 1140.437544][ T9228] ntfs3(loop4): Failed to initialize $Extend/$ObjId.
[ 1140.461545][ T9237] loop5: detected capacity change from 0 to 64
[ 1140.890550][ T9254] netlink: 12 bytes leftover after parsing attributes in process `syz.2.15565'.
[ 1141.280247][ T9281] loop4: detected capacity change from 0 to 256
[ 1141.333216][ T9281] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[ 1141.476241][ T9289] openvswitch: netlink: Unexpected mask (mask=1040, allowed=10048)
[ 1141.620462][ T9298] SET target dimension over the limit!
[ 1141.841319][ T9311] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1141.868003][ T9314] loop4: detected capacity change from 0 to 256
[ 1141.932384][ T9314] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66dc59, utbl_chksum : 0xe619d30d)
[ 1141.989576][ T9314] exFAT-fs (loop4): error, data valid size is invalid(-281474976706560)
[ 1142.057150][ T9322] netlink: 'syz.2.15598': attribute type 13 has an invalid length.
[ 1142.092148][ T9322] gretap0: refused to change device tx_queue_len
[ 1142.108478][ T9322] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[ 1142.279684][T12140] usb 1-1: new full-speed USB device number 48 using dummy_hcd
[ 1142.461645][T12140] usb 1-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config
[ 1142.478441][ T9345] loop4: detected capacity change from 0 to 512
[ 1142.488828][T12140] usb 1-1: config 2 interface 0 has no altsetting 0
[ 1142.507008][T12140] usb 1-1: New USB device found, idVendor=7a69, idProduct=0001, bcdDevice=a8.6b
[ 1142.512057][ T9345] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1142.535601][T12140] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1142.570387][ T9345] EXT4-fs (loop4): revision level too high, forcing read-only mode
[ 1142.579662][T12140] usb 1-1: Product: syz
[ 1142.588231][ T9345] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=c000e128, mo2=0002]
[ 1142.597958][T12140] usb 1-1: Manufacturer: syz
[ 1142.606145][ T9345] EXT4-fs (loop4): orphan cleanup on readonly fs
[ 1142.623038][ T9345] Quota error (device loop4): v2_read_header: Failed header read: expected=8 got=0
[ 1142.635930][T12140] usb 1-1: SerialNumber: syz
[ 1142.657296][ T9353] loop1: detected capacity change from 0 to 2048
[ 1142.666106][ T9345] EXT4-fs warning (device loop4): ext4_enable_quotas:7236: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[ 1142.681104][ T9345] EXT4-fs (loop4): Cannot turn on quotas: error -22
[ 1142.687852][ T9353] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1142.688169][T12140] usb 1-1: dvb_usb_v2: found a '774 Friio White ISDB-T USB2.0' in warm state
[ 1142.713541][ T9345] EXT4-fs error (device loop4): ext4_validate_block_bitmap:441: comm syz.4.15609: bg 0: block 40: padding at end of block bitmap is not set
[ 1142.748204][ T9345] loop4: lost filesystem error report for type 5 error -117
[ 1142.749390][ T9345] EXT4-fs (loop4): Remounting filesystem read-only
[ 1142.763303][    C0] EXT4-fs (loop4): error count since last fsck: 1
[ 1142.763323][    C0] EXT4-fs (loop4): initial error at time 2000000191: ext4_validate_block_bitmap:441
[ 1142.763348][    C0] EXT4-fs (loop4): last error at time 2000000191: ext4_validate_block_bitmap:441
[ 1142.774879][T12140] usb 1-1: selecting invalid altsetting 0
[ 1142.821405][ T9357] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1142.850428][ T9345] EXT4-fs (loop4): 1 truncate cleaned up
[ 1142.895018][ T9345] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1142.917042][T12140] usb 1-1: dvb_usb_v2: this USB2.0 device cannot be run on a USB1.1 port (it lacks a hardware PID filter)
[ 1142.991615][T12140] usb 1-1: USB disconnect, device number 48
[ 1143.011976][ T6296] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1143.164885][ T6277] usb 6-1: new high-speed USB device number 23 using dummy_hcd
[ 1143.195020][ T9371] loop1: detected capacity change from 0 to 256
[ 1143.257105][ T9371] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xabee868b, utbl_chksum : 0xe619d30d)
[ 1143.338228][ T6277] usb 6-1: Using ep0 maxpacket: 32
[ 1143.354957][ T6277] usb 6-1: config 2 has an invalid interface number: 88 but max is 0
[ 1143.377576][ T6277] usb 6-1: config 2 has no interface number 0
[ 1143.396175][ T6277] usb 6-1: config 2 interface 88 has no altsetting 0
[ 1143.406619][ T6277] usb 6-1: New USB device found, idVendor=0557, idProduct=2009, bcdDevice=c7.1e
[ 1143.431602][ T6277] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1143.442643][ T6277] usb 6-1: Product: syz
[ 1143.451092][ T6277] usb 6-1: Manufacturer: syz
[ 1143.477151][ T6277] usb 6-1: SerialNumber: syz
[ 1143.620343][ T9387] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1143.666194][ T9387] ext4 filesystem being mounted at /3051/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1143.760418][ T9387] EXT4-fs error (device loop4): ext4_xattr_block_get:597: inode #15: comm syz.4.15628: corrupted xattr block 32: invalid ea_ino
[ 1143.940182][ T6277] asix 6-1:2.88 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[ 1143.982468][ T6277] asix 6-1:2.88: probe with driver asix failed with error -71
[ 1143.994890][ T9387] EXT4-fs error (device loop4): ext4_get_inode_usage:888: inode #15: comm syz.4.15628: corrupted xattr block 32: invalid ea_ino
[ 1144.024955][ T6277] usb 6-1: USB disconnect, device number 23
[ 1144.123099][ T6296] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1144.807523][   T29] audit: type=1326 audit(2000000193.460:490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9451 comm="syz.2.15660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9deb59c799 code=0x7ffc0000
[ 1144.897885][   T29] audit: type=1326 audit(2000000193.460:491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9451 comm="syz.2.15660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9deb59c799 code=0x7ffc0000
[ 1144.968728][   T29] audit: type=1326 audit(2000000193.460:492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9451 comm="syz.2.15660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=26 compat=0 ip=0x7f9deb59c799 code=0x7ffc0000
[ 1145.003621][ T9462] program syz.5.15665 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1145.013271][   T29] audit: type=1326 audit(2000000193.460:493): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9451 comm="syz.2.15660" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9deb59c799 code=0x7ffc0000
[ 1145.046716][ T9464] netlink: 8 bytes leftover after parsing attributes in process `syz.0.15666'.
[ 1145.479481][ T9490] netlink: 'syz.2.15679': attribute type 1 has an invalid length.
[ 1145.499205][ T9490] netlink: 'syz.2.15679': attribute type 3 has an invalid length.
[ 1145.508186][ T9490] netlink: 224 bytes leftover after parsing attributes in process `syz.2.15679'.
[ 1145.570535][ T6500] usb 6-1: new high-speed USB device number 24 using dummy_hcd
[ 1145.742703][ T6500] usb 6-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[ 1145.767471][ T6500] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1145.792918][ T6500] usb 6-1: config 0 descriptor??
[ 1145.813150][ T6500] cp210x 6-1:0.0: cp210x converter detected
[ 1146.047572][ T9516] netlink: 'syz.0.15692': attribute type 12 has an invalid length.
[ 1146.064619][ T9493] set_capacity_and_notify: 1 callbacks suppressed
[ 1146.064637][ T9493] loop4: detected capacity change from 0 to 32768
[ 1146.072185][ T9516] netlink: 132 bytes leftover after parsing attributes in process `syz.0.15692'.
[ 1146.112411][ T9518] loop2: detected capacity change from 0 to 64
[ 1146.161567][ T9493] ocfs2: Slot 0 on device (7,4) was already allocated to this node!
[ 1146.194867][ T9493] JBD2: Ignoring recovery information on journal
[ 1146.252918][ T6500] usb 6-1: cp210x converter now attached to ttyUSB0
[ 1146.267074][ T6500] usb 6-1: USB disconnect, device number 24
[ 1146.317297][ T6500] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[ 1146.329325][ T6500] cp210x 6-1:0.0: device disconnected
[ 1146.354002][ T9493] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[ 1146.542639][ T9493] OCFS2: ERROR (device loop4): int ocfs2_validate_gd_self(struct super_block *, struct buffer_head *, int): Group descriptor #17056 has bit count 256 but claims that 2046 are free
[ 1146.586827][ T9493] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[ 1146.612450][ T9493] OCFS2: File system is now read-only.
[ 1146.622581][ T9493] (syz.4.15681,9493,0):ocfs2_search_chain:1888 ERROR: status = -30
[ 1146.651314][ T9493] (syz.4.15681,9493,0):ocfs2_search_chain:2011 ERROR: status = -30
[ 1146.674771][ T9493] (syz.4.15681,9493,1):ocfs2_claim_suballoc_bits:2098 ERROR: status = -30
[ 1146.687759][ T9493] (syz.4.15681,9493,1):ocfs2_claim_suballoc_bits:2151 ERROR: status = -30
[ 1146.697191][ T9493] (syz.4.15681,9493,1):ocfs2_claim_new_inode:2392 ERROR: status = -30
[ 1146.705623][ T9493] (syz.4.15681,9493,1):ocfs2_claim_new_inode:2407 ERROR: status = -30
[ 1146.718208][ T9493] (syz.4.15681,9493,1):ocfs2_mknod_locked:642 ERROR: status = -30
[ 1146.726630][ T9493] (syz.4.15681,9493,1):ocfs2_mknod:389 ERROR: status = -30
[ 1146.734393][ T9493] (syz.4.15681,9493,1):ocfs2_mknod:506 ERROR: status = -30
[ 1146.742474][ T9493] (syz.4.15681,9493,1):ocfs2_create:679 ERROR: status = -30
[ 1146.825980][ T6296] ocfs2: Unmounting device (7,4) on (node local)
[ 1147.204601][ T9561] openvswitch: netlink: Either Ethernet header or EtherType is required.
[ 1147.220387][ T9563] netlink: 68 bytes leftover after parsing attributes in process `syz.2.15715'.
[ 1147.519922][ T9581] netlink: 'syz.1.15721': attribute type 1 has an invalid length.
[ 1147.547124][ T9581] netlink: 52 bytes leftover after parsing attributes in process `syz.1.15721'.
[ 1147.752476][ T9591] netlink: 'syz.1.15728': attribute type 3 has an invalid length.
[ 1147.814720][ T9591] netlink: 'syz.1.15728': attribute type 3 has an invalid length.
[ 1148.094248][   T29] audit: type=1326 audit(2000000196.547:494): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9610 comm="syz.5.15740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde5319c799 code=0x7ffc0000
[ 1148.155931][   T29] audit: type=1326 audit(2000000196.547:495): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9610 comm="syz.5.15740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde5319c799 code=0x7ffc0000
[ 1148.229559][   T29] audit: type=1326 audit(2000000196.547:496): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9610 comm="syz.5.15740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=453 compat=0 ip=0x7fde5319c799 code=0x7ffc0000
[ 1148.284286][   T29] audit: type=1326 audit(2000000196.547:497): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9610 comm="syz.5.15740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde5319c799 code=0x7ffc0000
[ 1148.338863][ T9626] netlink: 16 bytes leftover after parsing attributes in process `syz.0.15745'.
[ 1148.350859][   T29] audit: type=1326 audit(2000000196.547:498): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9610 comm="syz.5.15740" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde5319c799 code=0x7ffc0000
[ 1148.413882][   T29] audit: type=1326 audit(2000000196.575:499): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9612 comm="syz.0.15738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb7019c799 code=0x7ffc0000
[ 1148.486945][   T29] audit: type=1326 audit(2000000196.575:500): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9612 comm="syz.0.15738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb7019c799 code=0x7ffc0000
[ 1148.509787][ T9633] netlink: 'syz.4.15747': attribute type 2 has an invalid length.
[ 1148.541271][ T9633] netlink: 20 bytes leftover after parsing attributes in process `syz.4.15747'.
[ 1148.566066][   T29] audit: type=1326 audit(2000000196.585:501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9612 comm="syz.0.15738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb7019c799 code=0x7ffc0000
[ 1148.597666][   T29] audit: type=1326 audit(2000000196.585:502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9612 comm="syz.0.15738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ffb7019c799 code=0x7ffc0000
[ 1148.668371][ T9643] loop5: detected capacity change from 0 to 128
[ 1148.685567][ T9643] befs: (loop5): No write support. Marking filesystem read-only
[ 1148.694030][   T29] audit: type=1326 audit(2000000196.585:503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9612 comm="syz.0.15738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=64 compat=0 ip=0x7ffb7019c799 code=0x7ffc0000
[ 1148.763673][ T9643] befs: (loop5): invalid magic header
[ 1148.791278][ T9643] overlay: Unknown parameter 'obj_type'
[ 1148.988830][ T9660] netlink: 4 bytes leftover after parsing attributes in process `syz.1.15762'.
[ 1149.037699][ T9660] netlink: 'syz.1.15762': attribute type 8 has an invalid length.
[ 1149.443903][ T9686] netlink: 'syz.2.15774': attribute type 1 has an invalid length.
[ 1149.482382][ T9686] netlink: 224 bytes leftover after parsing attributes in process `syz.2.15774'.
[ 1149.897228][ T9700] loop2: detected capacity change from 0 to 4096
[ 1149.922384][ T9700] ntfs3(loop2): Different NTFS sector size (2048) and media sector size (512).
[ 1149.962668][ T9672] loop1: detected capacity change from 0 to 32768
[ 1149.997022][ T9672] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1150.027804][ T9700] ntfs3(loop2): Failed to initialize $Extend/$ObjId.
[ 1150.099398][ T9700] ntfs3(loop2): ino=5, "/" indx_read_ra
[ 1150.160165][ T9672] XFS (loop1): Ending clean mount
[ 1150.190594][ T9672] XFS (loop1): Quotacheck needed: Please wait.
[ 1150.428921][ T9672] XFS (loop1): Quotacheck: Done.
[ 1150.540938][ T9722] loop4: detected capacity change from 0 to 32768
[ 1150.561366][ T9722] (syz.4.15790,9722,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[ 1150.580605][ T9722] (syz.4.15790,9722,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[ 1150.621243][ T9722] JBD2: Ignoring recovery information on journal
[ 1150.628214][ T6286] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1150.839747][ T9722] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[ 1151.307462][ T6296] ocfs2: Unmounting device (7,4) on (node local)
[ 1151.782202][ T9772] loop2: detected capacity change from 0 to 1024
[ 1151.801119][ T9771] loop4: detected capacity change from 0 to 512
[ 1151.891939][ T9771] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1151.964940][ T9771] FAT-fs (loop4): FAT read failed (blocknr 1568)
[ 1152.729918][ T9827] loop1: detected capacity change from 0 to 128
[ 1152.786425][ T6500] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[ 1152.979909][ T6500] usb 3-1: config 0 has an invalid interface number: 120 but max is 0
[ 1153.010834][ T6500] usb 3-1: config 0 has no interface number 0
[ 1153.031410][ T6500] usb 3-1: config 0 interface 120 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[ 1153.061272][ T6500] usb 3-1: New USB device found, idVendor=16e3, idProduct=f9e9, bcdDevice= 0.58
[ 1153.081116][ T6500] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1153.100760][ T6500] usb 3-1: config 0 descriptor??
[ 1153.140055][ T6500] input: USB Touchscreen 16e3:f9e9 as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.120/input/input90
[ 1153.402648][T12140] usb 3-1: USB disconnect, device number 26
[ 1153.610735][ T9869] CIFS mount error: No usable UNC path provided in device string!
[ 1153.610735][ T9869] 
[ 1153.624370][ T9869] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1153.790436][ T6500] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[ 1153.972187][ T6500] usb 2-1: Using ep0 maxpacket: 16
[ 1153.985171][ T6500] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1153.990604][ T9871] loop4: detected capacity change from 0 to 32768
[ 1154.012990][ T6500] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1154.029898][ T6500] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1154.042314][ T6500] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1154.065083][ T6500] usb 2-1: Product: syz
[ 1154.069748][ T9871] XFS (loop4): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1154.081794][ T6500] usb 2-1: Manufacturer: syz
[ 1154.099966][ T6500] usb 2-1: SerialNumber: syz
[ 1154.252516][ T9871] XFS (loop4): Ending clean mount
[ 1154.338414][ T6500] usb 2-1: 0:2 : does not exist
[ 1154.353264][ T6500] usb 2-1: unit 9 not found!
[ 1154.357108][ T6296] XFS (loop4): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1154.366213][ T6500] usb 2-1: 4:0: cannot get min/max values for control 3 (id 4)
[ 1154.393905][ T6500] usb 2-1: 4:0: cannot get min/max values for control 9 (id 4)
[ 1154.524539][ T6500] usb 2-1: USB disconnect, device number 24
[ 1154.592414][T12140] usb 6-1: new high-speed USB device number 25 using dummy_hcd
[ 1154.594163][ T6231] udevd[6231]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1154.786744][T12140] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[ 1154.798422][T12140] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x52, changing to 0x2
[ 1154.825619][T12140] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 7
[ 1154.850918][T12140] usb 6-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[ 1154.862829][T12140] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1154.880049][T12140] usb 6-1: Product: syz
[ 1154.893877][T12140] usb 6-1: Manufacturer: syz
[ 1154.900987][T12140] usb 6-1: SerialNumber: syz
[ 1154.910418][T12140] usb 6-1: config 0 descriptor??
[ 1155.249831][T12140] usb 6-1: USB disconnect, device number 25
[ 1155.342595][ T6227] udevd[6227]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1155.490958][ T9946] misc userio: No port type given on /dev/userio
[ 1155.637989][ T9923] loop4: detected capacity change from 0 to 40427
[ 1155.655651][ T9923] F2FS-fs: heap/no_heap options were deprecated
[ 1155.679306][ T9923] F2FS-fs (loop4): Image doesn't support compression
[ 1155.695828][ T9923] F2FS-fs (loop4): invalid crc value
[ 1155.843985][ T9923] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[ 1155.858303][ T9923] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[ 1155.942495][ T9923] syz.4.15877: attempt to access beyond end of device
[ 1155.942495][ T9923] loop4: rw=0, sector=45064, nr_sectors = 8 limit=40427
[ 1156.777127][ T9961] loop2: detected capacity change from 0 to 40427
[ 1156.779268][ T9996] loop1: detected capacity change from 0 to 4096
[ 1156.797707][ T9998] netlink: 'syz.4.15918': attribute type 21 has an invalid length.
[ 1156.811065][ T9996] ntfs3(loop1): Different NTFS sector size (2048) and media sector size (512).
[ 1156.822461][ T9961] F2FS-fs (loop2): invalid crc value
[ 1156.980036][ T9996] ntfs3(loop1): Failed to initialize $Extend/$ObjId.
[ 1157.065322][ T9996] ntfs3(loop1): mft corrupted
[ 1157.135791][ T9961] F2FS-fs (loop2): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[ 1157.181612][ T9961] F2FS-fs (loop2): Start checkpoint disabled!
[ 1157.212824][ T9961] F2FS-fs (loop2): f2fs_disable_checkpoint() finish, err:0
[ 1157.246917][ T9961] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[ 1157.522796][T10016] bond2: option arp_validate: mode dependency failed, not supported in mode balance-tlb(5)
[ 1157.558682][T10007] loop4: detected capacity change from 0 to 32768
[ 1157.573145][T10007] (syz.4.15921,10007,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[ 1157.598751][T10016] bond2 (unregistering): Released all slaves
[ 1157.615074][T10007] (syz.4.15921,10007,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[ 1157.680337][T10007] (syz.4.15921,10007,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xa9c51222, computed 0x78e88778. Applying ECC.
[ 1157.737955][T10007] (syz.4.15921,10007,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0x93f628a2, computed 0xeb1b3fd9. Applying ECC.
[ 1157.759590][T10007] (syz.4.15921,10007,1):ocfs2_block_check_validate:416 ERROR: Fixed CRC32 failed: stored: 0x93f628a2, computed 0xfb69e4f1
[ 1157.775550][T10007] (syz.4.15921,10007,1):ocfs2_validate_inode_block:1441 ERROR: Checksum failed for dinode 32
[ 1157.786123][T10007] (syz.4.15921,10007,1):ocfs2_read_locked_inode:599 ERROR: status = -5
[ 1157.794704][T10007] (syz.4.15921,10007,1):_ocfs2_get_system_file_inode:144 ERROR: status = -5
[ 1157.807614][T10007] (syz.4.15921,10007,1):ocfs2_init_local_system_inodes:496 ERROR: status=-22, sysfile=13, slot=0
[ 1157.840710][T10007] (syz.4.15921,10007,1):ocfs2_init_local_system_inodes:505 ERROR: status = -22
[ 1157.857381][T10007] (syz.4.15921,10007,1):ocfs2_mount_volume:1758 ERROR: status = -22
[ 1157.882042][T10007] (syz.4.15921,10007,1):ocfs2_fill_super:1177 ERROR: status = -22
[ 1158.239878][   T29] kauditd_printk_skb: 13 callbacks suppressed
[ 1158.239896][   T29] audit: type=1326 audit(2000000206.033:517): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10039 comm="syz.1.15938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1c759c799 code=0x7ffc0000
[ 1158.365741][   T29] audit: type=1326 audit(2000000206.033:518): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10039 comm="syz.1.15938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1c759c799 code=0x7ffc0000
[ 1158.433500][   T29] audit: type=1326 audit(2000000206.070:519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10039 comm="syz.1.15938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=66 compat=0 ip=0x7ff1c759c799 code=0x7ffc0000
[ 1158.469733][T10048] loop2: detected capacity change from 0 to 4096
[ 1158.477690][T10048] ntfs3(loop2): Different NTFS sector size (2048) and media sector size (512).
[ 1158.488209][   T29] audit: type=1326 audit(2000000206.070:520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10039 comm="syz.1.15938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1c759c799 code=0x7ffc0000
[ 1158.492220][T10051] netlink: 4 bytes leftover after parsing attributes in process `syz.1.15942'.
[ 1158.558644][T10054] netlink: 132 bytes leftover after parsing attributes in process `syz.0.15943'.
[ 1158.591935][   T29] audit: type=1326 audit(2000000206.070:521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10039 comm="syz.1.15938" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1c759c799 code=0x7ffc0000
[ 1158.764756][T10059] loop4: detected capacity change from 0 to 1024
[ 1158.918449][ T1009] hfsplus: b-tree write err: -5, ino 25
[ 1158.939445][ T1009] hfsplus: b-tree write err: -5, ino 4
[ 1158.966215][ T1009] hfsplus: b-tree write err: -5, ino 2
[ 1159.331012][T10087] loop2: detected capacity change from 0 to 256
[ 1159.379659][T10093] netlink: 16 bytes leftover after parsing attributes in process `syz.0.15960'.
[ 1159.567406][T10099] netlink: 208 bytes leftover after parsing attributes in process `syz.1.15963'.
[ 1159.903326][T10117] netlink: 128 bytes leftover after parsing attributes in process `syz.1.15972'.
[ 1160.403089][T10141] xt_hashlimit: overflow, try lower: 17592186044416/11
[ 1160.493643][ T5172] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[ 1160.676834][ T5172] usb 3-1: config 0 has an invalid interface number: 69 but max is 0
[ 1160.701588][ T5172] usb 3-1: config 0 has no interface number 0
[ 1160.725363][ T5172] usb 3-1: config 0 interface 69 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 1023
[ 1160.757632][ T5172] usb 3-1: config 0 interface 69 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1160.776598][ T5172] usb 3-1: New USB device found, idVendor=0c4b, idProduct=0100, bcdDevice=d7.ca
[ 1160.791175][ T5172] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1160.824780][ T5172] usb 3-1: Product: syz
[ 1160.833922][ T5172] usb 3-1: Manufacturer: syz
[ 1160.850560][ T5172] usb 3-1: SerialNumber: syz
[ 1160.869167][ T5172] usb 3-1: config 0 descriptor??
[ 1160.874787][T10162] netlink: 12 bytes leftover after parsing attributes in process `syz.0.15995'.
[ 1160.887130][    C0] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[ 1160.907650][T10133] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[ 1160.919052][T10162] netlink: 40 bytes leftover after parsing attributes in process `syz.0.15995'.
[ 1160.934073][ T5172] cyberjack 3-1:0.69: Reiner SCT Cyberjack USB card reader converter detected
[ 1160.954670][ T5172] usb 3-1: Reiner SCT Cyberjack USB card reader converter now attached to ttyUSB0
[ 1161.008787][    C0] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[ 1161.018329][    C0] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[ 1161.135525][T10172] loop4: detected capacity change from 0 to 1024
[ 1161.143532][T10172] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1161.154942][T10172] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e855c01c, mo2=0003]
[ 1161.169769][  T843] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[ 1161.202878][T10172] System zones: 0-1, 3-36
[ 1161.227196][T10172] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1161.286258][ T6296] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1161.347250][T10178] CIFS mount error: No usable UNC path provided in device string!
[ 1161.347250][T10178] 
[ 1161.361725][  T843] usb 2-1: Using ep0 maxpacket: 16
[ 1161.375452][  T843] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1161.379573][T10178] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[ 1161.395436][  T843] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1161.431402][  T843] usb 2-1: New USB device found, idVendor=1b96, idProduct=0008, bcdDevice= 0.00
[ 1161.443641][ T5172] usb 3-1: USB disconnect, device number 27
[ 1161.461438][ T5172] cyberjack ttyUSB0: Reiner SCT Cyberjack USB card reader converter now disconnected from ttyUSB0
[ 1161.474488][  T843] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1161.499554][ T5172] cyberjack 3-1:0.69: device disconnected
[ 1161.507041][  T843] usb 2-1: config 0 descriptor??
[ 1161.583685][    C0] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[ 1161.649583][    C0] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[ 1161.685338][T10193] netlink: 4168 bytes leftover after parsing attributes in process `syz.4.16008'.
[ 1161.743909][    C0] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[ 1162.086299][T10195] loop5: detected capacity change from 0 to 32768
[ 1162.100721][T10195] BTRFS info: device /dev/loop5 (7:5) using temp-fsid cece2877-586e-4351-a3b6-c6d55ed31744
[ 1162.114161][T12140] usb 1-1: new high-speed USB device number 49 using dummy_hcd
[ 1162.138906][T10195] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.16009 (10195)
[ 1162.142714][  T843] ntrig 0003:1B96:0008.0001: hidraw0: USB HID v0.00 Device [HID 1b96:0008] on usb-dummy_hcd.1-1/input0
[ 1162.196127][T10195] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1162.235493][T10195] BTRFS info (device loop5): using sha256 checksum algorithm
[ 1162.255737][T10195] BTRFS warning (device loop5): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[ 1162.293604][  T843] usb 2-1: USB disconnect, device number 25
[ 1162.312878][T12140] usb 1-1: config 220 has an invalid interface number: 76 but max is 2
[ 1162.330100][T12140] usb 1-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[ 1162.376050][T12140] usb 1-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[ 1162.431520][T12140] usb 1-1: config 220 has no interface number 2
[ 1162.458916][T10195] BTRFS info (device loop5): rebuilding free space tree
[ 1162.463012][T12140] usb 1-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[ 1162.514840][T12140] usb 1-1: config 220 interface 0 has no altsetting 0
[ 1162.521994][T10195] BTRFS info (device loop5): disabling free space tree
[ 1162.534774][T12140] usb 1-1: config 220 interface 76 has no altsetting 0
[ 1162.541151][T10195] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 1162.558495][T10195] BTRFS info (device loop5): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 1162.562290][T12140] usb 1-1: config 220 interface 1 has no altsetting 0
[ 1162.596375][T10195] BTRFS info (device loop5): enabling ssd optimizations
[ 1162.600549][T12140] usb 1-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[ 1162.611209][T10195] BTRFS info (device loop5): turning on async discard
[ 1162.621672][    C0] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[ 1162.622969][T12140] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1162.637433][T10195] BTRFS info (device loop5): enabling disk space caching
[ 1162.661126][T10195] BTRFS info (device loop5): force clearing of disk cache
[ 1162.662790][T12140] usb 1-1: Product: syz
[ 1162.683765][T12140] usb 1-1: Manufacturer: syz
[ 1162.694558][T12140] usb 1-1: SerialNumber: syz
[ 1162.849098][T10203] loop4: detected capacity change from 0 to 32768
[ 1162.926030][    C1] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[ 1162.968907][T12140] uvcvideo 1-1:220.0: Found UVC 7.01 device syz (8086:0b07)
[ 1162.990997][T12140] uvcvideo 1-1:220.0: No valid video chain found.
[ 1163.011136][T31690] BTRFS info (device loop5): last unmount of filesystem cece2877-586e-4351-a3b6-c6d55ed31744
[ 1163.026053][T12140] usb 1-1: selecting invalid altsetting 0
[ 1163.071341][T12140] usb 1-1: selecting invalid altsetting 0
[ 1163.098744][T12140] usbtest 1-1:220.1: probe with driver usbtest failed with error -22
[ 1163.166188][T12140] usb 1-1: USB disconnect, device number 49
[ 1163.368244][T10241] netlink: 512 bytes leftover after parsing attributes in process `syz.4.16024'.
[ 1163.638492][T12140] IPVS: starting estimator thread 0...
[ 1163.785600][T10250] IPVS: using max 44 ests per chain, 105600 per kthread
[ 1163.878084][  T843] usb 5-1: new low-speed USB device number 32 using dummy_hcd
[ 1164.040001][T10235] loop1: detected capacity change from 0 to 32768
[ 1164.081182][  T843] usb 5-1: config index 0 descriptor too short (expected 1307, got 27)
[ 1164.100558][T10235] ERROR: (device loop1): dbAlloc: the hint is outside the map
[ 1164.100558][T10235] 
[ 1164.100651][T10262] loop2: detected capacity change from 0 to 4096
[ 1164.118647][  T843] usb 5-1: config 0 has an invalid interface number: 0 but max is -1
[ 1164.132951][  T843] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 0
[ 1164.141847][T10262] ntfs3(loop2): Different NTFS sector size (1024) and media sector size (512).
[ 1164.142582][T10262] ntfs3(loop2): ino=3, mi_enum_attr
[ 1164.198769][  T843] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30
[ 1164.244010][  T843] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 is Bulk; changing to Interrupt
[ 1164.259316][ T1094] read_mapping_page failed!
[ 1164.275238][ T1094] ERROR: (device loop1): txCommit: 
[ 1164.275238][ T1094] 
[ 1164.287286][  T843] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246
[ 1164.308581][ T1094] jfs_write_inode: jfs_commit_inode failed!
[ 1164.352629][  T843] usb 5-1: string descriptor 0 read error: -22
[ 1164.371874][  T843] usb 5-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de
[ 1164.406939][  T843] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1164.418256][T10262] ntfs3(loop2): Mark volume as dirty due to NTFS errors
[ 1164.453535][  T843] usb 5-1: config 0 descriptor??
[ 1164.475618][T10262] ntfs3(loop2): ino=1f, "file2" failed to open parent directory r=5 to update
[ 1164.480009][T10248] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1164.527169][  T843] hub 5-1:0.0: bad descriptor, ignoring hub
[ 1164.551484][  T843] hub 5-1:0.0: probe with driver hub failed with error -5
[ 1164.591773][  T843] input: USB Acecad 302 Tablet 0460:0008 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input91
[ 1164.627802][ T1110] ntfs3(loop2): ino=1f, failed to open parent directory r=5 to update
[ 1164.944558][T10288] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1164.956370][    C0] usb_acecad 5-1:0.0: can't resubmit intr, dummy_hcd.4-1/input0, status -1
[ 1165.002200][T12140] usb 5-1: USB disconnect, device number 32
[ 1165.517275][ T6277] usb 6-1: new high-speed USB device number 26 using dummy_hcd
[ 1165.604152][T10296] loop2: detected capacity change from 0 to 32768
[ 1165.689016][ T6277] usb 6-1: Using ep0 maxpacket: 16
[ 1165.707472][ T6277] usb 6-1: config index 0 descriptor too short (expected 65, got 36)
[ 1165.729979][ T6277] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1165.765004][ T6277] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1165.798435][ T6277] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1165.848430][ T6277] usb 6-1: New USB device found, idVendor=1781, idProduct=0898, bcdDevice= 0.00
[ 1165.880097][ T6277] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1165.900590][ T6277] usb 6-1: config 0 descriptor??
[ 1165.941470][ T6277] input: PXRC Flight Controller Adapter as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input92
[ 1166.001632][ T5178] pxrc 6-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[ 1166.072615][ T6927] pxrc 6-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[ 1166.102808][ T5178] pxrc 6-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[ 1166.173642][ T5178] pxrc 6-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[ 1166.217060][T10298] pxrc 6-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[ 1166.246933][ T5178] pxrc 6-1:0.0: pxrc_open - usb_submit_urb failed, error: -90
[ 1166.263578][  T843] usb 6-1: USB disconnect, device number 26
[ 1166.375235][T10320] netlink: 16 bytes leftover after parsing attributes in process `syz.4.16062'.
[ 1166.458265][ T6500] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[ 1166.640427][ T6500] usb 3-1: Using ep0 maxpacket: 32
[ 1166.655651][ T6500] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1166.668694][ T6500] usb 3-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[ 1166.691925][ T6500] usb 3-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice=5a.bb
[ 1166.701434][ T6500] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1166.709871][ T6500] usb 3-1: Product: syz
[ 1166.714187][ T6500] usb 3-1: Manufacturer: syz
[ 1166.719222][ T6500] usb 3-1: SerialNumber: syz
[ 1166.995874][ T6500] usb 3-1: Limiting number of CPorts to U8_MAX
[ 1167.019440][ T6500] usb 3-1: Not enough endpoints found in device, aborting!
[ 1167.244121][ T6277] usb 3-1: USB disconnect, device number 28
[ 1167.495467][T10370] loop5: detected capacity change from 0 to 64
[ 1167.935637][T10390] netlink: 'syz.2.16093': attribute type 10 has an invalid length.
[ 1167.964869][T10390] netdevsim netdevsim2 netdevsim0: left allmulticast mode
[ 1167.984404][T10390] team0: Device netdevsim0 is of different type
[ 1168.026073][T10392] netlink: 'syz.2.16093': attribute type 10 has an invalid length.
[ 1168.070726][T10392] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[ 1168.575190][T12140] usb 3-1: new high-speed USB device number 29 using dummy_hcd
[ 1168.595533][T10417] mkiss: ax0: crc mode is auto.
[ 1168.772333][T12140] usb 3-1: New USB device found, idVendor=0cf3, idProduct=9374, bcdDevice=bc.3b
[ 1168.813173][T12140] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1168.844679][T12140] usb 3-1: config 0 descriptor??
[ 1168.983772][T10435] tipc: Started in network mode
[ 1169.059245][T10435] tipc: Node identity , cluster identity 4711
[ 1169.318814][T12140] ath6kl: Unsupported hardware version: 0x0
[ 1169.365055][T10444] netlink: set zone limit has 4 unknown bytes
[ 1169.371412][T12140] ath6kl: Failed to init ath6kl core: -22
[ 1169.389339][T12140] ath6kl_usb 3-1:0.0: probe with driver ath6kl_usb failed with error -22
[ 1169.492044][T10453] loop1: detected capacity change from 0 to 1024
[ 1169.518854][T10428] loop5: detected capacity change from 0 to 40427
[ 1169.573594][T12140] usb 3-1: USB disconnect, device number 29
[ 1169.573622][T10428] F2FS-fs (loop5): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[ 1169.665035][  T843] usb 5-1: new high-speed USB device number 33 using dummy_hcd
[ 1169.793901][    C1] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[ 1169.809120][T10428] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[ 1169.818481][T10467] netlink: 8 bytes leftover after parsing attributes in process `syz.1.16116'.
[ 1169.847699][T10428] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[ 1169.864028][  T843] usb 5-1: New USB device found, idVendor=1c40, idProduct=0534, bcdDevice=6d.cc
[ 1169.877865][  T843] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1169.887439][  T843] usb 5-1: Product: syz
[ 1169.902669][  T843] usb 5-1: Manufacturer: syz
[ 1169.911004][  T843] usb 5-1: SerialNumber: syz
[ 1169.929549][  T843] usb 5-1: config 0 descriptor??
[ 1169.956941][  T843] i2c-tiny-usb 5-1:0.0: version 6d.cc found at bus 005 address 033
[ 1170.069639][T31690] syz-executor: attempt to access beyond end of device
[ 1170.069639][T31690] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1170.110230][T31690] CPU: 1 UID: 0 PID: 31690 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[ 1170.110253][T31690] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1170.110265][T31690] Call Trace:
[ 1170.110273][T31690]  <TASK>
[ 1170.110281][T31690]  dump_stack_lvl+0xe8/0x150
[ 1170.110311][T31690]  f2fs_handle_critical_error+0x37c/0x540
[ 1170.110340][T31690]  f2fs_write_end_io+0xcdb/0xff0
[ 1170.110382][T31690]  __submit_merged_bio+0x256/0x700
[ 1170.110408][T31690]  __submit_merged_write_cond+0x3c9/0x4e0
[ 1170.110437][T31690]  ? __pfx___submit_merged_write_cond+0x10/0x10
[ 1170.110479][T31690]  f2fs_write_data_pages+0x2975/0x35e0
[ 1170.110499][T31690]  ? is_bpf_text_address+0x26/0x2b0
[ 1170.110553][T31690]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1170.110589][T31690]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1170.110645][T31690]  ? do_raw_spin_unlock+0xf5/0x210
[ 1170.110669][T31690]  ? free_unref_folios+0x142a/0x1530
[ 1170.110709][T31690]  ? __lock_acquire+0x6b5/0x2cf0
[ 1170.110753][T31690]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1170.110777][T31690]  do_writepages+0x32e/0x550
[ 1170.110813][T31690]  ? do_raw_spin_unlock+0xf5/0x210
[ 1170.110837][T31690]  filemap_fdatawrite+0x1e9/0x2f0
[ 1170.110860][T31690]  ? __pfx_filemap_fdatawrite+0x10/0x10
[ 1170.110922][T31690]  ? do_raw_spin_unlock+0xf5/0x210
[ 1170.110944][T31690]  f2fs_sync_dirty_inodes+0x30e/0x860
[ 1170.110983][T31690]  f2fs_write_checkpoint+0x9df/0x26a0
[ 1170.111036][T31690]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[ 1170.111109][T31690]  kill_f2fs_super+0x314/0x720
[ 1170.111139][T31690]  ? __pfx_kill_f2fs_super+0x10/0x10
[ 1170.111175][T31690]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1170.111207][T31690]  deactivate_locked_super+0xbc/0x130
[ 1170.111231][T31690]  cleanup_mnt+0x437/0x4d0
[ 1170.111252][T31690]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1170.111282][T31690]  task_work_run+0x1d9/0x270
[ 1170.111304][T31690]  ? __pfx_task_work_run+0x10/0x10
[ 1170.111332][T31690]  exit_to_user_mode_loop+0xed/0x480
[ 1170.111352][T31690]  ? rcu_is_watching+0x15/0xb0
[ 1170.111381][T31690]  do_syscall_64+0x32d/0xf80
[ 1170.111398][T31690]  ? trace_irq_disable+0x3b/0x150
[ 1170.111415][T31690]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1170.111434][T31690]  ? clear_bhb_loop+0x40/0x90
[ 1170.111457][T31690]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1170.111475][T31690] RIP: 0033:0x7fde5319d9d7
[ 1170.111493][T31690] Code: a2 c7 05 1c ed 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[ 1170.111507][T31690] RSP: 002b:00007ffec16f4188 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 1170.111526][T31690] RAX: 0000000000000000 RBX: 00007fde53231f90 RCX: 00007fde5319d9d7
[ 1170.111538][T31690] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffec16f4240
[ 1170.111549][T31690] RBP: 00007ffec16f4240 R08: 00007ffec16f5240 R09: 00000000ffffffff
[ 1170.111561][T31690] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffec16f52d0
[ 1170.111572][T31690] R13: 00007fde53231f90 R14: 000000000010d160 R15: 00007ffec16f5310
[ 1170.111609][T31690]  </TASK>
[ 1170.112806][T31690] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[ 1170.318937][    C0] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[ 1170.499496][    C0] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[ 1170.573739][T32151] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[ 1170.654237][  T843] i2c i2c-3: failure reading functionality
[ 1170.663718][  T843] i2c i2c-3: connected i2c-tiny-usb device
[ 1170.677827][  T843] usb 5-1: USB disconnect, device number 33
[ 1170.746547][T32151] usb 2-1: too many endpoints for config 0 interface 0 altsetting 0: 130, using maximum allowed: 30
[ 1170.758742][T32151] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 252, changing to 11
[ 1170.798070][T32151] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 130
[ 1170.826579][T32151] usb 2-1: New USB device found, idVendor=1b1c, idProduct=1b3e, bcdDevice= 0.00
[ 1170.842440][T32151] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1170.864646][T32151] usb 2-1: config 0 descriptor??
[ 1171.016350][T10493] loop5: detected capacity change from 0 to 2048
[ 1171.038143][T10493] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1171.198985][T10498] netlink: 40 bytes leftover after parsing attributes in process `syz.0.16130'.
[ 1171.329245][T32151] corsair 0003:1B1C:1B3E.0002: unknown main item tag 0x0
[ 1171.349047][T32151] corsair 0003:1B1C:1B3E.0002: unknown main item tag 0x0
[ 1171.371934][T32151] corsair 0003:1B1C:1B3E.0002: unknown main item tag 0x0
[ 1171.404713][T32151] corsair 0003:1B1C:1B3E.0002: unknown main item tag 0x0
[ 1171.425397][T32151] corsair 0003:1B1C:1B3E.0002: unknown main item tag 0x0
[ 1171.439485][T32151] corsair 0003:1B1C:1B3E.0002: unknown main item tag 0x0
[ 1171.457392][T32151] corsair 0003:1B1C:1B3E.0002: unknown main item tag 0x0
[ 1171.480546][T32151] corsair 0003:1B1C:1B3E.0002: unknown main item tag 0x0
[ 1171.499781][T32151] corsair 0003:1B1C:1B3E.0002: unknown main item tag 0x0
[ 1171.525173][T32151] corsair 0003:1B1C:1B3E.0002: unknown main item tag 0x0
[ 1171.600139][T32151] corsair 0003:1B1C:1B3E.0002: hidraw0: USB HID v6f.fd Device [HID 1b1c:1b3e] on usb-dummy_hcd.1-1/input0
[ 1171.621027][T10494] loop2: detected capacity change from 0 to 32768
[ 1171.680521][T32151] usb 2-1: USB disconnect, device number 26
[ 1171.762685][    C0] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[ 1171.830279][T10513] fido_id[10513]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[ 1172.344509][T10542] genirq: Flags mismatch irq 10. 00200000 (pcl812) vs. 00200080 (virtio2)
[ 1172.602286][T10555] netlink: 4 bytes leftover after parsing attributes in process `syz.1.16152'.
[ 1173.024273][T10569] loop1: detected capacity change from 0 to 128
[ 1173.043920][T10569] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[ 1173.078321][T10569] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1173.087476][ T6500] usb 6-1: new high-speed USB device number 27 using dummy_hcd
[ 1173.180473][T10537] loop4: detected capacity change from 0 to 32768
[ 1173.220002][T10537] BTRFS info: device /dev/loop4 (7:4) using temp-fsid afca1b24-afc8-44dc-b2aa-49d989aaca67
[ 1173.236446][T10537] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.16145 (10537)
[ 1173.268868][ T6500] usb 6-1: Using ep0 maxpacket: 16
[ 1173.284563][T10551] loop2: detected capacity change from 0 to 32768
[ 1173.299809][ T6500] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1173.327593][ T6500] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 0
[ 1173.349212][T10551] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.16151 (10551)
[ 1173.370060][T10537] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1173.389229][ T6500] usb 6-1: New USB device found, idVendor=04d8, idProduct=0a30, bcdDevice=ce.47
[ 1173.408010][T10537] BTRFS info (device loop4): using sha256 checksum algorithm
[ 1173.422026][ T6500] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1173.455073][ T6500] usb 6-1: Product: syz
[ 1173.467543][ T6500] usb 6-1: Manufacturer: syz
[ 1173.480474][ T6500] usb 6-1: SerialNumber: syz
[ 1173.510847][ T6500] usb 6-1: config 0 descriptor??
[ 1173.526605][T10551] BTRFS info (device loop2): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[ 1173.543176][T10551] BTRFS info (device loop2): using xxhash64 checksum algorithm
[ 1173.561442][ T6500] mcba_usb 6-1:0.0 can0: couldn't setup read URBs
[ 1173.568332][ T6500] mcba_usb 6-1:0.0 can0: couldn't start device: -90
[ 1173.575004][T10551] BTRFS warning (device loop2): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[ 1173.606460][T10537] BTRFS info (device loop4): enabling ssd optimizations
[ 1173.643105][T10551] BTRFS info (device loop2): rebuilding free space tree
[ 1173.644997][T10537] BTRFS info (device loop4): turning on async discard
[ 1173.675158][ T6500] mcba_usb 6-1:0.0: probe with driver mcba_usb failed with error -90
[ 1173.717744][T10537] BTRFS info (device loop4): enabling free space tree
[ 1173.743245][T10551] BTRFS info (device loop2): disabling free space tree
[ 1173.766104][T10551] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 1173.841065][T10551] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 1173.848966][   T24] usb 6-1: USB disconnect, device number 27
[ 1173.928980][T10551] BTRFS info (device loop2): setting nodatasum
[ 1173.945748][T10551] BTRFS info (device loop2): allowing degraded mounts
[ 1173.969680][T10551] BTRFS info (device loop2): turning on async discard
[ 1173.999365][T10551] BTRFS info (device loop2): enabling disk space caching
[ 1174.026878][T10551] BTRFS info (device loop2): force clearing of disk cache
[ 1174.070560][T10551] BTRFS info (device loop2): force zlib compression, level 3
[ 1174.282818][T10551] BTRFS info (device loop2): balance: start -d -m
[ 1174.350928][T10551] BTRFS info (device loop2): relocating block group 6881280 flags data|metadata
[ 1174.693062][T10551] BTRFS info (device loop2): balance: canceled
[ 1174.723482][ T6296] BTRFS info (device loop4): last unmount of filesystem afca1b24-afc8-44dc-b2aa-49d989aaca67
[ 1174.926972][ T6295] BTRFS info (device loop2): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[ 1175.399600][T10650] loop5: detected capacity change from 0 to 764
[ 1175.913364][T10670] netlink: 28 bytes leftover after parsing attributes in process `syz.2.16183'.
[ 1175.927240][T10670] IPVS: Error connecting to the multicast addr
[ 1176.655508][T10694] netlink: 96 bytes leftover after parsing attributes in process `syz.5.16195'.
[ 1176.891562][ T6500] usb 3-1: new high-speed USB device number 30 using dummy_hcd
[ 1176.900826][T10676] loop1: detected capacity change from 0 to 32768
[ 1177.075151][ T6500] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1177.112455][ T6500] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1177.151713][ T6500] usb 3-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00
[ 1177.173947][ T6500] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1177.197155][ T6500] usb 3-1: config 0 descriptor??
[ 1177.576074][T10704] loop4: detected capacity change from 0 to 32768
[ 1177.584905][T10704] XFS (loop4): Cannot mount filesystem with identical rtdev and ddev/logdev.
[ 1177.702601][ T6500] hid_parser_main: 222 callbacks suppressed
[ 1177.702622][ T6500] holtek_kbd 0003:04D9:A055.0003: unknown main item tag 0x1
[ 1177.722661][ T6500] holtek_kbd 0003:04D9:A055.0003: item fetching failed at offset 3/7
[ 1177.732050][T10721] vivid-007: disconnect
[ 1177.738471][T10720] vivid-007: reconnect
[ 1177.747604][ T6500] holtek_kbd 0003:04D9:A055.0003: probe with driver holtek_kbd failed with error -22
[ 1177.924515][ T6500] usb 3-1: USB disconnect, device number 30
[ 1178.184014][T10739] loop5: detected capacity change from 0 to 764
[ 1178.203920][T10739] rock: corrupted directory entry. extent=32, offset=2044, size=237
[ 1178.249849][  T843] usb 1-1: new high-speed USB device number 50 using dummy_hcd
[ 1178.285493][T10743] loop1: detected capacity change from 0 to 16
[ 1178.309564][T10743] erofs (device loop1): mounted with root inode @ nid 36.
[ 1178.344310][T10747] loop5: detected capacity change from 0 to 1024
[ 1178.364002][T10747] EXT4-fs: Ignoring removed oldalloc option
[ 1178.381880][T10747] EXT4-fs: Ignoring removed bh option
[ 1178.434317][T10747] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1178.455593][  T843] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1178.479374][T10747] EXT4-fs error (device loop5): mb_free_blocks:2047: group 0, inode 15: block 225:freeing already freed block (bit 14); block bitmap corrupt.
[ 1178.505638][  T843] usb 1-1: New USB device found, idVendor=046d, idProduct=c295, bcdDevice= 0.00
[ 1178.574578][  T843] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1178.622875][  T843] usb 1-1: config 0 descriptor??
[ 1178.632447][T10758] netlink: 8 bytes leftover after parsing attributes in process `syz.2.16225'.
[ 1178.683054][T10758] Zero length message leads to an empty skb
[ 1178.733990][T31690] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1178.885665][T10766] smc: ib device syz1 ibport 1 applied user defined pnetid SYZ0
[ 1178.965843][ T6277] usb 5-1: new full-speed USB device number 34 using dummy_hcd
[ 1179.016641][T10772] loop5: detected capacity change from 0 to 764
[ 1179.028318][T10772] iso9660: Unknown parameter 'ÿÿÿÿ–$º{†xàe3CÑ
ÔLášÒ”´]ç63Ò'
[ 1179.106084][  T843] logitech 0003:046D:C295.0004: unknown main item tag 0x0
[ 1179.106119][  T843] logitech 0003:046D:C295.0004: unknown main item tag 0x0
[ 1179.106148][  T843] logitech 0003:046D:C295.0004: unknown main item tag 0x0
[ 1179.106177][  T843] logitech 0003:046D:C295.0004: unknown main item tag 0x0
[ 1179.106204][  T843] logitech 0003:046D:C295.0004: unknown main item tag 0x0
[ 1179.106231][  T843] logitech 0003:046D:C295.0004: unknown main item tag 0x0
[ 1179.106258][  T843] logitech 0003:046D:C295.0004: unknown main item tag 0x0
[ 1179.106285][  T843] logitech 0003:046D:C295.0004: unknown main item tag 0x0
[ 1179.106312][  T843] logitech 0003:046D:C295.0004: unknown main item tag 0x0
[ 1179.127906][  T843] logitech 0003:046D:C295.0004: hidraw0: USB HID v7f.fd Device [HID 046d:c295] on usb-dummy_hcd.0-1/input0
[ 1179.127999][  T843] logitech 0003:046D:C295.0004: no inputs found
[ 1179.139971][ T6277] usb 5-1: config 0 has an invalid descriptor of length 102, skipping remainder of the config
[ 1179.140019][ T6277] usb 5-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xBE, changing to 0x8E
[ 1179.140047][ T6277] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x8E has invalid maxpacket 30768, setting to 64
[ 1179.140073][ T6277] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[ 1179.142193][ T6277] usb 5-1: New USB device found, idVendor=10c5, idProduct=819a, bcdDevice=e4.46
[ 1179.326376][  T843] usb 1-1: USB disconnect, device number 50
[ 1179.396984][T10779] loop1: detected capacity change from 0 to 256
[ 1179.409079][ T6277] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=35
[ 1179.409107][ T6277] usb 5-1: Product: syz
[ 1179.409124][ T6277] usb 5-1: Manufacturer: syz
[ 1179.409139][ T6277] usb 5-1: SerialNumber: syz
[ 1179.423544][ T6277] usb 5-1: config 0 descriptor??
[ 1179.504712][T10779] FAT-fs (loop1): Directory bread(block 64) failed
[ 1179.504742][T10779] FAT-fs (loop1): Directory bread(block 65) failed
[ 1179.504842][T10779] FAT-fs (loop1): Directory bread(block 66) failed
[ 1179.504866][T10779] FAT-fs (loop1): Directory bread(block 67) failed
[ 1179.504970][T10779] FAT-fs (loop1): Directory bread(block 68) failed
[ 1179.504993][T10779] FAT-fs (loop1): Directory bread(block 69) failed
[ 1179.505170][T10779] FAT-fs (loop1): Directory bread(block 70) failed
[ 1179.505229][T10779] FAT-fs (loop1): Directory bread(block 71) failed
[ 1179.505327][T10779] FAT-fs (loop1): Directory bread(block 72) failed
[ 1179.505349][T10779] FAT-fs (loop1): Directory bread(block 73) failed
[ 1179.648349][ T6277] radio-si470x 5-1:0.0: DeviceID=0x0000 ChipID=0x0000
[ 1179.648376][ T6277] radio-si470x 5-1:0.0: This driver is known to work with firmware version 12, but the device has firmware version 0.
[ 1179.863069][ T6277] radio-si470x 5-1:0.0: software version 0, hardware version 0
[ 1179.863095][ T6277] radio-si470x 5-1:0.0: This driver is known to work with hardware version 1, but the device has hardware version 0.
[ 1179.863116][ T6277] radio-si470x 5-1:0.0: If you have some trouble using this driver, please report to V4L ML at linux-media@vger.kernel.org
[ 1180.079166][ T6277] radio-si470x 5-1:0.0: si470x_set_report: usb_control_msg returned -71
[ 1180.097747][    C1] radio-si470x 5-1:0.0: non-zero urb status (-71)
[ 1180.105361][    C1] radio-si470x 5-1:0.0: non-zero urb status (-71)
[ 1180.112336][    C1] radio-si470x 5-1:0.0: non-zero urb status (-71)
[ 1180.119298][    C1] radio-si470x 5-1:0.0: non-zero urb status (-71)
[ 1180.126358][    C1] radio-si470x 5-1:0.0: non-zero urb status (-71)
[ 1180.134332][    C1] radio-si470x 5-1:0.0: non-zero urb status (-71)
[ 1180.141188][    C1] radio-si470x 5-1:0.0: non-zero urb status (-71)
[ 1180.148155][    C1] radio-si470x 5-1:0.0: non-zero urb status (-71)
[ 1180.156333][    C1] radio-si470x 5-1:0.0: non-zero urb status (-71)
[ 1180.163194][    C1] radio-si470x 5-1:0.0: non-zero urb status (-71)
[ 1180.169906][    C1] radio-si470x 5-1:0.0: non-zero urb status (-71)
[ 1180.176563][    C1] radio-si470x 5-1:0.0: non-zero urb status (-71)
[ 1180.183192][    C1] radio-si470x 5-1:0.0: non-zero urb status (-71)
[ 1180.189842][    C1] radio-si470x 5-1:0.0: non-zero urb status (-71)
[ 1180.196510][    C1] radio-si470x 5-1:0.0: non-zero urb status (-71)
[ 1180.203135][    C1] radio-si470x 5-1:0.0: non-zero urb status (-71)
[ 1180.209871][    C1] radio-si470x 5-1:0.0: non-zero urb status (-71)
[ 1180.216537][    C1] radio-si470x 5-1:0.0: non-zero urb status (-71)
[ 1180.223167][    C1] radio-si470x 5-1:0.0: non-zero urb status (-71)
[ 1180.229785][    C1] radio-si470x 5-1:0.0: non-zero urb status (-71)
[ 1180.236408][    C1] radio-si470x 5-1:0.0: non-zero urb status (-71)
[ 1180.243084][    C1] radio-si470x 5-1:0.0: non-zero urb status (-71)
[ 1180.249716][    C1] radio-si470x 5-1:0.0: non-zero urb status (-71)
[ 1180.256354][    C1] radio-si470x 5-1:0.0: non-zero urb status (-71)
[ 1180.263002][    C1] radio-si470x 5-1:0.0: non-zero urb status (-71)
[ 1180.269654][    C1] radio-si470x 5-1:0.0: non-zero urb status (-71)
[ 1180.276399][    C1] radio-si470x 5-1:0.0: non-zero urb status (-71)
[ 1180.283068][    C1] radio-si470x 5-1:0.0: non-zero urb status (-71)
[ 1180.289696][    C1] radio-si470x 5-1:0.0: non-zero urb status (-71)
[ 1180.296324][    C1] radio-si470x 5-1:0.0: non-zero urb status (-71)
[ 1180.302980][    C1] radio-si470x 5-1:0.0: non-zero urb status (-71)
[ 1180.309628][    C1] radio-si470x 5-1:0.0: non-zero urb status (-71)
[ 1180.316265][    C1] radio-si470x 5-1:0.0: non-zero urb status (-71)
[ 1180.323479][ T6277] radio-si470x 5-1:0.0: si470x_set_report: usb_control_msg returned -71
[ 1180.333534][ T6277] radio-si470x 5-1:0.0: probe with driver radio-si470x failed with error -22
[ 1180.351340][ T6277] usb 5-1: USB disconnect, device number 34
[ 1180.731051][   T24] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[ 1180.878503][T10832] netlink: 8 bytes leftover after parsing attributes in process `syz.4.16260'.
[ 1180.911598][   T24] usb 2-1: Using ep0 maxpacket: 16
[ 1180.925297][   T24] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1180.962576][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1181.002538][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1181.033323][   T24] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[ 1181.062144][   T24] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[ 1181.104716][   T24] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[ 1181.118657][T10815] loop2: detected capacity change from 0 to 32768
[ 1181.124688][   T24] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[ 1181.140095][   T24] usb 2-1: Manufacturer: syz
[ 1181.158312][   T24] usb 2-1: config 0 descriptor??
[ 1181.160260][T10815] XFS (loop2): DAX unsupported by block device. Turning off DAX.
[ 1181.184193][T10815] XFS (loop2): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[ 1181.248229][T10815] XFS (loop2): Ending clean mount
[ 1181.283919][T10815] XFS (loop2): Quotacheck needed: Please wait.
[ 1181.496300][T10815] XFS (loop2): Quotacheck: Done.
[ 1181.499550][   T24] rc_core: IR keymap rc-hauppauge not found
[ 1181.515424][   T24] Registered IR keymap rc-empty
[ 1181.525116][   T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1181.545993][T10828] loop5: detected capacity change from 0 to 32768
[ 1181.552713][   T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1181.580397][   T24] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0
[ 1181.613804][   T24] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input93
[ 1181.615742][T10828] ocfs2: Slot 0 on device (7,5) was already allocated to this node!
[ 1181.658713][   T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1181.696069][T10828] JBD2: Ignoring recovery information on journal
[ 1181.746250][   T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1181.779077][ T6295] XFS (loop2): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[ 1181.810022][   T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1181.868417][   T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1181.884604][T10828] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[ 1181.942825][   T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1181.954863][T10852] netlink: 'syz.4.16265': attribute type 2 has an invalid length.
[ 1181.980464][   T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1182.034294][   T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1182.066087][   T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1182.121088][   T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1182.135008][T10855] loop4: detected capacity change from 0 to 64
[ 1182.144659][   T29] audit: type=1800 audit(2000000484.380:522): pid=10828 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.16258" name="file1" dev="loop5" ino=17058 res=0 errno=0
[ 1182.154677][   T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[ 1182.184850][T10855] BFS-fs: bfs_fill_super(): loop4 is unclean, continuing
[ 1182.255661][   T24] mceusb 2-1:0.0: Registered 424242424242 with mce emulator interface version 1
[ 1182.286189][   T24] mceusb 2-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[ 1182.311909][   T24] usb 2-1: USB disconnect, device number 27
[ 1182.343597][T31690] ocfs2: Unmounting device (7,5) on (node local)
[ 1182.425945][T10859] loop2: detected capacity change from 0 to 512
[ 1182.493458][T12140] usb 1-1: new high-speed USB device number 51 using dummy_hcd
[ 1182.666633][T12140] usb 1-1: Using ep0 maxpacket: 32
[ 1182.696587][T12140] usb 1-1: New USB device found, idVendor=0fe9, idProduct=d501, bcdDevice=23.50
[ 1182.726488][T12140] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1182.727174][T10859] FAT-fs (loop2): error, corrupted directory (invalid entries)
[ 1182.752536][T12140] usb 1-1: Product: syz
[ 1182.766108][T12140] usb 1-1: Manufacturer: syz
[ 1182.779976][T12140] usb 1-1: SerialNumber: syz
[ 1182.798722][T10867] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[ 1182.808077][T12140] usb 1-1: config 0 descriptor??
[ 1182.826235][T12140] dvb-usb: found a 'DViCO FusionHDTV5 USB Gold' in warm state.
[ 1182.839018][T10864] loop4: detected capacity change from 0 to 4096
[ 1182.851098][T12140] dvb-usb: bulk message failed: -22 (2/0)
[ 1182.897606][T10869] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1182.923611][T12140] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[ 1182.972640][T12140] dvbdev: DVB: registering new adapter (DViCO FusionHDTV5 USB Gold)
[ 1183.013136][T12140] usb 1-1: media controller created
[ 1183.107147][T12140] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[ 1183.200310][T12140] usb 1-1: selecting invalid altsetting 7
[ 1183.230103][T12140] cxusb: set interface failed
[ 1183.234741][T10878] sp0: Synchronizing with TNC
[ 1183.258149][T10881] sp0: Found TNC
[ 1183.275728][T12140] dvb-usb: bulk message failed: -22 (1/0)
[ 1183.396654][T12140] DVB: Unable to find symbol lgdt330x_attach()
[ 1183.430105][T12140] dvb-usb: no frontend was attached by 'DViCO FusionHDTV5 USB Gold'
[ 1183.606538][T10895] loop1: detected capacity change from 0 to 64
[ 1183.628461][T12140] rc_core: IR keymap rc-dvico-portable not found
[ 1183.630918][T10895] minix: block size(59136) > page size(4096) not supported by filesystem
[ 1183.645002][T12140] Registered IR keymap rc-empty
[ 1183.660153][T12140] rc rc0: DViCO FusionHDTV5 USB Gold as /devices/platform/dummy_hcd.0/usb1/1-1/rc/rc0
[ 1183.704767][T12140] input: DViCO FusionHDTV5 USB Gold as /devices/platform/dummy_hcd.0/usb1/1-1/rc/rc0/input94
[ 1183.760645][T12140] dvb-usb: schedule remote query interval to 100 msecs.
[ 1183.778058][T10898] trusted_key: encrypted_key: key user:syz not found
[ 1183.794122][T12140] dvb-usb: DViCO FusionHDTV5 USB Gold successfully initialized and connected.
[ 1183.854521][T12140] usb 1-1: USB disconnect, device number 51
[ 1184.070884][T12140] dvb-usb: DViCO FusionHDTV5 USB Gold successfully deinitialized and disconnected.
[ 1184.135399][T10888] loop2: detected capacity change from 0 to 32768
[ 1184.168659][T10888] 
[ 1184.168659][T10888]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1184.168659][T10888] 
[ 1184.274912][T10910] netlink: 32 bytes leftover after parsing attributes in process `syz.1.16290'.
[ 1184.320436][ T6295] 
[ 1184.320436][ T6295]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1184.320436][ T6295] 
[ 1184.363848][ T6295] 
[ 1184.363848][ T6295]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1184.363848][ T6295] 
[ 1184.481650][T10914] loop1: detected capacity change from 0 to 1024
[ 1184.511725][T10914] hfsplus: invalid btree flag
[ 1184.524811][T10914] hfsplus: failed to load extents file
[ 1185.254157][T10939] loop1: detected capacity change from 0 to 2048
[ 1185.277918][T10939] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1185.294482][  T843] usb 5-1: new high-speed USB device number 35 using dummy_hcd
[ 1185.478190][  T843] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1185.494520][  T843] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1185.512869][  T843] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 13
[ 1185.528363][  T843] usb 5-1: New USB device found, idVendor=28bd, idProduct=0055, bcdDevice= 0.00
[ 1185.541625][  T843] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1185.561826][T12140] usb 3-1: new high-speed USB device number 31 using dummy_hcd
[ 1185.576413][  T843] usb 5-1: config 0 descriptor??
[ 1185.638185][T10953] Bluetooth: MGMT ver 1.23
[ 1185.743559][T12140] usb 3-1: Using ep0 maxpacket: 16
[ 1185.744276][T10959] loop5: detected capacity change from 0 to 512
[ 1185.757397][T12140] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1185.786052][T12140] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1185.813325][T10959] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1185.831342][T12140] usb 3-1: config 0 interface 0 has no altsetting 0
[ 1185.866286][T12140] usb 3-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[ 1185.917447][T12140] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1185.931931][T10959] fs-verity (loop5, inode 16): Unsupported log_blocksize: 12
[ 1185.963478][T12140] usb 3-1: config 0 descriptor??
[ 1186.017021][T31690] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1186.087714][  T843] uclogic 0003:28BD:0055.0005: interface is invalid, ignoring
[ 1186.309413][    C1] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[ 1186.318726][   T24] usb 5-1: USB disconnect, device number 35
[ 1186.362238][    C1] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[ 1186.575991][T10988] sp0: Synchronizing with TNC
[ 1186.585046][T10987] [U] è`
[ 1186.650921][  T843] usb 3-1: USB disconnect, device number 31
[ 1186.753705][T10981] loop1: detected capacity change from 0 to 32768
[ 1186.783113][T10981] 
[ 1186.783113][T10981]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1186.783113][T10981] 
[ 1186.857793][ T6286] 
[ 1186.857793][ T6286]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1186.857793][ T6286] 
[ 1186.873640][ T6286] 
[ 1186.873640][ T6286]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[ 1186.873640][ T6286] 
[ 1186.966361][T10995] No buffer was provided with the request
[ 1187.145300][T11002] loop1: detected capacity change from 0 to 2048
[ 1187.188044][T11002] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1187.265590][   T29] audit: type=1800 audit(2000000489.188:523): pid=11002 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.16332" name="file1" dev="loop1" ino=1346 res=0 errno=0
[ 1187.291306][T11002] [syz.1.16332/11002] FS: loop1 File: /file1 would truncate fibmap result
[ 1187.716371][T11026] loop5: detected capacity change from 0 to 256
[ 1187.787827][T11026] FAT-fs (loop5): Directory bread(block 64) failed
[ 1187.807074][T11026] FAT-fs (loop5): Directory bread(block 65) failed
[ 1187.830272][T11026] FAT-fs (loop5): Directory bread(block 66) failed
[ 1187.854130][T11026] FAT-fs (loop5): Directory bread(block 67) failed
[ 1187.877487][T11026] FAT-fs (loop5): Directory bread(block 68) failed
[ 1187.902427][T11026] FAT-fs (loop5): Directory bread(block 69) failed
[ 1187.926760][T11026] FAT-fs (loop5): Directory bread(block 70) failed
[ 1187.956424][T11026] FAT-fs (loop5): Directory bread(block 71) failed
[ 1187.967954][T11026] FAT-fs (loop5): Directory bread(block 72) failed
[ 1187.981094][T11026] FAT-fs (loop5): Directory bread(block 73) failed
[ 1188.095530][T11012] loop4: detected capacity change from 0 to 32768
[ 1188.130493][T11012] (syz.4.16336,11012,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[ 1188.177538][T11012] (syz.4.16336,11012,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[ 1188.237348][T11012] JBD2: Ignoring recovery information on journal
[ 1188.321588][T11012] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[ 1188.324697][  T843] usb 1-1: new high-speed USB device number 52 using dummy_hcd
[ 1188.576663][  T843] usb 1-1: Using ep0 maxpacket: 32
[ 1188.600333][  T843] usb 1-1: config 0 has an invalid interface number: 196 but max is 0
[ 1188.627937][  T843] usb 1-1: config 0 has no interface number 0
[ 1188.642801][T11056] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1188.646729][  T843] usb 1-1: config 0 interface 196 altsetting 1 bulk endpoint 0x2 has invalid maxpacket 528
[ 1188.664720][  T843] usb 1-1: config 0 interface 196 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1188.678079][  T843] usb 1-1: config 0 interface 196 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 0
[ 1188.689184][  T843] usb 1-1: config 0 interface 196 has no altsetting 0
[ 1188.699032][  T843] usb 1-1: New USB device found, idVendor=05ac, idProduct=7700, bcdDevice=eb.3a
[ 1188.709925][  T843] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1188.738361][  T843] usb 1-1: Product: syz
[ 1188.756067][  T843] usb 1-1: Manufacturer: syz
[ 1188.775322][  T843] usb 1-1: SerialNumber: syz
[ 1188.793884][  T843] usb 1-1: config 0 descriptor??
[ 1188.802397][T11038] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[ 1188.834109][ T6296] ocfs2: Unmounting device (7,4) on (node local)
[ 1188.871321][T11058] loop1: detected capacity change from 0 to 1024
[ 1188.895821][T11058] EXT4-fs: Ignoring removed orlov option
[ 1188.907870][T11058] EXT4-fs: Ignoring removed nobh option
[ 1188.962624][T11058] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1189.152057][ T6286] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1189.152102][T11052] loop5: detected capacity change from 0 to 32768
[ 1189.250329][  T843] ipheth 1-1:0.196: ipheth_get_macaddr: usb_control_msg: short packet: 0 bytes
[ 1189.278886][  T843] ipheth 1-1:0.196: probe with driver ipheth failed with error -22
[ 1189.455032][T11052] overlayfs: upper fs needs to support d_type.
[ 1189.474190][T11052] overlayfs: upper fs does not support tmpfile.
[ 1189.502398][T11052] overlayfs: upper fs does not support RENAME_WHITEOUT.
[ 1189.565360][   T24] usb 1-1: USB disconnect, device number 52
[ 1189.590045][T11052] ERROR: (device loop5): dbAlloc: the hint is outside the map
[ 1189.590045][T11052] 
[ 1189.644792][T11052] ERROR: (device loop5): remounting filesystem as read-only
[ 1189.651238][T11067] loop2: detected capacity change from 0 to 32768
[ 1189.657934][T11052] overlayfs: failed to set uuid (/file0, err=-5); falling back to uuid=null.
[ 1189.675256][T11067] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.16362 (11067)
[ 1189.738965][T11067] BTRFS info (device loop2): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[ 1189.755065][T11067] BTRFS info (device loop2): using xxhash64 checksum algorithm
[ 1189.762772][T11067] BTRFS warning (device loop2): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[ 1189.854575][T11067] BTRFS info (device loop2): rebuilding free space tree
[ 1189.922862][T11067] BTRFS info (device loop2): disabling free space tree
[ 1189.949519][T11067] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 1189.984165][T11067] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 1190.031205][T11067] BTRFS info (device loop2): setting nodatasum
[ 1190.069754][T11067] BTRFS info (device loop2): allowing degraded mounts
[ 1190.094721][T11067] BTRFS info (device loop2): turning on async discard
[ 1190.120998][T11067] BTRFS info (device loop2): enabling disk space caching
[ 1190.177541][T11067] BTRFS info (device loop2): force clearing of disk cache
[ 1190.214766][T11067] BTRFS info (device loop2): force zlib compression, level 3
[ 1190.479098][T11073] loop4: detected capacity change from 0 to 40427
[ 1190.529691][T11073] F2FS-fs (loop4): invalid crc value
[ 1190.654820][ T6295] BTRFS info (device loop2): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[ 1190.699171][T11111] netlink: 8 bytes leftover after parsing attributes in process `syz.1.16373'.
[ 1190.739831][T11111] netlink: 4 bytes leftover after parsing attributes in process `syz.1.16373'.
[ 1190.778884][T11111] netlink: 'syz.1.16373': attribute type 14 has an invalid length.
[ 1190.824214][T11111] netlink: 'syz.1.16373': attribute type 11 has an invalid length.
[ 1190.845902][T11073] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[ 1190.883803][T11073] F2FS-fs (loop4): Start checkpoint disabled!
[ 1190.920242][T11073] F2FS-fs (loop4): f2fs_disable_checkpoint() finish, err:0
[ 1190.973442][T11073] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[ 1191.112784][ T5450] kworker/u8:2: attempt to access beyond end of device
[ 1191.112784][ T5450] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1191.194980][ T5450] CPU: 1 UID: 0 PID: 5450 Comm: kworker/u8:2 Not tainted syzkaller #0 PREEMPT(full) 
[ 1191.195007][ T5450] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1191.195019][ T5450] Workqueue: writeback wb_workfn (flush-7:4)
[ 1191.195053][ T5450] Call Trace:
[ 1191.195061][ T5450]  <TASK>
[ 1191.195070][ T5450]  dump_stack_lvl+0xe8/0x150
[ 1191.195097][ T5450]  f2fs_handle_critical_error+0x37c/0x540
[ 1191.195128][ T5450]  f2fs_write_end_io+0xcdb/0xff0
[ 1191.195178][ T5450]  __submit_merged_bio+0x256/0x700
[ 1191.195207][ T5450]  __submit_merged_write_cond+0x3c9/0x4e0
[ 1191.195238][ T5450]  ? __pfx___submit_merged_write_cond+0x10/0x10
[ 1191.195282][ T5450]  f2fs_write_data_pages+0x2975/0x35e0
[ 1191.195339][ T5450]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1191.195376][ T5450]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[ 1191.195436][ T5450]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[ 1191.195476][ T5450]  ? __lock_acquire+0x6b5/0x2cf0
[ 1191.195516][ T5450]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1191.195539][ T5450]  do_writepages+0x32e/0x550
[ 1191.195574][ T5450]  ? reacquire_held_locks+0x104/0x190
[ 1191.195598][ T5450]  ? writeback_sb_inodes+0x477/0x1a20
[ 1191.195624][ T5450]  __writeback_single_inode+0x133/0x11a0
[ 1191.195645][ T5450]  ? do_raw_spin_unlock+0xf5/0x210
[ 1191.195668][ T5450]  writeback_sb_inodes+0x992/0x1a20
[ 1191.195706][ T5450]  ? __lock_acquire+0x6b5/0x2cf0
[ 1191.195734][ T5450]  ? __pfx_writeback_sb_inodes+0x10/0x10
[ 1191.195751][ T5450]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1191.195807][ T5450]  ? rcu_is_watching+0x15/0xb0
[ 1191.195840][ T5450]  wb_writeback+0x456/0xb70
[ 1191.195862][ T5450]  ? queue_io+0x241/0x4a0
[ 1191.195888][ T5450]  ? __pfx_wb_writeback+0x10/0x10
[ 1191.195904][ T5450]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1191.195939][ T5450]  wb_workfn+0x414/0xf50
[ 1191.195964][ T5450]  ? look_up_lock_class+0x57/0x110
[ 1191.195997][ T5450]  ? __pfx_wb_workfn+0x10/0x10
[ 1191.196023][ T5450]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1191.196045][ T5450]  ? __pfx_do_raw_spin_lock+0x10/0x10
[ 1191.196087][ T5450]  ? process_one_work+0x870/0x1720
[ 1191.196109][ T5450]  process_one_work+0x963/0x1720
[ 1191.196160][ T5450]  ? __pfx_process_one_work+0x10/0x10
[ 1191.196181][ T5450]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1191.196217][ T5450]  worker_thread+0xb46/0x1140
[ 1191.196249][ T5450]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1191.196290][ T5450]  kthread+0x388/0x470
[ 1191.196310][ T5450]  ? __pfx_worker_thread+0x10/0x10
[ 1191.196331][ T5450]  ? __pfx_kthread+0x10/0x10
[ 1191.196352][ T5450]  ret_from_fork+0x51e/0xb90
[ 1191.196378][ T5450]  ? __pfx_ret_from_fork+0x10/0x10
[ 1191.196400][ T5450]  ? __switch_to+0xc7d/0x1450
[ 1191.196426][ T5450]  ? __pfx_kthread+0x10/0x10
[ 1191.196447][ T5450]  ret_from_fork_asm+0x1a/0x30
[ 1191.196482][ T5450]  </TASK>
[ 1191.537645][T32151] kernel read not supported for file /binder/failed_transaction_log (pid: 32151 comm: kworker/0:0)
[ 1191.556947][  T843] kernel write not supported for file /binder/failed_transaction_log (pid: 843 comm: kworker/0:2)
[ 1191.621310][ T5450] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[ 1192.096284][  T843] usb 3-1: new high-speed USB device number 32 using dummy_hcd
[ 1192.265151][  T843] usb 3-1: Using ep0 maxpacket: 32
[ 1192.277397][  T843] usb 3-1: config 0 has an invalid interface number: 51 but max is 0
[ 1192.285711][  T843] usb 3-1: config 0 has no interface number 0
[ 1192.300644][  T843] usb 3-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[ 1192.311567][  T843] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1192.331325][  T843] usb 3-1: Product: syz
[ 1192.338985][  T843] usb 3-1: Manufacturer: syz
[ 1192.349208][  T843] usb 3-1: SerialNumber: syz
[ 1192.367586][  T843] usb 3-1: config 0 descriptor??
[ 1192.377698][  T843] quatech2 3-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[ 1192.616046][  T843] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[ 1192.632636][T32151] usb 5-1: new high-speed USB device number 36 using dummy_hcd
[ 1192.656411][  T843] usb 3-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[ 1192.676249][    C0] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[ 1192.811072][T32151] usb 5-1: too many configurations: 9, using maximum allowed: 8
[ 1192.830327][T32151] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1192.846297][T32151] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1192.858294][T32151] usb 5-1: config 0 interface 0 has no altsetting 0
[ 1192.866767][T32151] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1192.877538][T32151] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1192.914110][T32151] usb 5-1: config 0 interface 0 has no altsetting 0
[ 1192.937521][T32151] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1192.954843][T32151] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1192.982720][T32151] usb 5-1: config 0 interface 0 has no altsetting 0
[ 1193.001730][T32151] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1193.021800][T32151] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1193.051939][T32151] usb 5-1: config 0 interface 0 has no altsetting 0
[ 1193.067838][T32151] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1193.073720][T12140] usb 3-1: USB disconnect, device number 32
[ 1193.076776][    C0] usb 3-1: qt2_read_bulk_callback - non-zero urb status: -71
[ 1193.097455][T11178] loop1: detected capacity change from 0 to 1024
[ 1193.108462][T12140] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[ 1193.109322][T32151] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1193.127427][T11175] loop5: detected capacity change from 0 to 4096
[ 1193.138861][T11178] EXT4-fs: inline encryption not supported
[ 1193.163121][T12140] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[ 1193.192691][T32151] usb 5-1: config 0 interface 0 has no altsetting 0
[ 1193.206162][T11178] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1193.220824][T32151] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1193.228287][T12140] quatech2 3-1:0.51: device disconnected
[ 1193.276175][T11183] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1193.277502][T11175] NILFS error (device loop5): nilfs_bmap_lookup_at_level: broken bmap (inode number=6)
[ 1193.298787][T32151] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1193.339817][T32151] usb 5-1: config 0 interface 0 has no altsetting 0
[ 1193.344212][T11178] EXT4-fs error (device loop1): mb_free_blocks:2047: group 0, inode 15: block 337:freeing already freed block (bit 21); block bitmap corrupt.
[ 1193.357136][T11175] NILFS (loop5): mounting fs with errors
[ 1193.369463][T11178] EXT4-fs (loop1): Remounting filesystem read-only
[ 1193.370006][T32151] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1193.408658][T32151] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1193.426311][ T6286] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1193.430504][T32151] usb 5-1: config 0 interface 0 has no altsetting 0
[ 1193.467808][  T843] usb 1-1: new high-speed USB device number 53 using dummy_hcd
[ 1193.487568][T32151] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[ 1193.496783][T32151] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[ 1193.513986][T11175] NILFS error (device loop5): nilfs_bmap_lookup_contig: broken bmap (inode number=2)
[ 1193.524852][T32151] usb 5-1: config 0 interface 0 has no altsetting 0
[ 1193.538322][T11175] NILFS error (device loop5): nilfs_bmap_lookup_contig: broken bmap (inode number=2)
[ 1193.550252][T32151] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[ 1193.559909][T32151] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[ 1193.568324][T11175] NILFS error (device loop5): nilfs_readdir: bad page in #2
[ 1193.576144][T32151] usb 5-1: Product: syz
[ 1193.580637][T32151] usb 5-1: Manufacturer: syz
[ 1193.586195][T32151] usb 5-1: SerialNumber: syz
[ 1193.605613][T32151] usb 5-1: config 0 descriptor??
[ 1193.640447][T32151] yurex 5-1:0.0: USB YUREX device now attached to Yurex #0
[ 1193.657534][  T843] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1193.677828][  T843] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1193.700577][  T843] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1193.723410][  T843] usb 1-1: New USB device found, idVendor=1a34, idProduct=0802, bcdDevice= 0.00
[ 1193.782820][  T843] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1193.791299][    C0] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[ 1193.822316][  T843] usb 1-1: config 0 descriptor??
[ 1193.965884][    C0] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[ 1193.975690][ T6500] usb 5-1: USB disconnect, device number 36
[ 1193.986675][ T6500] yurex 5-1:0.0: USB YUREX #0 now disconnected
[ 1194.053294][T32151] usb 6-1: new high-speed USB device number 28 using dummy_hcd
[ 1194.087175][T11187] loop1: detected capacity change from 0 to 32768
[ 1194.116509][T11187] XFS (loop1): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1194.165465][T11187] XFS (loop1): Ending clean mount
[ 1194.180571][T11187] XFS (loop1): Quotacheck needed: Please wait.
[ 1194.192585][    C0] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[ 1194.202310][    C0] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[ 1194.231997][T32151] usb 6-1: Using ep0 maxpacket: 16
[ 1194.245712][T32151] usb 6-1: config index 0 descriptor too short (expected 16456, got 72)
[ 1194.269970][T32151] usb 6-1: config 0 has an invalid interface number: 125 but max is 1
[ 1194.279672][T32151] usb 6-1: config 0 has an invalid interface number: 125 but max is 1
[ 1194.288033][T11187] XFS (loop1): Quotacheck: Done.
[ 1194.295908][T32151] usb 6-1: config 0 has an invalid interface number: 125 but max is 1
[ 1194.305383][  T843] hid_parser_main: 219 callbacks suppressed
[ 1194.305402][  T843] acrux 0003:1A34:0802.0007: unknown main item tag 0x5
[ 1194.322383][T32151] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 2
[ 1194.334057][T32151] usb 6-1: config 0 has no interface number 0
[ 1194.340270][ T6277] usb 3-1: new high-speed USB device number 33 using dummy_hcd
[ 1194.348535][  T843] acrux 0003:1A34:0802.0007: hidraw0: USB HID v0.00 Device [HID 1a34:0802] on usb-dummy_hcd.0-1/input0
[ 1194.369024][  T843] acrux 0003:1A34:0802.0007: no inputs found
[ 1194.384231][ T6286] XFS (loop1): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1194.393006][T32151] usb 6-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[ 1194.406692][  T843] acrux 0003:1A34:0802.0007: Failed to enable force feedback support, error: -19
[ 1194.417366][T32151] usb 6-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0
[ 1194.450870][T32151] usb 6-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1194.461004][T32151] usb 6-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1194.474773][T32151] usb 6-1: config 0 interface 125 has no altsetting 0
[ 1194.481729][T32151] usb 6-1: config 0 interface 125 has no altsetting 2
[ 1194.527862][T32151] usb 6-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[ 1194.531895][ T6277] usb 3-1: Using ep0 maxpacket: 8
[ 1194.543116][T32151] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1194.543140][T32151] usb 6-1: Product: syz
[ 1194.543157][T32151] usb 6-1: Manufacturer: syz
[ 1194.543172][T32151] usb 6-1: SerialNumber: syz
[ 1194.546974][T32151] usb 6-1: config 0 descriptor??
[ 1194.574850][  T843] usb 1-1: USB disconnect, device number 53
[ 1194.597561][ T6277] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1194.621033][ T6277] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[ 1194.658076][T32151] usb 6-1: selecting invalid altsetting 2
[ 1194.678444][ T6277] usb 3-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid maxpacket 17520, setting to 1024
[ 1194.729090][ T6277] usb 3-1: New USB device found, idVendor=2466, idProduct=8010, bcdDevice= 0.40
[ 1194.748991][ T6277] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1194.771414][ T6277] usb 3-1: Product: syz
[ 1194.778858][ T6277] usb 3-1: Manufacturer: syz
[ 1194.789657][ T6277] usb 3-1: SerialNumber: syz
[ 1194.913633][T11209] loop1: detected capacity change from 0 to 512
[ 1195.099135][    C0] usb 6-1: async_complete: urb error -71
[ 1195.104906][    C0] usb 6-1: async_complete: urb error -71
[ 1195.110643][    C0] usb 6-1: async_complete: urb error -71
[ 1195.131263][T32151] get_1284_register: usb error -71
[ 1195.136804][T32151] uss720 6-1:0.125: probe with driver uss720 failed with error -71
[ 1195.163403][T32151] usb 6-1: USB disconnect, device number 28
[ 1195.460720][ T6277] usb 3-1: 1:1 : UAC_AS_GENERAL descriptor not found
[ 1195.489875][ T6277] usb 3-1: 2:1 : UAC_AS_GENERAL descriptor not found
[ 1195.604302][ T6277] usb 3-1: USB disconnect, device number 33
[ 1195.669329][ T6231] udevd[6231]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1195.888151][T11217] loop1: detected capacity change from 0 to 32768
[ 1195.952526][T11217] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[ 1195.967083][T11206] syz.4.16413 (11206): drop_caches: 2
[ 1196.045457][T11217] XFS (loop1): Ending clean mount
[ 1196.057099][T11217] XFS (loop1): Quotacheck needed: Please wait.
[ 1196.095258][T11238] comedi comedi3: 8255: I/O port conflict (0x5,4)
[ 1196.177452][  T843] usb 6-1: new high-speed USB device number 29 using dummy_hcd
[ 1196.205968][T11217] XFS (loop1): Quotacheck: Done.
[ 1196.236589][T11242] netlink: 8 bytes leftover after parsing attributes in process `syz.0.16424'.
[ 1196.258697][T11242] netlink: 4 bytes leftover after parsing attributes in process `syz.0.16424'.
[ 1196.271192][T11242] netlink: 'syz.0.16424': attribute type 15 has an invalid length.
[ 1196.334121][ T6286] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[ 1196.351131][   T29] audit: type=1326 audit(2000000497.682:524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11245 comm="syz.2.16427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9deb59c799 code=0x7ffc0000
[ 1196.377683][   T29] audit: type=1326 audit(2000000497.682:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11245 comm="syz.2.16427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9deb59c799 code=0x7ffc0000
[ 1196.400176][  T843] usb 6-1: config index 0 descriptor too short (expected 23569, got 27)
[ 1196.400225][  T843] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1196.421064][  T843] usb 6-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[ 1196.432003][  T843] usb 6-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[ 1196.453692][T11248] loop4: detected capacity change from 0 to 64
[ 1196.461115][  T843] usb 6-1: Manufacturer: syz
[ 1196.467972][   T29] audit: type=1326 audit(2000000497.682:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11245 comm="syz.2.16427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=427 compat=0 ip=0x7f9deb59c799 code=0x7ffc0000
[ 1196.481950][  T843] usb 6-1: config 0 descriptor??
[ 1196.522488][   T29] audit: type=1326 audit(2000000497.682:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11245 comm="syz.2.16427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9deb59c799 code=0x7ffc0000
[ 1196.545554][   T29] audit: type=1326 audit(2000000497.682:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11245 comm="syz.2.16427" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9deb59c799 code=0x7ffc0000
[ 1196.590449][T11250] netlink: 64 bytes leftover after parsing attributes in process `syz.0.16430'.
[ 1196.777156][  T843] rc_core: IR keymap rc-hauppauge not found
[ 1196.784922][  T843] Registered IR keymap rc-empty
[ 1196.793368][T11259] [U] VÔ3¸ÂFÙ¾"SÇÁ/ÉÊ4:ÃXTZ“W¡T‘’LWµ«=
[ 1196.811053][  T843] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0
[ 1196.822416][T11259] [U] J"—E:ÀÆ"


[ 1196.856528][  T843] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/rc/rc0/input96
[ 1197.153706][    C0] igorplugusb 6-1:0.0: receive overflow invalid: 47
[ 1197.371336][T12140] usb 6-1: USB disconnect, device number 29
[ 1197.634858][T11294] C: renamed from team_slave_0
[ 1197.647771][T11294] netlink: 'syz.0.16450': attribute type 3 has an invalid length.
[ 1197.667186][T11294] netlink: 152 bytes leftover after parsing attributes in process `syz.0.16450'.
[ 1197.741314][T11274] loop1: detected capacity change from 0 to 32768
[ 1197.748992][ T6277] usb 5-1: new full-speed USB device number 37 using dummy_hcd
[ 1197.771382][T11274] ocfs2: Slot 0 on device (7,1) was already allocated to this node!
[ 1197.826638][T11274] JBD2: Ignoring recovery information on journal
[ 1197.884961][T11274] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[ 1197.947169][ T6277] usb 5-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[ 1197.991276][ T6277] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1198.024672][ T6277] usb 5-1: config 0 descriptor??
[ 1198.047900][ T6277] cp210x 5-1:0.0: cp210x converter detected
[ 1198.104140][ T6286] ocfs2: Unmounting device (7,1) on (node local)
[ 1198.518102][ T6277] usb 5-1: cp210x converter now attached to ttyUSB0
[ 1198.536182][T11325] loop2: detected capacity change from 0 to 256
[ 1198.621096][T11325] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x7260acdb, utbl_chksum : 0xe619d30d)
[ 1198.733159][  T843] usb 5-1: USB disconnect, device number 37
[ 1198.769528][  T843] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[ 1198.803204][  T843] cp210x 5-1:0.0: device disconnected
[ 1199.117355][ T6500] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[ 1199.245768][  T843] usb 6-1: new high-speed USB device number 30 using dummy_hcd
[ 1199.282111][ T6500] usb 3-1: New USB device found, idVendor=0424, idProduct=7850, bcdDevice= 0.00
[ 1199.299131][ T6500] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1199.320365][ T6500] usb 3-1: Product: syz
[ 1199.324574][ T6500] usb 3-1: Manufacturer: syz
[ 1199.329177][ T6500] usb 3-1: SerialNumber: syz
[ 1199.420337][  T843] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[ 1199.438909][T11366] netlink: 65039 bytes leftover after parsing attributes in process `syz.0.16482'.
[ 1199.448703][  T843] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[ 1199.470050][  T843] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[ 1199.481142][  T843] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1199.506529][T11348] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[ 1199.528045][  T843] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[ 1199.721674][    C0] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[ 1199.868244][T11360] loop1: detected capacity change from 0 to 32768
[ 1199.907345][T11360] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.16480 (11360)
[ 1199.948403][T11360] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1199.964624][T11364] loop4: detected capacity change from 0 to 32768
[ 1199.978960][T11360] BTRFS info (device loop1): using crc32c checksum algorithm
[ 1199.993667][T11364] BTRFS info: device /dev/loop4 (7:4) using temp-fsid 1431eea3-3a59-415c-b675-8a7568035edd
[ 1200.017022][ T6277] usb 6-1: USB disconnect, device number 30
[ 1200.021460][T11364] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.16481 (11364)
[ 1200.038838][ T6500] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Failed to read register index 0x00000010. ret = -EPROTO
[ 1200.054569][T11375] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[ 1200.096878][ T6500] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Registers INIT FAILED....
[ 1200.131214][T11364] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1200.154526][    C1] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[ 1200.158352][ T6500] lan78xx 3-1:1.0 (unnamed net_device) (uninitialized): Bind routine FAILED
[ 1200.185761][T11364] BTRFS info (device loop4): using sha256 checksum algorithm
[ 1200.219476][T11360] BTRFS info (device loop1): setting nodatasum
[ 1200.237153][T11360] BTRFS info (device loop1): setting nodatacow
[ 1200.250242][ T6500] lan78xx 3-1:1.0: probe with driver lan78xx failed with error -71
[ 1200.262999][T11360] BTRFS info (device loop1): turning on async discard
[ 1200.278531][T11360] BTRFS info (device loop1): enabling free space tree
[ 1200.290480][T11360] BTRFS info (device loop1): enabling auto defrag
[ 1200.299972][T11360] BTRFS info (device loop1): max_inline set to 0
[ 1200.319293][ T6500] usb 3-1: USB disconnect, device number 34
[ 1200.391027][T11364] BTRFS info (device loop4): enabling ssd optimizations
[ 1200.418799][T11364] BTRFS info (device loop4): turning on async discard
[ 1200.453235][T11364] BTRFS info (device loop4): enabling free space tree
[ 1200.540983][T11364] BTRFS warning (device loop4): can't set the default_subvol,compress_zstd feature bits while mounted
[ 1200.652453][ T6286] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1200.705878][ T6296] BTRFS info (device loop4): last unmount of filesystem 1431eea3-3a59-415c-b675-8a7568035edd
[ 1201.181559][  T843] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[ 1201.289405][    C1] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[ 1201.365506][  T843] usb 2-1: Using ep0 maxpacket: 8
[ 1201.421524][  T843] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1201.437226][   T24] usb 1-1: new high-speed USB device number 54 using dummy_hcd
[ 1201.443510][  T843] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1201.476658][  T843] usb 2-1: New USB device found, idVendor=041e, idProduct=2801, bcdDevice= 0.00
[ 1201.509853][  T843] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1201.554492][  T843] usb 2-1: config 0 descriptor??
[ 1201.636115][   T24] usb 1-1: Using ep0 maxpacket: 8
[ 1201.648179][   T24] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1201.687830][   T24] usb 1-1: New USB device found, idVendor=0458, idProduct=0153, bcdDevice= 0.00
[ 1201.697737][   T24] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1201.740474][   T24] usb 1-1: config 0 descriptor??
[ 1201.787515][   T24] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[ 1201.998596][   T24] usb 1-1: USB disconnect, device number 54
[ 1202.044516][  T843] prodikeys 0003:041E:2801.0008: item fetching failed at offset 3/5
[ 1202.068692][  T843] prodikeys 0003:041E:2801.0008: hid parse failed
[ 1202.088900][  T843] prodikeys 0003:041E:2801.0008: probe with driver prodikeys failed with error -22
[ 1202.135940][T11427] loop5: detected capacity change from 0 to 32768
[ 1202.169020][T11427] XFS (loop5): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[ 1202.216015][T11427] XFS (loop5): Ending clean mount
[ 1202.271025][  T843] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[ 1202.305596][    C0] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[ 1202.315370][ T5172] usb 2-1: USB disconnect, device number 28
[ 1202.344485][T31690] XFS (loop5): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[ 1202.465641][  T843] usb 3-1: Using ep0 maxpacket: 32
[ 1202.482320][  T843] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[ 1202.506391][ T6277] usb 1-1: new high-speed USB device number 55 using dummy_hcd
[ 1202.543133][  T843] usb 3-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[ 1202.575812][  T843] usb 3-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[ 1202.606683][  T843] usb 3-1: Product: syz
[ 1202.617956][  T843] usb 3-1: Manufacturer: syz
[ 1202.633686][  T843] usb 3-1: SerialNumber: syz
[ 1202.654748][  T843] usb 3-1: config 0 descriptor??
[ 1202.669025][T11448] raw-gadget.2 gadget.2: fail, usb_ep_enable returned -22
[ 1202.688710][ T6277] usb 1-1: Using ep0 maxpacket: 8
[ 1202.698104][  T843] hub 3-1:0.0: bad descriptor, ignoring hub
[ 1202.701257][ T6277] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xEF, changing to 0x8F
[ 1202.718777][  T843] hub 3-1:0.0: probe with driver hub failed with error -5
[ 1202.744148][ T6277] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 256, setting to 64
[ 1202.770254][ T6277] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1202.809230][ T6277] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1202.825929][ T6277] usb 1-1: New USB device found, idVendor=0af0, idProduct=6751, bcdDevice=75.8b
[ 1202.825958][ T6277] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1202.825979][ T6277] usb 1-1: SerialNumber: syz
[ 1202.855463][ T6277] usb 1-1: config 0 descriptor??
[ 1202.864975][ T6277] hso 1-1:0.0: Can't find BULK IN endpoint
[ 1203.020792][ T6277] usb 3-1: USB disconnect, device number 35
[ 1203.085131][T11479] loop5: detected capacity change from 0 to 4096
[ 1203.139208][T11479] ntfs3(loop5): Mark volume as dirty due to NTFS errors
[ 1203.147335][ T6277] usb 1-1: USB disconnect, device number 55
[ 1203.185076][T11479] ntfs3(loop5): Failed to load $Extend (-22).
[ 1203.209529][T11479] ntfs3(loop5): Failed to initialize $Extend.
[ 1203.410974][T11487] loop5: detected capacity change from 0 to 128
[ 1203.439810][T11487] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1203.470490][T11487] ext4 filesystem being mounted at /968/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1203.595294][T31690] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1203.760963][T11481] loop4: detected capacity change from 0 to 40427
[ 1203.801022][T11481] F2FS-fs (loop4): invalid crc value
[ 1203.997957][T11506] loop2: detected capacity change from 0 to 1024
[ 1204.016659][T11506] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1204.031897][T11481] F2FS-fs (loop4): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[ 1204.084621][T11481] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e4
[ 1204.088983][T11506] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1204.137719][T11512] syz_tun: entered allmulticast mode
[ 1204.219414][ T6295] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1204.267804][   T29] audit: type=1800 audit(2000000505.062:529): pid=11481 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.16516" name="bus" dev="loop4" ino=10 res=0 errno=0
[ 1204.384323][T11491] loop1: detected capacity change from 0 to 32768
[ 1204.405239][ T6296] syz-executor: attempt to access beyond end of device
[ 1204.405239][ T6296] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[ 1204.461107][ T6296] CPU: 1 UID: 0 PID: 6296 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[ 1204.461132][ T6296] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1204.461144][ T6296] Call Trace:
[ 1204.461152][ T6296]  <TASK>
[ 1204.461160][ T6296]  dump_stack_lvl+0xe8/0x150
[ 1204.461188][ T6296]  f2fs_handle_critical_error+0x37c/0x540
[ 1204.461217][ T6296]  f2fs_write_end_io+0xcdb/0xff0
[ 1204.461258][ T6296]  __submit_merged_bio+0x256/0x700
[ 1204.461287][ T6296]  __submit_merged_write_cond+0x3c9/0x4e0
[ 1204.461317][ T6296]  ? __pfx___submit_merged_write_cond+0x10/0x10
[ 1204.461370][ T6296]  f2fs_write_data_pages+0x2975/0x35e0
[ 1204.461432][ T6296]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1204.461454][ T6296]  ? finish_task_switch+0x41f/0xbe0
[ 1204.461490][ T6296]  ? __schedule+0x167b/0x5590
[ 1204.461538][ T6296]  ? clockevents_program_event+0x3b0/0x4b0
[ 1204.461602][ T6296]  ? __pfx___schedule+0x10/0x10
[ 1204.461638][ T6296]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1204.461657][ T6296]  ? irqentry_exit+0x61a/0x700
[ 1204.461675][ T6296]  ? trace_irq_disable+0x3b/0x150
[ 1204.461713][ T6296]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1204.461737][ T6296]  do_writepages+0x32e/0x550
[ 1204.461776][ T6296]  ? do_raw_spin_unlock+0xf5/0x210
[ 1204.461802][ T6296]  filemap_fdatawrite+0x1e9/0x2f0
[ 1204.461822][ T6296]  ? look_up_lock_class+0x57/0x110
[ 1204.461841][ T6296]  ? __pfx_filemap_fdatawrite+0x10/0x10
[ 1204.461909][ T6296]  ? do_raw_spin_unlock+0xf5/0x210
[ 1204.461933][ T6296]  f2fs_sync_dirty_inodes+0x30e/0x860
[ 1204.461972][ T6296]  f2fs_write_checkpoint+0x9df/0x26a0
[ 1204.462030][ T6296]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[ 1204.462108][ T6296]  kill_f2fs_super+0x314/0x720
[ 1204.462139][ T6296]  ? __pfx_kill_f2fs_super+0x10/0x10
[ 1204.462177][ T6296]  ? lockdep_hardirqs_on+0x7a/0x110
[ 1204.462211][ T6296]  deactivate_locked_super+0xbc/0x130
[ 1204.462235][ T6296]  cleanup_mnt+0x437/0x4d0
[ 1204.462257][ T6296]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1204.462287][ T6296]  task_work_run+0x1d9/0x270
[ 1204.462311][ T6296]  ? __pfx_task_work_run+0x10/0x10
[ 1204.462351][ T6296]  exit_to_user_mode_loop+0xed/0x480
[ 1204.462372][ T6296]  ? rcu_is_watching+0x15/0xb0
[ 1204.462404][ T6296]  do_syscall_64+0x32d/0xf80
[ 1204.462424][ T6296]  ? trace_irq_disable+0x3b/0x150
[ 1204.462441][ T6296]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1204.462460][ T6296]  ? clear_bhb_loop+0x40/0x90
[ 1204.462483][ T6296]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1204.462499][ T6296] RIP: 0033:0x7f68e719d9d7
[ 1204.462517][ T6296] Code: a2 c7 05 1c ed 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[ 1204.462532][ T6296] RSP: 002b:00007ffffbb9e2b8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[ 1204.462551][ T6296] RAX: 0000000000000000 RBX: 00007f68e7231f90 RCX: 00007f68e719d9d7
[ 1204.462563][ T6296] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffffbb9e370
[ 1204.462575][ T6296] RBP: 00007ffffbb9e370 R08: 00007ffffbb9f370 R09: 00000000ffffffff
[ 1204.462588][ T6296] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffffbb9f400
[ 1204.462600][ T6296] R13: 00007f68e7231f90 R14: 0000000000114eb7 R15: 00007ffffbb9f440
[ 1204.462633][ T6296]  </TASK>
[ 1204.787043][ T6296] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[ 1204.863878][T11530] netlink: 8 bytes leftover after parsing attributes in process `syz.2.16538'.
[ 1204.872960][T11530] netlink: 12 bytes leftover after parsing attributes in process `syz.2.16538'.
[ 1204.882337][T11530] netlink: 'syz.2.16538': attribute type 15 has an invalid length.
[ 1205.431367][T11546] netlink: 260 bytes leftover after parsing attributes in process `syz.1.16544'.
[ 1205.608852][T11552] macsec0: entered promiscuous mode
[ 1205.630780][T11552] geneve1: entered promiscuous mode
[ 1205.647313][T11552] macsec0: entered allmulticast mode
[ 1205.662707][T11552] geneve1: entered allmulticast mode
[ 1205.696300][T11552] geneve1: left allmulticast mode
[ 1205.712715][T11534] loop2: detected capacity change from 0 to 32768
[ 1205.720637][T11552] geneve1: left promiscuous mode
[ 1205.793399][T11534] (syz.2.16540,11534,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[ 1205.813676][T11565] netlink: 4 bytes leftover after parsing attributes in process `syz.5.16552'.
[ 1205.834414][T11534] (syz.2.16540,11534,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[ 1205.888134][T11565] vlan3: entered promiscuous mode
[ 1205.905266][T11565] bridge0: entered promiscuous mode
[ 1205.921539][T11534] JBD2: Ignoring recovery information on journal
[ 1206.029690][T11534] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[ 1206.327934][ T6295] ocfs2: Unmounting device (7,2) on (node local)
[ 1206.486970][T11590] loop4: detected capacity change from 0 to 1024
[ 1206.614269][T11590] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback.
[ 1206.652569][T11599] netlink: 104 bytes leftover after parsing attributes in process `syz.1.16566'.
[ 1206.696736][ T6296] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[ 1206.960182][T11607] loop1: detected capacity change from 0 to 4096
[ 1206.991907][T11607] ntfs3(loop1): Different NTFS sector size (1024) and media sector size (512).
[ 1207.147493][T11596] loop5: detected capacity change from 0 to 32768
[ 1207.183479][T11596] ocfs2: Slot 0 on device (7,5) was already allocated to this node!
[ 1207.237835][T11596] JBD2: Ignoring recovery information on journal
[ 1207.391934][T11596] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[ 1207.392561][T11622] netlink: 12 bytes leftover after parsing attributes in process `syz.0.16575'.
[ 1207.574853][T31690] ocfs2: Unmounting device (7,5) on (node local)
[ 1207.831379][T12140] usb 1-1: new high-speed USB device number 56 using dummy_hcd
[ 1207.840101][T11632] loop2: detected capacity change from 0 to 1024
[ 1207.869621][T11634] loop4: detected capacity change from 0 to 256
[ 1207.900013][T11634] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[ 1207.944393][T11632] hfsplus: bad catalog entry type
[ 1208.001491][T12140] usb 1-1: Using ep0 maxpacket: 32
[ 1208.020097][T12140] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1208.051899][T12140] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1208.063991][   T13] hfsplus: b-tree write err: -5, ino 25
[ 1208.077059][   T13] hfsplus: b-tree write err: -5, ino 4
[ 1208.084156][T12140] usb 1-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1208.107136][   T13] hfsplus: b-tree write err: -5, ino 2
[ 1208.117740][T12140] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1208.165337][T12140] usb 1-1: config 0 descriptor??
[ 1208.185862][T12140] hub 1-1:0.0: USB hub found
[ 1208.409372][T12140] hub 1-1:0.0: 6 ports detected
[ 1208.424795][T12140] hub 1-1:0.0: insufficient power available to use all downstream ports
[ 1208.712135][T11660] loop2: detected capacity change from 0 to 256
[ 1208.779790][T11660] FAT-fs (loop2): Directory bread(block 64) failed
[ 1208.782856][T11658] : entered promiscuous mode
[ 1208.803394][T11660] FAT-fs (loop2): Directory bread(block 65) failed
[ 1208.813508][T11660] FAT-fs (loop2): Directory bread(block 66) failed
[ 1208.829106][T11660] FAT-fs (loop2): Directory bread(block 67) failed
[ 1208.845055][T11660] FAT-fs (loop2): Directory bread(block 68) failed
[ 1208.874502][T11660] FAT-fs (loop2): Directory bread(block 69) failed
[ 1208.884679][T12140] usb 1-1: USB disconnect, device number 56
[ 1208.909256][T11660] FAT-fs (loop2): Directory bread(block 70) failed
[ 1208.934947][T11660] FAT-fs (loop2): Directory bread(block 71) failed
[ 1208.969120][T11660] FAT-fs (loop2): Directory bread(block 72) failed
[ 1208.993185][T11660] FAT-fs (loop2): Directory bread(block 73) failed
[ 1209.177303][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[ 1209.185807][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[ 1209.201797][T23370] Bluetooth: hci2: unexpected cc 0x042d length: 63 > 7
[ 1209.209752][T23370] Bluetooth: hci2: unexpected event for opcode 0x042d
[ 1209.285733][T11654] Bluetooth: hci2: Opcode 0x0c1a failed: -4
[ 1209.318051][T11676] netlink: 44 bytes leftover after parsing attributes in process `syz.2.16602'.
[ 1209.318578][T11654] Bluetooth: hci2: Error when powering off device on rfkill (-4)
[ 1209.701525][T11692] netlink: 104 bytes leftover after parsing attributes in process `syz.1.16610'.
[ 1209.780586][T11674] loop4: detected capacity change from 0 to 32768
[ 1209.813645][T11674] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.16601 (11674)
[ 1209.822209][T11696] loop5: detected capacity change from 0 to 512
[ 1209.866530][T11696] EXT4-fs: inline encryption not supported
[ 1209.876026][T11674] BTRFS info (device loop4): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[ 1209.887553][T11696] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1209.906529][   T29] audit: type=1326 audit(2000000510.356:530): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11699 comm="syz.1.16614" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1c759c799 code=0x7ffc0000
[ 1209.908787][T11696] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[ 1209.939802][T11674] BTRFS info (device loop4): using xxhash64 checksum algorithm
[ 1209.973660][T11674] BTRFS warning (device loop4): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[ 1210.021322][   T29] audit: type=1326 audit(2000000510.356:531): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11699 comm="syz.1.16614" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1c759c799 code=0x7ffc0000
[ 1210.027763][T11696] Quota error (device loop5): do_insert_tree: Free block already used in tree: block 1
[ 1210.106195][   T29] audit: type=1326 audit(2000000510.403:532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11699 comm="syz.1.16614" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1c759c799 code=0x7ffc0000
[ 1210.126592][T11696] Quota error (device loop5): qtree_write_dquot: Error -5 occurred while creating quota
[ 1210.188712][   T29] audit: type=1326 audit(2000000510.403:533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11699 comm="syz.1.16614" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1c759c799 code=0x7ffc0000
[ 1210.207189][T11696] EXT4-fs error (device loop5): ext4_acquire_dquot:7001: comm syz.5.16612: Failed to acquire dquot type 1
[ 1210.236793][T11696] loop5: lost filesystem error report for type 5 error -5
[ 1210.237196][T11696] EXT4-fs (loop5): Remounting filesystem read-only
[ 1210.242849][   T29] audit: type=1326 audit(2000000510.403:534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11699 comm="syz.1.16614" exe="/root/syz-executor" sig=0 arch=c000003e syscall=283 compat=0 ip=0x7ff1c759c799 code=0x7ffc0000
[ 1210.256818][    C1] EXT4-fs (loop5): error count since last fsck: 1
[ 1210.275203][   T29] audit: type=1326 audit(2000000510.403:535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11699 comm="syz.1.16614" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1c759c799 code=0x7ffc0000
[ 1210.280448][    C1] EXT4-fs (loop5): initial error at time 2000000510: ext4_acquire_dquot:7001
[ 1210.311617][    C1] EXT4-fs (loop5): last error at time 2000000510: ext4_acquire_dquot:7001
[ 1210.322826][T11674] BTRFS info (device loop4): rebuilding free space tree
[ 1210.323984][T11696] EXT4-fs (loop5): 1 truncate cleaned up
[ 1210.363851][T11674] BTRFS info (device loop4): disabling free space tree
[ 1210.386928][   T29] audit: type=1326 audit(2000000510.403:536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11699 comm="syz.1.16614" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1c759c799 code=0x7ffc0000
[ 1210.390682][T11674] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 1210.411667][   T29] audit: type=1326 audit(2000000510.403:537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11699 comm="syz.1.16614" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1c759c799 code=0x7ffc0000
[ 1210.459183][T11696] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1210.470952][T11674] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 1210.530452][T11674] BTRFS info (device loop4): setting nodatasum
[ 1210.555614][T11674] BTRFS info (device loop4): allowing degraded mounts
[ 1210.579914][T11674] BTRFS info (device loop4): turning on async discard
[ 1210.593309][T11674] BTRFS info (device loop4): enabling disk space caching
[ 1210.622411][T11736] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(3)
[ 1210.628940][T11736] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[ 1210.636786][T11674] BTRFS info (device loop4): force clearing of disk cache
[ 1210.658314][T11674] BTRFS info (device loop4): force zlib compression, level 3
[ 1210.671183][T11740] netlink: 12 bytes leftover after parsing attributes in process `syz.2.16623'.
[ 1210.681260][T11736] vhci_hcd vhci_hcd.0: Device attached
[ 1210.687202][T11740] netlink: 8 bytes leftover after parsing attributes in process `syz.2.16623'.
[ 1210.702227][T31690] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1210.718579][T11740] netlink: 12 bytes leftover after parsing attributes in process `syz.2.16623'.
[ 1210.911423][ T6277] usb 1-1: new high-speed USB device number 57 using dummy_hcd
[ 1210.932053][ T6500] usb 33-1: new low-speed USB device number 2 using vhci_hcd
[ 1210.962928][ T6296] BTRFS info (device loop4): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[ 1211.046378][T11753] loop2: detected capacity change from 0 to 4096
[ 1211.081977][ T6277] usb 1-1: config 0 has no interfaces?
[ 1211.094780][ T6277] usb 1-1: New USB device found, idVendor=0df6, idProduct=0056, bcdDevice=a0.b5
[ 1211.123010][T11753] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1211.127471][ T6277] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1211.135760][  T843] usb 6-1: new high-speed USB device number 31 using dummy_hcd
[ 1211.248429][ T6277] usb 1-1: config 0 descriptor??
[ 1211.271889][    C1] workqueue function usb_giveback_urb_bh changed kcov_mode from 1073741824 to 0
[ 1211.340627][  T843] usb 6-1: Using ep0 maxpacket: 16
[ 1211.350167][  T843] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1211.381427][  T843] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1211.391965][  T843] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 1211.398469][T11753] EXT4-fs error (device loop2): ext4_do_update_inode:5569: inode #15: comm syz.2.16629: corrupted inode contents
[ 1211.416295][  T843] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 1211.437711][  T843] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1211.465023][T11753] loop2: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[ 1211.471025][T11753] EXT4-fs error (device loop2): ext4_dirty_inode:6450: inode #15: comm syz.2.16629: mark_inode_dirty error
[ 1211.498030][T11753] loop2: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[ 1211.499939][T11753] EXT4-fs error (device loop2): ext4_do_update_inode:5569: inode #15: comm syz.2.16629: corrupted inode contents
[ 1211.522475][  T843] usb 6-1: config 0 descriptor??
[ 1211.556878][ T6277] usb 1-1: USB disconnect, device number 57
[ 1211.570845][T11737] vhci_hcd: connection closed
[ 1211.571089][ T1094] vhci_hcd vhci_hcd.0: stop threads
[ 1211.580115][T11753] loop2: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[ 1211.581677][ T1094] vhci_hcd vhci_hcd.0: release socket
[ 1211.583547][T11753] EXT4-fs error (device loop2): __ext4_ext_dirty:207: inode #15: comm syz.2.16629: mark_inode_dirty error
[ 1211.606456][ T1094] vhci_hcd vhci_hcd.0: disconnect device
[ 1211.634233][T11763] netlink: 'syz.4.16632': attribute type 3 has an invalid length.
[ 1211.644982][T11753] loop2: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[ 1211.645380][T11753] EXT4-fs error (device loop2): ext4_do_update_inode:5569: inode #15: comm syz.2.16629: corrupted inode contents
[ 1211.671253][T11753] loop2: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[ 1211.671642][T11753] EXT4-fs error (device loop2): __ext4_ext_dirty:207: inode #15: comm syz.2.16629: mark_inode_dirty error
[ 1211.696233][T11753] loop2: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[ 1211.696744][T11753] EXT4-fs error (device loop2): ext4_do_update_inode:5569: inode #15: comm syz.2.16629: corrupted inode contents
[ 1211.741420][T11753] loop2: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[ 1211.741953][T11753] EXT4-fs error (device loop2): ext4_truncate:4587: inode #15: comm syz.2.16629: mark_inode_dirty error
[ 1211.786298][T11753] loop2: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[ 1211.786727][T11753] EXT4-fs error (device loop2): ext4_evict_inode:266: comm syz.2.16629: couldn't truncate inode 15 (err -117)
[ 1211.932814][ T6295] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1212.019441][  T843] microsoft 0003:045E:07DA.0009: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.5-1/input0
[ 1212.054960][  T843] microsoft 0003:045E:07DA.0009: no inputs found
[ 1212.074532][  T843] microsoft 0003:045E:07DA.0009: could not initialize ff, continuing anyway
[ 1212.318305][ T5172] usb 6-1: USB disconnect, device number 31
[ 1212.402370][ T6277] 
[ 1212.402381][ T6277] ======================================================
[ 1212.402389][ T6277] WARNING: possible circular locking dependency detected
[ 1212.402403][ T6277] syzkaller #0 Not tainted
[ 1212.402413][ T6277] ------------------------------------------------------
[ 1212.402421][ T6277] kworker/1:4/6277 is trying to acquire lock:
[ 1212.402432][ T6277] ffff88801b0b20b8 (&buf->lock){+.+.}-{4:4}, at: tty_buffer_flush+0x74/0x2b0
[ 1212.402479][ T6277] 
[ 1212.402479][ T6277] but task is already holding lock:
[ 1212.402485][ T6277] ffffffff8e752980 (console_lock){+.+.}-{0:0}, at: vc_SAK+0x28/0x220
[ 1212.402528][ T6277] 
[ 1212.402528][ T6277] which lock already depends on the new lock.
[ 1212.402528][ T6277] 
[ 1212.402534][ T6277] 
[ 1212.402534][ T6277] the existing dependency chain (in reverse order) is:
[ 1212.402542][ T6277] 
[ 1212.402542][ T6277] -> #2 (console_lock){+.+.}-{0:0}:
[ 1212.402568][ T6277]        console_lock+0x76/0x90
[ 1212.402586][ T6277]        con_flush_chars+0x6c/0x80
[ 1212.402603][ T6277]        n_tty_write+0xf7e/0x12a0
[ 1212.402621][ T6277]        file_tty_write+0x559/0xa20
[ 1212.402635][ T6277]        vfs_write+0x61d/0xb90
[ 1212.402653][ T6277]        ksys_write+0x150/0x270
[ 1212.402671][ T6277]        do_syscall_64+0x14d/0xf80
[ 1212.402688][ T6277]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1212.402704][ T6277] 
[ 1212.402704][ T6277] -> #1 (&tty->termios_rwsem){++++}-{4:4}:
[ 1212.402729][ T6277]        down_write+0x96/0x200
[ 1212.402747][ T6277]        n_tty_flush_buffer+0x30/0x290
[ 1212.402765][ T6277]        tty_buffer_flush+0x1ec/0x2b0
[ 1212.402780][ T6277]        tty_ldisc_flush+0x6b/0xc0
[ 1212.402795][ T6277]        tty_port_close_start+0x388/0x580
[ 1212.402813][ T6277]        tty_port_close+0x2a/0x170
[ 1212.402831][ T6277]        tty_release+0x389/0x1710
[ 1212.402847][ T6277]        __fput+0x44f/0xa70
[ 1212.402863][ T6277]        task_work_run+0x1d9/0x270
[ 1212.402880][ T6277]        do_exit+0x926/0x2580
[ 1212.402896][ T6277]        do_group_exit+0x21b/0x2d0
[ 1212.402912][ T6277]        __x64_sys_exit_group+0x3f/0x40
[ 1212.402928][ T6277]        x64_sys_call+0x221a/0x2240
[ 1212.402943][ T6277]        do_syscall_64+0x14d/0xf80
[ 1212.402958][ T6277]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1212.402974][ T6277] 
[ 1212.402974][ T6277] -> #0 (&buf->lock){+.+.}-{4:4}:
[ 1212.403000][ T6277]        __lock_acquire+0x15a5/0x2cf0
[ 1212.403021][ T6277]        lock_acquire+0xf0/0x2e0
[ 1212.403040][ T6277]        __mutex_lock+0x19f/0x1300
[ 1212.403057][ T6277]        tty_buffer_flush+0x74/0x2b0
[ 1212.403074][ T6277]        tty_ldisc_flush+0x6b/0xc0
[ 1212.403089][ T6277]        __do_SAK+0xf2/0x6e0
[ 1212.403105][ T6277]        vc_SAK+0x78/0x220
[ 1212.403125][ T6277]        process_one_work+0x963/0x1720
[ 1212.403154][ T6277]        worker_thread+0xb46/0x1140
[ 1212.403174][ T6277]        kthread+0x388/0x470
[ 1212.403190][ T6277]        ret_from_fork+0x51e/0xb90
[ 1212.403210][ T6277]        ret_from_fork_asm+0x1a/0x30
[ 1212.403224][ T6277] 
[ 1212.403224][ T6277] other info that might help us debug this:
[ 1212.403224][ T6277] 
[ 1212.403231][ T6277] Chain exists of:
[ 1212.403231][ T6277]   &buf->lock --> &tty->termios_rwsem --> console_lock
[ 1212.403231][ T6277] 
[ 1212.403261][ T6277]  Possible unsafe locking scenario:
[ 1212.403261][ T6277] 
[ 1212.403268][ T6277]        CPU0                    CPU1
[ 1212.403274][ T6277]        ----                    ----
[ 1212.403281][ T6277]   lock(console_lock);
[ 1212.403294][ T6277]                                lock(&tty->termios_rwsem);
[ 1212.403310][ T6277]                                lock(console_lock);
[ 1212.403325][ T6277]   lock(&buf->lock);
[ 1212.403337][ T6277] 
[ 1212.403337][ T6277]  *** DEADLOCK ***
[ 1212.403337][ T6277] 
[ 1212.403343][ T6277] 4 locks held by kworker/1:4/6277:
[ 1212.403354][ T6277]  #0: ffff88801b05b148 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x849/0x1720
[ 1212.403402][ T6277]  #1: ffffc9000533fc40 ((work_completion)(&vc_cons[currcons].SAK_work)){+.+.}-{0:0}, at: process_one_work+0x870/0x1720
[ 1212.403447][ T6277]  #2: ffffffff8e752980 (console_lock){+.+.}-{0:0}, at: vc_SAK+0x28/0x220
[ 1212.403492][ T6277]  #3: ffff888079d930a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_flush+0x20/0xc0
[ 1212.403534][ T6277] 
[ 1212.403534][ T6277] stack backtrace:
[ 1212.403545][ T6277] CPU: 1 UID: 0 PID: 6277 Comm: kworker/1:4 Not tainted syzkaller #0 PREEMPT(full) 
[ 1212.403564][ T6277] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[ 1212.403576][ T6277] Workqueue: events vc_SAK
[ 1212.403601][ T6277] Call Trace:
[ 1212.403608][ T6277]  <TASK>
[ 1212.403616][ T6277]  dump_stack_lvl+0xe8/0x150
[ 1212.403638][ T6277]  print_circular_bug+0x2e1/0x300
[ 1212.403656][ T6277]  check_noncircular+0x12e/0x150
[ 1212.403674][ T6277]  __lock_acquire+0x15a5/0x2cf0
[ 1212.403706][ T6277]  lock_acquire+0xf0/0x2e0
[ 1212.403725][ T6277]  ? tty_buffer_flush+0x74/0x2b0
[ 1212.403746][ T6277]  __mutex_lock+0x19f/0x1300
[ 1212.403764][ T6277]  ? tty_buffer_flush+0x74/0x2b0
[ 1212.403781][ T6277]  ? add_lock_to_list+0xc7/0x100
[ 1212.403796][ T6277]  ? lockdep_unlock+0x5d/0xd0
[ 1212.403814][ T6277]  ? __lock_acquire+0x146e/0x2cf0
[ 1212.403835][ T6277]  ? tty_buffer_flush+0x74/0x2b0
[ 1212.403853][ T6277]  ? __pfx___mutex_lock+0x10/0x10
[ 1212.403875][ T6277]  ? ldsem_down_read_trylock+0x13d/0x1b0
[ 1212.403895][ T6277]  ? tty_ldisc_flush+0x20/0xc0
[ 1212.403910][ T6277]  ? __pfx_ldsem_down_read_trylock+0x10/0x10
[ 1212.403931][ T6277]  tty_buffer_flush+0x74/0x2b0
[ 1212.403950][ T6277]  tty_ldisc_flush+0x6b/0xc0
[ 1212.403966][ T6277]  __do_SAK+0xf2/0x6e0
[ 1212.403986][ T6277]  ? process_one_work+0x870/0x1720
[ 1212.404005][ T6277]  vc_SAK+0x78/0x220
[ 1212.404026][ T6277]  ? process_one_work+0x870/0x1720
[ 1212.404045][ T6277]  process_one_work+0x963/0x1720
[ 1212.404073][ T6277]  ? __pfx_process_one_work+0x10/0x10
[ 1212.404092][ T6277]  ? do_raw_spin_lock+0x12b/0x2f0
[ 1212.404114][ T6277]  worker_thread+0xb46/0x1140
[ 1212.404148][ T6277]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1212.404178][ T6277]  kthread+0x388/0x470
[ 1212.404195][ T6277]  ? __pfx_worker_thread+0x10/0x10
[ 1212.404215][ T6277]  ? __pfx_kthread+0x10/0x10
[ 1212.404232][ T6277]  ret_from_fork+0x51e/0xb90
[ 1212.404255][ T6277]  ? __pfx_ret_from_fork+0x10/0x10
[ 1212.404275][ T6277]  ? __switch_to+0xc7d/0x1450
[ 1212.404294][ T6277]  ? __pfx_kthread+0x10/0x10
[ 1212.404310][ T6277]  ret_from_fork_asm+0x1a/0x30
[ 1212.404331][ T6277]  </TASK>
[ 1212.631546][T11784] loop1: detected capacity change from 0 to 32768
[ 1213.125616][T11784] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.16640 (11784)
[ 1213.144472][T11784] BTRFS info (device loop1): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[ 1213.155225][T11784] BTRFS info (device loop1): using xxhash64 checksum algorithm
[ 1213.162824][T11784] BTRFS warning (device loop1): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[ 1213.195895][T11784] BTRFS info (device loop1): rebuilding free space tree
[ 1213.214674][T11784] BTRFS info (device loop1): disabling free space tree
[ 1213.239630][T11784] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[ 1213.251059][T11784] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[ 1213.264923][T11784] BTRFS info (device loop1): setting nodatasum
[ 1213.282341][T11784] BTRFS info (device loop1): allowing degraded mounts
[ 1213.294005][T11784] BTRFS info (device loop1): turning on async discard
[ 1213.302533][T11784] BTRFS info (device loop1): enabling disk space caching
[ 1213.310694][T11784] BTRFS info (device loop1): force clearing of disk cache
[ 1213.318678][T11784] BTRFS info (device loop1): force zlib compression, level 3
[ 1213.373773][ T6286] BTRFS info (device loop1): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2